From Security Weekly WikiJump to navigationJump to search
- Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135
- Dickey's Barbecue Pit Investigating Possible Breach Affecting 3M Payment Cards
- New Emotet campaign uses a new ‘Windows Update’ attachment
- Albion Online game maker discloses data breach
- Discord desktop app vulnerability chain triggered remote code execution attacks
- US charges six Russian intelligence officers with hacking Ukraine, 2018 Olympics, and Skripal investigation
- VoIP Firm Broadvoice Leaks 350 Million Customer Records An unsecure, Elasticsearch database cluster belonging to Los Angeles, Calif.-based VOIP provider Broadvoice was found exposed online on Oct. 1 containing more than 275 million Broadvoice XBP customers' full names, identification numbers, phone numbers, and states and cities of residence.
- NSA Publishes List of Top Vulnerabilities Currently Targeted by Chinese NSA has released an in-depth report discussing the top 25 vulnerabilities that are currently being scanned, targeted, and exploited by Chinese state-sponsored hacking groups to gain access to targeted networks and steal sensitive information
- MobileIron Enterprise MDM Servers Under Attack from DDoS Gangs, Nation-States Threat actors have been spotted exploiting CVE-2020-15505, CVE-2020-15506, and CVE-2020-15507, which affects MobileIron MDM servers. CVE-2020-15505 allows for RCE and is a high risk vulnerability.
- Montreal's STM Public Transport System Hit by Ransomware Attack STM suffered a "RansomExx" ransomware attack on Oct. 19 that impacted its services and online systems and resulted in an outage of its customer support system, IT systems, and website.