For providers

The industrial automation giant agrees to buy Verve Industrial Protection, joining in an ICS trend of bringing cybersecurity capabilities in-house to keep up with attackers.

Several security vulnerabilities impacting Mozilla Firefox and Google Chrome have been patched as part of software updates, according to SecurityWeek.

Healthcare organizations leveraging NextGen HealthCare's open source data integration solution Mirth Connect, which was touted as the "Swiss Army knife of healthcare integration" for enabling standardized data exchange and communications across various systems, have been urged to immediately apply updates to remediate a critical remote code execution flaw, tracked as CVE-2023-43208, which could be exploited to facilitate initial systems access or sensitive data compromise, The Hacker News reports.

Vulnerable Citrix NetScaler Application Delivery Controller and NetScaler Gateway instances impacted by the recently remediated critical severity Citrix Bleed information disclosure bug, tracked as CVE-2023-4966, could have their authentication session cookies stolen and be hijacked through a new proof-of-concept exploit discovered by Assetnote researchers, reports BleepingComputer.

CyberScoop reports that House Republicans' proposal to reduce Cybersecurity and Infrastructure Security Agency spending by 25% has been noted by CISA Executive Assistant Director for Cybersecurity Eric Goldstein to be "catastrophic," as it would significantly hamper the agency's efforts to monitor federal network threats.

Major Chilean telecommunications provider Grupo GTD, which caters to other countries across Latin America, had its data centers, Voice-over-IP, and internet access disrupted following a cyberattack against its infrastructure-as-a-service platform on Oct. 23, which was confirmed by Chile's Computer Security Incident Response Team to be a Rorschach ransomware attack, reports BleepingComputer.

Newly emergent ransomware operation Hunters International has exposed pre-operation photos of patients stolen from the systems of a U.S. plastic surgeon's clinic, The Register reports.

Data breach reported by Seiko following ALPHV/BlackCat ransomware attack Seiko has confirmed that nearly 60,000 items of personal data from the systems of its business units compromised following an ALPHV/BlackCat ransomware attack in August, according to The Record, a news site by cybersecurity firm Recorded Future.

Suspected Kazakhstan-based threat operation YoroTrooper has launched a widespread cyberespionage campaign against government organizations and officials across Central Asia between May and August, reports The Record, a news site by cybersecurity firm Recorded Future.