Over 300 drinking water systems that serve roughly 110 million people in the US are affected by vulnerabilities that could lead to service disruptions, a new report from the Environmental Protection Agency (EPA)'s Office of Inspector General (OIG) shows. A passive assessment of security defects in 1,062 drinking water systems that serve over 193 million individuals has revealed that a quarter of them could potentially fall victim to attacks. READ MORE...
Great Plains Regional Medical Center in Oklahoma is notifying over 133,000 individuals that their personal information was compromised in a ransomware attack. The public, not-for-profit healthcare system discovered the attack on September 8, 2024, when ransomware was deployed, but the attackers had access to its systems for at least three days prior. According to the medical center, the attackers accessed and encrypted certain files between September 5 and September 8. READ MORE...
A major US mortgage lender has told customers looking to make the biggest financial transaction of their lives that an intruder broke into its systems and saw data belonging to 171,000 of them. American Neighborhood Mortgage Acceptance Company, which trades as AnnieMac Home Mortgage, said between August 21 and 23, an unknown intruder "viewed and/or copied" some customer data. READ MORE...
Physical letters that contain a QR code to trick people into downloading malware are being sent through the mail, according to a warning issued by The Swiss National Cyber Security Centre (NCSC). The letters are sent as if they come from the official Swiss Federal Office of Meteorology and Climatology (MeteoSwiss) and they urge the recipient to install a new "severe weather app." READ MORE...
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 and was discovered by Piort Kijewski of The Shadowserver Foundation. It is a critical severity (CVSS v3.1 score: 9.8) OS command injection problem, allowing unauthenticated attackers to execute arbitrary system commands on the device. READ MORE...
Microsoft will disclose vulnerabilities under the Common Security Advisory Framework, a move designed to help customers respond and remediate CVEs in a more efficient manner, the company said this week. CSAF is a format that is machine readable, which helps organizations digest the CVEs faster and in larger volumes. Customers will still be able to get CVE updates through the Microsoft security update guide or through an API based on the Common Vulnerability Reporting Framework. READ MORE...
The Cybersecurity and Infrastructure Security Agency warned Thursday that a vulnerability in Palo Alto Networks' firewall management software is actively being exploited in the wild, following last week's attacks that exploited other flaws in the same software. The two bugs in Palo Alto's Expedition tool, tracked as CVE-2024-9463 and CVE-2024-9465, could expose firewall credentials and affect versions 1.2.96 and below, according to the vendor alert. READ MORE...
A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really Simple Security is a security plugin for the WordPress platform, offering SSL configuration, login protection, a two-factor authentication layer, and real-time vulnerability detection. Its free version alone is used in over four million websites. READ MORE...