CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer
There are patches or remediations for all of them, but they’re still being picked apart. Why should attackers stop if the flaws remain
[...]
Web Security
Articles targeted at Web App Security, hacks, guides, how to’s and the latest vulnerabilities.
Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them
Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them.
[...]
BlackMatter & Haron: Evil Ransomware Newborns or Rebirths
They’re either new or old REvil & DarkSide wine in new bottles. Both have a taste for deep-pocketed targets and DarkSide-esque virtue-signaling.
[...]
Reboot of PunkSpider Tool at DEF CON Stirs Debate
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure,
[...]
Podcast: Why Securing Active Directory Is a Nightmare
Researchers preview work to be presented at Black Hat on how AD “misconfiguration debt” lays out a dizzying array of attack paths, such
[...]
No More Ransom Saves Victims Nearly €1 Over 5 Years
No More Ransom is collecting decryptors so ransomware victims don’t have to pay to get their data back and attackers don’t get rich.
[...]
Zimbra Server Bugs Could Lead to Email Plundering
Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious
[...]
Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers
The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP.
Source: Threat
[...]
Podcast: IoT Piranhas Are Swarming Industrial Controls
Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure.
Source: Threat
[...]
Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn
A comment spammer flooded Babuk’s new ransomware forum with gay orgy porn GIFs and demanded $5K in bitcoin.
Source: Threat Post –
[...]