The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of active exploitation of vulnerabilities in JetBrains TeamCity and the Windows CNG Key Isolation Service, posing significant risks to organizations.
IBM Security’s annual Cost of a Data Breach Report for 2022 shows that the global average cost of a data breach has reached a record high of $4.35 million, with costs expected to increase to $5 million in 2023.
Chinese state-sponsored cyber attackers have uncovered and carried out the Operation Jacana cyber espionage campaign, targeting a governmental entity in Guyana using spear-phishing emails and deploying the DinodasRAT backdoor, highlighting the increasing sophistication of state-sponsored cyber attackers and the need for enhanced cybersecurity measures and international cooperation.
Atlassian warns of a critical privilege-escalation vulnerability in Confluence Data Center and Server instances that is actively being exploited, allowing external attackers to create unauthorized administrator accounts and gain control of affected systems.
Cisco has released security updates to address critical vulnerabilities in its software, including a flaw in its Emergency Responder software that allows unauthenticated remote attackers to log into affected devices using hard-coded root credentials, and two zero-day vulnerabilities actively targeted by attackers.
Apple has released an emergency update, iOS 17.0.3, to address two vulnerabilities that could allow attackers to gain control over affected devices and execute arbitrary code.
