5th January and The Tale of Joshi Virus: India’s First Global Computer Virus
In the cinematic tapestry of cybersecurity, where tales of intrigue and innovation collide, one story emerges from the… The post…
Security
Weekly Update 431
Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. I fell waaay behind…
Spyware Maker NSO Group Found Liable for Hacking WhatsApp
A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse…
Security Alert: Critical Remote Code Execution Vulnerability Discovered in Sophos Firewall
Sophos has addressed three security flaws in Sophos Firewall products that could enable remote, unauthenticated attackers to execute SQL injection…
Criminal Complaint against LockBit Ransomware Writer
The Justice Department has published the criminal complaint against Dmitry Khoroshev, for building and maintaining the LockBit ransomware.
Top Open Source API Security Tools
The modern world relies on Application Programming Interfaces (APIs). They allow applications to communicate with each other, servers, and consumers…
Friday Squid Blogging: Squid Sticker
A sticker for your water bottle. Blog moderation policy.
CVE-2023-34990: Critical Path Traversal Flaw Found in Fortinet FortiWLM
On 12 May 2023, Horizon3 researcher Zach Hanley found an unauthenticated limited file read vulnerability in FortiWLM that he promptly…
CVE-2024-50379: Apache Tomcat Remote Code Execution Vulnerability
Apache Tomcat, one of the most widely used open-source application servers for running Java applications, has long been trusted by…
Mailbox Insecurity
It turns out that all cluster mailboxes in the Denver area have the same master key. So if someone robs…