Security Week

Palo Alto Networks has released patches for two zero-day vulnerabilities exploited in "Operation Lunar Peek," a targeted cyberattack campaign. The critical vulnerability, CVE-2024-0012, is an authentication bypass flaw that allows unauthenticated attackers to gain administrative privileges via the PAN-OS management interface exposed to the internet.

Ahold Delhaize, a leading food retailer, experienced a cybersecurity incident affecting its US brands, including Giant Food and Hannaford.

Halliburton, a major U.S. oilfield services provider, reported that expenses from a recent cybersecurity breach reached $35 million by September. The breach, disclosed on August 22, involved unauthorized access to some corporate systems, prompting an immediate investigation and partial shutdown to contain the damage.

In recent months, the U.S. has seen a rise in prison sentences for Nigerian cybercriminals, with some receiving lengthy terms. Babatunde Francis Ayeni, a Nigerian national extradited from the UK, was sentenced to 10 years for his involvement in a business email compromise (BEC) scheme targeting real estate transactions.

Google announced patches for over 40 vulnerabilities as part of Android’s November 2024 security update, including two flaws that have been actively exploited. The first, tracked as CVE-2024-43047, was disclosed last month after evidence of in-the-wild exploitation was found by Amnesty International and Google’s Threat Analysis Group (TAG).

Newpark Resources, a Texas-based oilfield supplier, recently reported a ransomware attack that impacted its information systems and business applications. The company detected the breach on October 29 and responded by initiating a cybersecurity response plan.

North Korean hackers, specifically the BlueNoroff group, are targeting macOS users with a sophisticated phishing campaign that uses fake cryptocurrency-related PDFs. The attackers are sending emails with malicious links disguised as PDFs on topics such as Bitcoin price surges and decentralized finance (DeFi).

Schneider Electric is investigating a breach after hackers, known as Hellcat, claimed to have stolen sensitive data from its Jira issue tracking system.

A ransomware attack in July 2024 targeted the City of Columbus, Ohio, resulting in the theft of personal information from 500,000 residents. The breach exposed sensitive data, including names, bank accounts, and Social Security numbers.