IOT
NoaBot Pwns Hundreds of SSH Servers as Crypto Miners
Richi Jennings | | Bitcoin miner, botnet, botnets, coin miner, coin miners, coinminer, crypto miner, Crypto miners, cryptocurrency miner, cryptominer, cryptominers, imaginary money, IoT botnet, IoT botnets, iot cryptocurrency miner, iot cryptominer, Linux.Mirai, Mirai, Mirai botnet, Mirai Malware, NoaBot, SB Blogwatch
‘hi’ — Mirai-based botnet exploits weak authentication to mine fake money ...
Security Boulevard
Best of 2023: Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)
Richi Jennings | | cloud storage, My Cloud, Ransomware, SB Blogwatch, storage, WD, Western Digital, Western Digital My Cloud
Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files ...
Security Boulevard
NSA iPhone Backdoor? Apple Avoids Russian Blame Game
Richi Jennings | | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec
Richi Jennings | | Authentication, CBC, ChaCha20, chaves ssh, CVE-2023-48795, libSSH, Man In The Middle, man in the middle attack, man in the middle attacks, mitm, MitM Attack, mitm attack prevention, mitm attacks, openssh, OpenSSH protocol, SB Blogwatch, SSH, Terrapin
Testy Testudine: Lurking vuln in SSH spec means EVERY implementation must build patches ...
Security Boulevard
Okta Screws Up (Yet Again) — ALL Customers’ Data Hacked, not just 1%
Richi Jennings | | 2 factor auth, 2-fa authentication, 2-factor authentication, 2fa, 2FA Authenticator, 2FA/MFA, auth, Authentication, CIAM, ciam authentication, ciam solution, ciam solutions, ciam vs iam, cloud IAM, Cloud IAM architecture, Cloud IAM as a Service, cloud IAM platform, Cloud IAM Solution, hosted single sign-on, iam, Identity as a service and single sign on, Identity management and Single sign-on, MFA, MFA rollout, Multi-Factor Authentication (MFA), Okta, okta alternative, Okta replacements, Okta SSO, replace okta, Saasure, SB Blogwatch, single sign on, Single Sign On (SSO), sso, two-factor-authentication.2fa, web application single sign on
You had one job: Last month’s sheer incompetence descends this week into UTTER FARCE ...
Security Boulevard
‘LitterDrifter’ Russian USB Worm Leaks from Ukraine War Zone
Richi Jennings | | APT, Aqua Blizzard, Armageddon, computer worm, Flash drive, FSB, Gamaredon, Iron Tilden, LitterDrifter, Malware, Primitive Bear, Russia, russia hacker, Russia-Ukraine, russia-ukraine conflict, Russia's War on Ukraine, Russian Cyber War, Russian cybercrime, Russian FSB, SB Blogwatch, self-replicating worm, Shuckworm, Trident Ursa, Ukraine, ukraine conflict, Ukraine Cyber War, Ukraine cyberattack, Ukraine/European Security, USB, USB malware, USB Sticks, worm, worms
FSB APT USB VBS LNK DLL: WTH? Flash drive sharing malware escapes Україна. Gamaredon fingered as perps ...
Security Boulevard
FCC’s Got New Rules for SIM-Swap and Port-Out Fraud
Richi Jennings | | 2 factor, 2 factor auth, 2-factor authentication, 2FA apps, 2FA bypass, 2FA Flaws, 2FA phishing, 2FA policies, 2FA/MFA, Cloud MFA, DUAL FACTOR AUTHENTICATION, fcc, FCC Failures, FCC Follies, hacking two factor, Jessica Rosenworcel, MFA, MFA hacks, mfasecurity, Multi-Factor Authentication (MFA), number port-out fraud, number port-out scams, Number Portability Administration Center, port-out scams, SB Blogwatch, SIM swap, sim swap fraud, SIM swap scams, SIM swapping, SMS, SMS messages, SMS phishing, sms scam, SMS scams, smshing, two-factor-authentication.2fa
Too many times: Federal Communications Commission shuts stable door after horse bolted. But chairwoman Jessica Rosenworcel (pictured) was hoping it would save us ...
Security Boulevard
FBI’s Warrantless Spying on US Must Continue, Says FBI
Richi Jennings | | 4th Amendment, Democracy, FBI, FBI Director Christopher Wray, Federal Government, FISA, Fourth Amendment, government, government access, government surveillance, Government Surveillance Reform Act (GSRA), lawful surveillance, mass surveillance, nsa, police surveillance, Privacy, SB Blogwatch, Section 702, surveillance, US Constitution, US FBI, warrantless search
Privacy, schmivacy: FBI head Christopher Wray (pictured) doesn’t see what all the fuss is about. Just renew FISA section 702 already! ...
Security Boulevard
HALT! I am Reptar! Intel CPU Bug Panics Cloud Providers
Richi Jennings | | Cloud, Cloud IaaS, cpu, CPU attack, CPU flaw, CPU microcode, cpu vulnerability, Denial of Service, denial-of-service attack, DoS, IaaS, IaaS Security, Infrastructure as a Service (IaaS), Intel, Intel CPU, INTEL-SA-00950, Microcode Flaws, Redundant Prefix Issue, Reptar, SB Blogwatch, x86, x86_64
IaaS Catch Fire: Google and Intel fuzz, find and fix a fabulous bug. Next up: More of the same ...
Security Boulevard
LockBit Crashes Boeing Dark Web Data — No Ransom Paid
7oops7: Seattle plane maker tries to tell us the 50GB dump is ever so boring and not worth spinning up Tor for ...
Security Boulevard