Breach Announcements – January 24, 2022

John

OpenSubtitles (popular online subtitles site) – almost 7 million users info Above is a list of Companies I have information for that have confirmed some sort of Breach (its obviously not complete since most never report anything, just what I hear about) Note: This is going to be a new type of post – will only […]

CISA Adds Four More Known Exploited Vulnerabilities to their Catalog

John

LINK The four added are CVE Number CVE Title Required Action Due Date CVE-2006-1547 Apache Struts 1 ActionForm Denial of Service Vulnerability 07/21/2022 CVE-2012-0391 Apache Struts 2 Improper Input Validation Vulnerability 07/21/2022 CVE-2018-8453 Microsoft Windows Win32k Privilege Escalation Vulnerability 07/21/2022 CVE-2021-35247 SolarWinds Serv-U Improper Input Validation Vulnerability 02/04/2022 The download for the full CSV is […]

Breach Announcements – January 20, 2022

John

Crypto.com (cryptocurrency trading site) – 483 large customers data and currency withdrawn\ Red Cross (humanitarian organization) – half a million users PII exfiltrated R.R. Donnelly (integrated services company) – unspecified intrusion Above is a list of Companies I have information for that have confirmed some sort of Breach (its obviously not complete since most never […]