1395 5E65 0C7A 5CEF 0373 F6E2 8982 15F5 6081 EBEB

Infosec bits for 2024 week 29

Kgwadi Matenche | July 19, 2024, 3:02 p.m.

Cybersecurity News:

  • R300m theft from Public Works over 10 years: Ntshavheni assures SA of government's work on ensuring cyber security [Siyabonga Sithole, IOL]
  • Massive global IT outage hits banks, airports, supermarkets – and a single software update is likely to blame [Mark A Gregory, The Conversation]
  • UK national blood stocks in 'very fragile' state following ransomware attack [Alexander Martin, Recorded Future News]
  • Breaches & Leaks:

  • Temu and Shein delivery data leak in South Africa fixed [Jan Vermeulen, MyBroadband]
  • Email addresses of 15 million Trello users leaked on hacking forum [Lawrence Abrams, Bleeping Computer]
  • Vulnerabilities & Patches:

  • Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP [Newsroom, The Hacker News]
  • Oracle Patches 240 Vulnerabilities With July 2024 CPU [Ionut Arghire, SecurityWeek]
  • SolarWinds fixes 8 critical bugs in access rights audit software [Sergiu Gatlan, Bleeping Computer]
  • Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) [Zeljka Zorz, Help Net Security]
  • Chrome 126 Updates Patch High-Severity Vulnerabilities [Ionut Arghire, SecurityWeek]
  • PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks [Newsroom, The Hacker News]
  • Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool [Ionut Arghire, SecurityWeek]
  • Others:

  • What caused Capitec’s total blackout [Myles Illidge, MyBroadband]
  • Kaspersky Exits U.S. Market Following Commerce Department Ban [Newsroom, The Hacker News]
  • Interpol operation nabs 300 with links to West African cyber fraud [James Reddick, Recorded Future News]