This Week’s Top 5 Cybersecurity News Stories December 2024 | 01

Loading the Elevenlabs Text to Speech AudioNative Player...

Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small, as we look at threats from espionage to security flaws in every day devices:

 

1. Romania’s election systems targeted in over 85,000 cyberattacks

Romania’s election infrastructure faced a storm of over 85,000 cyberattacks, leaked credentials, and an influence campaign involving TikTok influencers.

A declassified report hints at state-backed motives, likely linked to Russia’s history of meddling in elections. Vulnerabilities remain, underscoring a critical warning: democracy’s digital defenses must strengthen against evolving threats.

More details: BleepingComputer

 

2. CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

The cybersecurity landscape intensifies as CISA flags critical vulnerabilities in products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel, adding them to its Known Exploited Vulnerabilities (KEV) catalog.

From ransomware campaigns to espionage, flaws like CVE-2024-51378 (CVSS 10.0) and CVE-2024-11680 (CVSS 9.8) are actively exploited. Similarly, I-O DATA routers face attacks, urging users to patch promptly and secure configurations.

More details: The Hacker News

 

3. Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses

A clever phishing campaign is exploiting corrupted Microsoft Office files and ZIP archives to sneak past email defenses.

Using damaged attachments that evade antivirus scans and email filters, attackers rely on recovery mechanisms in Word, Outlook, and WinRAR to open these files. Victims are lured with promises like bonuses, only to face malware or credential theft via embedded QR codes.

More details: The Hacker News.

 

4. ‘Large number’ of Americans’ metadata stolen by Chinese hackers, senior official says

The U.S. is grappling with a sweeping cyberespionage campaign by China’s “Salt Typhoon,” targeting telecom giants and stealing metadata from potentially millions of Americans.

While not all cell phones were impacted, the stolen data—who, what, when, and where of calls—exposes intimate details. The White House has prioritized combating the group, briefing President Biden and Congress on the ongoing threat.

More details: Reuters.

 

5. Police crack encrypted messaging service used by criminals, Europol says

Europol has dismantled MATRIX, an encrypted messaging service linked to global drug and arms trafficking.

Found on the phone of a convicted murderer of Dutch journalist Peter R. de Vries, MATRIX allowed authorities to intercept 2.3 million messages over three months. Servers in France and Germany were seized, with arrests made in France and Spain, aiding numerous investigations.

More details: Reuters

 

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information please contact us now!