Information from Saturday afternoon to Sunday afternoon News/Intelligence/IOCs Stories Fake Trezor data breach emails used to steal cryptocurrency wallets – LINK New Borat remote access malware is no laughing matter – LINK UK Police charges two teenagers for their alleged role in the Lapsus$ extortion group – LINK Beastmode Mirai botnet now includes exploits for […]
Weekend Digest – 4/2/2022 (Saturday)
Information from Friday afternoon to Saturday afternoon. News/Intelligence/IOCs Stories CERT/CC Releases Information on Spring4Shell Vulnerability – LINK Spring4Shell: critical vulnerability in Spring Java framework – LINK Beastmode botnet boosts DDoS power with new router exploits – LINK Threat Roundup for March 25 to April 1 – LINK British Police Charge Two Teenagers Linked to LAPSUS$ […]
Updates as of 4/1/2022
News/Intelligence/IOCs Stories New AcidRain data wiper malware targets modems and routers – LINK Chinese hacking group uses new ‘Fire Chili’ Windows rootkit – LINK Researchers used a decommissioned satellite to broadcast hacker TV – LINK Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks – LINK The Windows Update policies you should set and why […]
Updates as of 3/31/2022
I have added a new section that is called Government/Regulation/Russia/Ukraine War related stories. These will be more those relating to the legal/law side of government stories, as well as those specifically around the Russian/Ukrainian War. News/Intelligence/IOCs Stories FBI Releases PIN on Phishing Campaign against U.S. Election Officials – LINK VMware Horizon platform pummeled by Log4j-fueled […]
Critical Vulnerability: Spring4Shell, New Log4Shell-Like Threat in Java Framework
Announcing this in a separate post because of importance. This new vulnerability is all over the news: Security Week Security Affairs Hacker News Qualys Cisco Talos Checkpoint Kaspersky SANS spots Spring4shell vulnerability exploitation attempts – LINK SpringShell Zero-Day Vulnerability: All You Need To Know – LINK Carnegie Melon Writeup Spring Early Announcement Explanation of the […]
Updates as of 3/30/2022
Note: I am going to start the data as such. I will post the “updates” roughly around 10am (central time) each day. Anything that comes out after that, will go into the next day and will be posted at noon the next day. The sections below will evolve a little over time. If you have […]
Updates as of 3/28/2022
NOTE: I am thinking of changing the design a bit to instead of having one post per item, to one post per day with everything. Here is a first try CISA – Adds 32 Known Exploited Vulnerabilities to Catalog – LINK – CSV Download Link CISA – Vulnerability Summary for the Week of March 21, […]
VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control
LINK Carbon Black is now in the sights for a quick update. Do it ASAP
Serious Vulnerability Exploited at Hacking Contest Impacts Over 200 HP Printers
LINK Time to update if you have HP printers.
BIND Security Updates Releases
LINK If you have BIND, time to examine and update it to remediate the 4 vulnerabilities.