Wednesday , May 14 2025

Daily Cybersecurity Update, June-23, 2023

An unsecured database belonging to RateForce ended up exposing 93.93 GB of personal information of users. This is a reminder to secure your cloud buckets. We also have two more victims of the MOVEit ransomware attack. This time, it is the largest public pension fund in the U.S. and an insurance firm. In other news, there is an update on the Dole ransomware attack that took place in February this year. The corporation disclosed the number of impacted individuals. Read on to know more.

RateForce Data Leak

CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE

Siemens issued a security advisory (SSA-047424) for two serious vulnerabilities—CVE-2025-26389 and CVE-2025-26390—impacting the OZW672 and OZW772 web servers. These servers...
Read More
CVSS 10.0 Flaw  Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE

Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day

Microsoft has released its Patch Tuesday updates for May 2025, addressing a total of 78 vulnerabilities across its product ecosystem,...
Read More
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day

OTP glitch disrupted NID services across the country

NID services in Bangladesh are temporarily suspended due to issues with delivering One-Time Passwords (OTP) needed to access the NID...
Read More
OTP glitch disrupted NID services across the country

Google to pay Texas $1.4 billion for location tracking practices

Google will pay about $1.4 billion to Texas to settle two lawsuits regarding location tracking and biometric data storage without...
Read More
Google to pay Texas $1.4 billion for location tracking practices

YouTube geo-blocks at least 4 Bangladeshi TV channels in India

YouTube has restricted access to at least four Bangladeshi television channels in India following a takedown request from the Indian...
Read More
YouTube geo-blocks at least 4 Bangladeshi TV channels in India

Microsoft Patches Four Critical Azure and Power Apps Vulns

Microsoft has fixed critical vulnerabilities in its core cloud services, including Azure Automation, Azure Storage, Azure DevOps, and Microsoft Power...
Read More
Microsoft Patches Four Critical Azure and Power Apps Vulns

Qilin Ransomware topped April 2025 with 45+ data leak disclosures

The cyber threat landscape is rapidly changing, with a notable increase in ransomware activity in April 2025, driven by the...
Read More
Qilin Ransomware topped April 2025 with 45+ data leak disclosures

SonicWall Patches 3 Flaws in SMA 100 Devices

SonicWall has released patches for three security flaws in SMA 100 Secure Mobile Access appliances that could allow remote code...
Read More
SonicWall Patches 3 Flaws in SMA 100 Devices

Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed

From April 2024 to April 2025, Flashpoint analysts noted that the financial sector was a major target for threat actors,...
Read More
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed

Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA

Cisco has issued a security advisory for a critical vulnerability in its IOS XE Software for Wireless LAN Controllers (WLCs)....
Read More
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA

An unsecured database belonging to the U.S. auto insurance price comparison site RateForce leaked 255,756 records (93.93 GB) containing scans and images of vehicle registrations, driver’s licenses, state Medicaid health coverage cards, and others.

MOVEit Ransomware Attacks

The MOVEit ransomware attack has claimed two more victims: the largest public pension fund in the U.S. and an insurance firm. The attack on the pension fund compromised the personal data of 2.5 million Genworth Financial policyholders, while the attack on the insurance firm compromised the personal information, including Social Security numbers, of 769,000 retired California state employees.

GitHub RepoJacking

Aqua Nautilus has warned that millions of GitHub repositories are potentially vulnerable to RepoJacking, a type of attack that steals sensitive data from repositories. Some vulnerable repositories belong to Google, Lyft, and other anonymous firms.

New JS Dropper Variant

Deep Instinct has spotted a new variant of JS dropper, named PindOS, that is deploying next-stage payloads such as IcedID and Bumblebee. These malware, in turn, serve as loaders for other malware, including ransomware.

Dole Ransomware Attack Update

Dole has confirmed that the February ransomware attack compromised the names, addresses, driver’s license numbers, passport numbers, dates of birth, phone numbers, and other employment information of 3,885 employees.

Chinese APT Groups Exploit Microsoft Office Vulnerability

SentinelOne has revealed that Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan.

NIST Creates First-Ever Cybersecurity Framework for Water Infrastructure

The National Institute of Standards and Technology (NIST) is creating the first-ever cybersecurity framework for water infrastructure to address unique cyber challenges impacting America’s complex water systems.

Microsoft Discovers Cryptomining Campaign

Microsoft has discovered a cryptomining campaign targeting IoT devices and internet-facing Linux systems. The attackers are using a backdoor that deploys a broad range of tools and an IRC bot to steal device resources for mining.

NSA Issues Guidance on Defending Against BlackLotus UEFI Bootkit Malware

The National Security Agency (NSA) has issued guidance on defending against BlackLotus UEFI bootkit malware attacks. The guidance recommends that system administrators apply the latest security updates, update recovery media, and customize UEFI Secure Boot to block older signed Windows boot loaders.

Unit 42 Researchers Observe Mirai Botnet Variant

Unit 42 researchers have observed a variant of the Mirai botnet that is targeting multiple vulnerabilities in popular IoT devices, with a focus on D-Link, Zyxel, and Netgear devices. The variant has been identified in two ongoing campaigns that started on March 14 and spiked in April and June.

Check Also

Daily Security Update Dated: 18.12.2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data …

Leave a Reply

Your email address will not be published. Required fields are marked *