Security News > 2022 > October > Week in review: OpenSSL critical fix, Medibank data breach, Apple fixes zero-day vulnerability
Incoming OpenSSL critical fix: Organizations, users, get ready!The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library.
Apple fixes exploited iOS, iPadOS zero-dayFor the ninth time this year, Apple has released fixes for a zero-day vulnerability exploited by attackers to compromise iPhones.
Medibank data breach: More customers affected, attacker got in via stolen credentialsAustralian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought.
Shadowserver: Get free access to timely, critical Internet security dataIn this Help Net Security video, Piotr Kijewski, CEO at The Shadowserver Foundation, talks about what they do and offers insight into their track record of delivering high-quality, actionable cyber threat intelligence for over 15 years.
Why dark data is a growing danger for corporationsIn this Help Net Security video, Dannie Combs, SVP and CISO at Donnelley Financial Solutions, discusses why dark data represents a potential cybersecurity threat for global businesses.
Cloud security made simple in new guidebook for lean teamsIn the ebook "The Lean IT Guide to Cloud Security", Cynet describes what the optimal cloud security toolkit looks like, along with how lean security teams can take advantage of similar strengths without increasing staff or ballooning security spending.
News URL
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- How to Effectively Manage a Data Breach (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Amazon confirms employee data breach after vendor hack (source)