Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers an alleged data breach at Ticketmaster, a cyberattack on Synnovis affecting London hospitals, and a data breach disclosed by the BBC. The full reports are available to CYMON users. Request access here.

Today’s cyber threats continue to evolve at pace as adversaries compress the time between initial entry, lateral movement, and breach. At the same time, the rise of generative AI has the potential to lower the barrier of entry for low-skilled adversaries, making it easier to launch attacks that are more sophisticated and state of the art.

On May 28, 2024, Check Point released an advisory for CVE-2024-24919, a high priority bug which according to NIST NVD is categorized as “Exposure of Sensitive Information to an Unauthorized Actor”. The NVD has yet to assess a CVSS score for CVE-2024-24919 as of this writing. This vulnerability affects Check Point Security Gateway devices connected to the internet and configured with either IP-Sec VPN or Mobile Access software blades.

We are trusted by the world’s most iconic brands with protecting their valuable business assets. Being named The Official Cyber Network Provider of The Boston Red Sox and Fenway Park demonstrates the importance for companies to adopt intelligence powered cybersecurity. When you have millions in revenue on the line like the Red Sox, you can’t afford to ignore intelligence.

For the third year in a row, manufacturing was the most attacked industry according to IBM X-Force incident response data. Phishing was the top initial infection vector, used in 39% of incidents, and malware was deployed in 45% of attacks. In 2023 alone, manufacturing organizations in the semiconductor, building, automotive, industrial controls systems, boating and consumer packaged goods industries suffered significant attacks.