Cybersecurity Newsletter: Data Breaches, Vulnerabilities, Cyber Attacks, and Other Updates

NCA’s Enhanced Cybersecurity Controls (ECC-2:2024): Saudi Arabia’s National Cybersecurity Authority (NCA) released ECC-2:2024, an updated cybersecurity framework with 110 controls covering cybersecurity governance, defense, resilience, and third-party risk management. This framework aligns with global cybersecurity standards and is a key step in bolstering Saudi Arabia’s national cybersecurity stance.​ Ajel , CyberArrow

PDPL Compliance Deadline: Saudi Arabia’s Personal Data Protection Law (PDPL) became fully enforceable in September 2024. SDAIA recently issued guidelines on data handling and transfer, cross-border data compliance, and privacy policies. These updates, in line with international standards, solidify Saudi Arabia’s commitment to data privacy within the region. Clyde & Co, Global Compliance News

FBI Shuts Down Global Botnet: The FBI dismantled a global botnet of 19 million "zombie" devices involved in cybercriminal activities, including financial fraud and identity theft. This operation illustrates the importance of global cooperation in combating cyber threats. World Economic Forum

Paris Olympics Face Cyber Attacks: French authorities reported over 140 cyber incidents during the Paris Olympics, targeting sectors like government and transportation. While no significant disruptions occurred, this event underscores the vulnerability of high-profile public gatherings.​ Ajel

NVIDIA Driver Vulnerabilities: NVIDIA has released updates for critical vulnerabilities in its GPU drivers on Windows and Linux. These updates are crucial for preventing unauthorized access to affected systems. SecurityWeek

VulnHuntr AI Tool for Zero-Days: VulnHuntr, a new AI-driven tool, promises faster identification of zero-day vulnerabilities, helping organizations stay ahead of potential threats.

FortiManager and FortiJump Zero-Day Exploits: Two serious vulnerabilities were recently identified: a critical zero-day in FortiManager and the ongoing exploitation of FortiJump (CVE-2024-47575). Organizations are advised to apply patches immediately. CyberArrow

Embargo Ransomware’s Safe Mode Exploitation: Embargo ransomware now uses Windows Safe Mode to bypass traditional detection methods, adding a new layer of sophistication to ransomware attacks.

Weaponized RDP Setup Files: Attackers are increasingly using compromised RDP setup files to gain unauthorized access, emphasizing the need for secure remote protocols.

Black Basta Targets Microsoft Teams: The Black Basta ransomware group is now targeting Microsoft Teams users, posing a new risk to collaborative platforms.

Cisco ASA and FTD VPN Vulnerabilities: Cisco’s VPN systems are vulnerable to unauthorized access, which could expose sensitive data. Immediate updates are strongly recommended.

Internet Archive Breach: The Internet Archive faced a data breach, highlighting vulnerabilities in digital archiving and data storage.

NoBroker Data Breach: The real estate platform NoBroker was breached, with attackers demanding a ransom and threatening to release sensitive user data.

Transak Cryptocurrency Breach: Cryptocurrency gateway Transak recently suffered a data breach, highlighting security challenges within the digital finance sector.

ESET Impersonation in Phishing Attacks: Cybercriminals are impersonating cybersecurity company ESET to conduct phishing campaigns, emphasizing the importance of verifying sources.

Contact Inovasys today to learn more about our Cybersecurity Services and how we can help you secure your applications, infrastructure, and systems from evolving threats.

Gravida maecenas lobortis suscipit mus sociosqu convallis, mollis vestibulum donec aliquam risus sapien ridiculus, nulla sollicitudin eget in venenatis. Tortor montes platea iaculis posuere per mauris, eros porta blandit curabitur ullamcorper varius nostra ante risus egestas.