Securing Open Source
‘Incompetent’ FCC Fiddles With Data Breach Rules
Richi Jennings | | breach notification, Data Breach Notification, data breach notification laws, fcc, FCC Failures, FCC Follies, FCC privacy rules, Federal Communications Commission, GDPR Breach Notification, Jessica Rosenworcel, SB Blogwatch, U.S. Federal Communications Commission
FCC FAIL: While Rome burns, Federal Communications Commission is once again behind the curve ...
Security Boulevard
Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi
Richi Jennings | | BIOS, CVE-2023-40547, Enterprise Linux and Open Source, Linux, open source, Open Source and Software Supply Chain Risks, open source code, Open Source Community, open source components, open source development, Open Source Ecosystem, SB Blogwatch, secure boot, shim, UEFI, UEFI Failing, UEFI vulnerabilities
Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault ...
Security Boulevard
‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing
Richi Jennings | | botnet, Botnet Attack, botnets, Consumer IoT, ddos, DDoS attack, DDoS botnet, Fortinet, Inc., Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, IoT botnet
PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? ...
Security Boulevard
Microsoft Ditches C# for Rust: M365 Core Gets Safety and Perf Boosts
C# — Rust in peas: Microsoft 365 “Core Platform Substrate” gets rewrite in Rust language ...
Security Boulevard
‘Mother of all Breaches’ Leaks — 26 BILLION Records from 12TB Open Bucket
Richi Jennings | | account breach, bob diachenko, Breach, MOAB, mother of all breaches, SB Blogwatch
Less MOAB, more NOW: Researchers discover unsecured database of stolen personal information ...
Security Boulevard
Apple Smashes Ban Hammer on Beeper iMessage Users
Richi Jennings | | android, Apple, Beeper, E2EE, encryption, end-to-end encryption, Eric Migicovsky, imessage, Privacy, RCS, SB Blogwatch, secure messaging
Empire strikes back: It was only a matter of time. But is this what Eric wanted all along? ...
Security Boulevard
NoaBot Pwns Hundreds of SSH Servers as Crypto Miners
Richi Jennings | | Bitcoin miner, botnet, botnets, coin miner, coin miners, coinminer, crypto miner, Crypto miners, cryptocurrency miner, cryptominer, cryptominers, imaginary money, IoT botnet, IoT botnets, iot cryptocurrency miner, iot cryptominer, Linux.Mirai, Mirai, Mirai botnet, Mirai Malware, NoaBot, SB Blogwatch
‘hi’ — Mirai-based botnet exploits weak authentication to mine fake money ...
Security Boulevard
Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old
Richi Jennings | | access-token-manipulation, authentication token, Business Associate Agreements, Chrome, chrome 0-day, chrome phishing, Chrome Security, Chromium, Chromium-Based Browsers, Federated Identity, federated sso, google, Google Account, google account security, Google Advanced Protection, infostealer, infostealers, OAuth, oauth 2.0, oauth abuse, Oauth Application Abuse, oauth refresh token, OAuth Token Vunerability, Prisma, Protecting OAuth Tokens, SB Blogwatch, securing oauth
What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability ...
Security Boulevard
Best of 2023: Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)
Richi Jennings | | cloud storage, My Cloud, Ransomware, SB Blogwatch, storage, WD, Western Digital, Western Digital My Cloud
Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files ...
Security Boulevard
NSA iPhone Backdoor? Apple Avoids Russian Blame Game
Richi Jennings | | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard