Top Vulnerabilities Reported in the Last 24 HoursGitHub vulnerability scanner
Drupal has issued an advisory to its developers, asking them to reserve some time next week to fix what Drupal terms a “highly critical” flaw in Drupal 7 and 8 core. The advisory notifies of a security release of Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28th, 2018 between 18:00 – 19:30 UTC.Chrome OS devices to receive Meltdown and Spectre patches
Google is set to release Chrome OS 66, slated for April 24, on all older Chromebooks with Intel processors in order to mitigate against the Meltdown vulnerability. While Meltdown and Variant 1 can be addressed with software updates, Variant 2 requires additional microcode updates.
Top Breaches Reported in the Last 24 HoursAtlanta City computers hit
Systems belonging to the city of Atlanta government have been infected with a ransomware. The computer network is currently experiencing outages on various customer-facing applications. A screenshot of a ransomware message demanding a payment of $6,800 to unlock each computer or $51,000 to provide all the keys for affected systems, has been submitted.Unsecured servers
A researcher came across various servers running etcd, a type of database used by networks to store and distribute passwords and configuration settings, on Shodan search engine. Using a simple script, the researcher could extract 8,781 passwords, 650 Amazon Web services access keys, 23 secret keys, and 8 private keys.