The June 13 directive covers a range of actions across scores of devices used throughout government and its contractor base, particularly those that connect to the internet.
Microsoft SharePoint Online has been impacted by a ransomware attack by the Omega threat operation that leveraged a compromised Microsoft Global SaaS admin account rather than a compromised endpoint, reports SecurityWeek.
Multi-stage adversary-in-the-middle phishing and business email compromise attacks have been launched by the Storm-1167 threat operation against banking and financial services organizations, The Hacker News reports.
The territorial authority is among the 5% of the vendor’s Email Security Gateway users told to replace their appliances immediately. Government officials told reporters that a harms assessment is underway and personal data was likely pilfered in the attack.
Fixes have been issued by Cisco for critical and high-severity vulnerabilities impacting its Expressway Series and TelePresence Video Communication Server enterprise collaboration and video communication offerings, according to SecurityWeek.
Organizations whose Barracuda Email Security Gateway appliances were compromised with an already-addressed zero-day vulnerability, tracked as CVE-2023-2868, have been warned by Barracuda Networks to immediately replace their affected appliances, BleepingComputer reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.