People who filed valid claims as part of the earlier Equifax data breach can request free credit monitoring. Equifax has emailed activation codes to these claimants and these codes must be used by June 27, 2022. More information about this legal settlement can be found at www.equifaxbreachsettlement.com.
Originally the IRS had scheduled users to sign up for ID.me by the summer of 2022. Existing IRS user accounts who had previously signed up without using ID.me will still work for now.
The Apache Software Foundation has released a security advisory for Java logging library Apache Log4j. This vulnerability may be exploited over a network without the need for a username and password. This is logged in the National Vulnerability Database (NVD) as CVE-2021-44228. Multiple server and cloud software vendors will be releasing security updates.
Microsoft disclosed a potential vulnerability in the Azure Cosmos DB Jupyter Notebook feature. The issue was resolved and no customer data was accessed. The Cybersecurity and Infrastructure Security Agency (CISA) also released a statement regarding this database issue.
Kaseya has reported that their VSA product has been the victim of a cyberattack. Some VSA customers have reported ransomware related to this issue. The Cybersecurity and Infrastructure Security Agency (CISA) also released instructions regarding this incident for customers of Kaseya VSA.
Dell has issued a security update to fix a vulnerability in its driver file dbutil_2_3.sys which runs on Microsoft Windows-based systems. This can be resolved by running Dell Security Advisory Update – DSA-2021-088. More information is available at the update FAQ page.
Dell SupportAssist will display driver, BIOS, and firmware updates that are available for Dell personal PCs and tablets that run Windows. Dell also has other self service update support options.
ParkMobile, a vehicle parking app which is used in several major cities in the U.S. under various names, has released details for a security incident with its vehicle parking app in March of 2021. License plate numbers and some email addresses and/or phone numbers were included in this incident, but not credit cards or drivers license numbers.