Cyber Security Threat Report: October Digest
Welcome to October’s Cyber Threat Report! ??
As cyber security Awareness Month wraps up on Halloween, today we’re shining a light on the latest cyber threats and spooky vulnerabilities haunting the cyber security world. Here’s your rundown of key incidents and trends that have taken centre stage this month.
NEWS
Attack of the AI Hackers: 1,000 Elite Cyber Criminals Just Levelled Up!
Cyber security threats are advancing rapidly, with a recent warning spotlighting a concerning trend: over 1,000 elite hackers are now using AI to develop more sophisticated and targeted attacks. This shift represents a major challenge for digital defences, as AI allows hackers to exploit vulnerabilities at unprecedented speed and precision.
With AI tools amplifying both the scale and impact of these threats, it's more essential than ever for businesses and individuals to adopt strong security measures and stay proactive.
Hotel Hack Horror: Marriott’s $185M Data Breach Tab Hits Checkout!
Marriott recently settled a massive data breach case, agreeing to pay $185 million after hackers accessed the personal data of up to 500 million guests between 2014 and 2018. This breach, one of the largest on record, serves as a stark reminder of the risks companies face if cyber security measures aren’t constantly strengthened and updated.
For organisations of all sizes, investing in proactive defences and data protection strategies is essential—not just to avoid fines, but to protect customer trust. As breaches continue to make headlines, the Marriott case underscores the importance of robust cyber security for all businesses.
Data Drama: Irish Watchdog Hits Tech Giant with a €310M GDPR Wake-Up Call!
Ireland’s Data Protection Commission has imposed a record-breaking €310 million fine on a tech giant for failing to comply with GDPR data protection standards. This landmark penalty is part of a growing trend among regulators to hold companies accountable for mishandling user data, underscoring the critical importance of adhering to privacy regulations.
For businesses, this case highlights the necessity of not only securing customer data but also ensuring transparency and compliance with evolving data laws. As privacy regulations tighten, the Irish ruling reminds us that proactive data protection isn’t just a best practice—it’s a business imperative.
CYBER SECURITY AWARENESS MONTH
As we close out Cyber Security Awareness Month, it is a good time to reflect on the essential steps we can all take to keep our digital environments secure year-round. This month, we've highlighted new insights on emerging threats, key tips for preventing cyber attacks, and the best practices for staying safe online. But cyber security doesn’t end here—it’s an ongoing effort.
By staying informed and proactive, from implementing strong passwords to regular security checks, we can reduce vulnerabilities and protect our valuable data!
ALERTS
Vulnerabilities
? NVIDIA Updates for GPU and vGPU Vulnerabilities:
On October 22, 2024, NVIDIA released updates addressing critical vulnerabilities that could enable unauthorised code execution and data access. Notable issues include CVE-2024-0126 affecting GPU drivers, CVE-2024-0117 through CVE-2024-0121 impacting Windows GPU drivers, CVE-2024-0127 related to the vGPU kernel driver, and CVE-2024-0128, which could lead to information disclosure in the vGPU Manager. No known exploits exist for these vulnerabilities.
? OS Downgrade Vulnerability Discovered in Microsoft Windows Kernel:
On October 28, 2024, The Hacker News highlighted a vulnerability within Microsoft Windows (CVE-2024-21302 and CVE-2024-38202) that allows OS downgrades. This flaw enables attackers to bypass Driver Signature Enforcement, potentially loading unsigned kernel drivers and deploying rootkits. No exploitations have been reported.
? VMware Patches Critical vCenter Server RCE Vulnerabilities:
On October 21, 2024, VMware addressed critical vulnerabilities (CVE-2024-38812 and CVE-2024-38813) in its vCenter Server and Cloud Foundation. CVE-2024-38812, a heap overflow flaw, could allow remote code execution via malicious packets, while CVE-2024-38813 poses a privilege escalation risk to the root level. VMware urges users to update to the latest versions to mitigate potential threats.
? AWS CDK Vulnerability:
On October 24, 2024, Aqua Security disclosed a critical vulnerability in the AWS Cloud Development Kit (CDK) that could allow attackers to gain administrative access to affected user accounts. The vulnerability impacts all CDK versions prior to v2.149.0. There have been no confirmed exploitations so far.
? Black Basta Ransomware Group Targets Microsoft Teams Users:
The Black Basta Ransomware Group has adapted its tactics to target Microsoft Teams users by posing as IT support. According to a ReliaQuest report on October 25, 2024, the group sends phishing emails encouraging employees to download remote access tools like AnyDesk or Quick Assist, ultimately deploying ransomware.
? Crypto-Mining Campaign Exploits Docker Remote APIs:
领英推荐
On October 22, 2024, Trend Micro identified a campaign in which threat actors exploit misconfigured Docker remote API servers to deploy the SRBMiner crypto currency miner. By leveraging Google gRPC over HTTP/2, they evade security measures and mine cryptocurrencies such as Ripple (XRP). This campaign specifically targets vulnerable Docker API remote management features.
?
Threat Actor Graph
Actor Landscape
Intent reflects the likely targets for a group. When a group is observed attacking a new organisation or entity, their intent score rises.
Opportunity captures the different tactics and technologies these groups deploy. For instance, if a group adopts a new attack vector, like a novel form of ransomware, their opportunity score increases.
Both intent and opportunity are scored on a scale from 0 to 100, collectively determining the group’s overall threat severity. The latest updates are provided below.
EVENTS
CYBERISLE 2024
A huge thank you from Riela Cyber and Riela Tech for an incredible #CYBERISLE2024!
As proud Platinum Sponsors, we were thrilled to be part of such an important event, which continues to grow each year. The turnout was fantastic, and it was a pleasure to connect with both new and familiar faces. A special shout out to the team at the Cyber Security Centre for the Isle of Man (CSC) – your hard work made this event possible. We would also like to thank the other sponsors whose support brought this free event to life.
Events like #CYBERISLE are crucial for raising awareness and promoting the importance of cyber security on the Isle of Man.
We are excited to continue supporting this vital event and can’t wait for CYBERISLE 2025!
HALLOWEEN
Spooky season has almost passed us by, but even after Halloween —cyber threats are still lurking in the shadows. Hackers are on the lookout for any vulnerabilities, so stay alert and don’t let them pull a trick on you! Here are some tips and tricks (or treats) to help you stay ahead...
Stay safe from cyber horrors!
METSTRADE 2024
#TeamRiela will be at stand 10.206 in the SuperYacht Pavillion from 19th to 21st November at RAI Amsterdam Convention Centre.
Drop by to meet the team, see exciting demos, and find out what is coming up next for us. To schedule a one-on-one meeting, just reach out.
We look forward to seeing you there!
THANK YOU
Thank you for taking the time to read October’s Cyber Security Threat Report. We look forward to sharing more with you next month. In the meantime, keep up to date with the latest news by checking out our Cyber Blog here.