Software Supply Chain Security
FBI Warns: Ubiquiti EdgeRouter is STILL Not Secure
Richi Jennings | | APT28, Botnet disruption, Botnet Takedown, botnets, CVE-2023-23397, EdgeRouter, Fancy Bear, FBI warning, GRU, IC3, IC3.gov, Military Unit 26165, nsa, NSA/CISA, NTLM, NTLM Authentication, NTLM hash, NTLM leak, ntlm relay, Russia, russia hacker, russia-based, russian, Russian Cyber Interests, Russian Cyber War, SB Blogwatch, Ubiquiti, Ubiquiti breach, Ubiquiti Inc., Ubiquiti Networks, US FBI
GRU APT28 is back again: Fancy Bear still hacking ubiquitous gear, despite patch availability ...
Security Boulevard
US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!
Richi Jennings | | deepfake, deepfake attacks, Deepfake Detection, Deepfake security threats, Deepfake Technology, deepfake videos, deepfakes, Department of State, disinformation, election disinformation, James Rubin, online disinformation, Russia, Russia-Ukraine, russia-ukraine conflict, Russia's War on Ukraine, SB Blogwatch, Social disinformation, State Department, U.S. Department of State, Ukraine, ukraine conflict, ukraine war scams, Ukraine-Russia War, Ukraine/European Security, US department of state
Pay no attention to that man: State Dept. Global Engagement Centre chief James Rubin (pictured) follows the yellow brick road ...
Security Boulevard
PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs
Richi Jennings | | APT41, Auxun, Chengdu 404, china, china espionage, Chinese, Chinese Communists, Chinese devices, chinese government, chinese hacker, Chinese hackers, Chinese Threat Actors, Data Stolen By China, Great Firewall of China, hong kong, i-soon, Insider, insider breach, insider risk, iSoon, Peoples Republic of China, SB Blogwatch, Tibet, Uyghur
Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures ...
Security Boulevard
‘PrintListener’ Attack on Fingerprint Readers — Can You Trust Biometrics?🤞
Richi Jennings | | biometric, biometric authentication, biometric data, Biometric Data Abuse, biometric identification, biometric identity, biometric security, biometrics, biometrics authentication, Biometrics-Based Authentication, digital biometrics, digital fingerprint, Fingerprint Scanners, fingerprint scanning, Fingerprint Sensor Vulnerabilities, fingerprint sensors, fingerprints, PrintListener, SB Blogwatch, Side-Channel, side-channel attack, side-channel attacks, sidechannelattacks, touchless fingerprint
Mic Check: Researchers reconstruct your fingerprint by listening to you swipe ...
Security Boulevard
LockBit Takedown by Brits — Time for ‘Operation Cronos’
Richi Jennings | | British, British intelligence, Infrastructure Takedown, Lockbit, LockBit ransomware, National Crime Agency, network takedown, Operation Cronos, SB Blogwatch, takedown, takedowns, U.K. National Crime Agency, uk, website takedown, website takedowns
RaaS nicked: 11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers ...
Security Boulevard
‘Incompetent’ FCC Fiddles With Data Breach Rules
Richi Jennings | | breach notification, Data Breach Notification, data breach notification laws, fcc, FCC Failures, FCC Follies, FCC privacy rules, Federal Communications Commission, GDPR Breach Notification, Jessica Rosenworcel, SB Blogwatch, U.S. Federal Communications Commission
FCC FAIL: While Rome burns, Federal Communications Commission is once again behind the curve ...
Security Boulevard
Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi
Richi Jennings | | BIOS, CVE-2023-40547, Enterprise Linux and Open Source, Linux, open source, Open Source and Software Supply Chain Risks, open source code, Open Source Community, open source components, open source development, Open Source Ecosystem, SB Blogwatch, secure boot, shim, UEFI, UEFI Failing, UEFI vulnerabilities
Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault ...
Security Boulevard
‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing
Richi Jennings | | botnet, Botnet Attack, botnets, Consumer IoT, ddos, DDoS attack, DDoS botnet, Fortinet, Inc., Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, IoT botnet
PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? ...
Security Boulevard
FBI Warning: China Will Hack US Infra. (via Router Botnet)
Richi Jennings | | BRONZE SILHOUETTE, china, Chinese Communists, chinese government, chinese hacker, Chinese hackers, Chinese Threat Actors, election cybersecurity, FBI Director Christopher Wray, Peoples Republic of China, PRC, SB Blogwatch, Volt Typhoon
a/k/a BRONZE SILHOUETTE: FBI head Wray won’t tolerate China’s “real-world threat to our physical safety.” ...
Security Boulevard
Russian Internet Outage: DNSSEC Oops or Ukraine Hack?
Richi Jennings | | dns, DNS Attacks, DNS hijack, DNS hijacking, DNSSEC, Russia, Russia Exodus, Russia-Ukraine, russia-ukraine conflict, Russia's War on Ukraine, russian, Russian Cyber War, SB Blogwatch
It was DNS. It’s always DNS: Government ministry denies hackers hacked its network infrastructure ...
Security Boulevard