January 16, 2024
January 16, 2024
TLDR: If you didn’t apply Ivanti Connect Secure VPN mitigation on January 10th reasonable chance you were exploited - mass exploitation by same actor started on January 11th and compromised at least 1700 devices https://t.co/8iel58CulI
— Christopher Glyer (@cglyer) January 16, 2024
.@Volexity provides an update on its Ivanti Connect Secure VPN report concerning chained exploitation of CVE-2024-21887/CVE-2023-46805. Based on new data, 1700+ devices have been compromised following widespread exploitation. Details: https://t.co/iP2JIuMnxI#dfir #threatintel
— Volexity (@Volexity) January 15, 2024
Work Is Work | codahale.com
In which returns diminish.
I feel like something happened… pic.twitter.com/62tAonbrwq
— Matthew Pines (@matthew_pines) January 14, 2024
jbauer: "(Source: https://asahilinux.org/2024/01/fedora-as…" - Merveilles
Attached: 1 image (Source: https://asahilinux.org/2024/01/fedora-asahi-new/)
12 Lilith it/its𒀭𒈹𒍠𒊩: "anyone who'd like to take a look around our open …" - eightpoint
anyone who'd like to take a look around our open access #Solaris #Unix #SPARC box, it's now available to be poked at: ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha1 -p 62222 guest@nz.eightpoint.app and login with password guest
Thinkst Canary: "During December, Quinn snuck "breadcrumbs" into o…" - Mastodon @ SDF
Attached: 1 image During December, Quinn snuck "breadcrumbs" into our Canary Consoles. Empirically, attackers find Canaries and trip over them without much help - but now you can trivially drop breadcrumbs to lead them there too. https://blog.thinkst.com/2024/01/oh-crumbs-breadcrumbs-in-beta.html
Russia hacked ex-MI6 chief’s emails – what they reveal is more Dad’s Army than deep statehttps://t.co/OE76eZ3GHz
— Dr. Dan Lomas (@Sandbagger_01) January 16, 2024
I’m crying, why did she Velcro her baby to the couch pic.twitter.com/oBhfpozJTq
— Robert Komaniecki (@Komaniecki_R) January 15, 2024
There's a new Memory Allocation library on the block:https://t.co/zk7pG92m7U
— Mark E. Dawson, Jr. (@medawsonjr) January 15, 2024
McDonald's is hiring offensive security roles for it's internal red team... not at all connected to the 'McFlurry bandit attack", a TA who hacked McDonald's and attempted to sell the data for $600 then leaked source code... ;-) Stop being cyber reactive and start being proactive. https://t.co/iTmW5All5I pic.twitter.com/hPls4k0p69
— hackerfantastic.x (@hackerfantastic) January 15, 2024
McDonald's source code leaked according to posts on a popular forum. pic.twitter.com/gMiW8uYCgg
— hackerfantastic.x (@hackerfantastic) January 10, 2024
The Enigma I was a fairly common cipher machine used by the Germans during World War Two. But even this machine had some impressive features.
— Bletchley Park (@bletchleypark) January 16, 2024
Join our Research Officer in our latest YouTube video to learn about some of these features ⬇️https://t.co/KNagIIiNvg pic.twitter.com/Xl380zRKJc
UK government: WhatsApp encryption is too strong. We can’t read it. It must be removed
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) January 16, 2024
Also UK government: WhatsApp encryption not sufficient to protect secrets.
Which one is it UK?? Make up your mind!!! https://t.co/femxDWZZVZ
"A senior director at the National Crime Agency (NCA) lost her job after sending sensitive and secret information over her personal email and on WhatsApp".https://t.co/2J4SXs6OBZ via @computerweekly
— Dr. Dan Lomas (@Sandbagger_01) January 15, 2024
Let me rewrite that for ya: In other news, male dominated agency, run by....males...who do stupid OPSEC-stunted shit all the time, fire woman for something...likely done all the time, more to follow in employment suit 2026.
— Justin Seitz (@jms_dot_py) January 16, 2024
Back to you Doug!
Start the conversation: