AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/18/2023

3CX warns customers to disable SQL database integrations 

VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability. Although the security advisory released today lacks any specific information regarding the issue, it advises customers to take preventive measures by disabling their MongoDB, MsSQL, MySQL, and PostgreSQL database integrations. “If you’re using an SQL Database integration it’s subject potentially to a vulnerability – depending upon the configuration,” 3CX’s chief information security officer Pierre Jourdan said. 

 

Delta Dental of California data breach exposed info of 7 million people 

Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider that covers 45 million people across 15 states and is part of the Delta Dental Plans Association. According to a Delta Dental of California data breach notification, the company suffered unauthorized access by threat actors through the MOVEit file transfer software application. 

 

Google Will Turn Off Cookies for 30 Million People on January 4 

Google announced Thursday that it will start its long-anticipated slaughter of the internet’s cookies starting on January 4th, when it will block them for 1% of Chrome users, or about 30 million people. It’s the first major step in its Privacy Sandbox project, which aims to replace cookies with a different kind of tracking that Google says is better for your privacy. For the past 30 years, websites and tech companies have used so-called “third-party cookies” as the primary way to track consumers online. Has that pair of shoes you added to your cart three weeks ago been following you around in ads on the web? There are probably third-party cookies involved. These cookies let websites partner with other companies including Google and tons of others to keep tabs on everything you do online. That’s great for companies, and terrible for your privacy because it means there are a lot of businesses who get to keep a history of all of your web browsing. 

 

MongoDB says customer data was exposed in a cyberattack 

MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they detected their systems were hacked on Wednesday evening (December 13th) and started investigating the incident. “MongoDB is investigating a security incident involving unauthorized access to certain MongoDB corporate systems,” reads the email from MongoDB. 

 

CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations. In an alert published last week, the agency called out Iranian threat actors affiliated with the Islamic Revolutionary Guard Corps (IRGC) for exploiting operational technology devices with default passwords to gain access to critical infrastructure systems in the U.S. 

 

Mortgage giant Mr. Cooper data breach affects 14.7 million people 

Mr. Cooper is sending data breach notifications warning that a recent cyberattack has exposed the data of 14.7 million customers who have, or previously had, mortgages with the company. Mr. Cooper (previously Nationstar Mortgage LLC) is a Dallas-based mortgage lending firm that employs approximately 9,000 people and has millions of customers. The lender is one of the largest servicers in the United States, servicing loans of $937 billion. In early November 2023, the company announced that it had been breached in a cyberattack on October 30, 2023, which it discovered the following day. 

Related Posts