Citrix
Critical pre-auth RCE Citrix Gateway vulnerability is under active attack and looks bad
There are approximately 38,000 Citrix Gateway appliances exposed to the public internet and a whole host of internet traffic flows through Citrix ADC...
encryption
RFC 9420 aka Messaging Layer Security (MLS) – An Overview
MLS achieves its low complexity through the use of a binary tree. This means that the number of required operations and the payload size do not increase linearly with the group size but rather only logarithmically after a short warm-up period...
cybersecurity
Microsoft strengthens key storage after China incident – admits “validation error in Microsoft code”
Redmond has since "substantially hardened key issuance systems... this includes increased isolation of the systems, refined monitoring of system activity, and moving to the hardened key store used for our enterprise systems..."
sonicwall
Critical SonicWall vulnerabilities "extremely attractive" - central firewall hub needs urgent patching
Multiple critical unauthenticated SQL injection bugs and hard-coded credentials as well as command injection, and file upload bugs need urgent patching.
Azure
Microsoft clams up over critical Azure key breach, security incident as attackers breach US agencies
Following a major security breach involving US federal agencies, Microsoft refuses to provide details on the incident
MTTD
Combating hacker dwell time: Why mean time to detect (MTTD) alone can’t be trusted
MTTD, as things currently stand, cannot be relied upon exclusively as a metric to measure the effectiveness of data breach detection.
Patch Tuesday
This Microsoft zero day is under active attack and there’s no patch
Happy Patch Tuesday: Have some critical SAP vulnerabilities affecting pretty much every internet-facing product whilst you're at it...
patching
Apple pushes urgent security fix for exploited zero day – then kills it after websites broke
Risk arbitrary code execution or face howls from users unable to access Instagram? Priorities, priorities -- but a fresh fix is coming after initial RSR rolled back.
NCSC
UK’s NCSC starts using honeypots to detect, smash brute force campaigns
As well as setting up honeypots to identify and target brute force attacks, the NCSC also took down 24,407 web shells in 2022.
MOVEit
Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer
You're tired? Everyone's tired. Just patch promptly please.
QKD
HSBC joins BT, Toshiba's commercial Quantum Key Distribution network - but beware hackers with lasers
Dust off your math, review the literature with some strong coffee; envision a future fresh from a William Gibson novel...
cloud security
Reimagining cloud-native security for developers and platform owners
Even with ‘traditional’ configuration of resources in the cloud - and Kubernetes becomes a more extreme example of this – what is crystal clear is that security cannot stay outside of the development and DevOps teams."