---
title: "Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25, 2024] | DuoCircle"
description: "Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-49-of-2024/"
---

Quick Answer

Cybersecurity news for the week of November 25, 2024\. Multiple healthcare organizations across NY, IL, and FL disclosed email-account breaches affecting employee mailboxes. Researchers documented a new Wi-Fi exploit used in targeted attacks. A malware campaign abused an outdated Avast driver to disable security software. A high-profile extortion campaign targeted cloud storage platforms. Reports also covered intrusion attempts against telecom infrastructure, with practitioner guidance on hardening against each.

Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News \[November 25, 2024\]

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2024/12/Healthcare-Email-Breaches-Wi-Fi-Exploits-Uncovered-Malware-Exploits-Avast-Cybersecurity-News-November-25-2024.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-49-of-2024%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Healthcare%20Email%20Breaches%2C%20Wi-Fi%20Exploits%20Uncovered%2C%20Malware%20Exploits%20Avast%2C%20Cybersecurity%20News%20%5BNovember%2025%2C%202024%5D&url=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-49-of-2024%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-49-of-2024%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-49-of-2024%2F&title=Healthcare%20Email%20Breaches%2C%20Wi-Fi%20Exploits%20Uncovered%2C%20Malware%20Exploits%20Avast%2C%20Cybersecurity%20News%20%5BNovember%2025%2C%202024%5D "Share on Reddit") [ ](mailto:?subject=Healthcare%20Email%20Breaches%2C%20Wi-Fi%20Exploits%20Uncovered%2C%20Malware%20Exploits%20Avast%2C%20Cybersecurity%20News%20%5BNovember%2025%2C%202024%5D&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcybersecurity-news-update-week-49-of-2024%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/duocircle/images/2024/12/spf-record-tester.jpg) 

In this **week’s cyber update**, let’s examine the following case scenarios closely: a significant [email data breach](https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/) affecting multiple healthcare organizations, the discovery of a new [Wi-Fi exploit](https://www.bankinfosecurity.com/russian-hackers-exploit-wifi-in-sophisticated-new-attack-a-26901) used in targeted attacks, a malware campaign exploiting an outdated Avast driver, a [high-profile extortion campaign](https://cyberscoop.com/british-national-with-possible-links-to-high-profile-phishing-campaigns-arrested-in-spain/) targeting cloud storage platforms, and recent intrusion attempts on telecom infrastructure. _These headlines are followed by matter-expert suggestions highlighting best practices one could follow to mitigate potential risks in the future_.

## Email Data Breaches Exposed in Multiple Healthcare Organizations

It has been reported that **several employee accounts** have been allegedly compromised. The affected entities include various [healthcare industries,](https://www.hipaajournal.com/email-data-breaches-healthcare-ny-il-fl/) and let’s briefly dissect each of them below.

[![MFA (multi-factor authentication)](https://media.mailhop.org/duocircle/images/2024/12/spf-record-tester-7347.jpg)](https://media.mailhop.org/duocircle/images/2024/12/spf-record-tester-7347.jpg)

### HealthFund Solutions

HealthFund Solutions (Florida) reported unauthorized access to [compromising data](https://www.cybersecuritydive.com/news/data-compromises-record-high/696745/) for 5,198 individuals. The breach, which was detected in August 2024, was investigated, and it hasn’t yet resulted in the misuse of the exposed information. It’s become important for organizations to ensure robust email security and **implement further authentication layers** like [MFA (multi-factor authentication)](/email-security/multi-factor-authentication-mfa-and-its-impact-on-email-security/).

### Option Care Health

_Option Care Health (Illinois) also experienced a breach that revealed patient data, which affected 2,897 patients’ data in July 2024_. However, the company responded quite swiftly, giving credit monitoring and making sure of **security hygiene in environments**(sensitive) and the need for rapid response.

### Liberty Endo

Unauthorized access was identified by **Liberty Endo (New York)** to an employee’s email account that ended up affecting 942 patients during July and August 2024\. The affected individuals are being offered identity theft protection. Increased digitization of healthcare data has led Organizations to implement stringent [email security](/content/email-security-services) practices to avoid such compromises.

