crowdstrike bugs News CrowdStrike bug maxes out 100% of CPU, requires Windows reboots "Note: This is 100% of a single core. In an 8-core system for example, an additional 12.5% of unexpected total CPU load would be experienced..." The Stack June 28, 2024
CISA vulnerabilities DevSecOps CISO News Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit... Fix up, look sharp: Uncle Sam is running out of patience with tech firms shipping insecure software. Vendors? Get familiar with the phrase "query parameterization"... Edward Targett June 26, 2024
CISA chemicals News CISA breach: Hackers gained access to chemical sector's vulnerability assessments Cybersecurity agency's cybersecurity appliance breached (yes, everything is broken) but no exfiltration seen says CISA The Stack June 25, 2024
Cloud EU News EU Cloud Certification Scheme could be "discriminatory" to Amazon, Google and Microsoft Companies and countries clash over ENISA cloud security certification Azania Imtiaz Patel June 17, 2024
malware c2 News 💀This malware campaign uses Discord emojis for C2 instructions Camera emoji? "Take a screenshot of the victim's screen and upload it to the command channel as an attachment." The Stack June 13, 2024
SolarWinds file transfer vulnerabilities News “Trivially exploitable” bug in SolarWinds file server needs prompt fixing “CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change." Edward Targett June 11, 2024
Snowflake data breaches News Snowflake warns over “rapeflake” data breaches "The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature." The Stack June 01, 2024
vulnerabilities Check Point News Check Point vulnerability far worse than thought – exploited in wild since April 106,000 customers publicly exposed, initial searches suggest. The Stack May 30, 2024
