October 22, 2024 at 01:06AM CISA has added a critical vulnerability in ScienceLogic SL1 (CVE-2024-9537) to its KEV catalog due to active exploitation. This flaw could enable remote code execution. Fixes are available for several versions. Separately, Fortinet addressed an exploit linked to Chinese actors, but specifics remain undisclosed. Agencies must apply fixes by November … Read more
October 1, 2024 at 03:35PM Rackspace experienced a data breach due to a zero-day vulnerability in ScienceLogic’s third-party tool. ScienceLogic promptly developed a patch and distributed it to impacted customers. The breach exposed limited customer monitoring data, leading Rackspace to rotate credentials and inform customers. The impact on customers and potential exploitation attempts remains unknown. … Read more
September 30, 2024 at 07:18PM Rackspace recently faced a security breach when intruders exploited a zero-day bug in a third-party application, impacting its internal performance monitoring system. This led to temporary suspension of its monitoring dashboard. Although some customer information was accessed, Rackspace promptly isolated the affected equipment and worked on a patch in collaboration … Read more