### United Seating and Numotion

Another company, Numotion, a provider of mobility solutions, has also reported access to several email accounts affecting 2,319 individuals. This occurred between August and September 2024\. The company went forward to also offer complimentary identity theft protection services to the victims. **Implementing multi-layered security controls** and comprehensive monitoring is crucial for mitigating these risks. 

For more details, you can visit the **official page** of [The HIPAA Journal](https://www.hipaajournal.com/email-data-breaches-healthcare-ny-il-fl/).

## Researchers Discover New Wi-Fi Exploits in ‘Nearest Neighbor’ Attacks

[Volexity researchers](https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/) have uncovered a new method of attack that is called the “[Nearest Neighbor Attack.](https://www.sans.org/newsletters/newsbites/xxvi-91/)” This technique allows the [threat actors](/email-security/what-threat-actor-can-do-with-your-emails-without-password/) to exploit weak Wi-Fi networks to gain unauthorized access to the target systems. _The attack involved tactics including credential stuffing and the bypass of Multi-Factor Authentication (MFA), which was allegedly used to infiltrate neighboring Wi-Fi networks, after which the attackers stole credentials for further exploitation_. The hackers exploited weak Wi-Fi networks that lacked **proper security measures**, which gave them illegal entry into the targeted network of the organization, which they leveraged to bypass MFA protections using stolen credentials.

[![Bypassing MFA Protections](https://media.mailhop.org/duocircle/images/2024/12/windows-smtp-service.jpg)](https://media.mailhop.org/duocircle/images/2024/12/windows-smtp-service.jpg)

Experts have extensively emphasized the importance of implementing MFA for both web services and Wi-Fi networks, suggesting that organizations should consider establishing **separate network environments** for Wi-Fi and Ethernet-based systems to mitigate such attacks. _This protects sensitive resources more effectively, monitors network access, and also gives a reminder of the vulnerabilities posed by unsecured Wi-Fi networks_.

## Malware Campaign Exploits Vulnerable Avast Driver to Disable Security Defenses In Place

A [malware campaign](https://www.sans.org/newsletters/newsbites/xxvi-91/) has been contemporarily discovered, solely abusing a vulnerable Avast anti-rootkit driver in order to turn off security defenses and take privileged control over infected systems. [The attack](https://www.trellix.com/blogs/research/when-guardians-become-predators-how-malware-corrupts-the-protectors/) allegedly attempts to leverage a kernel-mode driver to manipulate the **operating system’s core functionalities**, allowing the malware to turn off security processes that have been established. It exploits outdated but trusted software, which critically highlights the risks posed by unpatched drivers that can be managed or, more precisely, exploited by cybercriminals to gain illegitimate control and access over valuable information assets and systems.

The [driver](https://www.trellix.com/blogs/research/when-guardians-become-predators-how-malware-corrupts-the-protectors/) we are discussing interacts directly with the core of an operating system, positively allowing malware to bypass security measures and disable **key protective software**. To prevent such attacks in the future, subject-matter experts recommend implementing specific rules to block vulnerable drivers and using technologies like [Hypervisor-Protected Code Integrity (HVCI)](https://www.rapid7.com/db/vulnerabilities/msft-cve-2024-21431/) to safeguard against exploitation. _Organizations must ensure they are vigilant in updating their drivers and security software to avoid falling victim to such attacks_.

## Cyber Extortion Incident Involving Cloud Data Storage Unveiled

The news freshly curated from authentic sources highlights the advent of an [extortion campaign](https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/) that involves and/or simply leverages cloud data storage services, being allegedly used by [black hat hackers](https://thehackernews.com/2024/09/dragonrank-black-hat-seo-campaign.html) to sell stolen data from several organizations, enjoying a handsome amount of monetary benefits out of it. This attack was carried out by first exploiting weak security measures within the **cloud storage platform**. The weak measures included the lack of Multi-Factor Authentication (MFA) and layered defense strategies.

[Malicious attackers](https://www.securitymagazine.com/articles/100699-malicious-actors-are-cat-phishing-targets-in-order-to-spread-malware) exfiltrate sensitive data from several organizations, including telecom and financial companies, gaining unauthorized access to data-sensitive systems. These ill-intent attackers threatened their victims to pay [hefty ransoms](https://www.wired.com/story/atandt-paid-hacker-300000-to-delete-stolen-call-records/), failing to which the data would be released on **public platforms**. But to our relief, reports suggest that the attacker has been allegedly [arrested](https://krebsonsecurity.com/2024/11/canadian-man-arrested-in-snowflake-data-extortions/) and put behind bars for his illegal deeds.

