Posted 10/1/2023, 9:51:00 PM

Critical Patches Issued for Exim Mail Server, Cisco, Apple, Chrome, Mozilla; Johnson Controls Hit by Major Ransomware Attack

Progress Software has released patches for 8 vulnerabilities in WS_FTP, including a .NET deserialization flaw that could allow remote code execution.
Exim mail server, Cisco routers, Apple, Google Chrome, and Mozilla products have all issued patches for critical vulnerabilities this week, some being actively exploited.
Johnson Controls hit by a major ransomware attack that has taken some systems offline and may pose a national security risk due to stolen data.
Japanese cell carrier NTT Docomo reportedly hit by ransomware group Ransomed.vc, raising supply chain attack fears.
Over 27TB of data stolen from Johnson Controls in ransomware attack, with $51 million ransom demanded.

theregister.com

Relevant topic timeline:

9/26/2023

Sony Investigates Claims of Ransomware Hack Threatening to Sell Allegedly Stolen Data

A ransomware group claims to have compromised all Sony systems and is threatening to sell the data if a buyer isn't found by September 28th, 2023.

9/28/2023

Progress Urges Patch for Critical WS_FTP Flaws; Over 2,100 Hit by MOVEit Ransomware Attacks

Progress Software has warned customers to patch a critical vulnerability in its WS_FTP Server software, which has been exploited in recent data theft attacks, allowing unauthenticated attackers to execute remote commands and perform file operations outside the authorized folder path.