Cybersecurity

Cybersecurity

💀This malware campaign uses Discord emojis for C2 instructions

Camera emoji? "Take a screenshot of the victim's screen and upload it to the command channel as an attachment."

SolarWinds

“Trivially exploitable” bug in SolarWinds file server needs prompt fixing

“CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change."

Snowflake

Snowflake warns over “rapeflake” data breaches

"The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature."

vulnerabilities

Check Point vulnerability far worse than thought – exploited in wild since April

106,000 customers publicly exposed, initial searches suggest.

Cybersecurity

Turf wars? NIST to fix NVD backlog by September – insists it’s right agency to run vulnerability database

Update comes after CISA started enriching CVEs itself…

Cybersecurity

EU shows "a complete lack of security thinking" says former Estonian president

Estonian ex-prez Ilves and Columbia Law prof deliver stark warning to cyberpros

Cybersecurity

"Untrue": Zscaler CEO shoots down Broadcom buyout rumours

Anonymous Substack post with AI signs put the fear of Tan in Zscaler staff

Cybersecurity

Root, but no response: 6 pre-auth RCEs in VMware ignored

"Six exploits, no configuration needed, no ports need to get opened; just straight-up RCEs, no fuss, no muss."

Cybersecurity

Single host saw 70,000 servers hit with Ebury backdoor

Malware operators “have established a significant presence in data centers worldwide” 

ransomware

Fresh Black Basta TTPs revealed as CISA says CNI hit

Ransomware group using "Backstab" to kill EDR processes.

Wales

UK's first national SOC opens in Wales -- local authorities encouraged to onboard

18 local authorities along with fire and rescue services to get onboarded to centrally funded Security Operations Centre.

Zscaler

Zscaler breach: Says single test server exposed, downplays risk

"No impact or compromise to our customer, production and corporate environments" -- but were credentials stolen?