This [cybersecurity](/) incident highlights the need to deploy robust authentication measures when utilizing cloud storage services. Experts advise organizations to safeguard against such attacks and to ensure that MFA is implemented across all platforms, particularly those used for **processing and storing sensitive** [PII (Personal Identifiable Information)](https://www.ibm.com/topics/pii) relating to customers.

## Telecom Company Detects Intrusion Attempts from External Network

Recently, this burning news has been making headlines in the esteemed columns of newspapers. [T-Mobile](https://www.t-mobile.com/news/un-carrier/update-cyberattacks-targeting-us-wireless-companies), a well-established US-based telecom company, formally reported to have detected intrusion attempts from an external network that were explicitly considered malicious. Illegal attempts were made to infiltrate the telecom’s systems, but to our relief, T-Mobile already had **well-established layered** security defenses in place, which potentially helped contain the adverse effects of the attack. _The organization found that the attackers were using discovery-related network commands in an attempt to probe the topography of its network_ _and assess potential vulnerabilities_.

After the incident was first identified, T-Mobile acted promptly by meticulously cutting off connectivity to the external network and preventing any lateral movement across its systems. This timely [report](https://www.bloomberg.com/news/articles/2024-11-27/t-mobile-engineers-spotted-hackers-running-commands-on-routers) underscores the importance of **robust monitoring and swift action** when dealing with such external threats. This cybersecurity incident, yet it didn’t materialize in the first place, highlights the growing trend of [cyber espionage targeting telecom companies](https://www.infosecurity-magazine.com/news/telecom-hack-exposes-us-officials/), especially those with vital infrastructure.

## Topics

cyber securityemail securityNewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 4m  Cambodia Targets Cybercriminals, Traditional Security Insufficient, AI Against Phishing, Cybersecurity News \[March 09, 2026\]  Mar 16, 2026 ](/blog/announcements/cyber-security-news-update-week-11-of-2026/)[  News 6m  Lazarus Infects NPM, MassJacker Steals Crypto, CISA Alerts Ivanti, Cybersecurity News \[March 10, 2025\]  Mar 17, 2025 ](/blog/announcements/cyber-security-news-update-week-12-of-2025/)[  News 6m  RedCurl Ransomware Targets, CS2 Steam Phishing, Fake Converter Cyberattacks , Cybersecurity News \[March 24, 2025\]  Apr 1, 2025 ](/blog/announcements/cyber-security-news-update-week-14-of-2025/)[  News 5m  Essential Check Secures, Prevention Beats Recovery, Treasury Cyber Breach- Cybersecurity News \[December 30, 2024\]  Jan 6, 2025 ](/blog/announcements/cyber-security-news-update-week-2-of-2025/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25, 2024]","description":"Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25.","url":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-49-of-2024/","datePublished":"2024-12-02T16:55:43.000Z","dateModified":"2025-04-28T12:45:17.000Z","dateCreated":"2024-12-02T16:55:43.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-49-of-2024/"},"articleSection":"announcements","keywords":"cyber security, email security, News, Security, Updates","wordCount":1064,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/12/spf-record-tester.jpg","caption":"cybersecurity news","width":900,"height":550},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25, 2024]","item":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-49-of-2024/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25, 2024]","item":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-49-of-2024/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25, 2024]","description":"Healthcare Email Breaches, Wi-Fi Exploits Uncovered, Malware Exploits Avast, Cybersecurity News [November 25.","url":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-49-of-2024/","datePublished":"2024-12-02T16:55:43.000Z","dateModified":"2025-04-28T12:45:17.000Z","dateCreated":"2024-12-02T16:55:43.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cybersecurity-news-update-week-49-of-2024/"},"articleSection":"announcements","keywords":"cyber security, email security, News, Security, Updates","wordCount":1064,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/12/spf-record-tester.jpg","caption":"cybersecurity news","width":900,"height":550},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```