π COMMON VULNERABILITIES AND EXPOSURES 1[β]
27 OctFog ransomware targets SonicWall VPNs to breach corporate networksFog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. [...]BLEEPINGCOMPUTER.COM
β οΈ VULNERABILITY DISCLOSURE 2[β]
27 OctWhy Network Security is ALL About Control!Ever wondered how global networks stay secure? It all comes down to control. We've been refining our architecture for over a decade, adding new layers of security to an already massive infrastructure across 100+ countries. From controlling packet flow to resetting connections, neβ¦YOUTUBE.COM
27 OctTwo currently (old) exploited Ivanti vulnerabilities, (Sun, Oct 27th)Ivanti products have given us a rich corpus of vulnerabilities in recent months (years). Of course, we do see occasional scans attempting to exploit them. Just today, I spotted two of them. None of them is particularly new, but a reminder to keep patching (or disabling):
ISC.SANS.EDU
π₯ INCIDENT REPORTING 1[β]
27 OctStreamCraft - 1,772,620 breached accountsIn July 2020, the Russian Minecraft service StreamCraft suffered a data breach that was later redistributed as part of a larger corpus of data . The data included 1.8M records of usernames, email and IP addresses and passwords stored as either MD5 or bcrypt hashes.HAVEIBEENPWNED.COM
π‘ INFOSEC NEWS 2[β]
27 OctRisk, Quantum & Recruiters β Get Ready for BSides Delaware 2024!Are you ready for BSides Delaware 2024? π This November 8-9, join us at an epic conference hosted at a university campus β where itβs all about learning, networking, and innovation! With a lineup of talks on quantum decryption, SBOMs, and risk quantification, this event is packedβ¦YOUTUBE.COM
27 OctWindows 11 24H2: The hardware and software blocking the new updateWindows 11 24H2 is unavailable for thousands of users due to safeguard or compatibility holds Microsoft has placed on specific device and software configurations. [...]BLEEPINGCOMPUTER.COM