Fortinet is warning customers about a critical operating system command injection vulnerability, tracked as CVE-2023-36553 with a CVSS score of 9.3, in the FortiSIEM report server. A remote, unauthenticated attacker can use the flaw to execute commands by sending specially crafted Application Programming Interface (API) requests. FortiSIEM is Fortinet's Security Information and Event Management (SIEM) solution that collects, aggregates, and correlates log data from various sources within a network.

According to Google's Threat Analysis Group (TAG), four different campaigns are exploiting a vulnerability in the Zimbra Collaboration server, which the team discovered in June. Three of the campaigns emerged in the weeks following the bug's hotfix being posted to GitHub. The Cross-Site Scripting (XSS) bug first appeared in June, when the researchers observed a threat actor exploiting it in attacks targeting government organizations in Greece. This article continues to discuss the discovery of four separate campaigns exploiting a vulnerability in the Zimbra Collaboration server.

During a year-long breach, hackers gained access to the personal data of UK-based Samsung customers. In a letter to affected customers, Samsung revealed that attackers exploited a vulnerability in an unnamed third-party business application to access the personal information of customers who made purchases at a Samsung UK store between July 1, 2019, and June 30, 2020. In the letter, Samsung noted that the compromise was not discovered until November 13, 2023. According to Samsung, hackers may have accessed affected customers' names, phone numbers, postal addresses, and email addresses.

In response to the evolving cyber threat environment, the Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program to provide cutting-edge cybersecurity shared services on a voluntary basis to critical infrastructure entities most in need of help. Cyberattacks have increased in both volume and impact in recent years, affecting the everyday operations of organizations across critical infrastructure sectors. For example, the ransomware attack on Colonial Pipeline's corporate network disrupted fuel supplies to gas stations along the East Coast.

According to Imperva, the leading threat to online retailers is automated attacks conducted through sophisticated bad bots against application business logic. Other significant threats to online retailers include account takeover, Distributed Denial-of-Service (DDoS), Application Programming Interface (API) abuse, and client-side attacks. Online retailers are built on an extensive network of API connections and third-party dependencies, making them vulnerable to a range of attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) has added three security issues affecting Microsoft devices, a Sophos product, and an Oracle enterprise solution to its catalog of Known Exploited Vulnerabilities (KEV). The KEV catalog contains flaws that have been confirmed to be exploited by hackers in attacks. It serves as a repository for vulnerabilities that companies worldwide should prioritize.

Intel has patched the Reptar vulnerability Google security researchers found in its CPUs that could lead to data theft or DNS attacks. According to researchers, the Reptar flaw is a "redundant prefix" issue. When hackers execute a REP MOVSB instruction with a redundant REX prefix in an Intel processor, the chip manufacturer warns in an advisory that it can result in unpredictable system behavior. This can then cause the system to crash or hang. In some cases, it can also result in the escalation of privileges.

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are warning about a group of hackers known as Scattered Spider, who have disrupted some of the country's largest companies through social engineering and other methods. The hacking group, also known as Starfraud, UNC3944, Scatter Swine, and Muddled Libra, has recently made headlines for alleged attacks on MGM Resorts and Caesars Entertainment. The FBI and CISA supported research from cybersecurity experts on how the group works in a recent advisory and press roundtable.