MongoDB Suffers Security Breach, Exposing Customer Data  

MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its…

Continue ReadingMongoDB Suffers Security Breach, Exposing Customer Data  

Massive cybercrime URL shortening service uncovered via DNS data

An actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected. In less than a month, Prolific Puma has registered thousands of domains, many on the U.S. top-level domain (usTLD), to…

Continue ReadingMassive cybercrime URL shortening service uncovered via DNS data

Atlassian warns of critical Confluence flaw leading to data loss

Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful exploitation. Described as an improper authorization vulnerability affecting all versions of Confluence Data Center and Confluence Server software, the bug is tracked as CVE-2023-22518 and…

Continue ReadingAtlassian warns of critical Confluence flaw leading to data loss

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487

Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability (CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023. CISA recommends organizations that provide HTTP/2 services apply patches when available and consider configuration changes and other mitigations discussed…

Continue ReadingHTTP/2 Rapid Reset Vulnerability, CVE-2023-44487

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

Today, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One. The joint guide outlines phishing techniques malicious actors commonly…

Continue ReadingCISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

Oracle Releases October 2023 Critical Patch Update Advisory

Oracle has released its Critical Patch Update Advisory for October 2023 to address 387 vulnerabilities across multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle Critical Patch Update Advisory - October…

Continue ReadingOracle Releases October 2023 Critical Patch Update Advisory

CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). The guidance now notes that Cisco has fixed these vulnerabilities for the 17.9 Cisco IOS XE software release train with the 17.9.4a update. According to Cisco's Security…

Continue ReadingCISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-5631 Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in…

Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog

VMware Releases Security Advisory for vCenter Server

VMware released a security advisory for vulnerabilities (CVE-2023-34048, CVE-2023-34056) affecting the VMware vCenter Server. A remote cyber actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the VMware vCenter Server Out-of-Bounds Write Vulnerability advisory and apply the necessary updates.…

Continue ReadingVMware Releases Security Advisory for vCenter Server

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted…

Continue ReadingMicrosoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems