Content Paint
Search
Sign in
Membership

cybersecurity

 |  vulnerabilities  | Jul 03, 2023
This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?
This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?

CVE-2023-25717 is being exploited and affected products have been pulled into a new botnet...

CEO  | Jun 27, 2023
eSentire CEO Kerry Bailey on teaming up with insurers, cyber resilience, and the "last mile"
eSentire CEO Kerry Bailey on teaming up with insurers, cyber resilience, and the "last mile"

“It was a little slow to get started, because they spoke in hard-edged actuarial science data terms. But we have the largest MDR database in the industry so we were able to get back to them and empirically show that we can reduce risk..."

 |  malware  | Jun 26, 2023
NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk
NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk

The bootkit has been sold on underground forums since at least October 6, 2022. It has a tiny on-disk size of around 80kb, can disable HVCI, Windows Defender, BitLocker, and bypass UAC

cyber risk  | Jun 19, 2023
CVSS 4.0 aims for greater clarity on cybersecurity risk -- adds OT, response components
CVSS 4.0 release details

New metrics for Operational Technology exposure include whether the "consequences of the vulnerability meet definition of IEC 61508 consequence categories of "marginal," "critical," or "catastrophic."

Microsoft  | Jun 18, 2023
A triple barrage of mystery DDoS attacks knocked Microsoft services including Azure, Intune offline
Microsoft DDoS attacks hit Azure and likely Outlook but Redmond's coy with the details

Back in 2021 Microsoft boasted of shielding a customer from a 2.4 Tbps DDoS attack originating from 70,000 sources. It has not shared such detail on this successful incident that it its services...

MOVEit  | Jun 16, 2023
As victim count mounts, a critical new MOVEit bug emerges - with US federal agencies compromised
new MOVEit vulnerability and federal agencies hacked

Hackers "often breach the Department’s defensive perimeter and roam freely within our information systems"

 |  cybersecurity  | Jun 15, 2023
A third of Barracuda zero day victims are gov't agencies
A third of Barracuda zero day victims are gov't agencies

Attackers demonstrated such sophisticated persistence capabilities that Barracuda and Mandiant have urged users to dump affected appliances irrespective of patch level.

registry  | Jun 14, 2023
Hackers could have taken over every single .ai domain
Hackers could have taken over every single .ai domain

"It is clear that the internet is so, so brittle" and possibly held together with duct tape

Fortinet  | Jun 12, 2023
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997

"It is a pre-auth RCE [and] has been proven to be exploitable in a consistent manner; we found it during a Red Team engagement and have exploited it remotely..."

Interviews, Insight, Intelligence for Hungry Folks

© 2025 The Snack
©  2025 The Snack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.