top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #36 - March 13, 2023

Bad actors exploited RCE in Progress Telerik to hack US agency server

Source: SC Media

Multiple cyber threat actors exploited a vulnerability that was first documented in 2019 that allows remote code execution (RCE) to access a federal agency’s web server over a roughly three-month period, the U.S. Cybersecurity and Infrastructure Agency reported.


Link to article



CHS to Notify 1 Million in Breach Linked to Software Flaw

Source: Data Breach Today

Hospital Chain Faults Zero-Day Vulnerability in 3rd-Party File Transfer Software. Community Health Systems will soon begin notifying up to 1 million individuals believed to have been affected by a data breach when attackers exploited a zero-day vulnerability in a third-party vendor's secure managed file transfer software.




CISA warns of Adobe ColdFusion bug exploited as a zero-day

Source: Bleeping Computer

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw (CVE-2023-26360) is due to an Improper Access Control weakness, and it can be abused remotely by unauthenticated attackers in low-complexity attacks that don't require user interaction.




ALPHV Ransomware Claims Amazon Ring Data Breach

Source: The Cyber Express

Ring, a popular home security company, has allegedly been the target of a data breach by the ALPHV ransomware group. Although there has been no official confirmation of the Amazon Ring data breach, a news report revealed that the ransomware group has access to the private data of the home security company and has threatened to leak it if an agreement is not reached..




Emotet Is Back Again!

Source: Info Risk Today

Emotet malware is again active. Security researchers marked the latest sighting of the Microsoft Office-loving Trojan in what's becoming a cycle of reemergence and hibernation. Before the newest wave of malicious Emotet emails began earlier this month, researchers from Cofense say the malware was active for a two-week run in November.



101 views

Comments


Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page