Recent Security News

  • Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

    September 16, 2024 at 07:39AM Microsoft identified and addressed a high-severity CVE-2024-43461 security flaw through September 2024 updates, following its exploitation as a zero-day in Internet Explorer. This spoofing bug in MSHTML can execute arbitrary code when a user interacts with a malicious page or file. It was part of an attack chain exploited by…

    Read More

  • 88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack

    September 16, 2024 at 07:39AM Access Sports Medicine & Orthopaedics discovered unauthorized access to personal and health information of over 88,000 individuals due to a cyberattack. The compromised data includes names, Social Security numbers, and medical information. While no evidence of misuse has been found, fraud protection services have been offered. The attack was claimed…

    Read More

  • Data Stolen in Ransomware Attack That Hit Seattle Airport

    September 16, 2024 at 07:39AM The Port of Seattle confirmed a ransomware cyberattack in August, causing outages and disruptions to various services at the SEA Airport and other facilities. While most affected systems have been restored, the Port’s external website and internal portals remain offline. Stolen data is being assessed, with the potential for public…

    Read More

  • SolarWinds Patches Critical Vulnerability in Access Rights Manager

    September 16, 2024 at 05:27AM SolarWinds has released patches for two vulnerabilities in its Access Rights Manager, including a critical-severity bug (CVE-2024-28991) enabling remote code execution. A second issue (CVE-2024-28990) allows an attacker to access RabbitMQ management console. Both were resolved in version 2024.3.1 and users are advised to update installations promptly. No exploitation in…

    Read More

  • Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure

    September 16, 2024 at 05:27AM Exploitation of the Ivanti Cloud Service Appliance (CSA) vulnerability CVE-2024-8190 began shortly after the vendor released patches. The high-severity flaw enables unauthorized access and remote code execution, affecting certain versions of the CSA. Ivanti has addressed the issue in Patch 519 and CSA 5.0, but noted limited customer exploitation. CISA…

    Read More