Podcasts about vmware esxi

Send us a textStart with a simple truth: when the platform breaks, your clever architecture won't save you. We dig into the AWS US‑East‑1 outage where DynamoDB's role in DNS planning for load balancers collided with a race condition, leaving empty records and stalled EC2 instances. Forget the finger‑wagging about “well‑architected” apps—this was a platform failure with limited customer escape routes. We weigh multi‑region and multi‑cloud trade‑offs with a sober look at cost, complexity, and operational burden.Security took center stage with two high‑risk stories you need to act on. First, a critical WSUS flaw enabling remote unauthenticated code execution against the very servers meant to protect fleets. If WSUS is still live, patch immediately or take it offline until you can. Then, the F5 source code theft: not a cloning threat, but a blueprint for discovering subtle bugs and crafting precise exploits. Attribution points toward Chinese state‑sponsored actors, which means targeted, quiet use rather than noisy mass exploitation. The risk isn't gone when headlines fade; it's just harder to see.We connect this to rising exploitation of vSock across hypervisors like VMware ESXi. With public PoCs and active abuse, vSock opens covert channels from host to guest, making segmentation and management plane isolation non‑negotiable. Patch aggressively, gate access through jump hosts, enforce MFA, and consider disabling vSock where viable on QEMU stacks. These are concrete steps that cut real risk.Then we turn to the elephant in the data center: AI ROI. Vendors keep shipping agentic assistants and copilots, but few can show durable returns outside a subsidized token economy. We share a pragmatic lens for measuring value—cycle time, MTTR, defect rates—while acknowledging the dot‑com‑style arc ahead: hype, correction, then durable wins that prioritize efficiency. As AI demand drives massive new builds, the physical footprint of the cloud is showing up in local power grids and skylines. Infrastructure choices now carry community and energy implications leaders can't ignore.Subscribe, share with a colleague who owns platform reliability or security, and leave a review with your biggest takeaway or question—what will you patch, segment, or measure first?Purchase Chris and Tim's book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/ Check out the Monthly Cloud Networking Newshttps://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/Visit our website and subscribe: https://www.cables2clouds.com/Follow us on BlueSky: https://bsky.app/profile/cables2clouds.comFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatj

