🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
15 AugNew CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devicesMandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability. [...]BLEEPINGCOMPUTER.COM
15 Aug2,000 Citrix NetScaler Instances Backdoored via Recent VulnerabilityA threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor. The post 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
15 AugAlmost 2,000 Citrix NetScaler servers backdoored in hacking campaignA threat actor has compromised close to 2,000 thousand Citrix NetScaler servers in a massive campaign exploiting the critical-severity remote code execution tracked as CVE-2023-3519. [...]BLEEPINGCOMPUTER.COM
15 AugIvanti Avalanche impacted by critical pre-auth stack buffer overflowsTwo stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage, monitor, and secure a wide range of mobile devices. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 20[−]
15 AugIndian Government Alerts Mobile Users, Issues High Risk Warning for Android 13 and Other VersionsThese vulnerabilities, which have been classified as "high severity," could be exploited by attackers to gain control of vulnerable devices, steal sensitive information, or disrupt operations.INDIATODAY.IN
15 AugResearchers Discover Vulnerabilities in Moovit Software Allowing Free Subway RidesCybersecurity researchers at the DEF CON security conference disclosed details this weekend on three vulnerabilities in popular transportation software that could allow people to obtain free public transit rides.THERECORD.MEDIA
15 AugMalware Unleashed: Public Sector Hit in Sudden Surge, Reveals New ReportThe just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus the previous quarter. This includes public transit, utilities, schools, and other government services we rely on daily.…THEHACKERNEWS.COM
15 Aug[FREE RESOURCE KIT] Cybersecurity Awareness Month Kit 2023 Now AvailableGet the resources you need to help keep your users safe from malicious social engineering attacks during this year's Cybersecurity Awareness Month with our free resource kit.KNOWBE4.COM
15 AugMaginotDNS Attacks Exploit Weak Checks for DNS Cache PoisoningA team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named 'MaginotDNS,' that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains.BLEEPINGCOMPUTER.COM
15 AugMonti Ransomware Returns with New Linux Variant and Enhanced Evasion TacticsThe threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti emerged in June 2022, weeks after the Conti ransomware group shut down its operations, deli…THEHACKERNEWS.COM
15 AugProtect AI Purchases Huntr to Extend Bug Bounties to AI, MLThe Seattle-based AI and ML security vendor said its acquisition of Seattle-based Huntr will allow customers to discover exploits in the artificial intelligence or machine learning supply chain weeks before they're publicly revealed.BANKINFOSECURITY.COM
15 AugCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on August 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-227-01 Schneider Electric EcoStruxure Control Expert, Process Expert…CISA.GOV
15 AugUK: Norfolk and Suffolk Police Admit Breach Involving Personal Data of 1,230 PeopleTwo police forces in England have admitted mishandling the sensitive data of victims, witnesses, and suspects in cases including domestic abuse incidents, sexual offenses, assaults, thefts, and hate crime.THEGUARDIAN.COM
15 AugMultiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote HackingFour security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team (SRT) following a client eng…THEHACKERNEWS.COM
15 AugToward Quantum Resilient Security KeysElie Bursztein, cybersecurity and AI research director, Fabian Kaczmarczyck, software engineer As part of our effort to deploy quantum resistant cryptography, we are happy to announce the release of the first quantum resilient FIDO2 security key implementation as part of OpenSK, …SECURITY.GOOGLEBLOG.COM
15 AugManipulated Caiman - 39,901,389 breached accountsIn July 2023, Perception Point reported on a phishing operation dubbed "Manipulated Caiman" . Targeting primarily the citizens of Mexico, the campaign attempted to gain access to victims' bank accounts via spear phishing attacks using malicious attachments. Researchers …HAVEIBEENPWNED.COM
15 AugMongoDB rolls out Queryable Encryption to secure sensitive data workflowsDeveloper data platform MongoDB has announced the general availability of Queryable Encryption, an end-to-end data encryption technology for securing sensitive application workflows. It is designed to reduce the risk of data exposure for organizations and helps businesses protect…CSOONLINE.COM
