#cisco

A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. This post examines what we know about a breach that has exposed hundreds of millions of consumer records. We'll also take a closer look at the data broker that got hacked -- a background check company founded by an actor and retired sheriff's deputy from Florida.

Voting Village co-founder Harri Hursti told Politico the list of vulnerabilities ran “multiple pages.”

Feberr version 13.4 suffers from an ignored default credential vulnerability.

Farmacia Gama version 1.0 suffers from a cross site scripting vulnerability.

Covid-19 Contact Tracing System version 1.0 suffers from a cross site scripting vulnerability.

Bhojon Restaurant Management System version 2.9 suffers from an ignored default credential vulnerability.

Eight of the vulnerabilities affect the license update feature for CLIPSP.SYS, a driver used to implement Client License System Policy on Windows 10 and 11.

Kortex version 1.0 suffers from an insecure direct object reference vulnerability.

Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month. The Patch Tuesday

The most serious of the issues included in August’s Patch Tuesday is CVE-2024-38063, a remote code execution vulnerability in Windows TCP/IP.