Tag: DoublePulsar – Medium

Yes, I’ve made a logo in crayon and named this FortiJump. Did you know there’s widespread exploitation of FortiNet products going on using a zero day, and that there’s no CVE? Now you do. I’ve even made a picture explaining! I…

Read more →

EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs One of my Mastodon followers sent me an interesting toot today: This lead me to this forum post: "Government-Backed Attackers May Be Trying to Compromise Your Device!" email With this email: The forum post had…

Read more →

Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company Back in May, I started tracking Handala, a hacktivist branded group expressing pro-Palestine views: https://medium.com/media/8e57dca18a2af602b3beccdc5549dca0/href Handala is word which is a prominent national symbol and personification…

Read more →

Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company Back in May, I started tracking Handala, a hacktivist branded group expressing pro-Palestine views: https://medium.com/media/8e57dca18a2af602b3beccdc5549dca0/href Handala is word which is a prominent national symbol and personification…

Read more →

In July, CrowdStrike caused a global IT outage, which I wrote about here: What I learned from the ‘Microsoft global IT outage’ A website called clownstrike.lol popped up, which displays a clown with some clown music: clownstrike.lol homepge CrowdStrike used CSC to…

Read more →

Back in early June 2023, I tracked a botnet DDoS’ing Microsoft, causing serious network outages in Azure and Microsoft 365 for days. I toot’d about it at the time: At the time, Microsoft didn’t disclose what happened or comment. Eventually, Associated Press…

Read more →

I woke up Friday to discover CrowdStrike — a cybersecurity vendor who aims to protect orgs from cyber attacks such as availability outages — created the largest IT outage ever, by pushing out a duff product update globally and breaking just under 9 million…

Read more →

I woke up Friday to discover CrowdStrike — a cybersecurity vendor who aims to protect orgs from cyber attacks such as availability outages — created the largest IT outage ever, by pushing out a duff product update globally and breaking just under 9 million…

Read more →

Cloud AI Data platform Snowflake are having a bad month. Due to teenager threat actors and cybersecurity of its own customers… and its own cybersecurity, too, in terms of optics. There are several large data breaches playing out in the media…

Read more →

Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. I wrote a piece recently about Copilot+ Recall, a new Microsoft Windows 11 feature which — in the…

Read more →

Yesterday, Microsoft CEO Satya Nadella sat down with the media to introduce a new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by design: https://medium.com/media/d4abba4451fecf39939e7aee53697784/href The idea is it allows you…

Read more →

Recently, Microsoft had quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons (and…

Read more →

Recently, Microsoft had a quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible about this one for various reasons…

Read more →

This is a weird one. Customers of Delinea Secret Server Cloud had a mysterious outage on Friday due to a “security incident” – this was visible on a service status page: https://medium.com/media/624e5e85022f659c8407983a4c7fdb36/href Delinea Secret Server – also known as Thycotic Secret…

Read more →

Inside the failed attempt to backdoor SSH globally — that got caught by chance A few days, a toot on Mastodon from Andres, a Postgre developer, caught my attention: https://mastodon.social/@AndresFreundTec/112180083704606941 Wait, what?! What happened here is now well documented elsewhere, so I shall…

Read more →

How 50% of telco Orange Spain’s traffic got hijacked^H^H^H^H^H^Hnull routed — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as…

Read more →

How 50% of telco Orange Spain’s traffic got hijacked — a weak password So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: https://medium.com/media/86149308c6838a9cbb08d6b650510bf2/href This manifested to Orange Spain users as service…

Read more →

Photo by Nazrin Babashova on Unsplash Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations For the past 6 or so weeks, I’ve been tracking Cyber Toufan on Telegram. They appeared in November, and they’ve been…

Read more →

I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered…

Read more →

Today I noticed NoName057[16] — basically a poor man’s “Ukraine IT army” — attempting to DDoS various UK councils and transport services: They post about their exploits on Telegram, similar to those crazy Ukrainians. It’s basically Russia styled as hacktavists, with some great bear…

Read more →

What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance own Ongoing Operations LLC, and…

Read more →

CitrixBleed mspaint.exe logo, no copyright so please make t-shirts Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is called today. This vulnerability is now under mass exploitation. A few weeks ago it was…

Read more →

Recently, I’ve been tracking LockBit ransomware group as they’ve been breaching large enterprises: https://medium.com/media/672994faff856d59254df6496cee1a95/href I thought it would be good to break down what is happening and how they’re doing it, since LockBit are breaching some of the world’s largest…

Read more →

A look inside how a ransomware group have been breaking into the world’s biggest organisations this November. Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: LockBit ransomware group assemble strike…

Read more →

Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is… Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: Mass exploitation of CitrixBleed…

Read more →

Three days ago, AssetNote posted an excellent write up about CitrixBleed aka CVE-2023–4966 in Citrix Netscaler/ADC/AAA/whatever it is… Continue reading on DoublePulsar » This article has been indexed from DoublePulsar – Medium Read the original article: Mass exploitation of CitrixBleed…

Read more →