.svg)
Artivion, a leading manufacturer of cardiac implants and vascular devices, suffered a ransomware attack on 21st November 2024. The breach involved the acquisition and encryption of files, leading to disruptions in order processing and corporate operations.
Artivion’s operations faced immediate disruptions, particularly in order and shipping processes, although these were largely mitigated. The company has assured stakeholders that the breach is not expected to have a material financial impact at this stage, though additional response costs have been incurred. External cybersecurity experts have been engaged, and systems are being restored securely. This attack highlights the healthcare sector's vulnerability to ransomware due to its reliance on operational uptime and sensitive data.
Recommendations
Krispy Kreme disclosed a cyberattack that disrupted its online ordering systems on 29th November 2024. The breach impacted a key revenue stream, as digital sales account for 15.5% of the company’s income.
While physical stores and third-party deliveries were unaffected, the attack disabled online ordering, frustrating customers and projecting a 12% decline in digital sales during the critical holiday season. The company engaged leading cybersecurity experts and notified federal law enforcement while assuring customers that no payment data was compromised. Immediate recovery efforts are ongoing, and the incident highlights the growing risks to digital sales platforms for consumer-facing businesses.
Recommendations
The Federal Office for Information Security (BSI) in Germany revealed that 30,000 devices, including digital picture frames and media players, were shipped with pre-installed malware known as BadBox. The issue stems from outdated Android firmware.
BadBox malware allows attackers to create fake accounts for misinformation campaigns, conduct ad fraud, and use devices as residential proxies for illegal activities. It also has the potential to download additional malware, compounding its risk. The BSI implemented sinkholing measures to block communications between infected devices and command servers, minimising immediate harm. However, the affected devices are sold under multiple brand names, making identification challenging for consumers.
Recommendations
Microsoft’s December 2024 Patch Tuesday addressed 71 vulnerabilities, including 30 critical remote code execution (RCE) flaws and an actively exploited zero-day vulnerability (CVE-2024-49138).
This month’s updates include patches for a zero-day flaw (CVE-2024-49138) that was actively exploited to gain SYSTEM privileges. Another critical vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) could allow attackers to execute arbitrary code remotely. Affected systems include Windows 10, Windows 11, and various versions of Windows Server. The vulnerabilities underscore the need for immediate updates, particularly for enterprise environments heavily reliant on Remote Desktop Protocol (RDP).
Recommendations
Google released a critical update for its Chrome browser (version 131.0.6778.139/.140), addressing three high-severity vulnerabilities.
Among the vulnerabilities patched, CVE-2024-12381, a type confusion flaw in Chrome’s V8 JavaScript engine, could allow for arbitrary code execution. Another issue, CVE-2024-12382, was a use-after-free flaw in Chrome’s Translate feature, risking memory corruption and exploitation. Details of the third vulnerability remain undisclosed to prevent potential exploitation. The update highlights the importance of timely updates for web browsers, which are frequent targets due to their extensive user base of over 3 billion globally.
Recommendations
Contact Periculo for expert cyber security solutions tailored to the digital health industry.
