Cybersecurity

WordPress is a favorite blogging tool of mine and I share tips and tricks for using WordPress here.

The Stack March 14, 2023
0 1,669

Fortinet exploits: Attackers tampered with firewall firmware

“System enters error-mode due to FIPS error: Firmware Integrity self-test failed” suggests compromises.
Read More »
The Stack March 8, 2023
0 9,432

Veeam urges “immediate” updates after vulnerability exposes backup hosts

This may generate a lot of Black Hat interest...
Read More »
The Stack March 8, 2023
0 3,540

This critical Microsoft Word RCE exploit requires just a few lines of code: We need more CHERI

POC lands for CVSS 9.8 Word bug CVE-2023-21716
Read More »
The Stack March 7, 2023
0 550

US agencies warn over “Royal” ransomware rise

Phishing is key threat vector and a Blue Team bête noire...
Read More »
The Stack March 1, 2023
2 22,907

Novel cloud attack pivoted from K8s to Lambda, pulled IAM keys from Terraform

A recent attack tracked by researchers at cloud security company Sysdig saw the attackers use an exposed Kubernetes container to…
Read More »
Ed Targett February 28, 2023
0 977

Server backup vulnerability piggybacked to live systems

Open source bug leads to server backup bug leads to... crime.
Read More »
The Stack February 28, 2023
0 1,249

New LastPass breach post-mortem raises questions

Attackers targeted DevOps engineers' home devices...
Read More »
Ed Targett February 24, 2023
0 1,644

Pentagon CIOs slapped over cloud security by auditors days before 3TB of emails exposed

Days before the exposure this week of over three terabytes of military emails owing to misconfigured Azure services, the US…
Read More »
Ed Targett February 22, 2023
0 2,174

IBM high speed file transfer software exploited by hackers

A pre-auth RCE in IBM Aspera Faspex is being exploited in the wild
Read More »
Ed Targett February 20, 2023
0 1,276

AWS EC2 permissions configuration change draws cheers, confusion

What... what's happening here exactly?
Read More »

Previous page Next page

The Big Interview: CISO and CTO Chuck Herrin on olive branches and APIs

Microsoft releases GPT-4 cybersecurity tool, lays off identity, security staffers

Container security improvements can also drive down cloud costs

NSA to sysadmins: IAM keen to see hygiene improvements

Gas distributor’s urgent OT security contract followed regulatory pressure…

Hitachi, Rubrik, Hatch Bank among those hit after file transfer software exploited

“Extreme urgency”: Flurry of cybersecurity tenders show CNI security focus

As CVE-2023-23397 exploits proliferate, worry mounts

Check Point launches new global services offering

Urgent: Microsoft 365 Apps being exploited in wild via CVSS 9.8 bug

Cybersecurity

Fortinet exploits: Attackers tampered with firewall firmware

Veeam urges “immediate” updates after vulnerability exposes backup hosts

This critical Microsoft Word RCE exploit requires just a few lines of code: We need more CHERI

US agencies warn over “Royal” ransomware rise

Server backup vulnerability piggybacked to live systems

New LastPass breach post-mortem raises questions

IBM high speed file transfer software exploited by hackers

AWS EC2 permissions configuration change draws cheers, confusion

HM Treasury cybersecurity salary triggers fresh outcry

Recovering from ransomware: Are your backups enough?