The UK Says a Huge Payroll Data Breach by a ‘Malign Actor’ Has Exposed Details of Military Personnel
The UK Ministry of Defense said a breach at a third-party payroll system exposed as many as 272,000 armed forces personnel and veterans.
Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability
The recently disclosed Palo Alto Networks firewall vulnerability tracked as CVE-2024-3400, which has been exploited in attacks for at least one month, has been found to impact one of Siemens’ industrial products. In an advisory published late last week, Siemens revealed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall (NGFW) could be affected by CVE-2024-3400.
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability
The Shadowserver Foundation identifies thousands of Ivanti VPN instances likely impacted by a recent remote code execution flaw.
Security Flaw in WP-Members Plugin Leads to Script Injection
Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.
Details and Lessons Learned From the Ransomware Attack on the British Library
The British Library has shared details on the destructive ransomware attack it experienced in October 2023. Although the attack on the national library of the UK occurred five months ago, the Library’s infrastructure won’t be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin.
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Google on Tuesday announced that it paid out a total of $10 million through its bug bounty programs in 2023, bringing the total amount awarded by the tech giant for vulnerabilities found in its products since 2010 to $59 million. The total paid out in 2023 is less than the $12 million handed out in 2022, but it’s still a significant amount. The money was earned last year by 632 researchers from 68 countries. The highest single reward was $113,337.
Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints
The exploitation of a high-severity Kubernetes vulnerability can lead to arbitrary code execution with System privileges on all Windows endpoints in a cluster, Akamai warns. The issue, tracked as CVE-2023-5528 and impacting default Kubernetes installations, exists in the way the open source container orchestration system processes YAML files, which it uses for virtually every function. In some regards, the vulnerability is like CVE-2023-3676, a lack of sanitization in the subPath parameter in YAML files leading to code injection when creating pods with volumes.
LoanDepot Ransomware Attack Exposed 16.9 Million Individuals - SecurityWeek
Lending firm LoanDepot said the personal information of 16.9 million individuals was stolen in a ransomware attack in early January 2024.
QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products
QNAP has released patches for a dozen vulnerabilities in its products, including several high-severity flaws.
Inmate, Staff Information Stolen in Rhode Island Prison Data Breach
he Donald W. Wyatt Detention Facility says the data of 2,000 inmates, staff, and vendors was stolen in a cyberattack.
Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.
UK-based cybersecurity firm Sophos this week announced patches for an exploited vulnerability in Firewall versions that have reached End-of-Life (EOL). The critical-severity flaw, tracked as CVE-2022-3236, was found to impact versions 19.0 MR1 (19.0.1) and older of the product. It was originally patched in September 2022, but only in supported versions of Sophos Firewall. Sophos describes the security defect as a code injection issue in the Firewall’s User Portal and Webadmin components, allowing attackers to achieve remote code execution (RCE).
SysAid Zero-Day Vulnerability Exploited by Ransomware Group - SecurityWeek
CVE-2023-47246, a zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.
New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks
Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models.
New GPU Side-Channel Attack Allows Malicious Websites to Steal Data
GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip.
Sony Investigating After Hackers Offer to Sell Stolen Data
Sony has launched an investigation after a ransomware group claimed to have compromised all systems and offered to sell stolen data.
Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs - SecurityWeek
Malicious packages uploaded to PyPI, NPM, and Ruby repositories are targeting macOS users with information stealing malware.
Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs
Roughly 78% of healthcare organizations fell victim to a cyberattack over the past year and 60% of the incidents impacted care delivery
BlackLotus UEFI Bootkit Source Code Leaked on GitHub
The source code for the BlackLotus UEFI bootkit has been shared publicly on GitHub, albeit with several modifications compared to the original malware. Designed specifically for Windows, the bootkit emerged on hacker forums in October last year, being advertised with APT-level capabilities such as secure boot and user access control (UAC) bypass and the ability to disable security applications and defense mechanisms on victim systems.
TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant
The LockBit ransomware group claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC), but the chip giant says only one of its suppliers was breached. The notorious cybercrime group announced on Thursday on its website that it targeted TSMC, suggesting — based on the $70 million ransom demand — that it has stolen vast amounts of sensitive information. The victim was initially given seven days to respond, but the deadline has been extended to August 6 at the time of writing.
XSS Vulnerabilities in Azure Led to Unauthorized Access to User Sessions - SecurityWeek
Microsoft addressed two XSS vulnerabilities in Azure Bastion and Azure Container Registry (ACR) leading to unauthorized access to sessions.
Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals - SecurityWeek
Enzo Biochem says the clinical test information of roughly 2.47 million individuals was exposed in a recent ransomware attack.
WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers
A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks.
VMware Patches Critical Vulnerability Disclosed at Pwn2Own Hacking Contest
VMware this week released patches for a critical vulnerability disclosed at the Pwn2Own Vancouver 2023 hacking contest.
Zoom Patches High Risk Flaws on Windows, MacOS Platforms
Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.
Zoom Patches High Risk Flaws on Windows, MacOS Platforms
Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.
Apple Fixes Exploited Zero-Day With iOS 16.1 Patch | SecurityWeek.Com
Apple confirms the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks.
Apple Fixes Exploited Zero-Day With iOS 16.1 Patch | SecurityWeek.Com
Apple confirms the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks.
Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack
A ransomware group has hit at least one water company in the United Kingdom, but there is some confusion over whose systems were actually breached.
Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack
A ransomware group has hit at least one water company in the United Kingdom, but there is some confusion over whose systems were actually breached.
Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack
A ransomware group has hit at least one water company in the United Kingdom, but there is some confusion over whose systems were actually breached.