The Information Highway

The Toronto Public Library (TPL) confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised file server during an October ransomware attack. 

The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site's database. 

The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files. 

VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. 

Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities. 

McLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information. 

Cloudflare confirmed that the outage resulted from a DDoS attack that only affected the www.cloudflare.com website without impacting other products or services. The company didn't attribute the attack to a specific threat actor. 

"On November 8, 2023, U.S. Eastern Time (November 9, 2023, Beijing Time), ICBC Financial Services (FS) experienced a ransomware attack that resulted in disruption to certain FS systems. Immediately upon discovering the incident, ICBC FS disconnected and isolated impacted systems to contain the incident," said the bank. 

A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware. 

OpenAI has been addressing "periodic outages" due to DDoS attacks targeting its API and ChatGPT services within the last 24 hours. 

"Between 5:42AM - 7:16AM PT we saw errors impacting all services. We identified the problem and implemented a fix. We are now seeing normal responses from our services," the company said. 

Microsoft has introduced a new protective feature in the Authenticator app to block notifications that appear suspicious based on specific checks performed during the account login stage. 

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical.

Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. 

Several malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence on the infected devices. 

A sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a million Windows and Linux systems during that time. 

Cloudflare says the number of hyper-volumetric HTTP DDoS (distributed denial of service) attacks recorded in the third quarter of 2023 surpasses every previous year, indicating that the threat landscape has entered a new chapter. 

Academic researchers created a new speculative side-channel attack they named iLeakage that works on all recent Apple devices and can extract sensitive information from the Safari web browser. 

Insurance giant American Family Insurance has confirmed it suffered a cyberattack and shut down portions of its IT systems after customers reported website outages all week. 

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.