MongoDB’s Data Breach Confirmed
MongoDB revealed a data breach exposing customer metadata and sensitive information in an email announcement to their customers.
The email, alerting MongoDB’s customers of the cyberattack, also informed customers to be aware of heightened phishing email risk due to the data breach, and to set up multi-factor authentication for their accounts as a phishing safety measure.
CISA Urges Manufacturers to Abolish Default Passwords
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an alert, warning manufacturers to remove default passwords and internet-exposed systems to avoid heavy damage dealt by threat actors.
The CISA warning comes in the aftermath of the Islamic Revolutionary Guard Corps (IGRC)’s cyberattack, exploiting operational technology devices with default passwords to gain access to critical US infrastructure.
Rhadamanthys Malware Adds to Infostealing Arsenal
In a report, Check Point revealed infostealer malware, Rhadamanthys added two updates, upgrading its distribution, customization, and data stealing capabilities.
Check Point’s report also shows Rhadamanthys’ development moving quickly, and as a result it is gaining popularity among threat actors.
