Hi everyone,

I know, I'm early this week. I have a full day offsite with my colleagues tomorrow, so I wanted to make sure I got this week's issue finished first :-) Enjoy the read, and have wonderful Friday and weekend!

P.S.: If you're looking for the Breaches section, I've placed it near the end of the newsletter together with the "Issues and fixes" section, just as an experiment to see if that works better for your reading flow.

Dieter Van der Stock

Breaches and leaks

  • MGM Resorts says cyberattack cost $100 million, resulted in theft of customer info: link.
  • D.C. Board of Elections confirms voter data stolen in site hack: link.
  • Air Europa customers urged to cancel cards following hack on payment system: link.
  • Volex, a U.K-based company that produces a range of power products, hit with cyberattack: link.
  • Blackbaud agrees to $49.5 million settlement for ransomware data breach: link.
  • Third Flagstar Bank data breach since 2021 affects 800,000 customers: link.
  • Shadow PC warns of data breach as hacker tries to sell gamers' info: link.
  • Simpson Manufacturing shuts down IT systems after cyberattack: link.
Dieter Van der Stock

Issues and fixes

  • Microsoft Patch Tuesday fixes 3 zero-days, 104 flaws: link.
  • Long-awaited curl vulnerability flops: link.
  • GNOME Linux systems exposed to RCE attacks via file downloads: link.
  • Confluence zero-day exploited by state actors since September: link.
  • D-Link WiFi range extender vulnerable to command injection attacks: link.
  • New critical Citrix NetScaler flaw exposes sensitive data: link.
  • Microsoft Exchange gets better’patch to mitigate critical bug: link.
  • 'Looney Tunables' Linux flaw sees snowballing proof-of-concept exploits: link.
Dieter Van der Stock