Have you ever considered how a single server can support countless applications and workloads at once?   In this episode, hosts Lois Houston and Nikita Abraham, together with Principal OCI Instructor Orlando Gentil, explore the sophisticated technologies that make this possible in modern cloud data centers.   They discuss the roles of hypervisors, virtual machines, and containers, explaining how these innovations enable efficient resource sharing, robust security, and greater flexibility for organizations.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. -------------------------------------------------- Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hi everyone! For the last two weeks, we've been talking about different aspects of cloud data centers. In this episode, Orlando Gentil, Principal OCI Instructor at Oracle University, joins us once again to discuss how virtualization, through hypervisors, virtual machines, and containers, has transformed data centers. 00:58 Lois: That's right, Niki. We'll begin with a quick look at the history of virtualization and why it became so widely adopted. Orlando, what can you tell us about that?  Orlando: To truly grasp the power of virtualization, it's helpful to understand its journey from its humble beginnings with mainframes to its pivotal role in today's cloud computing landscape. It might surprise you, but virtualization isn't a new concept. Its roots go back to the 1960s with mainframes. In those early days, the primary goal was to isolate workloads on a single powerful mainframe, allowing different applications to run without interfering with each other. As we moved into the 1990s, the challenge shifted to underutilized physical servers. Organizations often had numerous dedicated servers, each running a single application, leading to significant waste of computing resources. This led to the emergence of virtualization as we know it today, primarily from the 1990s to the 2000s. The core idea here was to run multiple isolated operating systems on a single physical server. This innovation dramatically improved the resource utilization and laid the technical foundation for cloud computing, enabling the scalable and flexible environments we rely on today. 02:26 Nikita: Interesting. So, from an economic standpoint, what pushed traditional data centers to change and opened the door to virtualization? Orlando: In the past, running applications often meant running them on dedicated physical servers. This led to a few significant challenges. First, more hardware purchases. Every new application, every new project often required its own dedicated server. This meant constantly buying new physical hardware, which quickly escalated capital expenditure. Secondly, and hand-in-hand with more servers came higher power and cooling costs. Each physical server consumed power and generated heat, necessitating significant investment in electricity and cooling infrastructure. The more servers, the higher these operational expenses became. And finally, a major problem was unused capacity. Despite investing heavily in these physical servers, it was common for them to run well below their full capacity. Applications typically didn't need 100% of server's resources all the time. This meant we were wasting valuable compute power, memory, and storage, effectively wasting resources and diminishing the return of investment from those expensive hardware purchases. These economic pressures became a powerful incentive to find more efficient ways to utilize data center resources, setting the stage for technologies like virtualization. 04:05 Lois: I guess we can assume virtualization emerged as a financial game-changer. So, what kind of economic efficiencies did virtualization bring to the table? Orlando: From a CapEx or capital expenditure perspective, companies spent less on servers and data center expansion. From an OpEx or operational expenditure perspective, fewer machines meant lower electricity, cooling, and maintenance costs. It also sped up provisioning. Spinning a new VM took minutes, not days or weeks. That improved agility and reduced the operational workload on IT teams. It also created a more scalable, cost-efficient foundation which made virtualization not just a technical improvement, but a financial turning point for data centers. This economic efficiency is exactly what cloud providers like Oracle Cloud Infrastructure are built on, using virtualization to deliver scalable pay as you go infrastructure.  05:09 Nikita: Ok, Orlando. Let's get into the core components of virtualization. To start, what exactly is a hypervisor? Orlando: A hypervisor is a piece of software, firmware, or hardware that creates and runs virtual machines, also known as VMs. Its core function is to allow multiple virtual machines to run concurrently on a single physical host server. It acts as virtualization layer, abstracting the physical hardware resources like CPU, memory, and storage, and allocating them to each virtual machine as needed, ensuring they can operate independently and securely. 05:49 Lois: And are there types of hypervisors? Orlando: There are two primary types of hypervisors. The type 1 hypervisors, often called bare metal hypervisors, run directly on the host server's hardware. This means they interact directly with the physical resources offering high performance and security. Examples include VMware ESXi, Oracle VM Server, and KVM on Linux. They are commonly used in enterprise data centers and cloud environments. In contrast, type 2 hypervisors, also known as hosted hypervisors, run on top of an existing operating system like Windows or macOS. They act as an application within that operating system. Popular examples include VirtualBox, VMware Workstation, and Parallels. These are typically used for personal computing or development purposes, where you might run multiple operating systems on your laptop or desktop. 06:55 Nikita: We've spoken about the foundation provided by hypervisors. So, can we now talk about the virtual entities they manage: virtual machines? What exactly is a virtual machine and what are its fundamental characteristics? Orlando: A virtual machine is essentially a software-based virtual computer system that runs on a physical host computer. The magic happens with the hypervisor. The hypervisor's job is to create and manage these virtual environments, abstracting the physical hardware so that multiple VMs can share the same underlying resources without interfering with each other. Each VM operates like a completely independent computer with its own operating system and applications.  07:40 Lois: What are the benefits of this? Orlando: Each VM is isolated from the others. If one VM crashes or encounters an issue, it doesn't affect the other VMs running on the same physical host. This greatly enhances stability and security. A powerful feature is the ability to run different operating systems side-by-side on the very same physical host. You could have a Windows VM, a Linux VM, and even other specialized OS, all operating simultaneously. Consolidate workloads directly addresses the unused capacity problem. Instead of one application per physical server, you can now run multiple workloads, each in its own VM on a single powerful physical server. This dramatically improves hardware utilization, reducing the need of constant new hardware purchases and lowering power and cooling costs. And by consolidating workloads, virtualization makes it possible for cloud providers to dynamically create and manage vast pools of computing resources. This allows users to quickly provision and scale virtual servers on demand, tapping into these shared pools of CPU, memory, and storage as needed, rather than being tied to a single physical machine. 09:10 Oracle University's Race to Certification 2025 is your ticket to free training and certification in today's hottest technology. Whether you're starting with Artificial Intelligence, Oracle Cloud Infrastructure, Multicloud, or Oracle Data Platform, this challenge covers it all! Learn more about your chance to win prizes and see your name on the Leaderboard by visiting education.oracle.com/race-to-certification-2025. That's education.oracle.com/race-to-certification-2025. 09:54 Nikita: Welcome back! Orlando, let's move on to containers. Many see them as a lighter, more agile way to build and run applications. What's your take? Orlando: A container packages an application in all its dependencies, like libraries and other binaries, into a single, lightweight executable unit. Unlike a VM, a container shares the host operating system's kernel, running on top of the container runtime process. This architectural difference provides several key advantages. Containers are incredibly portable. They can be taken virtually anywhere, from a developer's laptop to a cloud environment, and run consistently, eliminating it works on my machine issues. Because containers share the host OS kernel, they don't need to bundle a full operating system themselves. This results in significantly smaller footprints and less administration overhead compared to VMs. They are faster to start. Without the need to boot a full operating system, containers can start up in seconds, or even milliseconds, providing rapid deployment and scaling capabilities. 11:12 Nikita: Ok. Throughout our conversation, you've spoken about the various advantages of virtualization but let's consolidate them now.  Orlando: From a security standpoint, virtualization offers several crucial benefits. Each VM operates in its own isolated sandbox. This means if one VM experiences a security breach, the impact is generally contained to that single virtual machine, significantly limiting the spread of potential threats across your infrastructure. Containers also provide some isolation. Virtualization allows for rapid recovery. This is invaluable for disaster recovery or undoing changes after a security incident. You can implement separate firewalls, access rules, and network configuration for each VM. This granular control reduces the overall exposure and attack surface across your virtualized environments, making it harder for malicious actors to move laterally. Beyond security, virtualization also brings significant advantages in terms of operational and agility benefits for IT management. Virtualization dramatically improves operational efficiency and agility. Things are faster. With virtualization, you can provision new servers or containers in minutes rather than days or weeks. This speed allows for quicker deployment of applications and services. It becomes much simpler to deploy consistent environment using templates and preconfigured VM images or containers. This reduces errors and ensures uniformity across your infrastructure. It's more scalable. Virtualization makes your infrastructure far more scalable. You can reshape VMs and containers to meet changing demands, ensuring your resources align precisely with your needs. These operational benefits directly contribute to the power of cloud computing, especially when we consider virtualization's role in enabling cloud and scalability. Virtualization is the very backbone of modern cloud computing, fundamentally enabling its scalability. It allows multiple virtual machines to run on a single physical server, maximizing hardware utilization, which is essential for cloud providers. This capability is core of infrastructure as a service offerings, where users can provision virtualized compute resources on demand. Virtualization makes services globally scalable. Resources can be easily deployed and managed across different geographic regions to meet worldwide demand. Finally, it provides elasticity, meaning resources can be automatically scaled up or down in response to fluctuating workloads, ensuring optimal performance and cost efficiency. 14:21 Lois: That's amazing. Thank you, Orlando, for joining us once again.  Nikita: Yeah, and remember, if you want to learn more about the topics we covered today, go to mylearn.oracle.com and search for the Cloud Tech Jumpstart course.  Lois: Well, that's all we have for today. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 14:40 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

