Discussion of public breaches of security
Due to an actively exploited zero-day vulnerability: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html This bug is a 10 of 10 on the CVSS rating from the article a snippet: Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote code execution (RCE) on any application that uses the open-source utility and affects … Read more
2 stories from the Hacker News: Solar Winds Hackers Targeting Government and Why everyone needs to take the latest CISA directive seriously The Solarwinds hack from last year (the one I discussed in several stories including this one: SolarWinds hackers Hacked Multi-factor Authentication. It is sometimes instructive to review past hacks to see what … Read more
Yes now your files will be hidden (apparently they will be placed in a Winrar format – which is a kind of packed encrypted format). And then the original files are deleted. There are more details in the Sophos analysis a their blogpost. How about this attack? KrebsonSecurity has an interesting story about a Nigerian … Read more
Hacker News has an article on how Hackers use a method of installing their software onto your systems. 1. If you notice the problem is when the user opens an attachment or link (URL) in their web browser(Firefox – Microsoft Edge, or Google chrome among the most used browsers) 2. Then the browser decodes the … Read more
Has it finally happened … is everything going to get hacked? Well the issue is everything can be hacked of course. What this latest issue is unfortunately taking advantage of the design flaw in a critical piece of IT technology. Compilers are needed to create software (all software). So what would happen if all compilers … Read more
