Automotive leader Denso suffered a cybersecurity incident, claimed by the Pandora ransomware group. More
Tire company Bridgestone confirmed a ransomware attack (LockBit group). More
Last week, gaming company Ubisoft confirmed they suffered a cyberattack.
Conti ransomware group internal chats were leaked online. See the inner workings of one the most successful ransomware groups. More
New reflection and amplification distributed denial-of-service (DDoS) was detected in the wild, with a record-breaking potential amplification ratio of 4,294,967,296 to 1. More
Ransomware group adds APT (Advanced Persistent Threat) TTPs (Tools, Techniques & Procedures) to their modus operandi. More
Denial of Service vulnerability discovered in OpenSSL by Tavis Ormandy (Google). OpenSSL enters a loop when parsing Elliptic Curve certificates using a non-prime moduli. More
NSA and CISA released an updated version of their Kubernetes Hardening Guide. It contains clarifications considering feedback from the security community, additions to logging and threat detection. More
Germany’s Federal Office of Information Security [BSI] recommends against using Kaspersky products. The software vendor answered with a press release. More
Enterprise software Veeam disclosed an unauthenticated remote code execution vulnerability in their Backup & Replication software. Issue is rated as 9.8 Critical. More
Another supply chain issue hits the npm ecosystem. “node-ipc”, a NodeJS dependency with over 1 million downloads/week sabotaged developers to protest the ongoing war. The package checks the external IPs and overwrites files of users located in Russia & Belarus. More
CISA & FBI advisory: tactics used by hackers to bypass MFA. They compromised an account with weak credentials, escalated privileges to admin using “PrintNightmare” and blocked access to the MFA servers using the “hosts” file. Without being able to contact it’s servers, and because the Duo MFA service was configured to “fail open”, MFA was bypassed. More
New Solaris rootkit dubbed CAKETAP found in key infrastructure belonging to financial institutions. CAKETAP was used to manipulate messages transiting a victims ATM switching network. It is believed this was leveraged as part of a larger operation to perform unauthorized cash withdrawals at several banks using fraudulent bank cards. More
Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.
OSCE3, OSEP, OSED, OSWE, OSCP certified. Over 10 years of experience in the IT industry, now working in Product Security and leading a Red Team. Huge Offensive Security and CTF nerd. I enjoy music, teaching and hiking.