In this episode of Cybersecurity Today, host David Shipley covers several key incidents impacting the cybersecurity landscape. Amazon's generative AI coding assistant 'Q' was compromised by a hacker who injected data-wiping code into the tool's GitHub repository. Scattered Spider, a notorious cybercrime group, continues its malware attacks on VMware ESXI hypervisors using advanced social engineering techniques. In a significant enforcement action, global law enforcement dismantled the Black Suit ransomware infrastructure under Operation Checkmate. Lastly, Insurance Giant Allianz Life revealed a data breach affecting its US customer base. Stay tuned to understand the latest threats and protective measures in cybersecurity. 00:00 Introduction and Headlines 00:30 Amazon AI Coding Tool Breach 03:07 Scattered Spider's VMware ESXI Attacks 06:44 Operation Checkmate: Black Suit Ransomware Takedown 08:16 Alliance Life Insurance Data Breach 10:25 Conclusion and Call to Action

You've found The Backup Wrap-up, your go-to podcast for all things backup, recovery, and cyber-recovery. In this episode, we tackle one of the scariest threats out there - ransomware targeting VMware ESXi environments. I'm joined by Prasanna Malaiyandi and our special guest Melissa Palmer, also known as @vmiss, who's an independent technology analyst and ransomware resiliency architect. We get into why virtualization environments are such juicy targets for attackers, how they're specifically going after vCenter and ESXi hosts, and why your backup strategy is probably missing some critical components. If you've got a virtualized environment, you need to listen to this. Melissa brings her unique perspective from both the virtualization and security worlds to help you protect your most critical infrastructure. So buckle up - this is an episode you can't afford to miss if you want to keep your VMware environment safe from ransomware attacks.

Robby Stahl, technical account manager at Platform9, joins the vBrownBag crew to vJailbreak, an open source tool that automates VM migration from VMware ESXi to KVM. Chapters: 00:00 Robby & Damian banter 04:49 What is vJailbreak? 10:06 vJailbreak on GitHub 13:45 A demo is attempted, but the demo gods do not approve 22:00 A video of the demo is attempted, but the video gods do not approve 23:40 Robby shares some successful customer anecdotes 34:12 Philosophizing ensues Resources: https://github.com/platform9/vjailbreak https://www.youtube.com/watch?v=seThilJ5ujM&list=PLUqDmxY3RncV-_mzIgL3P29Jssri7Y052&index=5 https://www.linkedin.com/in/robby-stahl/

