Daily Vulnerability Trends: Fri Sep 15 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-36884Windows Search Remote Code Execution VulnerabilityCVE-2023-4039 A failure in the -fstack-protector feature...
Manchester Police officers’ data exposed in ransomware attack
United Kingdom's Greater Manchester Police (GMP) said earlier today that some of its employees' personal information was impacted by a...
Criminal IP Elevates Payment Security with PCI DSS Level 1 Certification
With payment card information being an enticing target for cyber attackers, the safeguarding of payment card transactions is of utmost...
Fake Cisco Webex Google Ads abuse tracking templates to push malware
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users...
Auckland transport authority hit by suspected ransomware attack
The Auckland Transport (AT) transportation authority in New Zealand is dealing with a widespread outage caused by a cyber incident,...
Caesars Entertainment confirms ransom payment, customer data theft
Caesars Entertainment, self-described as the largest U.S. casino chain with the most extensive loyalty program in the industry, says it...
MGM casino’s ESXi servers allegedly encrypted in ransomware attack
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts’ operations, forcing...
Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit
Proof-of-concept exploit code has been published for a Windows Themes vulnerability tracked as CVE-2023-38146 that allows remote attackers to execute code....
Iranian hackers breach defense orgs in password spray attacks
Image: Midjourney Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password...
Microsoft Monthly Security Update (September 2023)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesBrowser Low Risk Windows High RiskElevation of Privilege Denial of Service...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address vulnerabilities affecting Adobe software. A cyber...
CISA: CISA Releases its Open Source Software Security Roadmap
CISA Releases its Open Source Software Security Roadmap Today, CISA released an Open Source Software Security Roadmap to lay out—in...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on September 12, 2023. These...
CISA: CISA Adds Two Known Vulnerabilities to Catalog
CISA Adds Two Known Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
CISA: Apple Releases Security Updates for iOS and macOS
Apple Releases Security Updates for iOS and macOS Apple has released security updates to address a vulnerability in multiple products....
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on September 14, 2023. These...
CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR,...
CISA: CISA Adds Three Known Vulnerabilities to Catalog
CISA Adds Three Known Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on...
CISA: NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats
NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats Today, the National Security Agency (NSA), the Federal Bureau...
MalindoAir – 4,328,232 breached accounts
HIBP In early 2019, the Malaysian airline Malindo Air suffered a data breach that exposed tens of millions of customer...
Avoid These 5 IT Offboarding Pitfalls
Employee offboarding is no one's favorite task, yet it is a critical IT process that needs to be executed diligently...
Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems
A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could...
Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years
A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three...
