MOVEit hack spawned over 600 breaches – Security
A hydra-headed breach centered on a single American software maker has compromised data at more than 600 organisations worldwide, according to cyber analyst tallies corroborated…
Month: August 2023
Malicious extensions can abuse VS Code flaw to steal auth tokens
Microsoft’s Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows,…
Google fails to end US$5 billion consumer privacy lawsuit – Security
A US judge rejected Google’s bid to dismiss a lawsuit claiming it invaded the privacy of millions of people by secretly tracking their internet use.…
New Downfall attacks on Intel CPUs steal encryption keys, data
A senior research scientist at Google has devised new CPU attacks to exploit a vulnerability dubbed Downfall that affects multiple Intel microprocessor families and allows…
EPA Victoria hardens security – Cloud – Security
The Victorian environmental watchdog’s recent investments in staff cyber awareness, data leakage prevention and cloud environment controls align with its security program’s goal of going…
Microsoft Office update breaks actively exploited RCE attack chain
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors…
Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days
A month after confirming active exploitation of “a series of remote code execution vulnerabilities” impacting Windows and Office users, Microsoft on Tuesday shipped patches for…
Windows 10 KB5029244 and KB5029247 updates released
Microsoft has released Windows 10 KB5029244 and KB5028168 cumulative updates for versions 22H2, 21H2, and 1809 to fix problems and add new features to the…
UK Electoral Commission Admits Major Data Breach Spanning Over a Year
UK’s Electoral Commission discloses major cyber attack exposing millions of voters’ data. The data Breach occurred in August 2021, detected in October 2022, compromising internal…
August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ
August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual…
Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws
Tag CVE ID CVE Title Severity .NET Core CVE-2023-38178 .NET Core and Visual Studio Denial of Service Vulnerability Important .NET Core CVE-2023-35390 .NET and Visual…
UK voter data hacked in cyber attack on election watchdog
The UK’s Electoral Commission has fallen victim to a major cyber incident that saw electoral registers containing the personal data of millions of voters accessed…