Recently, Microsoft had quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons (and…
Category: DoublePulsar – Medium
Breaking down Microsoft’s pivot to placing cybersecurity as a top priority
Recently, Microsoft had a quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons…
Delinea has cloud security incident in Thycotic Secret Server gaff
This is a weird one. Customers of Delinea Secret Server Cloud had a mysterious outage on Friday due to a “security incident” – this was visible on a service status page: https://medium.com/media/624e5e85022f659c8407983a4c7fdb36/href Delinea Secret Server – also known as Thycotic Secret…
Inside the failed attempt to backdoor SSH globally — that got caught by chance
Inside the failed attempt to backdoor SSH globally — that got caught by chance A few days, a toot on Mastodon from Andres, a Postgre developer, caught my attention: https://mastodon.social/@AndresFreundTec/112180083704606941 Wait, what?! What happened here is now well documented elsewhere, so I shall…
How 50% of telco Orange Spain’s traffic got hijacked — a weak password
How 50% of telco Orange Spain’s traffic got hijacked^H^H^H^H^H^Hnull routed — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as…
How 50% of telco Orange Spain’s traffic got hijacked — a weak password
How 50% of telco Orange Spain’s traffic got hijacked — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as service…
Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations
Photo by Nazrin Babashova on Unsplash Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations For the past 6 or so weeks, I’ve been tracking Cyber Toufan on Telegram. They appeared in November, and they’ve been…
The ticking time bomb of Microsoft Exchange Server 2013
I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered…
Tracking Russia’s NoName057[16] attempts to DDoS UK public services
Today I noticed NoName057[16] — basically a poor man’s “Ukraine IT army” — attempting to DDoS various UK councils and transport services: They post about their exploits on Telegram, similar to those crazy Ukrainians. It’s basically Russia styled as hacktavists, with some great bear…
What it means — CitrixBleed ransom group woes grow as over 60 credit unions, hospitals…
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance own Ongoing Operations LLC, and…
Mass exploitation of CitrixBleed vulnerability, including a ransomware group
CitrixBleed mspaint.exe logo, no copyright so please make t-shirts Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is called today. This vulnerability is now under mass exploitation. A few weeks ago it was…
LockBit ransomware group assemble strike team to breach banks, law firms and governments.
Recently, I’ve been tracking LockBit ransomware group as they’ve been breaching large enterprises: https://medium.com/media/672994faff856d59254df6496cee1a95/href I thought it would be good to break down what is happening and how they’re doing it, since LockBit are breaching some of the world’s largest…
LockBit ransomware group assemble strike team to breach banks, law firms and governments.
A look inside how a ransomware group have been breaking into the world’s biggest organisations this November. Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: LockBit ransomware group assemble strike…
Mass exploitation of CitrixBleed vulnerability, including a ransomware group
Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is… Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: Mass exploitation of CitrixBleed…
Mass exploitation of CitrixBleed vulnerability, including a ransomware group
Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is… Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: Mass exploitation of CitrixBleed…