Healthcare organizations stand as prime targets for cybercriminals, drawn by the allure of valuable personal and health information stored within Electronic Health Records (EHR). These records, akin to digital gold, encapsulate a treasure trove of data—from full names and birth dates to Social Security numbers and billing details—making them hot commodities on the black market.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition analyses cyberattacks related to the Israel-Palestine conflict, global DNS probing by a Chinese threat actor, and a significant data leak involving the New York Times.

It might surprise you to know that more than 70 new vulnerabilities are published every day. And despite their risk-reducing value in helping SOC teams address these, vulnerability management solutions have drawbacks. Often, they only provide a snapshot of an organization’s vulnerabilities at a point in time. In fact, owing to their nature, vulnerabilities identified today may not exist tomorrow, or they may appear and disappear intermittently.

As the fourth-largest economy worldwide, Japan stands as a pivotal center for various cutting-edge industries. This includes automotive, manufacturing, finance, and telecommunications, rendering its attack surface a prime target for cyber adversaries. Japan’s Western alliances and its territorial dispute with Russia, alongside support for Ukraine, heighten its cyber threat profile from state actors like China, Russia, and North Korea.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers an alleged data breach at Ticketmaster, a cyberattack on Synnovis affecting London hospitals, and a data breach disclosed by the BBC. The full reports are available to CYMON users. Request access here.

Today’s cyber threats continue to evolve at pace as adversaries compress the time between initial entry, lateral movement, and breach. At the same time, the rise of generative AI has the potential to lower the barrier of entry for low-skilled adversaries, making it easier to launch attacks that are more sophisticated and state of the art.

On May 28, 2024, Check Point released an advisory for CVE-2024-24919, a high priority bug which according to NIST NVD is categorized as “Exposure of Sensitive Information to an Unauthorized Actor”. The NVD has yet to assess a CVSS score for CVE-2024-24919 as of this writing. This vulnerability affects Check Point Security Gateway devices connected to the internet and configured with either IP-Sec VPN or Mobile Access software blades.