vulnerabilities
This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?
CVE-2023-25717 is being exploited and affected products have been pulled into a new botnet...
CEO
eSentire CEO Kerry Bailey on teaming up with insurers, cyber resilience, and the "last mile"
“It was a little slow to get started, because they spoke in hard-edged actuarial science data terms. But we have the largest MDR database in the industry so we were able to get back to them and empirically show that we can reduce risk..."
malware
NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk
The bootkit has been sold on underground forums since at least October 6, 2022. It has a tiny on-disk size of around 80kb, can disable HVCI, Windows Defender, BitLocker, and bypass UAC
cyber risk
CVSS 4.0 aims for greater clarity on cybersecurity risk -- adds OT, response components
New metrics for Operational Technology exposure include whether the "consequences of the vulnerability meet definition of IEC 61508 consequence categories of "marginal," "critical," or "catastrophic."
Microsoft
A triple barrage of mystery DDoS attacks knocked Microsoft services including Azure, Intune offline
Back in 2021 Microsoft boasted of shielding a customer from a 2.4 Tbps DDoS attack originating from 70,000 sources. It has not shared such detail on this successful incident that it its services...
MOVEit
As victim count mounts, a critical new MOVEit bug emerges - with US federal agencies compromised
Hackers "often breach the Department’s defensive perimeter and roam freely within our information systems"
cybersecurity
A third of Barracuda zero day victims are gov't agencies
Attackers demonstrated such sophisticated persistence capabilities that Barracuda and Mandiant have urged users to dump affected appliances irrespective of patch level.
registry
Hackers could have taken over every single .ai domain
"It is clear that the internet is so, so brittle" and possibly held together with duct tape
Fortinet
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997
"It is a pre-auth RCE [and] has been proven to be exploitable in a consistent manner; we found it during a Red Team engagement and have exploited it remotely..."
data breaches
BBC, BA suffer data breaches in wake of MOVEit attacks
The Stack is seeing exposed instances associated with scores of high profile blue chips
cybersecurity
There’s yet another CVSS 10, sandbox escape vulnerability in this widely used software library
23 million downloads last month. Four CVSS 10 vulnerabilities reported within weeks. Public exploits shared...
News
UPDATED: File transfer software under active attack. Banks, gov't hit as CVE, new IOCs released
Admins should urgently modify firewall rules to deny HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443. (Also, can we start fuzzing for SQL Injection properly, please?)