Category: alerts

More than 1.3 million patient records were stolen in the just-disclosed breach, which occurred back in October. Read more

A simple-to-exploit bug that allows bad actors to send emails from Uber’s official system — skating past email security — went unaddressed despite multiple flagging by researchers. Read more

Companies that fail to protect secure consumer data from Log4J attacks are at risk of facing Equifax-esque legal action and fines, the FTC warned. Read more

SEGA’s disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets. Read more

Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December. Read more

Original release date: January 4, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top   Medium Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info apache — log4j Apache Log4j2 versions 2.0-beta7 through… Read more

Expect many more zero-day exploits in 2022, and cyberattacks using them being launched at a significantly higher rate, warns Aamir Lakhani, researcher at FortiGuard Labs. Read more

Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution. Read more

Here’s what cybersecurity watchers want infosec pros to know heading into 2022.   Read more

The year wasn’t ALL bad news. These sometimes cringe-worthy/sometimes laughable cybersecurity and other technology stories offer schadenfreude and WTF opportunities, and some giggles. Read more