15 AugWhat would an OT cyberattack really cost your organization?If there's one thing an organization's C-suite technology and their plant managers, operators, and OT experts need to be on the same page about, it's this: Downtime is never an option. It's one thing if the IT systems have to go on lockdown, but on the operational technology side…CSOONLINE.COM
15 AugUK police data breach exposes victim informationThe UK's Norfolk and Suffolk police constabularies have disclosed the accidental exposure of personal data belonging to more than 1000 individuals, including victims of crime. The agencies said they identified an issue relating to a very small percentage of responses to Freedom o…CSOONLINE.COM
15 AugEmail phishing still the main way in for hackers: reportEmail phishing remains one of the most dangerous vectors for organizational cyberattacks, as well as one of the most difficult to defend against, with deceptive links, brand impersonation and other phishing threats sharply on the rise. A study published Tuesday by web services an…CSOONLINE.COM
15 Aug15 top open-source intelligence toolsOSINT definition Open-source intelligence (OSINT) is the practice of collecting information from published or otherwise publicly available sources. OSINT operations, whether practiced by IT security pros, malicious hackers, or state-sanctioned intelligence operatives, use advance…CSOONLINE.COM
15 AugCybersecurity hiring gap: Time to rethink who can contributeThere is no denying the large number of vacant full-time positions to be filled in the cybersecurity workspace. The numbers range from 3.5 to 4.7 million globally. As most CISOs will attest, the talent pool has never been tighter, and the squeeze will only continue. Necessity is …CSOONLINE.COM
15 AugDARPA's AI Challenge, CISA Wants Secure Open Source, 5 Years of Vuln Research - ASW #251DARPA unleashes an AI Cyber Challenge to find flaws, CISA asks for input on securing open source software and memory safety, what five years of vuln research shows for vuln management programs, siphoning security tokens from VS Code, and more! Visit https://www.securityweekly.com…YOUTUBE.COM
15 AugPointers and Perils for Presentations - Josh Goldberg - ASW #251A key part of modern appsec is communication. From interpersonal skills for fostering collaborations to presentation skills for delivering a message, the ability to tell a story and engage an audience is a skill that doesn't appear on top ten lists and that doesn't come up in sec…YOUTUBE.COM
📢 SECURITY ADVISORIES 9[−]
15 AugHackers Use Weaponized PDFs and Chat Apps for C2 to Evade DetectionA malware campaign targeting the Ministries of Foreign Affairs of NATO-aligned countries was recently discovered, which used PDF files masquerading as a German Embassy email. One of the PDF files consists of Duke malware which was previously linked with a Russian-state-sponsored …GBHACKERS.COM
15 AugOver 12,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime ForumsA "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023. "Hackers…THEHACKERNEWS.COM
15 AugOver 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums"Hackers around the world infect computers opportunistically by promoting results for fake software or through YouTube tutorials directing victims to download infected software," Hudson Rock CTO Alon Gal told The Hacker News.THEHACKERNEWS.COM
15 AugSecurity Researchers Publish Gigabud Banking Malware AnalysisAccording to an advisory published by Group-IB researchers, unlike conventional malware, Gigabud doesn’t execute its malicious actions immediately, but waits for user authorization, making it substantially harder to detect.INFOSECURITY-MAGAZINE.COM
15 AugZoom Can Spy on Your Calls and Use the Conversation to Train AI, But Says That It Won’tThis is why we need regulation: Zoom updated its Terms of Service in March, spelling out that the company reserves the right to train AI on user data with no mention of a way to opt out. On Monday, the company said in a blog post that there’s no need to worry about that. Zo…SCHNEIER.COM
15 AugPrivacy Lessons From the NHS Lanarkshire WhatsApp IncidentAttorney Jonathan Armstrong on Tackling Shadow IT at Large Organizations U.K. authorities recently reprimanded health service provider NHS Lanarkshire after staff members shared patient data on messaging service WhatsApp. That privacy lapse demonstrates the risks of shadow IT and…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 19[−]
15 AugNSA, Viasat Say 2022 Hack Was Two Incidents; Russian Sanctions Resulted From InvestigationOfficials from the National Security Agency (NSA) and satellite internet provider Viasat provided new details on the headline-grabbing cyberattack on the company at the onset of Russia’s invasion of Ukraine.THERECORD.MEDIA
15 Aug1.5 Million Impacted by Ransomware Attack at Canadian Dental ServiceThe personal information of 1.5 million individuals was compromised in a ransomware attack at Alberta Dental Service Corporation (ADSC). The post 1.5 Million Impacted by Ransomware Attack at Canadian Dental Service appeared first on SecurityWeek .SECURITYWEEK.COM
