As you might expect, the world of cybersecurity continues to evolve at breakneck speed, so much so that keeping up with new threats, scams and data breaches is no mean feat. November 2024 saw no shortage of impactful cybersecurity news – here's their roundup from ESET Chief Security Evangelist Tony Anscombe:

  • ESET's discovery of two zero-day vulnerabilities in several Mozilla products and in Windows that were targeted by a zero-click exploit courtesy of a Russia-aligned group tracked as RomCom
  • a joint advisory issued by the cybersecurity agencies of the Five Eyes intelligence alliance on the back of a surge in zero-day flaws
  • Amazon's confirming that employee data was compromised after an incident that affected a third-party provider last year and involved the exploitation of a vulnerability in the MOVEit file transfer tool
  • there are no fewer than 145,000 internet-exposed industrial control systems (ICS) worldwide, internet intelligence platform provider Censys has found
  • Google has announced that, starting early next year, multi-factor authentication will be mandatory on all Google Cloud accounts
  • some good news to conclude the roundup – Jen Easterly, the head of the United States' Cybersecurity and Infrastructure Security Agency (CISA), said that there's no evidence of any malicious activity materially impacting the security or integrity of the country's election infrastructure amid the recent presidential election

Make sure to also watch the October 2024 edition of Month in security.

Connect with us on FacebookTwitterLinkedIn and Instagram.