top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #67 - October 16, 2023

North Korean Hackers Exploiting Critical Flaw in DevOps Tool

Source: Data Breach Today

North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.




EPA Turns Off Taps on Water Utility Cyber Regulations

Source: Dark Reading

Facing legal challenges from state AGs and water associations, the EPA decided to give up its fight to mandate cyber-risk assessments for water utilities — for now. Experts warn that the sector is woefully at risk for escalating cyberattacks, and they explain why and offer insights for what utilities should do next.




Unpatched Zero-Day Being Exploited in the Wild, Cisco Warns

Source: Data Breach Today

Cisco on Monday asked customers to urgently disable the HTTP Server feature on internet-facing systems that was discovered to have a critical vulnerability in its modular operating system's web interface. Hackers exploited the IOS XE software web user interface feature to gain administrator-level privileges, effectively taking complete control of compromised devices, Cisco Talos said in a threat advisory.




IBM Says 631K Affected in Johnson & Johnson Database Breach

Source: Info Risk Today

IBM has reported to federal regulators that the personal information of 631,000 people was compromised by a "technical method" that allowed unauthorized access to a third-party database used by a Johnson & Johnson patient medication support platform. IBM said the problem has been fixed, but two lawsuits have already been filed.




Victim Count Doubles in Heart Institute Data Theft Hack

Source: Data Breach Today

The number of people affected by a Tennessee cardiac care clinic hack has more than doubled to 411,000 since the healthcare group first reported the incident to regulators in July. Cybercriminal group Karakurt claimed responsibility for the attack, which has so far triggered five class action suits.



94 views

Comments


Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page