The Weekly Round-Up: December 20th, 2024

Even as Christmas approaches, the cybersecurity world is not embracing the Christmas spirit, but who is surprised? From high-profile breaches affecting critical infrastructure to significant business shifts in the tech sector, this week brought a mix of challenges and opportunities for businesses. Here's a detailed look at the key cybersecurity stories that unfolded between December 15 and December 20, 2024.

1. SMS-Based Two-Factor Authentication Faces New Scrutiny

The FBI and CISA have issued warnings against using SMS-based two-factor authentication (2FA) due to a breach affecting major telecom networks. Hackers intercepted text messages, exposing users to potential identity theft.

• Date: December 16, 2024
• Key Implications: Exposed networks include AT&T, Verizon, and T-Mobile, impacting millions of users. SMS-based 2FA is less secure than alternatives like authentication apps or hardware keys.
• Recommended Action: Switch to encrypted messaging apps or authentication solutions, and enforce password best practices across personal and professional accounts.

Read more at The BBC.

2. U.S. Sanctions Chinese Cybersecurity Firm and Employee

The U.S. has sanctioned a major Chinese cybersecurity company and indicted one of its employees for allegedly stealing intellectual property from American firms.

• Date: December 11, 2024 (announcement of sanctions and indictment)
• Key Implications: This incident highlights escalating tensions between the U.S. and China in the cyber domain. Businesses with supply chain ties to China could face additional risks.
• Recommended Action: Audit supply chains for security gaps and consider diversifying partnerships to mitigate risks associated with geopolitical conflicts.

Read more at Bloomberg.

3. Prometheus Servers Found Vulnerable

Researchers identified over 296,000 exposed Prometheus instances, with many failing to implement even basic security measures.

• Date: Exposed servers are prime targets for exploitation, potentially jeopardizing sensitive organizational data. The incident underscores the importance of regular security audits for internal systems.
• Key Implications: December 13, 2024 (discovery reported)
• Recommended Action: Secure exposed instances immediately and prioritize regular penetration testing to uncover vulnerabilities.

Read more at The Hacker News.

4. Federal Credit Union Data Breach Exposes 240,000 Members

A massive data breach at a federal credit union exposed sensitive data, including names, addresses, and account information, affecting approximately 240,000 members.

• Date: December 14, 2024
• Key Implications: Victims face increased risks of fraud and identity theft. Financial institutions continue to be prime targets for cyberattacks.
• Recommended Action: Implement robust encryption measures and conduct regular security audits to strengthen defenses against future attacks.

Read more at Fox News.

5. BlackBerry Sells AI-Cybersecurity Business

BlackBerry has sold its AI-powered cybersecurity division to Arctic Wolf, marking a significant shift in the company’s focus.

• Date: December 15, 2024 (announcement date)
• Key Implications: Arctic Wolf enhances its cybersecurity portfolio, positioning itself as a leader in threat detection and response.Businesses relying on BlackBerry's AI tools may face operational adjustments during the transition.
• Recommended Action: Stay informed about changes to BlackBerry’s services and evaluate Arctic Wolf's offerings to ensure uninterrupted protection.

Read more at CTV News.

6. Credit Card Data Breach Poses Holiday Shopping Risks

Experts have identified a credit card data breach affecting major online retailers, raising concerns during the busy holiday shopping season.

• Date: December 13, 2024
• Key Implications: Breach affects popular platforms like Amazon, potentially impacting millions of users. Increased risk of fraud during peak shopping periods.
• Recommended Action: Advise employees and customers to monitor transactions closely and avoid storing payment details on online platforms.

Read more at The Daily Mail.

7. Chinese Agency Accuses U.S. of Cyberespionage

China’s cybersecurity center accused the U.S. of hacking into its critical infrastructure and stealing technology secrets, escalating tensions between the two nations.

• Date: December 15, 2024
• Key Implications: The incident underscores growing cyber hostilities between global superpowers. Businesses operating internationally may face increased scrutiny and risks.
• Recommended Action: Enhance global cyber risk management strategies and monitor geopolitical developments that may affect operations.

Read more at The South China Morning Post.em