For providers

Aside from containing vehicle owners' names, birthdates, and phone numbers, such an Elasticsearch cluster also featured vehicle production dates, chassis and engine numbers, and other records with a "special needs" designation, according to Cybernews researchers.

Almost 35,000 brute-force attempts have been conducted by threat actors against a single host's Microsoft SQL Server leveraged by the accounting software for database operations, according to researchers from Huntress.

While information in the stolen database, which has been peddled on BreachForums, was purported to include customers' full names, birthdates, gender, usernames and IDs, hashed passwords, phone numbers, shipping addresses, and IP addresses, Temu emphasized that none of the shared data samples aligned with their transaction records.

After installing dependencies and upgrading .NET to version 8, ransomware gangs leveraged several Azure Storage Explorer instances to accelerate uploads of stolen files to Azure Blob storage before being transferred to their storage, according to a report from modePUSH.

Learn why Cisco Routed Optical Networking has been deployed by more than 200 customers who have increased capacity, reduced energy consumption, and lowered network costs complexity, and footprint.

Can cyber defenders use the presence of infostealers as a canary in the coal mine to preempt ransomware attacks?

Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates: iOS 18 and iPadOS 18 iOS 17.7 and iPadOS 17.7 Safari 18 macOS Sequoia 15 macOS Sonoma 14.7 macOS Ventura 13.7 tvOS 18 watchOS 11 visionOS 2 Xcode 16

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27348 Apache HugeGraph-Server Improper Access Control Vulnerability CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability CVE-2019-1069 Microsoft Windows Task Scheduler Privilege Escalation Vulnerability CVE-2022-21445 Oracle JDeveloper Remote Code Execution Vulnerability CVE-2020-14644 Oracle WebLogic Server Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.