Broadcom reports three actively exploited zero-day vulnerabilities affecting VMware ESXi, Workstation, and Fusion products that require immediate patching. Leaked chat logs from the Black Basta ransomware group reveal internal conflicts, operational tactics, and efforts to circumvent cybersecurity tools. Lastly, A demonstration of Sesame's new voice AI technology shows concerningly realistic capabilities that could potentially lead users to inadvertently share private information.Remember, Stay a Little Paranoid Subscribe: This Week Health Twitter: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

Referências do EpisódioMalvertising campaign leads to info stealers hosted on GitHubGreyNoise Detects Active Exploitation of Silk Typhoon-Linked CVEsKibana 8.17.3 Security Update (ESA-2025-06)Over 37,000 VMware ESXi servers vulnerable to ongoing attacksA Deep Dive into Strela Stealer and how it Targets European CountriesUnmasking the new persistent attacks on JapanUnmasking GrassCall Campaign: The APT Behind Job Recruitment Cyber ScamsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

Referências do EpisódioVMSA-2025-0004: VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)Android Security Bulletin—March 2025Cellebrite zero-day exploit used to target phone of Serbian student activistSilk Typhoon targeting IT supply chainUnveiling EncryptHub: Analysis of a multi-stage malware campaign Not Lost in Translation: Rosetta 2 Artifacts in macOS IntrusionsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-859

This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Show Notes: https://securityweekly.com/psw-859

This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-859

This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Show Notes: https://securityweekly.com/psw-859

Threat actors use a malicious Pidgin plugin to deliver malware. The BlackByte ransomware group is exploiting a recently patched VMware ESXi  vulnerability. The State Department offers a $2.5 million reward for a major malware distributor. A Swiss industrial manufacturer suffers a cyberattack. The U.S. Marshals Service (USMS) responds to claims of data theft by the Hunters International ransomware gang. Park'N Fly reports a data breach affecting 1 million customers. Black Lotus Labs documents the active exploitation of a zero-day vulnerability in Versa Director servers. Federal law enforcement agencies warn that Iran-based cyber actors continue to exploit U.S. and foreign organizations. We kick off our new educational CertByte segment with hosts Chris Hare and George Monsalvatge. Precrime detectives root out election related misinformation before it happens.  Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's show, our guests are N2K's Chris Hare and George Monsalvatge introducing our new bi-weekly CertByte segments that kick off today on the CyberWire Daily podcast. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from our suite of industry-leading content and a study tip to help you achieve the professional certifications you need to fast-track your career growth. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by George Monsalvatge to break down a question targeting the Project Management Professional (PMP)® certification by the Project Management Institute®. Today's question comes from N2K's PMI® Project Management Professional (PMP®) Practice Test. The PMP® is the global gold standard certification typically targeted for those who have about three to five years of project management experience. To learn more about this and other related topics under this objective, please refer to the following resource: Project Management Institute - Code of Ethics and Professional Conduct. Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Selected Reading  Malware Delivered via Malicious Pidgin Plugin, Signal Fork (SecurityWeek) BlackByte Hackers Exploiting VMware ESXi Auth Bypass Flaw to Deploy Ransomware (Cyber Security News) US Offering $2.5 Million Reward for Belarusian Malware Distributor (SecurityWeek) Services at Swiss manufacturer Schlatter disrupted in likely ransomware attack (SiliconANGLE) US Marshals say data posted by ransomware gang not from 'new or undisclosed incident' (The Record) Park'N Fly notifies 1 million customers of data breach (Bleeping Computer) Taking the Crossroads: The Versa Director Zero-Day Exploitation (Lumen) Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations (CISA) Hundreds of 'PreCrime' Election-Related Fraud Sites Spotted (Metacurity) Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's episode of the Security Swarm Podcast, Andy and Eric Siron discuss the Monthly Threat Report of August 2024. They cover the aftermath of the CrowdStrike incident, Microsoft's proposed enhancements to improve the security of their ecosystem, as well as the discovery of a vulnerability in AMD processors that could allow persistent malware.  Additionally, they discuss the emergence of new AI jailbreak attacks, which can bypass content restrictions and generate harmful outputs and a VMware ESXi vulnerability that could allow attackers to gain access to virtual machines.  Key Takeaways:  The CrowdStrike incident highlights the need for rigorous software testing. Microsoft is moving forward with some changes and guidance on kernel access as a direct response to the CrowdStrike incident. Researchers have discovered a vulnerability in AMD processors that could allow threat actors to embed persistent malware, underscoring the ongoing battle against advanced threats. The Olympic Games have been the target of dozens of foiled cyberattacks, demonstrating the high-stakes nature of nation-state cyber conflicts. There is a new critical vulnerability in the VMware ESXi Hypervisor that allows authentication bypass. Broadcom has released a patch  Timestamps:  (01:00) CrowdStrike Incident and Lessons Learned   (04:14) Importance of Proper Software Testing and Development Processes  (7:21) Potential Consequences of Rushed Software Updates   (28:18) AI Jailbreak Attacks and Generative AI Risks   (33:43) VMware ESXi Vulnerability and Potential Ransomware Implications   (37:53) Bumblebee Loader and the Threat of Rapid Active Directory Compromise   (39:41) HealthEquity Data Breach and the Normalization of PII Breaches   (40:17) Anonymous Sudan and Their Disruptive DDOS Attacks  (41:54) Cyber Attacks on the Olympic Games and the Role of Nation-State Actors   Episode Resources: Full Monthly Threat Report Podcast episode on Anonymous Sudan AMD CPU Vulnerability Info Webinar where Andy covers the ways threat actors use Generative AI  VMware ESXi Authentication Bypass Exploit Security Swarm Podcast re: threat actor attacks on the Olympic Games

