Infosec bits for 2024 week 29

Kgwadi Matenche | July 19, 2024, 3:02 p.m.

Cybersecurity News:

R300m theft from Public Works over 10 years: Ntshavheni assures SA of government's work on ensuring cyber security [Siyabonga Sithole, IOL]

Massive global IT outage hits banks, airports, supermarkets – and a single software update is likely to blame [Mark A Gregory, The Conversation]

UK national blood stocks in 'very fragile' state following ransomware attack [Alexander Martin, Recorded Future News]

Breaches & Leaks:

Temu and Shein delivery data leak in South Africa fixed [Jan Vermeulen, MyBroadband]

Email addresses of 15 million Trello users leaked on hacking forum [Lawrence Abrams, Bleeping Computer]

Vulnerabilities & Patches:

Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP [Newsroom, The Hacker News]

Oracle Patches 240 Vulnerabilities With July 2024 CPU [Ionut Arghire, SecurityWeek]

SolarWinds fixes 8 critical bugs in access rights audit software [Sergiu Gatlan, Bleeping Computer]

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) [Zeljka Zorz, Help Net Security]

Chrome 126 Updates Patch High-Severity Vulnerabilities [Ionut Arghire, SecurityWeek]

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks [Newsroom, The Hacker News]

Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool [Ionut Arghire, SecurityWeek]

Others:

What caused Capitec’s total blackout [Myles Illidge, MyBroadband]

Kaspersky Exits U.S. Market Following Commerce Department Ban [Newsroom, The Hacker News]

Interpol operation nabs 300 with links to West African cyber fraud [James Reddick, Recorded Future News]