CISA and FBI issue joint warning on Royal Ransomware
On March 6, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a…
Security
VMware NSX Manager vulnerabilities being actively exploited in the wild
The Wallarm Detect team has found exploit attempts in the wild of CVE-2022-31678 and CVE-2021-39144. The original vulnerabilities were found…
New National Cybersecurity Strategy
Last week the Biden Administration released a new National Cybersecurity Strategy (summary >here. There is lots of good commentary out…
What does $5,000 buy you on a hacking forum? – Week in security with Tony Anscombe
A bootkit that ESET researchers have discovered in the wild is the BlackLotus UEFI bootkit that is being peddled on…
Friday Squid Blogging: We’re Almost at Flying Squid Drones
Researchers are prototyping multi-segment shapeshifter drones, which are “the precursors to flying squid-bots.” As usual, you can also use this…
Nick Weaver on Regulating Cryptocurrency
Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space—with all existing…
Weekly Update 337
Presently sponsored by: Kolide ensures only secure devices can access your cloud apps. It’s Device Trust tailor-made for Okta. Book…
MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT
ESET researchers tease apart MQsTTang, a new backdoor used by Mustang Panda, which communicates via the MQTT protocol The post…
Acunetix releases a security check for Fortinet RCE flaw
This Acunetix release introduces a new security check for the Fortinet RCE flaw (CVE-2022-39952). The FortiNAC, a network security solution,…
The LastPass Breach: Unfolding The Story!
Good grief, LastPass.. The popular password management firm with a motive of safeguarding people’s sensitive information, has become a breach…