The conversation discusses a vulnerability in VMware ESXi hypervisors that grants full admin privileges to threat actors. The vulnerability has been exploited by ransomware groups to deploy ransomware after gaining access to a network. The hosts emphasize the importance of patching systems and working with security teams or MSP/MSSPs to address the vulnerability. They also highlight the need for better monitoring and detection tools for ESXi hypervisors and the potential risks associated with domain access and group creation. The conversation concludes with a reminder to stay vigilant and secure. Article: VMware ESXi hypervisor vulnerability grants full admin privileges https://www.csoonline.com/article/3478658/vmware-esxi-hypervisor-vulnerability-grants-full-admin-privileges.html?fbclid=IwY2xjawEcQr9leHRuA2FlbQIxMAABHcdeBdrmjA-lnkJbw6prQ-v38t6CLlZCzmMJXUWgGSZbmZpdAp54EXZpHw_aem_ir4GNeCxoUn1V4IwZzNKwg& Please LISTEN

A global Microsoft outage takes down Outlook and Minecraft. The US Senate passes The Kids Online Safety and Privacy Act. Lame Duck domain names are targets for takeovers. A GeoServer vulnerability exposes thousands to remote code execution. China proposes a national internet ID. Email attacks surge dramatically in 2024. Columbus Ohio thwarts a ransomware attack. When it comes to invading your privacy, the Paris 2024 Olympics app goes for the gold. Our guest is Rakesh Nair, Senior Vice President of Engineering and Product at Devo, discussing the issues that security teams face when dealing with data control and data orchestration. Was it really Windows 3.1 that saved Southwest Airlines? Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Rakesh Nair, Senior Vice President of Engineering and Product at Devo, discussing the issues that security teams face when dealing with data control and data orchestration. You can read more here.  Selected Reading Microsoft apologises after thousands report new outage (BBC News) Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks (Bleeping Computer) Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content (SecurityWeek) Don't Let Your Domain Name Become a “Sitting Duck” (Krebs on Security) Hackers Actively Exploiting GeoServer RCE Flaw, 6635 Servers Vulnerable (Cyber Security News) China Wants to Start a National Internet ID System (The New York Times) Email Attacks Surge, Ransomware Threat Remains Elevated (Security Boulevard) Columbus says it thwarted overseas ransomware attack that caused tech shutdown (Dispatch) Gold rush for data: Paris 2024 Olympic apps are eavesdropping on users (Cyber News) No, Southwest Airlines is not still using Windows 3.1 (OSnews)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's episode, we uncover the CrowdStrike outage's silver linings, delve into Microsoft's warning about VMware ESXi authentication bypass exploits, expose the Proofpoint email routing flaw used in massive spoofed phishing campaigns, and explore the creation of 3,000 fake GitHub accounts by Stargazer Goblin for malware distribution. 00:00 - Intro 01:14 - Ransomware gangs exploit VMware ESXi 03:02 - Proofpoint Flaw Exploited for EchoSpoofing Phishing Campaign 05:12 - Stargazer Goblin Exploits GitHub 06:42 - CrowdStrike Outage Spurs Cybersecurity Overhaul https://www.helpnetsecurity.com/2024/07/29/crowdstrike-outage-positive-effects/ https://www.bleepingcomputer.com/news/microsoft/microsoft-ransomware-gangs-exploit-vmware-esxi-auth-bypass-in-attacks/ https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html https://thehackernews.com/2024/07/stargazer-goblin-creates-3000-fake.html Video Episode: https://youtu.be/412WyUptaN0 Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags CrowdStrike, Cybersecurity, Transparency, Mitigate, Ransomware, VMware ESXi, CVE-2024-37085, Hypervisors, Proofpoint, EchoSpoofing, Phishing, Misconfiguration, Stargazer Goblin, Malware, GitHub, Check Point Search Phrases What are today's top cybersecurity news stories? Impact of CrowdStrike outage on cybersecurity practices Latest cybersecurity updates and improvements How to mitigate ransomware attacks Protecting VMware ESXi from vulnerabilities Preventing CVE-2024-37085 exploitation EchoSpoofing phishing campaign details Measures against email system misconfiguration Securing GitHub from malicious activities Understanding Stargazer Goblin malware attacks

