Yes, I’ve made a logo in crayon and named this FortiJump. Did you know there’s widespread exploitation of FortiNet products going on using a zero day, and that there’s no CVE? Now you do. I’ve even made a picture explaining! I…
Category: DoublePulsar – Medium
EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs
EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs One of my Mastodon followers sent me an interesting toot today: This lead me to this forum post: "Government-Backed Attackers May Be Trying to Compromise Your Device!" email With this email: The forum post had…
Hacker group Handala Hack Team claim battery explosions linked to Israeli battery company.
Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company Back in May, I started tracking Handala, a hacktivist branded group expressing pro-Palestine views: https://medium.com/media/8e57dca18a2af602b3beccdc5549dca0/href Handala is word which is a prominent national symbol and personification…
Hacker group Handala Hack Team claim battery explosions linked to Israeli battery company.
Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company Back in May, I started tracking Handala, a hacktivist branded group expressing pro-Palestine views: https://medium.com/media/8e57dca18a2af602b3beccdc5549dca0/href Handala is word which is a prominent national symbol and personification…
CrowdStrike trying to use legal threats to suppress criticism and parody of global IT outage
In July, CrowdStrike caused a global IT outage, which I wrote about here: What I learned from the ‘Microsoft global IT outage’ A website called clownstrike.lol popped up, which displays a clown with some clown music: clownstrike.lol homepge CrowdStrike used CSC to…
Microsoft need to be transparent about customer impacting DDoS attacks
Back in early June 2023, I tracked a botnet DDoS’ing Microsoft, causing serious network outages in Azure and Microsoft 365 for days. I toot’d about it at the time: At the time, Microsoft didn’t disclose what happened or comment. Eventually, Associated Press…
Microsoft need to be transparent about customer impacting DDoS attacks
Back in early June 2023, I tracked a botnet DDoS’ing Microsoft, causing serious network outages in Azure and Microsoft 365 for days. I toot’d about it at the time: At the time, Microsoft didn’t disclose what happened or comment. Eventually, Associated Press…
What I learned from the ‘Microsoft global IT outage’
I woke up Friday to discover CrowdStrike — a cybersecurity vendor who aims to protect orgs from cyber attacks such as availability outages — created the largest IT outage ever, by pushing out a duff product update globally and breaking just under 9 million…
What I learned from the ‘Microsoft global IT outage’
I woke up Friday to discover CrowdStrike — a cybersecurity vendor who aims to protect orgs from cyber attacks such as availability outages — created the largest IT outage ever, by pushing out a duff product update globally and breaking just under 9 million…
Snowflake at centre of world’s largest data breach
Cloud AI Data platform Snowflake are having a bad month. Due to teenager threat actors and cybersecurity of its own customers… and its own cybersecurity, too, in terms of optics. There are several large data breaches playing out in the media…
Recall: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible.
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. I wrote a piece recently about Copilot+ Recall, a new Microsoft Windows 11 feature which — in the…
How the new Microsoft Recall feature fundamentally undermines Windows security
Yesterday, Microsoft CEO Satya Nadella sat down with the media to introduce a new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by design: https://medium.com/media/d4abba4451fecf39939e7aee53697784/href The idea is it allows you…
Breaking down Microsoft’s pivot to placing cybersecurity as a top priority
Recently, Microsoft had quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons (and…
Breaking down Microsoft’s pivot to placing cybersecurity as a top priority
Recently, Microsoft had a quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons…
Delinea has cloud security incident in Thycotic Secret Server gaff
This is a weird one. Customers of Delinea Secret Server Cloud had a mysterious outage on Friday due to a “security incident” – this was visible on a service status page: https://medium.com/media/624e5e85022f659c8407983a4c7fdb36/href Delinea Secret Server – also known as Thycotic Secret…
Inside the failed attempt to backdoor SSH globally — that got caught by chance
Inside the failed attempt to backdoor SSH globally — that got caught by chance A few days ago, a toot on Mastodon from Andres, a Postgres developer, caught my attention: https://mastodon.social/@AndresFreundTec/112180083704606941 Wait, what?! What happened here is now well documented elsewhere, so I…
Inside the failed attempt to backdoor SSH globally — that got caught by chance
Inside the failed attempt to backdoor SSH globally — that got caught by chance A few days, a toot on Mastodon from Andres, a Postgre developer, caught my attention: https://mastodon.social/@AndresFreundTec/112180083704606941 Wait, what?! What happened here is now well documented elsewhere, so I shall…
How 50% of telco Orange Spain’s traffic got hijacked — a weak password
How 50% of telco Orange Spain’s traffic got hijacked^H^H^H^H^H^Hnull routed — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as…
How 50% of telco Orange Spain’s traffic got hijacked — a weak password
How 50% of telco Orange Spain’s traffic got hijacked — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as service…
Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations
Photo by Nazrin Babashova on Unsplash Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations For the past 6 or so weeks, I’ve been tracking Cyber Toufan on Telegram. They appeared in November, and they’ve been…
The ticking time bomb of Microsoft Exchange Server 2013
I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered…
Tracking Russia’s NoName057[16] attempts to DDoS UK public services
Today I noticed NoName057[16] — basically a poor man’s “Ukraine IT army” — attempting to DDoS various UK councils and transport services: They post about their exploits on Telegram, similar to those crazy Ukrainians. It’s basically Russia styled as hacktavists, with some great bear…
What it means — CitrixBleed ransom group woes grow as over 60 credit unions, hospitals…
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance own Ongoing Operations LLC, and…
What it means — CitrixBleed ransom group woes grow as over 60 credit unions, hospitals…
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance own Ongoing Operations LLC, and…
Mass exploitation of CitrixBleed vulnerability, including a ransomware group
CitrixBleed mspaint.exe logo, no copyright so please make t-shirts Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is called today. This vulnerability is now under mass exploitation. A few weeks ago it was…
LockBit ransomware group assemble strike team to breach banks, law firms and governments.
Recently, I’ve been tracking LockBit ransomware group as they’ve been breaching large enterprises: https://medium.com/media/672994faff856d59254df6496cee1a95/href I thought it would be good to break down what is happening and how they’re doing it, since LockBit are breaching some of the world’s largest…
LockBit ransomware group assemble strike team to breach banks, law firms and governments.
A look inside how a ransomware group have been breaking into the world’s biggest organisations this November. Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: LockBit ransomware group assemble strike…
Mass exploitation of CitrixBleed vulnerability, including a ransomware group
Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is… Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: Mass exploitation of CitrixBleed…
Mass exploitation of CitrixBleed vulnerability, including a ransomware group
Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is… Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: Mass exploitation of CitrixBleed…