Cisco said a patch for two actively exploited zero-day flaws in its IOS XE devices is scheduled to drop on Oct. 22. The first Cisco zero-day bug, tracked under CVE-2023-20198, was announced on Oct. 16 and has a severity rating of 10 out of 10. At the time it was discovered, it had already allowed threat actors to compromise more than 10,000 Cisco devices. On Oct. 19, Cisco said it believed the cyberattacks against its IOS XE devices were all being carried out by the same threat actor. READ MORE...
A threat actor accessed an Okta support system administrator account with a stolen credential, marking the second string of attacks to hit the identity and access management provider or its customers' Okta environments since late July. The threat actor viewed files containing sensitive data, which were uploaded by some customers as part of recent support cases, Okta CSO David Bradbury said Friday in a blog post. READ MORE...
The City of Philadelphia is investigating a data breach after attackers "may have gained access" to City email accounts containing personal and protected health information five months ago, in May. While officials discovered the incident on May 24 following suspicious activity in the City's email environment, the investigation found that the threat actors may have accessed emails in the compromised email accounts for at least two months after the City became aware of the incident. READ MORE...
Insurance giant American Family Insurance has confirmed it suffered a cyberattack and shut down portions of its IT systems after customers reported website outages all week. American Family Insurance (AmFam) is an insurance company focusing on commercial and personal property, casualty, auto, and life insurance, as well as offering investment and retirement planning The company employs 13,000 people and has a 2022 revenue of $14.4 billion. READ MORE...
QNAP took down a malicious server used in widespread brute-force attacks targeting Internet-exposed NAS (network-attached storage) devices with weak passwords. The Taiwanese hardware vendor detected the attacks on the evening of October 14 and, with assistance from Digital Ocean, took down the command-and-control server (used to control a botnet of hundreds of infected systems) within two days. READ MORE...
Eight newly discovered vulnerabilities in the SolarWinds Access Rights Manager Tool (ARM) - including three deemed to be of critical severity - could open the door for attackers to gain the highest levels of privilege in any unpatched systems. As a broad IT management platform, SolarWinds occupies a uniquely sensitive place in corporate networks, as the world learned the hard way three years ago. READ MORE...