From the CloudCast Studios at Skyhigh Security, I’m your host Scott Schlee, and today we’re counting down the top 10 cybersecurity headlines of 2024.
The Top Headlines for 2024:

RockYou2024: 10 billion passwords leaked in the largest compilation of all time
Microsoft Falls Victim to Russia-Backed 'Midnight Blizzard' Cyberattack
UnitedHealth says Change Healthcare hack affects over 100 million, the largest-ever US healthcare data breach
National Public Data breach publishes private data of 2.9B people
Hackers steal “significant volume” of data from hundreds of Snowflake customers
Notorious hacking group responsible for Ticketmaster data breach
Crooks Steal Phone, SMS Records for Nearly All AT&T Customers
Ascension hacked after employee downloaded malicious file
CDK Global outage caused by BlackSuit ransomware attack
Widespread IT Outage Due to CrowdStrike Update


Thank you for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite podcast platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com.

Sources: Wikipedia · Krebs On Security · CyberNews · Dark Reading · TechCrunch · Microsoft · ARS Technica · Ticketmaster · HIPPA Journal · Bleeping Computer


-----------

CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding.





Transcript


From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Thursday, December 12th, 2024, and today, we’re counting down the top 10 cybersecurity headlines of 2024. This year brought no shortage of challenges—from healthcare breaches exposing millions of records, to CrowdStrike’s worldwide outage that disrupted businesses across the globe, and even one breach that cascaded from one company to another. These stories reflect the ever-evolving threats we face and some of the critical lessons learned along the way. And now, in no particular order, let’s dive into the year that was, in cybersecurity.”


In July 2024, a massive compilation of nearly 10 billion unique plaintext passwords, dubbed "RockYou2024," was leaked on a popular hacking forum. This dataset amalgamated passwords from thousands of previous breaches, both old and recent, creating an unprecedented repository of compromised credentials. The leak significantly heightened the risk of credential stuffing attacks, where cybercriminals exploit reused passwords to gain unauthorized access to various accounts. Security experts urged individuals to immediately reset compromised passwords, adopt strong and unique passwords for each account, utilize password managers, and enable multi-factor authentication to mitigate potential threats.


In January 2024, Microsoft revealed that the Russian state-sponsored group Midnight Blizzard (also known as APT29 or Nobelium) had infiltrated its corporate email systems. The attackers employed a password spray attack to compromise a legac...