15 AugDallas to Pay Vendors $8.6m for Their Ransomware Recovery ServicesThe bill covers invoices from “various vendors for emergency purchases of hardware, software, professional services, consultants and monitoring services,” the city said in a statement.CYBERSECURITYDIVE.COM
15 AugDiscord.io Custom Invite Service Confirms Breach After Hacker Steals Data of 760K UsersThe most sensitive information in the breach is a member's username, email address, billing address (small number of people), salted and hashed password (small number of people), and Discord ID.BLEEPINGCOMPUTER.COM
15 AugRansomware Distributed by Fake Tripadvisor ReviewsThe Knight ransomware -as-a-service offering (formerly known as “Cyclops”) is using phony TripAdvisor complaints to deliver its malware, BleepingComputer reports.KNOWBE4.COM
15 AugUS lawmaker says FBI notified him of email breach linked to Microsoft cloud hackU.S. House lawmaker Rep. Don Bacon said the FBI warned him that China-backed hackers who used a stolen Microsoft key to raid the email accounts of senior U.S. government officials also accessed his email accounts. In a tweet, the Republican congressman from Nebraska said the FBI …TECHCRUNCH.COM
15 AugBack to school security against ransomware attacks on K-12 and collegesAs we get back to school, K-12 and colleges are increasingly at risk from ransomware and data theft attacks. Learn more from Specops Software on the steps IT teams at education institutes can take to protect their care orgs from disruption and stolen data. [...]BLEEPINGCOMPUTER.COM
15 AugMost DDoS Attacks Tied to Gaming, Business Disputes, FBI and Prosecutors SayThe majority of distributed denial-of-service (DDoS) attacks are launched in response to disputes over business or gaming, according to federal officials investigating the incidents.THERECORD.MEDIA
15 AugGeorgia Healthcare System Notifies 180,000 People of Breach After Suffering Ransomware AttackThe apparent Hive ransomware attack on the Tift Regional Health System involved hackers accessing and copying files containing patient information, including medical and banking account information.BANKINFOSECURITY.COM
15 AugRansomware Hit Disrupts Real Estate Property Listings in USRapattoni-Hosted Multiple Listing Services Can't Add or Update Property Information Property listings nationwide are being disrupted due to an apparent ransomware attack against California-based Rapattoni, which hosts Multiple Listing Services used by real estate brokers to list,…DATABREACHTODAY.CO.UK
15 AugLaw Firm Facing Lawsuit in Aftermath of Its Own Big Breach153,000 Individuals Affected in Hack, Including Client Linked to an Earlier Breach A global law firm that handles data breach litigation is faced with defending itself against a proposed class action lawsuit filed in the aftermath of its own data breach. The lawsuit stems from a …DATABREACHTODAY.CO.UK
15 AugLinkedIn accounts hacked in widespread hijacking campaignLinkedIn is being targeted in a wave of account hacks resulting in many accounts being locked out for security reasons or ultimately hijacked by attackers. [...]BLEEPINGCOMPUTER.COM
15 AugCyber Security Today, August 16, 2023 - Discord.io database of 760,000 up for sale, LinkedIn under attack and more MOVEit victimsThis episode reports on the most recent data breaches and an extortion campaign against LinkedIn users who lose access to their accountsCYBERSECURITYTODAY.LIBSYN.COM
15 AugHow the Microsoft Incident Response team helps customers remediate threatsMicrosoft Incident Response is a global team comprised of cybersecurity experts with deep, highly specialized knowledge in breach detection, response, and recovery. The post How the Microsoft Incident Response team helps customers remediate threats appeared first on Microsoft Sec…MICROSOFT.COM
15 Aug4M Coloradans Notified Their Medical Data Was Exposed In MOVEit IncidentPACKETSTORMSECURITY.COM
15 AugJobzone - 29,708 breached accountsIn April 2023, data from the Israeli jobs website Jobzone was posted online . The data included 30k records of email addresses, names, social security numbers, genders, dates of birth, fathers' names and physical addresses.HAVEIBEENPWNED.COM
15 AugThreat hunting 101: How to outthink attackersThreat hunting involves looking for threats and adversaries in an organization’s digital infrastructure that existing security tools don’t detect. It is proactively looking for threats in the environment by assuming that the adversary is in the process of compromising…SECURITYINTELLIGENCE.COM
🕵️ THREAT INTELLIGENCE 19[−]
15 AugISC Stormcast For Tuesday, August 15th, 2023 https://isc.sans.edu/podcastdetail/8616, (Tue, Aug 15th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