Forecast = Persistent cyber heat dome in effect with no sign of abatement. In this episode of Storm⚡️Watch, we dive into the latest cybersecurity news and trends. We kick things off with a breaking story about DigiCert's certificate revocation incident. Due to a validation issue affecting about 0.4% of their domain validations, DigiCert is revoking certificates with less than 24 hours' notice. This could impact thousands of SSL certs and potentially cause outages worldwide starting July 30 at 19:30 UTC. Organizations using affected certificates should be prepared for a busy night of renewals. Our Cyberside Chat focuses on a critical vulnerability in VMware ESXi hypervisors that ransomware operators are actively exploiting. Identified as CVE-2024-37085, this flaw allows attackers to gain full administrative access to ESXi servers without proper validation. Several ransomware groups, including Storm-0506 and Storm-1175, have been using this vulnerability to deploy ransomware like Akira and Black Basta. Microsoft reports that incidents targeting ESXi hypervisors have doubled over the past three years, highlighting the growing threat to these systems. In our Cyber Spotlight, we examine a global cyber espionage campaign conducted by North Korean hackers. This operation aims to steal classified military intelligence to advance Pyongyang's nuclear weapons program. The hackers, known as Anadriel or APT45, have targeted defense and engineering companies involved in producing tanks, submarines, naval ships, fighter jets, and missile technologies. The campaign affects not only the US, UK, and South Korea but also entities in Japan and India. This underscores the persistent threat posed by state-sponsored actors from North Korea in their pursuit of military and nuclear ambitions. We wrap up with our Tag Roundup, highlighting recent trends in cyber threats, and our KEV Roundup, discussing the latest known exploited vulnerabilities cataloged by CISA. These segments provide valuable insights into the current threat landscape and help our listeners stay informed about potential risks to their organizations. Don't forget to check out the Storm Watch homepage and learn more about GreyNoise for additional cybersecurity resources and updates. Storm Watch Homepage >> Learn more about GreyNoise >>  

In today's episode, we discuss how cybercriminals exploit Facebook ads to distribute SYS01 password-stealing malware (https://www.bleepingcomputer.com/news/security/facebook-ads-for-windows-themes-push-sys01-info-stealing-malware/), Microsoft 365 Defender disruptions caused by recent Windows Server updates (https://www.bleepingcomputer.com/news/microsoft/june-windows-server-updates-break-microsoft-365-defender-features/), the SEXi ransomware rebranding to APT INC and targeting VMware ESXi servers (https://www.bleepingcomputer.com/news/security/sexi-ransomware-rebrands-to-apt-inc-continues-vmware-esxi-attacks/), and weaknesses in Squarespace security leading to domain hijacks targeting cryptocurrency businesses (https://krebsonsecurity.com/2024/07/researchers-weak-security-defaults-enabled-squarespace-domains-hijacks/). Video Episode: https://youtu.be/feJqlYfCHZw Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags Trustwave, Cybercriminals, Facebook Ads, Malware, Windows Server 2022, Microsoft 365 Defender, Network Detection and Response, Patch Tuesday, Ransomware, VMware ESXi, APT INC, Encryptors, Babuk, LockBit 3, Squarespace, Security Flaws, Domain Hijacks, Cryptocurrency Websites Search Phrases What are today's top cybersecurity news stories? How are cybercriminals using Facebook ads to distribute malware? Protecting against info-stealing malware in Facebook ads June Patch Tuesday updates Windows Server 2022 issues Microsoft 365 Defender affected by Windows updates Ransomware attacks on VMware ESXi servers APT INC ransomware and its impact on businesses How to mitigate ransomware attacks using Babuk and LockBit 3 encryptors Squarespace security flaws and domain hijacking incidents Securing your domain during migration from Google Domains to Squarespace

