Security news.
Today's security news highlights multiple actively exploited vulnerabilities, with CISA adding several to its KEV catalog, urging immediate patching. We also see reports of significant data breaches and ongoing sophisticated campaigns by state-sponsored actors and cybercriminals, emphasizing the persistent threat of identity-based attacks and supply chain compromises.
CISA Flags Actively Exploited SD-WAN Flaw
CISA has given U.S. government agencies four days to patch a new Catalyst SD-WAN Manager vulnerability actively exploited in attacks.
Actively Exploited Apache ActiveMQ Flaw Impacts 6,400 Servers
Over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability.
CISA Adds 8 Exploited Flaws to KEV Catalog
CISA expanded its Known Exploited Vulnerabilities (KEV) catalog with eight new flaws, including three impacting Cisco Catalyst SD-WAN Manager, PaperCut, JetBrains TeamCity, Kentico Xperience, Quest KACE, and Zimbra.
Unsecured Perforce Servers Expose Sensitive Data
A researcher identified over 1,500 Perforce P4 instances allowing attackers to read sensitive files on the server, affecting major organizations.
Progress Patches MOVEit WAF, LoadMaster Vulnerabilities
Progress Software has released patches for multiple security defects in MOVEit Web Application Firewall (WAF) and LoadMaster, which could lead to remote code execution and OS command injection.
Chinese APT Targets Indian Banks, Korean Policy Circles
A Chinese APT group is reportedly targeting India's financial sector and Korean policy circles, utilizing somewhat stale tactics, techniques, and procedures.
Identity-Based Attacks Remain Dominant Initial Access Vector
Despite focus on sophisticated threats, stolen credentials and identity-based attacks continue to be the most reliable entry point for attackers in breaches.
Healthcare Data Breaches Affect 600,000
Data breaches at Southern Illinois Dermatology, Saint Anthony Hospital, and North Texas Behavioral Health Authority have collectively impacted 600,000 individuals.