Tag: incident response plans
-
The Register: Emergency patch for potential SAP zero-day that could grant full system control
Source URL: https://www.theregister.com/2025/04/25/sap_netweaver_patch/ Source: The Register Title: Emergency patch for potential SAP zero-day that could grant full system control Feedly Summary: German software giant paywalls details, but experts piece together the clues SAP’s latest out-of-band patch is for a perfect 10/10 bug in NetWeaver that experts suspect could have already been exploited as a zero-day.……
-
The Register: Ransomware scum and other crims bilked victims out of a ‘staggering’ $16.6B last year, says FBI
Source URL: https://www.theregister.com/2025/04/24/ransomware_scum_and_other_crims/ Source: The Register Title: Ransomware scum and other crims bilked victims out of a ‘staggering’ $16.6B last year, says FBI Feedly Summary: Biggest threat to America’s critical infrastructure? Ransomware Digital scammers and extortionists bilked businesses and individuals in the US out of a “staggering" $16.6 billion last year, according to the FBI…
-
The Register: Where it Hertz: Customer data driven off in Cleo attacks
Source URL: https://www.theregister.com/2025/04/15/hertz_cleo_customer_data/ Source: The Register Title: Where it Hertz: Customer data driven off in Cleo attacks Feedly Summary: Car hire biz takes your privacy seriously, though Car hire giant Hertz has confirmed that customer information was stolen during the zero-day data raids on Cleo file transfer products last year.… AI Summary and Description: Yes…
-
The Register: Sensitive financial files feared stolen from US bank watchdog
Source URL: https://www.theregister.com/2025/04/09/occ_bank_email_hack/ Source: The Register Title: Sensitive financial files feared stolen from US bank watchdog Feedly Summary: OCC mum on who broke into email, but Treasury fingered China in similar hack months ago A US banking regulator fears sensitive financial oversight data was stolen from its IT systems in what’s been described as “a…
-
Slashdot: Oracle Tells Clients of Second Recent Hack, Log-In Data Stolen
Source URL: https://developers.slashdot.org/story/25/04/03/198224/oracle-tells-clients-of-second-recent-hack-log-in-data-stolen?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Oracle Tells Clients of Second Recent Hack, Log-In Data Stolen Feedly Summary: AI Summary and Description: Yes Summary: The recent report highlights a significant cybersecurity breach at Oracle, where hackers accessed client login credentials. This incident is notable for security and compliance professionals given its implications for data protection…
-
Schneier on Security: Critical GitHub Attack
Source URL: https://www.schneier.com/blog/archives/2025/03/critical-github-attack.html Source: Schneier on Security Title: Critical GitHub Attack Feedly Summary: This is serious: A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally targeted the widely used “tj-actions/changed-files” utility, is now believed to have originated from an…
-
The Register: ‘Dead simple’ hijacking hole in Apache Tomcat ‘now actively exploited in the wild’
Source URL: https://www.theregister.com/2025/03/18/apache_tomcat_java_rce_flaw/ Source: The Register Title: ‘Dead simple’ hijacking hole in Apache Tomcat ‘now actively exploited in the wild’ Feedly Summary: One PUT request, one poisoned session file, and the server’s yours A trivial flaw in Apache Tomcat that allows remote code execution and access to sensitive files is said to be under attack…