Digital Transformation
NSA iPhone Backdoor? Apple Avoids Russian Blame Game
Richi Jennings | | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec
Richi Jennings | | Authentication, CBC, ChaCha20, chaves ssh, CVE-2023-48795, libSSH, Man In The Middle, man in the middle attack, man in the middle attacks, mitm, MitM Attack, mitm attack prevention, mitm attacks, openssh, OpenSSH protocol, SB Blogwatch, SSH, Terrapin
Testy Testudine: Lurking vuln in SSH spec means EVERY implementation must build patches ...
Security Boulevard
Mr. Cooper Hackers Stole ~15 Million Users’ Data
Richi Jennings | | breach disclosure, Centex, Jay Bray, mortgage, Mr. Cooper, Nationstar, pii, PII Leakage, PII Protection, SB Blogwatch
Another day, another huge leak: In October, they called it an “outage;” last month, it became a “cybersecurity incident;” now it’s a full-on PII leak ...
Security Boulevard
Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658
Richi Jennings | | Kyivstar, Russia, russia hacker, Russia-Ukraine, russia-ukraine conflict, Russia's War on Ukraine, Russian Cyber War, Russian cybercrime, SB Blogwatch, Ukraine, ukraine conflict, Ukraine Cyber War, Ukraine cyberattack
When will it end? Russia takes down Kyivstar cellular system, Ukraine destroys Russian tax system ...
Security Boulevard
Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan
Richi Jennings | | 2FA phishing, advanced phishing threats, Aleksandrovich Peretuatko, Alexey Doguzhiev, Andrey Stanislavovich Korinets, Callisto Group, center 18, Evilginx, Federal Security Service, five eyes, FSB, linkedin, Phishing, Russia, russia hacker, russia-based, russian, Russian Cyber Interests, Russian Cyber War, Russian FSB, SB Blogwatch, Seaborgium, spear fishing, spear phishing attacks, spear-phishing, SpearPhishing, Star Blizzard, TA446
TA446’s new TTPs: “Star Blizzard” FSB team called out by Five Eyes governments (again) ...
Security Boulevard
23andMe Finally Admits: 6.9 MILLION Users’ PII Breached
Richi Jennings | | 23andMe, Compromised Credential, compromised credentials, compromised credentials monitoring, Credential Compromise, credential replay attacks, credential reuse, credential stuffing, credential stuffing attack, Credential Stuffing Attacks, DEVOPS, DevSecOps, DNA, GDPR, iam, password reuse, pii, PII Leakage, SB Blogwatch, SEC, Securities and Exchange Commission, Securities Exchange Commission (SEC), U.S. Securities and Exchange Commission
Not nice: Hacker claimed 20 million, 23andMe said it was only 14,000—but now admits to 6.9 million ...
Security Boulevard
TikTok Ban Banned — Montana Loses in US Court
Richi Jennings | | Bytedance, china, chinese government, Donald Molloy, Montana, Privacy, SB Blogwatch, spyware, TikTok
For you plague, still: States can’t just ban apps, says federal judge ...
Security Boulevard
Atlassian Bug now a Perfect 10: Riot of Ransomware Raids
Richi Jennings | | atlassian, Atlassian Confluence, cerber, Confluence, CVE-2023-22518, CVSS10, Java, Ransomware, SB Blogwatch, vulnerability
Step #1: Get it off the Internet—Confluence Data Center and Server on-prem products perfectly pwned, so patch ...
Security Boulevard
Okta Hacked Yet Again: 2FA Firm Failed to 2FA
Richi Jennings | | 2 factor auth, 2-fa authentication, 2-factor authentication, 2fa, 2FA Authenticator, 2FA/MFA, auth, Authentication, CIAM, ciam authentication, ciam solution, ciam solutions, ciam vs iam, cloud IAM, Cloud IAM architecture, Cloud IAM as a Service, cloud IAM platform, Cloud IAM Solution, hosted single sign-on, iam, Identity as a service and single sign on, Identity management and Single sign-on, MFA, MFA rollout, Multi-Factor Authentication (MFA), Okta, okta alternative, Okta replacements, Okta SSO, replace okta, SB Blogwatch, single sign on, Single Sign On (SSO), sso, two-factor-authentication.2fa, web application single sign on
You had one job: Once is happenstance, twice is coincidence, FIVE TIMES is sheer incompetence ...
Security Boulevard
This SUCKS: ‘Cars Are a Privacy Nightmare,’ Mozilla Fumes
Richi Jennings | | automaker, Car, cars, cellular IoT, cellular IoT security, Connected Cars, Consumer IoT, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, Mozilla, Mozilla Foundation, New Cars, Privacy, Privacy4Cars, SB Blogwatch, vehicle, vehicle cybersecurity, vehicle OTAs
IoT cars considered harmful: Own a car? Care about your privacy? Mozilla Foundation has bad news for you ...
Security Boulevard