Oracle urges customers to patch an E-Business Suite vulnerability that cybercriminals are exploiting; Google's Mandiant says the Clop hacking group exploited it
AWAITING ANALYSIS — This CVE record has been marked for NVD enrichment efforts. CrowdStrike : CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracke...
Asahi restarted production at six Japanese breweries on October 2 after a cyberattack forced it to halt production and shipments for days, and is investigating
Update Ionut Arghire / SecurityWeek : Beer Giant Asahi Says Data Stolen In Ransomware Attack
Lumen details how malware bricked 600K+ routers connected to an autonomous system number belonging to a US ISP in October 2023; the ISP seems to be Windstream
Executive Summary — Lumen Technologies' Black Lotus Labs identified … Christopher Bing / Reuters : Hundreds of thousands of US internet routers destroyed in newly discovered 2023 hack Pierluigi Paga...
Researchers say misconfigured Firebase instances exposed 125M+ users' records, including plaintext passwords, email addresses, and messages, across 900 websites
Ionut Arghire / SecurityWeek :
Health management solutions provider HealthEC suffered a data breach between July 14 and July 23, 2023 that impacted close to 4.5M patients
what to do now Pierluigi Paganini / Security Affairs : HealthEC data breach impacted more than 4.5 Million people Ionut Arghire / SecurityWeek : 4.5 Million Individuals Affected by Data Breach at Heal...
Filing: US government services contractor Maximus says MOVEit hackers accessed protected health information and other data of “at least” 8M to 11M people
Item 8.01 Other Events On May 31, 2023, Progress Software Corporation … Ionut Arghire / SecurityWeek : Up to 11 Million People Hit by MOVEit Hack at Government Services Firm Maximus Twitter: Brett Cal...
Gigabyte releases BIOS updates to remove a backdoor in the firmware of over 270 motherboard models that could let hackers install malware when the PC restarts
Ionut Arghire / SecurityWeek :
Researchers identify 80K+ Hikvision cameras that have yet to be patched for flaws allowing remote code execution, despite fixes being available for months
Ionut Arghire / SecurityWeek :
Report: collaboration tools like Slack and Discord are increasingly being used to spread malware, often using the tool's own CDNs and APIs to evade detection
There's A New Malware Out There Snatching Users' Passwords TechRadar : Discord and Slack are becoming hotbeds for malware Ionut Arghire / SecurityWeek : Collaboration Platforms Increasingly Abused for...
CISA: hacking groups linked to China's Ministry of State Security have exploited F5, Citrix, Pulse Secure, and Microsoft Exchange bugs to hack US gov't networks
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity Ravie Lakshmanan / The Hacker News : CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies Ken Wieland / ...