15 AugNorth Korean Hackers Suspected in New Wave of Malicious npm PackagesThe npm package registry has emerged as the target of yet another highly targeted attack campaign that aims to entice developers into downloading malevolent modules. Software supply chain security firm Phylum told The Hacker News the activity exhibits similar behaviors to that of…THEHACKERNEWS.COM
15 AugSecureWorks Laying Off 15% of EmployeesThreat detection and response firm SecureWorks is laying off 15% of its staff (roughly 300 people) in the second round of firings this year. The post SecureWorks Laying Off 15% of Employees appeared first on SecurityWeek .SECURITYWEEK.COM
15 AugNorth Korean Hackers Suspected in New Wave of Malicious NPM PackagesThe npm package registry has emerged as the target of yet another highly targeted attack campaign that aims to entice developers into downloading malicious software modules.THEHACKERNEWS.COM
15 AugHackers Using Beta-Testing Apps to Target Victims: FBI AlertThe Federal Bureau of Investigation has released an announcement stating that cybercriminals are using mobile-beta testing applications to target victims for malicious purposes. These apps are often distributed through phishing or romance scams. These applications are capable of …GBHACKERS.COM
15 AugATM Fleet Monitoring Software Flaws Let Attackers Hack ATMs RemotelyScrutisWeb is a secure solution that aids global organizations in monitoring ATMs, enhancing issue response time, and this solution is accessible through any browser. The following things could be done with the help of this secure solution:- Cybersecurity researchers at Synack re…GBHACKERS.COM
15 AugCyberheistNews Vol 13 #33 [INFOGRAPHIC] Uncovered: Top-Clicked Q2 Phishing Tests Are from Your HRKNOWBE4.COM
15 AugCISO Conversations: CISOs in Cloud-based Services Discuss the Process of LeadershipSecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework. The post CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership appeared first on SecurityWeek .SECURITYWEEK.COM
15 AugHacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer MalwareHudson Rock security researchers have identified credentials for hacker forums on roughly 120,000 computers infected with information stealers. The post Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware appeared first on SecurityWeek .SECURITYWEEK.COM
15 AugNew SectopRAT Steals Browser Passwords, 2FA CodesLummaC, an information stealer, is being disseminated on Russian-speaking forums through a Malware-as-a-Service (MaaS) approach. Sensitive data from affected devices is intended to be stolen by this malware. Cryptocurrency wallets, browser add-ons, two-factor authentication…GBHACKERS.COM
15 AugCybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts WarnThreat actors' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months. "The majority of the phishing campaigns target Microsoft login credentials, although there are some pages targeting Adobe, Dropbox, and other cloud apps," Netskop…THEHACKERNEWS.COM
15 AugAbnormal Snags Exabeam, Forescout CEO Mike DeCesare as PrezDeCesare Aims to Bring Abnormal's Email Protection to US Government, Japan, Germany Abnormal Security has brought on former Exabeam, Forescout and McAfee leader Mike DeCesare to spearhead its push into the U.S. government, Japanese and German markets. Abnormal has tasked DeCesare…DATABREACHTODAY.CO.UK
15 AugChinese Espionage Group Active Across Eastern EuropeKaspersky Says APT31 Targeted Industrial Organizations for Spying A Chinese state-sponsored hacking group likely deployed more than a dozen malware variants to target critical infrastructure across Eastern European as part of an espionage campaign, warns security firm Kaspersky. …DATABREACHTODAY.CO.UK
15 AugGUEST ESSAY: A call to decentralize social identities — to curtail social media privacy abusesSocial media giants have long held too much power over our digital identities. Related: Google, Facebook promote third-party snooping Today, no one is immune to these giants’ vicious cycle of collecting personal data, selling it to advertisers, and manipulating users ……LASTWATCHDOG.COM
15 AugDEFCON, ScrutisWeb, DoubleDrive, GitHub, npms, AI Cheating, More news, and Jason Wood - SWN #318DEFCON, ScrutisWeb, DoubleDrive, GitHub, npms, AI Cheating advice, More news and Jason Wood Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-318 00:00 - Security Weekly news 02:07 - ScrutisWeb 04:17 - Doubledrive 07:…YOUTUBE.COM
15 AugDeploying Zero Trust Without Destroying End User Trust - Colin Chisholm, Mike Zachman - CSP 135Deploying SASE (Secure Access Service Edge) is a critical step on your Zero Trust journey. It is not without risk, especially to the end user experience. Join us as we discuss our lessons-learned fresh from the deployment trenches. This segment is sponsored by Google Chrome Enter…YOUTUBE.COM
