Motility Software Solutions, a provider of dealer management software (DMS), detected unusual activity within specific computer servers supporting business operations around August 19. An unauthorized threat actor deployed malware that encrypted some systems.
Allianz Life Insurance Company disclosed a data breach impacting approximately 1.4 million customers, financial professionals, and select Allianz Life employees. The security incident that occured on July 16 was limited to a third-party cloud-based CRM system.
The NJCCIC has observed a phishing campaign posing as an automated notification about quarantined emails. Many companies employ email security protection, which often includes a quarantine feature that holds potentially risky emails for user review.
Multiple vulnerabilities have been discovered in VMware Aria Operations and VMware Tools, the most severe of which could allow for privilege escalation to root. VMware Aria is a multi-cloud management platform that provides automation, operations, and cost management for applications...
Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. Cisco is a leading technology company best known for its networking hardware and software, such as routers and switches,.
A vulnerability has been discovered in Nx (build system) Package, which could allow for sensitive data exfiltration. Nx is a smart, fast, and extensible build system designed for managing monorepos efficiently by providing features like dependency graph analysis, computation caching...
The Cybersecurity and Infrastructure Security Agency (CISA) released this Alert to provide guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as Shai-Hulud...
The CISA released this Cybersecurity Advisory detailing lessons learned from an incident response engagement following the detection of potential malicious activity identified through security alerts generated by the agency’s endpoint detection and response tool.
A vulnerability has been discovered in SolarWinds Web Help Desk, which could allow for remote code execution. SolarWinds Web Help Desk (WHD) is a web-based software that provides IT help desk and asset management functionality, allowing IT teams to manage service requests...
A vulnerability has been discovered in GoAnywhere Managed File Transfer (MFT) which could allow for Command Injection. GoAnywhere Managed File Transfer (MFT) is an enterprise-level software solution for securely automating, managing, and tracking file transfers.
