In light of the reported attacks and Proofs of Concepts (PoCs) leveraging Dynamic Data Exchange (DDE), Microsoft released Security Advisory 4053440 that provides guidance on securing DDE fields in Microsoft Office applications.
Intel has released a security advisory on November 20 after discovering vulnerabilities in its remote administrative feature called the Management Engine (ME), along with the Server Platform Services (SPS) and the Trusted Execution Engine (TXE).
UK pawnbroker Cash Converters revealed that it was the victim of a data breach that could have exposed sensitive data, including customer usernames, passwords, delivery addresses, and other personal details
DJI, one of the largest drone manufacturers in the world, was the subject of an information exposure incident when a researcher discovered that it left the private key for its HTTPS certificate on GitHub for four years.
A pair of Joint Technical Alerts from the US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have revealed more details on cyberattacks, allegedly coming from North Korea.
More ransomware families and variants were discovered in the wake of the Bad Rabbit outbreak. New families include ones labeled as Kristina, and a holiday-themed "Christmas" ransomware, while new variants from old families also make an appearance.