Weekday Digest – 4/5/2022 (Tuesday)

Information from Monday afternoon to Tuesday morning. News/Intelligence/IOCs Stories CISA Adds Four Known Exploited Vulnerabilities to Catalog – LINK Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks – LINK Cyclops Blink Malware Targeting WatchGuard Firewalls – LINK Lapsus$ Threat Actor Demonstrates Access to Backend Okta Tooling – LINK Ransomware Will Grind You […]

Updates as of 4/1/2022

News/Intelligence/IOCs Stories New AcidRain data wiper malware targets modems and routers – LINK Chinese hacking group uses new ‘Fire Chili’ Windows rootkit – LINK Researchers used a decommissioned satellite to broadcast hacker TV – LINK Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks – LINK The Windows Update policies you should set and why […]

Updates as of 3/31/2022

I have added a new section that is called Government/Regulation/Russia/Ukraine War related stories. These will be more those relating to the legal/law side of government stories, as well as those specifically around the Russian/Ukrainian War. News/Intelligence/IOCs Stories FBI Releases PIN on Phishing Campaign against U.S. Election Officials – LINK VMware Horizon platform pummeled by Log4j-fueled […]

Critical Vulnerability: Spring4Shell, New Log4Shell-Like Threat in Java Framework

Announcing this in a separate post because of importance. This new vulnerability is all over the news: Security Week Security Affairs Hacker News Qualys Cisco Talos Checkpoint Kaspersky SANS spots Spring4shell vulnerability exploitation attempts – LINK SpringShell Zero-Day Vulnerability: All You Need To Know – LINK Carnegie Melon Writeup Spring Early Announcement Explanation of the […]