Hi folks,

I hope you all had a wonderful week. I had the first "normal" week in a while and it felt good. Normal that is, except for tomorrow and the weekend, when we'll be off to an amusement park with our kids, and then on to the Christmas celebrations :-)

I'll make this a quick version, since it's already late and I want to focus on the family time tomorrow. I hope you'll forgive me :-) As always in the quick version, I'll use the default summaries instead of my own.

You all make sure to enjoy your weekend, your holidays, and your family get-togethers!


Dieter Van der Stock

Breaches and leaks

  • UniFi devices broadcasted private video to other users’ accounts: link.
  • Mortgage giant Mr. Cooper says October cyberattack leaked data of 14.7 million people: link.
  • Xfinity data breach affects 36 million people: link.
  • MongoDB says customer data was exposed in a cyberattack: link.
  • Ransomware gang behind threats to Fred Hutch cancer patients: link.
  • More than 45,000 affected by cyberattack on Idaho nuclear research lab: link.
  • Healthcare software provider ESO Solutions data breach impacts 2.7 million: link.
  • Delta Dental of California data breach exposed info of 7 million people: link.
  • Vans and North Face owner VF Corp hit by ransomware attack: link.
  • Ontario public library shuts down most services due to cyberattack: link.
  • Central Bank of Lesotho facing outages after cyberattack: link.
  • Indian tech giant HCL investigating ransomware attack: link.
  • Israel-linked hacking group claims attack on Iranian gas pumps: link.
Dieter Van der Stock

Issues and fixes

  • Google fixes 8th Chrome zero-day exploited in attacks this year: link.
  • QNAP VioStor NVR vulnerability actively exploited by malware botnet: link.
  • WordPress hosting service Kinsta targeted by Google phishing ads: link.
  • Microsoft discovers critical RCE flaw in Perforce Helix Core Server: link.
  • Ivanti releases patches for 13 critical Avalanche RCE flaws: link.
  • 3CX warns customers to disable SQL database integrations: link.
  • 80 percent of Struts 2 downloads include critical flaw: link.
Dieter Van der Stock