Members only Change Healthcare Single ransomware attack has $2.45 billion impact -- with "direct response" costs hitting $776 million One Citrix appliance with no MFA = $2 billion in damages.
vulnerabilities Fake OpenSSH "exploit" is a real exploit. Just not the one you thought. Cisco says 42 products confirmed exposed to CVE-2024-6387 -- but OpenSSH exploit is malicious: Beware bogus POCs says Kaspersky
Cobalt Strike Cobalt Strike takedown likely to make Sliver even more popular Brute Ratel, Sliver and other alternatives are less well-known and mature than Cobalt Strike but increasingly adopted.
BT "Our infrastructure is not designed for it": BT security leader reveals the challenges of deploying zero trust How do you protect legacy technology from the threats of tomorrow? Security chief at world's oldest telecoms firm shares rare insights into its move towards a post-trust world
OpenSSH Pre-auth RCE to root in OpenSSH server: 700,000 instances exposed RHEL 9 affected, Debian, Ubuntu, SUSE push fixes
Federal Reserve Federal Reserve passed Treasury Secretary's details to Russians after social engineering incident "Hi. This is the Prezident here on zelensky.prank@rebel.spirit. Can I have your number and your friends' too?"
crowdstrike CrowdStrike bug maxes out 100% of CPU, requires Windows reboots "Note: This is 100% of a single core. In an 8-core system for example, an additional 12.5% of unexpected total CPU load would be experienced..."
Cybersecurity Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit... Fix up, look sharp: Uncle Sam is running out of patience with tech firms shipping insecure software. Vendors? Get familiar with the phrase "query parameterization"...
Cybersecurity CISA breach: Hackers gained access to chemical sector's vulnerability assessments Cybersecurity agency's cybersecurity appliance breached (yes, everything is broken) but no exfiltration seen says CISA
Cloud EU Cloud Certification Scheme could be "discriminatory" to Amazon, Google and Microsoft Companies and countries clash over ENISA cloud security certification
Cybersecurity 💀This malware campaign uses Discord emojis for C2 instructions Camera emoji? "Take a screenshot of the victim's screen and upload it to the command channel as an attachment."
SolarWinds “Trivially exploitable” bug in SolarWinds file server needs prompt fixing “CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change."
Snowflake Snowflake warns over “rapeflake” data breaches "The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature."
vulnerabilities Check Point vulnerability far worse than thought – exploited in wild since April 106,000 customers publicly exposed, initial searches suggest.
Cybersecurity Turf wars? NIST to fix NVD backlog by September – insists it’s right agency to run vulnerability database Update comes after CISA started enriching CVEs itself…
Cybersecurity EU shows "a complete lack of security thinking" says former Estonian president Estonian ex-prez Ilves and Columbia Law prof deliver stark warning to cyberpros
Cybersecurity "Untrue": Zscaler CEO shoots down Broadcom buyout rumours Anonymous Substack post with AI signs put the fear of Tan in Zscaler staff
Cybersecurity Root, but no response: 6 pre-auth RCEs in VMware ignored "Six exploits, no configuration needed, no ports need to get opened; just straight-up RCEs, no fuss, no muss."
Cybersecurity Single host saw 70,000 servers hit with Ebury backdoor Malware operators “have established a significant presence in data centers worldwide”
ransomware Fresh Black Basta TTPs revealed as CISA says CNI hit Ransomware group using "Backstab" to kill EDR processes.
Wales UK's first national SOC opens in Wales -- local authorities encouraged to onboard 18 local authorities along with fire and rescue services to get onboarded to centrally funded Security Operations Centre.
Zscaler Zscaler breach: Says single test server exposed, downplays risk "No impact or compromise to our customer, production and corporate environments" -- but were credentials stolen?
Ivanti Gird your loins, there’s a new pre-auth RCE in Ivanti boxes landing "Code execution in 0 seconds (3 seconds to be more accurate), no limitation, no authentication..."