As your guide, Professor J-Rod, I'm back to escort you through the digital landscape of operating systems, where we'll uncover the secrets of user interfaces and networking. Ever wonder how your fingertips command technology or how voice commands transform into actions? We unravel these mysteries and more, examining the tapestry of command lines, graphical interfaces, and the unseen network wizardry that keeps our world spinning. Get ready to grasp the essence of TCP/IP protocols and the OSI model – the silent heroes making sure your digital messages don't get lost in translation.Then, we shift our focus to the diverse terrains of operating systems. Imagine strolling through the seamless Apple ecosystem, venturing into the wilds of open-source Linux, and scaling the robust fortress of server-based systems. We'll dissect the functionality of Windows Server, the adaptability of Linux servers, and the steadfastness of Unix, with a special spotlight on the art of virtualization through VMware ESXi. Plus, we'll peek into the mobile realm where Android's customization reigns supreme. Join me as I share tales from the trenches of education and software development, providing insights that will serve you whether you're an IT rookie or a veteran programmer.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Popular Blogger Piotr Tarnawski talks about his blog on the Abyss Locker Ransomeware with Corey and Matt

New targets of Chinese cyberespionage are uncovered. Monti ransomware is back. An evasive phishing campaign exposed. A Realtors' network taken down by cyberattack. A closer look at NoName057(16). Perspective on cyberwar - remember Pearl Harbor, but don't see it everywhere. Ben Yelin on the Consumer Financial Protection Bureau's plans to regulate surveillance tech. Microsoft's Ann Johnson and Charlie Bell ponder the future of security. And scammers are targeting kids playing Fortnite and Roblox. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/155 Selected reading. Chinese spies who read State Dept. email also hacked GOP congressman (Washington Post)  Binary Ballet: China's Espionage Tango with Microsoft (SecurityHQ) Microsoft Exchange hack to be investigated by US Cyber Safety Board (Computing) Monti ransomware targets VMware ESXi servers with new Linux locker (BleepingComputer)  Evasive Phishing Campaign Steals Cloud Credentials Using Cloudflare R2 and Turnstile (Netskope) Cyberattack on Bay area vendor cripples real estate industry (The Real Deal) Intel insiders go undercover revealing fresh details into NoName hacktivist operations (Cybernews)  Why the US Military Wants You To Rethink the Idea of 'Cyber War' (The Messenger)  A Huge Scam Targeting Kids With Roblox and Fortnite 'Offers' Has Been Hiding in Plain Sight (WIRED)

Come see us at Black Hat USA 2023 @ Booth #2817 as we unveil the future of threat hunting! With a myriad of unique activities, insightful discussions, and special offers, Cyborg Security has something in store for everyone

China-linked APT group spotted exploiting a VMware ESXi zero-day Hundreds of thousands of ecommerce sites impacted by critical plugin vulnerability 7-Nation LockBit report shows US paid over $90m in ransoms since 2020 Thanks to today's episode sponsor, Conveyor Let's gladly pass the most thankless job in cybersecurity – completing customer security questionnaires –  to the AI bots. Conveyor's GPT-questionnaire response tool auto-generates precise, accurate answers to entire questionnaires. With accuracy far superior to other tools, you can spend almost zero time reviewing generated answers. There's an in platform auto-fill feature or a browser extension for tricky portals. Stop settling for mediocre tools that only provide lousy “near hits” from your library. Try a free proof of concept with your own data. Learn more at www.conveyor.com. For the stories behind the headlines, head to CISOseries.com.

In today's podcast we cover four crucial cyber and technology topics, including: 1.        WooCommcerce Stripe Gateway flaw abused to steal customer data 2.        China-linked actors abused zero day in targeting VMware ESXi 3.        Hospital closure partly due to ransomware attack 4.        Microsoft fined 20 million USD for COPPA violation  I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Customers with the most demanding workloads will be excited to see the latest expansion of database support on the Nutanix Cloud Platform that provides a lower total cost of ownership (TCO) and optimizes performance.   The enhancements, which became available to Nutanix customers as part of the AOS 6.6.2 release, include support for compute-only nodes running either VMware ESXi or Nutanix AHV along with best practices for optimally configuring hyperconverged infrastructure (HCI) database clusters using a combination of compute-only and storage-only nodes. Host: Philip SellersCo-host: Jirah CoxCo-host: Ben RogersBlog Link: https://www.nutanix.com/blog/introducing-the-optimized-database-solution

Babuk source code provides criminal inspiration. CISA and FBI release a joint report on PaperCut. There are more bad bots out there than anyone would like. Phishing-as-a-service tools in the C2C market. CISA's Eric Goldstein advocates the adoption of strong controls, defensible networks and coordination of strategic cyber risks. Our cyberwire producer Liz Irvin speaks with Crystle-Day Villanueva, Learning and Development Specialist for Lumu Technologies. And KillNet's short-lived venture, with a dash of regret. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/92 Selected reading. Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers (Bleeping Computer) Ransomware actors adopt leaked Babuk code to hit Linux systems (Decipher) Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers (SentinelOne) Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG (CISA) CVE-2023-27350 Detail (NIST) Proofpoint Emerging Threats Rules (Proofpoint) 2023 Imperva Bad Bot Report (Imperva) New phishing-as-a-service tool “Greatness” already seen in the wild (Cisco Talos) Ukraine at D+442: Russians say the Ukrainian counteroffensive has begun. (CyberWire)