15 AugThe Password Game - How many level can you reach?submitted by mike to cybersecurity 30 points | 10 comments https://neal.fun/password-game/ I stopped at level 24, but it was super funny!NEAL.FUN
15 AugTraining Tuesday - Discussions for certs, training and learning-at-homesubmitted by shellsharks to cybersecurity 6 points | 0 comments Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!INFOSEC.PUB
15 AugPasswordsCon 2022 - BSidesLV - 13 videossubmitted by ashar to security_cpe 4 points | 0 comments https://youtube.com/playlist?list=PLjpIlpOLoRNRag2vaBt8wlJ2uwr0CTjCu PasswordsCon 2022 PlaylistYOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
15 AugGigabud RAT Android Banking Malware Targets Institutions Across CountriesAccount holders of over numerous financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru are being targeted by an Android banking malware called Gigabud RAT. "One of Gigabud RAT's unique features is that it doesn't execute any malicious actions until the…THEHACKERNEWS.COM
15 AugNew Windows Malware QwixxRAT Appears in the Threat LandscapeAccording to the experts, QwixxRAT is meticulously designed to steal a broad range of information, including data from browser histories, credit card details, screenshots, and keystrokes.SECURITYAFFAIRS.COM
15 AugRaccoon Stealer malware returns with new stealthier versionThe developers of Raccoon Stealer information-stealing malware have ended their 6-month hiatus from hacker forums to promote a new 2.3.0 version of the malware to cyber criminals. [...]BLEEPINGCOMPUTER.COM
15 AugHacker Forum Credentials Found On 120,000 PCs Infected WIth Info-Stealer MalwarePACKETSTORMSECURITY.COM
📡 INFOSEC NEWS 15[−]
15 AugTesla reassures Chinese users on data security amid spying concernsThe relationship between American tech giants and the Chinese government has never been an easy one. We reported previously how Apple finds itself in a predicament as it strives to conquer the colossal smartphone market in China, the world’s largest. The tech giant has to b…TECHCRUNCH.COM
15 AugCatching the Catphish: Join the Expert Webinar on Combating Credential PhishingIs your organization constantly under threat from credential phishing? Even with comprehensive security awareness training, many employees still fall victim to credential phishing scams. The result? Cybercriminals gaining immediate and unhindered access to sensitive data, email a…THEHACKERNEWS.COM
15 AugFBI Warns of Increasing Cryptocurrency Recovery ScamsThe FBI is warning of an increase in online scammers pretending to be recovery companies that can help victims of cryptocurrency investment scams recover their lost assets.BLEEPINGCOMPUTER.COM
15 AugFBI Warns of Mobile Beta-Testing Apps Harboring Crypto Investment ScamsThe apps are typically used in crypto investment scams, with victims directed to download them via other scams, the FBI said in a Public Service Announcement (PSA) yesterday.INFOSECURITY-MAGAZINE.COM
15 AugHow to Build a Simple Application Powered by ChatGPTOpenAI’s ChatGPT API enables applications to access and integrate ChatGPT, a large language model (LLM) that generates human-like responses to input. Learn how to build a web application that utilizes ChatGPT to generate useful output.TRENDMICRO.COM
15 AugTop 10 AI Security Risks According to OWASPThe unveiling of the first-ever Open Worldwide Application Security Project (OWASP) risk list for large language model AI chatbots was yet another sign of generative AI’s rush into the mainstream—and a crucial step toward protecting enterprises from AI-related threats.TRENDMICRO.COM
15 AugTop 10 AI Security Risks According to OWASPThe unveiling of the first-ever Open Worldwide Application Security Project (OWASP) risk list for large language model AI chatbots was yet another sign of generative AI’s rush into the mainstream—and a crucial step toward protecting enterprises from AI-related threats.TRENDMICRO.COM
15 AugAre browser-stored passwords secure? | Kaspersky official blogWhy you should store passwords in a separate password manager, and not in your browser.KASPERSKY.COM
15 AugMonthly Bot Stats Report: H1 2023Bot traffic for the first half of 2023 was fairly typical, some rapid change in a few industries notwithstanding. Learn who got hit hard and who got off easy.F5.COM
15 AugBlack Hat 2023: Hacking the police (at least their radios)Hiding behind a black box and hoping no one will hack it has been routinely proven to be unwise and less secure.WELIVESECURITY.COM
15 AugH1 2023 Bad Bots ReviewBot traffic for the first half of 2023 was fairly typical, some rapid change in a few industries notwithstanding. Learn who got hit hard and who got off easy.F5.COM
15 AugH1 2023 Bad Bots ReviewBot traffic for the first half of 2023 was fairly typical, some rapid change in a few industries notwithstanding. Learn who got hit hard and who got off easy.F5.COM