Optus, the second largest telecom vendor in Australia was hacked and the hackers want a million dollars in exchange for not selling the data on ten plus million people that they stole. Optus is being investigated over the breach by the Australian Federal Police. The hacker leaked sample data that appears to validate that the […]
Continue reading → [DISPLAY_ACURAX_ICONS]US Emergency Alert System Has a Minor Bug Homeland Security has issued an alert that there are critical vulnerability in the Emergency Alert System encoder and decoder devices. If left unpatched, it would allow a hacker to issue fake warnings of emergencies. The EAS is the nationwide alert system that is used to warn citizens […]
Continue reading → [DISPLAY_ACURAX_ICONS]FBI Warns US Colleges of Widespread VPN Credential Leaks – On Russian Crime Forums Here’s a shocker. Cybersecurity practices at US colleges and universities are not so good. According to an FBI PIN (Color WHITE, general distribution), Russian cybercrime forums are offering network and VPN credentials for sale for many US higher education institutions, some […]
Continue reading → [DISPLAY_ACURAX_ICONS]Flaw in uClibc Allows DNS Poisoning Attacks A flaw in all versions of the popular C standard libraries uClibc and uClibc-ng can allow for DNS poisoning attacks against target devices. The library is likely used in milliosn of Internet of Things devices that will never be patched and will always be vulnerable. This is where […]
Continue reading → [DISPLAY_ACURAX_ICONS]As part of the Executive Order on Improving the Nation’s Cybersecurity (EO 14028), NIST is required to do several things. among those are guides and standards for improving supply chain security and they have already released a number of draft documents related to their tasks. IF you sell to the executive branch, these will become […]
Continue reading → [DISPLAY_ACURAX_ICONS]Hackers are targeting the cloud. Why? To paraphrase Willie Sutton, because that is where the data is. Historically, penetration testers gain access to network devices through the “perimeter defense” and then they move around (the so-called east-west movement) trying to get access to data, wherever it lives inside the network perimeter. But in the cloud, […]
Continue reading → [DISPLAY_ACURAX_ICONS]