Hot Topics

API Security

Satya Nadella and President Xi Jinping

‘China’ Azure Breach: MUCH Worse Than Microsoft Said

| | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, OpenID, Outlook.com, SB Blogwatch, Storm-0558, Wiz
Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G ...
Security Boulevard
Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

| | android spyware, Biden administration, Commerce Department, Cytrox, Department of Commerce, Entity List, eu, Europe, European Union, European Union (EU), Intellexa, iOS spyware, Malware Spyware, Predator spyware, SB Blogwatch, spyware
European cousins Intellexa and Cytrox essentially banned by Commerce Dept. — Predator/ALIEN not welcome in U.S ...
Security Boulevard
PRC flag

China Breaches Microsoft Cloud — Spied on US Govt. Email

| | Active Directory, Authentication, Azure Active Directory, Azure AD, Exchange, Microsoft, Outlook.com, SB Blogwatch, Storm-0558
Storm-0558 Brewing: Multiple Microsoft failures cause data leaks at State and Commerce depts., plus 23 other orgs ...
Security Boulevard
StackRot: Linux Bug so bad Linus Dives Into Code to Fix It

StackRot: Linux Bug so bad Linus Dives Into Code to Fix It

| | Linus Torvalds, Linux, SB Blogwatch, StackRot, Use After Free
Maple Tree Side Effects: Torvalds feels the pressure, fixes lazy locks ...
Security Boulevard
Solar array, ground mounted in field, under blue sky

Contec SolarView: Critical Bug Unpatched After 14 MONTHS

| | Contec, CVE-2022-29303, CVE-2022-44354, CVE-2023-23333, ICS, ICS/SCADA, iot, Mirai, Mirai botnet, OT, SB Blogwatch, SCADA, SolarView
PV OT: VPN PDQ! 9.8 CVSS known since May 2022—but still exploitable on 400+ net-connected OT/ICS/SCADA systems ...
Security Boulevard
running

Fortinet Bug: RUN — Don’t Walk — to Patch Critical RCE

| | CVE-2023-27997, Fortigate, FortiNAC, Fortinet, Fortinet VPN, Fortiphyd, FortiSIEM, Heap Overflow, rce, SB Blogwatch
Or just get it off the internet, stat ...
Security Boulevard
Vladimir Putin

Apple Fixes 0-Days — Russia Says US Used for Spying

| | Apple, CVE-2023-32434, CVE-2023-32439, FSB, imessage, ios, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, TriangleDB, triangulation
Vulns unpatched for FOUR years: ‘Triangulation’ spyware said to use backdoor Apple gave to NSA ...
Security Boulevard
7

Microsoft Repeatedly Burned in ‘Layer 7’ DDoS

| | Anonymous, Anonymous Hacking Collective, Anonymous Sudan, Application DDoS, application-layer DDoS attacks, azure, Azure cloud, Cloud DDoS, cloud outage, ddos, DDoS attack, DDoS attacks, Downtime and outages, killnet, Microsoft, Microsoft 365, Microsoft 365 outage, Microsoft 365 service outage alert, Microsoft Azure, Microsoft Azure Security, Microsoft Office 365, office 365, Office 365 Cloud Security, Office 365 Security, outage, outages, SB Blogwatch, Storm-1359
Unlucky number: Time and again this month, “Russian” hackers bring down Microsoft clouds ...
Security Boulevard
John Oliver

Reddit Ransomware Raid Redux: BlackCat/ALPHV Demands $4.5M

| | ALPHV ransomware, Blackcat, BlackCat ransomware, Breach, Privacy, Ransomware, reddit, Reddit breach, SB Blogwatch
And now, this: John-Oliver-pics protest won’t change Reddit policy, but will ransom demand work? ...
Security Boulevard
Mark Quashie, a/k/a The Mad Stuntman

CISA Warning: MOVEit Has Yet Another Zero-Day SQL Injection RCE Bug [updated]

| | CL0P, Cl0p Ransomware, clop, clop-ransomware, CVE-2023-34362, CVE-2023-35036, CVE-2023-35708, MOVEit Cloud, MOVEit Transfer, MOVEit Transfer Zero Day, Progress Software, Ransomware, SB Blogwatch, sql injection, SQL injection attack, SQL injection attacks, sql injection prevention, SQL Injection Vulnerabilities, SQL injections
Once is happenstance. Twice is coincidence. Three times is sheer incompetence ...
Security Boulevard
Load more