Discussion of public breaches of security
Remember the Exchange server hack from a year ago (post from 3/16/21)? “Exchange Server Attacks Just Beginning?” “Attacks exploiting the flaws were first spotted in January. They initially were limited and targeted, seemingly for espionage: the adversaries primarily targeted specific email accounts. Microsoft attributed the activity to a group it calls Hafnium, believed to operate … Read more
As a Malwarebytes blogpost states, here are 5 reasons why fileless malware is used by attackers: The most common use cases for fileless malware are: Initial access. The first step of a cyberattack is to gain a foothold on a system. This can be stealing credentials or exploiting a vulnerability in an access point. Harvest … Read more
Rapid7 has found a spring framework vulnerability called Spring4Shell As usual a new vulnerability requires risk management to be reassessed. https://nvd.nist.gov/vuln/detail/CVE-2022-22965 Leads to https://tanzu.vmware.com/security/cve-2022-22965 Which says the following information which is important. CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ Affected VMware Products and Versions Severity is critical unless otherwise noted. … Read more
What does it mean when a Linux Kernel has a vulnerability? the Linux kernel is the software which runs the system – the main operating system software it is inside all other software – it does connect to applications with shell (usually Bourne image from Linoxide Updated the image to include Android possible issues … Read more
Do you have an APC UPS(Uninterruptible Power Supply)? (Image above from Armis Research) I do not know which devices actually have these vulnerabilities, assuming Armis research is correct then it may be all devices that connect to the cloud. Armis Research found some vulnerabilities: Armis has discovered a set of three critical vulnerabilities in APC … Read more
