Security News > 2023 > November

The Securities and Exchange Commission brought charges against both Austin, TX-based information security software company SolarWinds and its CISO Timothy G. Brown on October 30. The SEC alleges that between SolarWinds' October 2018 initial public offering and the December 2020 announcement of the large-scale cyberattack, SolarWinds and Brown specifically " defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.

U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. Mr. Cooper is a mortgage lending company based out of Dallas, Texas, that employs approximately 9,000 people and has 4.1 million customers.

The proportion of cybersecurity professionals reporting low "Happiness ratings" has risen sharply over the last 12 months, raising concerns about increasing burnout rates in the industry. The data indicated overall workplace happiness is falling across the board, with both medium and high-satisfaction ratings dropping and "Low satisfaction" ratings the only bracket that grew, increasing by more than five percent.

Security researchers have confirmed that ransomware criminals are capitalizing on a maximum-severity vulnerability in Apache ActiveMQ. Announced on October 25 and tracked as CVE-2023-46604, the insecure deserialization vulnerability allows for remote code execution on affected versions. "Apache ActiveMQ is vulnerable to remote code execution," Apache said in its advisory.

The HelloKitty ransomware operation is exploiting a recently disclosed Apache ActiveMQ remote code execution flaw to breach networks and encrypt devices. Yesterday, Rapid7 reported that they had seen at least two distinct cases of threat actors exploiting CVE-2023-46604 in customer environments to deploy HelloKitty ransomware binaries and extort the targeted organizations.

An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose functionality is wholly or partially impacted includes the Cloudflare dashboard, the Cloudflare API, Logpush, WARP / Zero Trust device posture, Stream API, Workers API, and the Alert Notification System.

Okta has sent out breach notifications to almost 5,000 employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical insurance plan numbers. The third-party, Rightway Healthcare, helps people compare healthcare providers and rates, and this includes Okta employees and their families.

Aerospace giant Boeing is investigating a cyberattack that impacted its parts and distribution business after the LockBit ransomware gang claimed that they breached the company's network and stole data. The ransomware gang said on Friday that they allegedly breached Boeing's network and stole a significant amount of sensitive information that they would leak online five days later if the airplane maker didn't reach out before the deadline.

Microsoft announced today the 'Secure Future Initiative,' pledging to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. "In recent months, we've concluded within Microsoft that the increasing speed, scale, and sophistication of cyberattacks call for a new response," said Microsoft President Brad Smith.

Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached. The data breach notification warns of a security incident that impacted Rightway Healthcare, which provides healthcare coverage for Okta employees and their families.