Security News Update for January 8th, 2023
This week’s security News Update Includes:
- Synology patches “maximum severity” vulnerability in their VPN routers
- Rackspace says it is not going to turn their hosted Exchange service back on and more than half of their customers have some of their data back
- EU’s NIS2 directive
- CVSS 10 Kernel bug in Linux
- CISA adds two VEEAM backup vulnerabilities to the actively exploited list
- Qualcomm bugs affect Microsoft, Lenovo and Samsung devices
- DoJ arrests hacker behind $100 million attack on Mango Markets
- The first of undoubtedly many lawsuits against LastPass filed
- Twitter has some interesting challenges
- McGraw Hill left student data unprotected
- Locomotive maker Wabtec discloses ransomware attack
- 235,000,000 Twitter users’ data leaked for free
- You don’t see this very often
- Texas Metropolitan Area EMS Authority reveals breach affecting 600,000
- If it is public, it is fair game
- Louisiana is first state to require gov ID to visit adult web sites
- Get ready to patch your Ferrari, Rolls, Porsche and BMW … and many others
- Security news bites for the week: more FTX cybercrime, Slack joins Okta in losing source code, Tesla, others at risk from cross-origin resource sharing, Ireland says Facebook cannot bury consent to steal your data inside user agreement because there is no way to opt out and France fines Apple $8 million over checkbox