Operations and some data at the Alabama State Department of Education have been compromised following a thwarted ransomware attack last month, according to The Record, a news site by cybersecurity firm Recorded Future.
More severe of the bugs is a critical remote code execution flaw, tracked as CVE-2023-2071, which could be exploited to enable malicious DLL injections.
Ed Harris joins us to discuss how to secure OT environments, implement effective air gaps, and more!
This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!
Numerous widely used iOS and macOS apps could be compromised in supply chain attacks with a trio of vulnerabilities in the CocoaPods dependency manager, all of which have already been remediated in October, The Hacker News reports.
More than a dozen health providers had data from their customers impacted by the incident, including their names, birthdates, addresses, Social Security numbers, medical details, and health insurance information.
Data compromise has already been confirmed by fintech startup Mercury, which disclosed the hack of certain account numbers, business owner names, emails, and deposit balances as a result of the Evolve intrusion.