Google reports largest DDoS in history. NSA reports top 25 vulnerabilities used by Chinese hackers. Lot's of news packed in a minimal edition.  26th October 2020

Personal note - (early) parental leave and minimal edition

Some fun news I hadn't shared yet: my wife and I are expecting our second daughter to arrive within a month! I've decided to make full use of Articulate's (my employer) generous policies and am taking some pro-active time off to get things in order.
There will be quite a few minimal issues the next few weeks and months, and maybe a week or two around the birth itself where I don't send anything. I hope y'all understand, family-first :-)

Breaches and leaks

• Ransomware takes down network of French IT giant Sopra Steria: link.
• Covid-19 vaccine-maker hit with cyberattack, data breach: link.
• Pharma giant Pfizer leaks customer prescription info, call transcripts: link.
• Georgia election data hit in ransomware attack: link.
• Montreal's STM public transport system hit by ransomware attack: link.
• Kleenheat customer names and addresses exposed in system breach: link.
• Albion Online game maker discloses data breach: link.
• WastedLocker ransomware hits Boyne Resorts ski resort operator: link.

Patch 'em if you got 'em

• New Google Chrome version fixes actively exploited zero-day bug: link.
• Seven mobile browsers vulnerable to address bar spoofing attacks: link.
• Nvidia tackles code execution flaws, data leaks in GeForce Experience: link.
• HPE fixes maximum severity remote auth bypass bug in SSMC console: link.
• Discord desktop app vulnerability chain triggered remote code execution attacks: link.

You get a sanction, you get a sanction

• US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks: link.
• EU sanctions Russian hackers over 2015 German parliament attack: link.
• US Treasury sanctions Russian research institute behind Triton malware: link.