Oracle urges customers to patch an E-Business Suite vulnerability that cybercriminals are exploiting; Google's Mandiant says the Clop hacking group exploited it
AWAITING ANALYSIS — This CVE record has been marked for NVD enrichment efforts. CrowdStrike : CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracke...
Amazon, Google, and Cloudflare say a DDoS attack hit 398M RPS in August 2023, ~8x larger than the prior record, due to a new flaw; Google mitigated the attack
Assigner: Mitre Published: 2023-10-10Updated: 2023-10-11 The HTTP/2 protocol allows … Bill Toulas / BleepingComputer : New ‘HTTP/2 Rapid Reset’ zero-day attack breaks DDoS records Lucas Pardue / The C...
Bitdefender survey of 400+ IT and security professionals: 42% were told to cover up data breaches that should have been reported and 29.9% admit doing so
Have you ever wondered how many companies are keeping their data breaches under wraps? … Tweets: Phil Muncaster / @philmuncaster : With 42% of IT pros (and 70% in the US) told to keep quiet over data ...
LastPass says hackers stole a backup copy of users' encrypted and unencrypted vault data using cloud storage keys stolen from a LastPass employee in August 2022
If you have a LastPass account you should have received … Camila Foster / Sammy Fans : Samsung fans using LastPass should know, hackers stolen cloud data Fabian A. Scherschel / The Sleepy Fox : A Chri...
Cybersecurity authorities of Five Eyes countries warn of Russia-backed hacking groups targeting critical infrastructure organizations in and outside Ukraine
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure David Jones / Cybersecurity Dive : Cyber agencies renew warnings of Russia-linked threats against industrial targets Patri...
Researchers find 1,000+ web apps, from Ford, American Airlines, and others, mistakenly exposed 38M records stored on Microsoft's Power Apps service
Including Contact-Tracing Info Keumars Afifi-Sabet / IT PRO : Microsoft Power Apps misconfiguration exposes 38 million records James Vincent / The Verge : Check your permissions: default settings in M...
REvil ransomware gang says it has hacked Apple contractor Quanta Computer; source says it's demanding $50M ransom or it will leak more Apple product schematics
From Bloomberg's “Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta” posted early Wednesday: David Bisson / Cybereason I Cybersecurity Software … : Sodinokibi Ransomware Gang Extorts Ap...
Sources: Chinese hackers are thought to have hacked a payroll agency inside the US Dept. of Agriculture in 2020 by exploiting another bug in SolarWinds software
Update Now Eduard Kovacs / SecurityWeek : China-Linked Hackers Exploited SolarWinds Flaw in U.S. Government Attack: Report Phil Muncaster / infosecurity-magazine.com : US Payroll Agency Targeted in Se...
Business giant SAP patches RECON bug, which impacted most of its customers and let hackers create admin accounts on SAP servers
Critical Vulnerability in SAP NetWeaver AS Java Phil Muncaster / infosecurity-magazine.com : CISA: Patch Critical SAP RECON Bug Now Ionut Arghire / SecurityWeek : SAP Releases 10 Security Notes on Jul...
Zoom apologizes for security failures, says it has 200M+ DAUs vs. 10M in Dec., and plans to freeze development of new features to focus on security and privacy
And An FBI Warning Brian Krebs / Krebs on Security : ‘War Dialing’ Tool Exposes Zoom's Password Problems Kari Paul / The Guardian : ‘Zoom is malware’: why experts worry about the video conferencing pl...