An IP spoofing vulnerability in Django REST allowed attackers to circumvent the framework’s throttling feature, which is supposed to protect applications against mass requests.
The data accessed may have included customers’ personal information such as name, address, email, phone number, and Clarins loyalty program status, the cosmetics company added.
The incident was discovered on November 9, 2021. A couple of days later, MRIoA discovered that personal information was compromised in the attack and, by November 16, it had managed to retrieve it.
The funding round led by K1 Investment Management could be the last capital raise before an IPO, which will “probably” take place in 2024, Pentera Chief Executive Amitai Ratzon told Reuters.
A new multi-platform backdoor malware named ‘SysJocker’ has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems.
The Night Sky ransomware gang has started to exploit the critical CVE-2021-44228 vulnerability in the Log4j logging library, also known as Log4Shell, to gain access to VMware Horizon systems.
A high-severity remote code execution flaw tracked as CVE-2021-45388 has been discovered in the KCodes NetUSB kernel module, used by millions of router devices from various vendors.
“It is reported that the public security organs discovered 19 exploitable network security vulnerabilities in Walmart’s network system on November 25, 2021…” said China Quality News.
Sensitive voter details may have been compromised after a group of hackers was allegedly able to breach the servers of Comelec, stealing over 60GB of data possibly affecting the May 2022 elections.
The Malsmoke hacking group attacked over 2,100 victims worldwide in a new Zloader campaign by abusing a bug in Microsoft’s e-signature verification tool. Though it couldn’t be confirmed, experts believe the group uses spear-phishing emails or pirated software resources to infect victims. Such attacks seem to be highly targeted in nature and may cause severe damage.