Hi folks!

Here we are again with this week's wrap-up of the infosec news. Enjoy the read, and have a wonderful weekend.

Dieter Van der Stock

Breaches and leaks

  • Water services giant Veolia North America hit by ransomware attack: link.
  • Trello API abused to link email addresses to 15 million accounts: link.
  • LoanDepot ransomware attack exposes data on almost 17M customers: link.
  • Trading platform EquiLend down following cyberattack: link.
  • HPE hit by a monthslong cyberattack on its cloud-based email: link.
  • Local governments in Colorado, Pennsylvania and Missouri dealing with ransomware: link.
  • Aviation leasing company AerCap investigates ransomware incident: link.
  • Vans, North Face owner says ransomware breach affects 35 million people: link.
  • Tietoevry ransomware attack causes outages for Swedish firms and cities: link.
  • Trezor support site breach exposes personal data of 66,000 customers: link.
  • SEC confirms X account was hacked in SIM swapping attack: link.
  • Jason’s Deli says customer data exposed in credential stuffing attack: link.
Dieter Van der Stock

Issues and fixes

  • CISA issues emergency directive for federal agencies to mitigate Ivanti vulnerabilities: link.
  • Ivanti: VPN appliances vulnerable if pushing configs after mitigation: link.
  • Exploit released for Fortra GoAnywhere MFT auth bypass bug: link.
  • Over 5,300 GitLab servers exposed to zero-click account takeover attacks: link.
  • Chinese hackers exploit VMware bug as zero-day for two years: link.
  • Hackers target WordPress 'Better Search Replace' plugin active on 1 million sites: link.
  • Cisco warns of critical RCE flaw in communications software: link.
  • Atlassian Confluence Data Center under active exploitation in older versions: link.
  • Apple fixes first zero-day bug exploited in attacks this year: link.
Dieter Van der Stock