The Financial Services Information Sharing and Analysis Center’s latest weekly risk summary covers an unknown threat actor exploiting vulnerabilities in the MinIO Object Storage system to remotely execute arbitrary code on vulnerable servers.
Details: The risk report says researchers discovered the exploit code on a GitHub repository. MinIO is a high-performance and distributed object storage system used by various organizations.
More: The report also encourages organizations to remain vigilant for malicious cyber activity following natural disasters, such as hurricanes, with attackers targeting disaster victims and concerned citizens through social engineering.
Resources: The FS-ISAC publication and other resources are available on ICBA's Cyber and Data Security resource center.