Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

A critical remote code execution vulnerability affecting Juniper SRX firewalls and EX switches, initially rated as 'medium' severity but elevated to a critical 9.8 CVSS score when exploited in combination. This requires immediate patching as approximately 79% of exposed devices are still vulnerable to unauthenticated code execution without file uploads.
published: Sept. 18, 2023
During the week from Sept. 11, 2023, to Sept. 18, 2023, there were a total of 7 advisory/vulnerability events, 31 incident/data breach events, and 1 shared practical knowledge item. The week-over-week comparison showed improvement with half the number of advisories compared to the previous week, though the number of incidents remained similar. A total of 134,374 individuals were reported as impacted by the events of the week, with the largest breach exposing 58,505 individuals. The incidents were primarily caused by ransomware and third-party breaches, affecting various industries such as healthcare, government, IT/software/technology.
published: Sept. 11, 2023
During the week of September 4 to September 11, 2023, there were 14 advisory/vulnerability events, 29 incident/data breach events, and 4 shared practical knowledge items. Advisory events more than doubled compared to the previous week, while incidents remained the same. The data breaches affected over 5 million individuals, with the largest breach at the Traderie in-game marketplace potentially exposing 2.6 million. Incidents were primarily caused by third-party breaches and ransomware attacks, affecting various industries like healthcare, government, education, and entertainment/leisure.
Microsoft revealed that the Chinese hacking group Storm-0558 exploited a series of security lapses, including the accidental inclusion of a cryptographic key in a crash dump and the compromise of an engineer's account, to breach government email accounts and access various Microsoft cloud services, affecting 25 organizations and high-ranking officials.
Cybersecurity firm Qualys has released an analysis of the top 20 vulnerabilities most exploited by threat actors, malware and ransomware families in the past few years. Qualys' analysis of the top 20 exploited vulnerabilities reveals that 15 are associated with Microsoft products, with some dating back to 2017, indicating a concerning lack of patching discipline. The top 5 most targeted vulnerabilities all involve Microsoft products, while others include issues related to Apache's Log4j, Oracle, Unix/Linux, Jira Atlassian, Citrix, Ivanti, and Fortinet.
published: Sept. 4, 2023
In the week from August 28, 2023, to September 4, 2023, there were 6 advisory/vulnerability events and 29 incident/data breach events, with 5,478,525 impacted individuals across 11 incidents. The most significant breach exposing 1,800,000 individuals was the Eversource energy provider data breach. Key causes of incidents include third-party breaches, ransomware attacks, protocol design issues, affecting various industries such as education, IT/Software/Technology, finance, and others.
Microsoft addressed a vulnerability in its Power Platform by removing a compromised, abandoned reply URL, closing off unauthorized access to its API. Which highlights the importance of the thankless job of maintaining and retiring APIs properly to avoid potential security risks and unauthorized access scenarios.
published: Aug. 28, 2023
During the week between August 21, 2023, and August 28, 2023, there were 5 advisory/vulnerability events, 30 incident/data breach events, and 3 practical knowledge items shared, with a decrease in advisories and incidents compared to the previous week. Over 13 million individuals were impacted in incidents with the largest breach being the French government unemployment agency breach. IT/Software/Technology has moved into the most impacted industry this week, neck and neck with finance and healthcare.
published: Aug. 21, 2023
During the week of August 14-21, 2023, there were 9 advisory/vulnerability events, 33 incident/data breach events, and 1 practical knowledge item shared. The total number of reported impacted individuals from breaches was 2,909,548 across 11 incidents, with the largest breach involving Fidelity National Information Services' MOVEit Data breach impacting 873,000 bank customers. Healthcare, Educaton and Government are still the most impacted industries. Top causes of incidents are unsecured third party providers, ransomware and people being lazy and using recycled passwords.
We discuss the methods that the The "LabRat" cyber crime campaign is using to compromise your computers to make money. They use several techniques to attack your computers and avoid being caught while profiting from your computer power to mine cryptocurrency or to sell the bandwidth of victims to profit-to-peer profit sharing networks. To protect yourself, make sure your computer software is updated, use strong passwords, be careful with emails, and practice basic security hygiene.