Security News Headlines #17

Security News Headlines for today focuses on a spectrum of critical cybersecurity updates from various sources. Today's newsletter encapsulates significant vulnerabilities and security incidents affecting enterprise-level software and services, alongside insights into both potential and thwarted cyber threats.

Critical Vulnerability in CreateUri A newly discovered vulnerability in the CreateUri function by Akamai could allow remote code execution through crafted URIs. This flaw is significant due to its potential impact across multiple software relying on this function.

Change Healthcare Ransomware Attack The ransomware attack on Change Healthcare has accumulated costs of $872 million, marking one of the most financially damaging attacks in healthcare.

Cryptographic Bug Fixed in PuTTY A critical cryptographic vulnerability in PuTTY has been patched, which previously could have allowed unauthorized remote code execution.

Cisco and Duo VPN Vulnerabilities Recent patches by Cisco address vulnerabilities in their VPN solutions that could potentially have been exploited by attackers to gain unauthorized access.

Sim Swapping Offers to Telecom Workers Employees at T-Mobile and Verizon have reported receiving offers via text to cooperate in SIM swapping schemes, highlighting a targeted social engineering threat.

Delinea Fixes Secret Server Flaw Delinea has addressed a vulnerability in its Secret Server solution. The company confirmed that no data was accessed or leaked due to this flaw.

Cisco Large-Scale Credential Compromise Cisco warns of an ongoing large-scale attack targeting credentials, which is expected to escalate further, urging organizations to bolster their defenses.

Ivanti Critical Flaws in Avalanche MDM Ivanti issued a warning about critical vulnerabilities in its Avalanche Mobile Device Management solution that could allow attackers to take control of affected systems.

Crypto Wallet iMessage Bug Update A widely reported iMessage bug affecting crypto wallets appears to be a false alarm, with the wallet maker clarifying the misunderstanding.

Today's outlook emphasizes the relentless pace of cyber threats and the ongoing need for robust cybersecurity measures across all sectors. The incidents and vulnerabilities shared today underline the critical importance of timely updates and vigilant security practices in mitigating potential risks.