With 2025 firmly on the horizon, it’s important to be able to take a step back and reflect on the days past when getting ready for the year ahead. And fortunately enough, December has offered a multitude of cybersecurity developments worth reflecting upon. From Microsoft’s response to a Windows attack, to the next steps a donut franchise is taking to financially bounce back, this month has brough forth several interesting stories at breakneck speed. Here is a list of some of the most compelling events in December 2024.
Massive Social Security Breach in New Jersey
Late last month, the City of Hoboken, NJ, experienced a significant ransomware attack attributed to a Russia-based hacking group called “3AM.” The attack targeted various municipal departments, stealing extensive data ranging back all the way to 1987. The components of this sensitive information included Social Security numbers, driver’s licenses, payroll records, and health details, leaving potentially millions compromised.
The breach also disrupted city services, forcing the closure of City Hall, and even exposed files ranging from personal employee data to official certificates. The hackers, known for targeting government entities and demanding cryptocurrency payments, have not publicly disclosed ransom terms. This breach underscores the growing trend of ransomware attacks on municipal institutions, with federal authorities actively investigating the case.
New Windows Attack, Microsoft Responds
Microsoft has confirmed an actively exploited zero-day vulnerability, CVE-2024-49138, which has been added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA)’s Known Exploited Vulnerability Catalog. This heap-based buffer overflow issue in the Windows Common Log File System (CLFS) driver impacts all Windows OS editions dating back to Server 2008. Despite Microsoft’s rating of “Important” with a CVSSv3.1 score of 7.8, experts deem the vulnerability “Critical” due to its active exploitation by ransomware operators and the public disclosure of exploit details.
CISA strongly urges organizations to prioritize remediation by applying December’s “Patch Tuesday” updates, emphasizing the high risks posed by this flaw. Criticism has arisen over Microsoft’s recurring publication of zero-days without marking them as “Critical,” leading to calls for a complete overhaul of the aging CLFS codebase to address future vulnerabilities.
Another high-severity vulnerability this month, CVE-2024-49112, targets the lightweight directory access protocol (LDAP) with a CVSS score of 9.8, allowing remote code execution. Enterprises are advised to follow best practices, such as blocking domain controllers from internet access, while all Windows users should apply updates promptly to safeguard against potential threats.
How to Protect Your Texts from Hackers
Rich Communication Services (RCS) is a feature which enables enhanced messaging between iPhone and Android users, such as high-resolution media sharing, read receipts, and typing indicators. However, RCS lacks certain features such as end-to-end encryption, making it less secure than services like iMessage or Google Messages within the same platform. The FBI recommends using encrypted apps like WhatsApp for secure communication, though some users express privacy concerns due to WhatsApp’s ownership by META.
Disabling RCS removes its media features but does not change the fact that it is lacking end-to-end encryption for Apple-Android messaging. Amid a recent FBI and CISA warning about foreign hackers targeting sensitive information, users are urged to avoid sharing data like credit card or Social Security numbers via text. Additionally, businesses handling sensitive communications should prioritize secure messaging solutions. Verizon will discontinue Advanced Messaging (RCS) support in the Samsung Messages app on January 6, 2025, further emphasizing the importance of caution and security in digital communication.
The Aftermath of a Krispy Kreme Cyberattack
In November 2024, Krispy Kreme fell victim to a cyberattack that disrupted its operations, affecting the online ordering feature in parts of the U.S. While in-person orders and deliveries to retailers and restaurant partners remained unaffected, the company warned that the incident could have a material impact on business operations until full recovery is achieved.
The costs of responding to the breach are expected to negatively affect Krispy Kreme’s financial results and overall condition. To address the situation, the company is collaborating with external cybersecurity experts to mitigate the damage and restore normal operations. Following the announcement, Krispy Kreme’s shares (DNUT) dropped by approximately 3%, adding to the stock’s 35% loss in 2024.
Contact the Experts Today
Staying informed on cybersecurity trends is hard, and often gets pushed aside as businesses tend to focus on tasks needed for their core operations. Fortunately, by working with a partner like SWK, you no longer need to worry about keeping yourself in the loop. SWK’s team of experts understand the cybersecurity landscape, and are here to help guide you through whatever bumps may appear in the road ahead. Contact us today and start your journey to a secure 2025, and the years beyond.
\