Infosec bits for 2024 week 29
Kgwadi Matenche | July 19, 2024, 3:02 p.m.
Cybersecurity News:
R300m theft from Public Works over 10 years: Ntshavheni assures SA of government's work on ensuring cyber security [Siyabonga Sithole, IOL]
Massive global IT outage hits banks, airports, supermarkets – and a single software update is likely to blame [Mark A Gregory, The Conversation]
UK national blood stocks in 'very fragile' state following ransomware attack [Alexander Martin, Recorded Future News]
Breaches & Leaks:
Temu and Shein delivery data leak in South Africa fixed [Jan Vermeulen, MyBroadband]
Email addresses of 15 million Trello users leaked on hacking forum [Lawrence Abrams, Bleeping Computer]
Vulnerabilities & Patches:
Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP [Newsroom, The Hacker News]
Oracle Patches 240 Vulnerabilities With July 2024 CPU [Ionut Arghire, SecurityWeek]
SolarWinds fixes 8 critical bugs in access rights audit software [Sergiu Gatlan, Bleeping Computer]
Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) [Zeljka Zorz, Help Net Security]
Chrome 126 Updates Patch High-Severity Vulnerabilities [Ionut Arghire, SecurityWeek]
PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks [Newsroom, The Hacker News]
Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool [Ionut Arghire, SecurityWeek]
Others:
What caused Capitec’s total blackout [Myles Illidge, MyBroadband]
Kaspersky Exits U.S. Market Following Commerce Department Ban [Newsroom, The Hacker News]
Interpol operation nabs 300 with links to West African cyber fraud [James Reddick, Recorded Future News]