Security Briefing: Kaiser Data Breach, Criminals Exploit CrushFTP Vuln, Brokewell Malware Takes Over Android Devices
Description
May 1st, 2024 Security Briefing with IANS Faculty Wolfgang Goerlich and Jessica Hebenstreit
Kaiser Notifies Millions of Data Breach - 13.4 insured people and patients will be receiving breach notices that their protected health information may have been compromised - considered the largest health-related data breach of 2024 to date.
Criminals Exploit CrushFTP Vulnerability - Adversaries are exploiting a vulnerability in CrushFTP to gain remote code execution (RCE). The vulnerability (CVE-2024-4040) combines server-side template injection with a virtual file system sandbox escape to allow attackers to read and execute files as root on Linux systems hosting CrushFTP.
Brokewell Malware Takes Over Android Devices - Discovered and documented by researchers at ThreatFabric, Brokewell is malware running on Android phones and devices.
With IANS Research, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.
Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.
United States
