Security News > 2022 > October > Week in review: OpenSSL critical fix, Medibank data breach, Apple fixes zero-day vulnerability
Incoming OpenSSL critical fix: Organizations, users, get ready!The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library.
Apple fixes exploited iOS, iPadOS zero-dayFor the ninth time this year, Apple has released fixes for a zero-day vulnerability exploited by attackers to compromise iPhones.
Medibank data breach: More customers affected, attacker got in via stolen credentialsAustralian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought.
Shadowserver: Get free access to timely, critical Internet security dataIn this Help Net Security video, Piotr Kijewski, CEO at The Shadowserver Foundation, talks about what they do and offers insight into their track record of delivering high-quality, actionable cyber threat intelligence for over 15 years.
Why dark data is a growing danger for corporationsIn this Help Net Security video, Dannie Combs, SVP and CISO at Donnelley Financial Solutions, discusses why dark data represents a potential cybersecurity threat for global businesses.
Cloud security made simple in new guidebook for lean teamsIn the ebook "The Lean IT Guide to Cloud Security", Cynet describes what the optimal cloud security toolkit looks like, along with how lean security teams can take advantage of similar strengths without increasing staff or ballooning security spending.
News URL
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- GitLab warns of critical pipeline execution vulnerability (source)
- Fortinet confirms data breach after hacker claims to steal 440GB of files (source)
- Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers (source)
- 23andMe to pay $30 million in genetics data breach settlement (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- AT&T pays $13 million FCC settlement over 2023 data breach (source)
- 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year (source)