Friday Squid Blogging: Glass Squid Video
Here’s a fantastic video of Taonius Borealis, a glass squid, from NOAA. As usual, you can also use this squid…
September 2023
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks
A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. Cisco warns…
Why Australian companies need to adopt zero trust… now
By Sadiq Iqbal, Security Engineering Manager and Check Point Evangelist. It might be on the ‘to-do’ lists of many CISOs,…
Cisco BroadWorks Is Affected by a Critical-Severity Vulnerability
The Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform are both affected by a serious vulnerability that…
CVE-2023-4634 Detection: Unauthenticated RCE Vulnerability in WordPress Media Library Assistant Plugin
Security researchers have issued a stark warning about a critical vulnerability, designated as CVE-2023-4634, which is affecting an alarming number…
Warning: RocketMQ Vulnerability Actively Exploited by Threat Actors
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new critical-severity vulnerability to its KEV catalog. The issue is…
Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns
U.S. CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The U.S.…
LLMs and Tool Use
Last March, just two weeks after GPT-4 was released, researchers at Microsoft quietly announced a plan to compile millions of…
Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware
Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at…
Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs
Apple rolled out emergency security updates to address two new actively exploited zero-day vulnerabilities impacting iPhones and Macs. The two…