MongoDB issues weekend warning of breach • The Register

/in


Infosec in brief MongoDB on Saturday issued an alert warning of “a security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information.”

At the time of posting, the NoSQL pioneer advised it was “not aware of any exposure to the data that customers store in MongoDB Atlas.” Atlas is the provider’s multi-cloud database-as-a-service offering.

MongoDB nonetheless recommended customers “be vigilant for social engineering and phishing attacks, activate phishing-resistant multi-factor authentication (MFA), and regularly rotate their MongoDB Atlas passwords.”

That advice appears to have been heeded: an update to MongoDB’s advisory warned customers of “a spike in login attempts resulting in issues for customers attempting to log in to Atlas and our Support Portal.” That spike was unrelated to the security incident, and customers were asked to “try again in a few minutes if you are still having trouble logging in.” – Simon Sharwood

Critical vulnerabilities: The not-patch-Tuesday list

As is usually the case this time of month, the most pressing vulnerabilities of recent days were revealed/patched in Patch Tuesday releases. That said, there’s still a few critical vulnerabilities to mention in the ICS world – they’ve gotta have a patch day too, right?

  • CVSS 9.8 – So many CVEs: Siemens SIMATIC S7-1500 CPU PLCs have a whopping 404 vulnerabilities in all versions of their software prior to 3.1.0 that can lead to information disclosure, tampering and DoS. Best patch ASAP.
  • CVSS 9.8 – CVE-2023-6448: Unitronics Vision Series PLCs running VisiLogic prior to v9.9.00 are all coded with default administrator passwords, which could let an attacker take control with ease.
  • CVSS 9.1 – Multiple CVEs: Siemens SCALANCE M-800 and S615 family ICS switches contain a number of vulnerabilities that could allow an attacker to inject code or spawn a system root shell.
  • CVSS 8.1 – Multiple CVEs: Siemens’s SINEC industrial network management software contains a number of vulnerabilities that could allow an attacker to trigger DoS, intercept…

Source…