From new zero-day exploits to a major law enforcement crackdown, December 2024 was packed with impactful cybersecurity news. ESET Chief Security Evangelist Tony Anscombe dives into some of the month’s key stories, offering expert insights and commentary. Watch the video for a full breakdown and stay until the end to learn also about one of the main concerns looming in 2025.
Here are some of the top cybersecurity stories of December 2024:
- Bad actors took advantage of a zero-day vulnerability in file transfer software from Cleo Communications to steal data from a number of organizations. A closer look reveals several intriguing twists in the incident involving the Cleo Harmony, VLTrader, and LexiCom software.
- The United States' Federal Communications Commission (FCC) has proposed new rules on how telecommunication companies should secure their networks.
- Meanwhile in the United Kingdom, the Ofcom has released its final codes of practice for how online platforms should handle illegal online content, giving them three months to conduct risk assessments or else face steep fines as the Online Safety Act becomes effective.
- Authorities in no fewer than 19 African countries arrested more than 1,000 people for allegedly taking part in ransomware attacks, business email compromise (BEC) and other cybercrimes.
- Donut and coffee retail chain Krispy Kreme suffered a cyberattack that caused operational disruptions and also impacted the company's online ordering system.
Don't forget to check out also the November 2024 edition of the monthly security news roundup.