It's been a mixed few weeks if you are in the ransomware game. (If you listen to this podcast we presume you are not a cybercriminal, but do get in touch if you are and leave us your full contact details).In this episode Rob and Stan look at the hacks that have made the headlines and suggest what can be done to stop it happening to you.First up for discussion is ransomware-as-a-service malware LockBit hitting ION Trading UK:“It left scores of brokers unable to process derivative trades and they had to resort to manual methods. Imagine them going back to using spreadsheets to figure out what's going on as far as their trades”LockBit threatened to publish stolen data unless a ransom was paid and ION Trading did as they were told. Rob and Stan talk about the incident and the potential repercussions.The episode also looks at a ransomware campaign targeting VMware ESXi technology:“It's a previously known vulnerability. It's been out there for two years. But the reality is that organizations have been slow in patching it. There was a general warning put out by Italy's National Cybersecurity Agency, warning about a large-scale campaign now exploiting this vulnerability. Thousands of computer servers across Europe and North America could potentially be impacted. And this context is, well if you're not going to patch, we'll take a advantage of that”But there's also been bad news for the threat actors.Rob and Stan give their take on the sabotaging of the Hive ransomware group by the FBI and other law enforcement agencies.“This take down shows that international enforcement against ransomware threat actors is increasing. I think this is a good sign. It may make it more difficult for some of these entities to target organizations in the future, but, they're still ongoing and so it's going to be difficult to truly mitigate this threat if you can't reach those that are behind it.”There are call backs to other relevant episodes of the Reimagining Cyber podcast:Episode 12, Brett Thorson, Colonial Pipeline fuels the fire: not the first, not the last, and how to protect for the futurewww.buzzsprout.com/2004238/10791017Episode 2, Jim Routh, Unconventional approaches to improve enterprise resiliencewww.buzzsprout.com/2004238/10791027Episode 27, Shawn Tuma Cyber insurance in the wake of Log4jwww.buzzsprout.com/2004238/10791001Episode 15, Shawn Tuma – So you've been hacked, now what?www.buzzsprout.com/2004238/10791014Plus the Galaxy threat actors reporthttps://publications.cyberres.com/view/679673707/Rate and review the show on Apple Podcasts.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

Reddit admits it was hacked and data stolen, says “don't panic” Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day CISA has a possibly-maybe fix for VMware ESXi ransomware campaign Thanks to today's episode sponsor, US, yes, CISO Series If you're looking to reach a committed audience of cybersecurity professionals every day, then consider advertising right here on Cyber Security Headlines, a show that consistently ranks in the top ten for tech news on Apple Podcasts in the U.S. That's pretty impressive for a show that's a niche within a niche. Cyber Security Headlines sponsorship includes continuous week-long brand awareness in newsletters, blog posts, and this very podcast. To learn more about pricing and audience, email us at info@cisoseries.com. For the stories behind the headlines, head to CISOseries.com.

This week's ShadowTalk podcast covers the latest in the VMware ESXI Ransomware campaign, Killnet, SocGholish, and morel Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10-feb ***Resources from this week's podcast*** Subscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.

CISA and the FBI are releasing this alert in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors are exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access and deploy ransomware. AA23-039A Alert, Technical Details, and Mitigations CISA has released an ESXiArgs recovery script at github.com/cisagov/ESXiArgs-Recover VMware Security Response Center (vSRC) Response to 'ESXiArgs' Ransomware Attack… Enes Sonmez and Ahmet Aykac, YoreGroup Tech Team: decrypt your crypted files in… See Stopransomware.gov, a whole-of-government approach, for ransomware resources and alerts. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center's DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov  To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.

CISA and the FBI are releasing this alert in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors are exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access and deploy ransomware. AA23-039A Alert, Technical Details, and Mitigations CISA has released an ESXiArgs recovery script at github.com/cisagov/ESXiArgs-Recover VMware Security Response Center (vSRC) Response to 'ESXiArgs' Ransomware Attack… Enes Sonmez and Ahmet Aykac, YoreGroup Tech Team: decrypt your crypted files in… See Stopransomware.gov, a whole-of-government approach, for ransomware resources and alerts. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center's DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov  To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig

Follow-up Apple vs. Nvidia Waterstof is ook niet de heilige graal. Dell ontslaat ook 5% van hun personeel en liet de laatste jaren al 33% van hun personeel gaan. Een totaal overzicht van ontslagenen in de tech industrie vind je hier En dat terwijl tewerkstelling in de VS over het algemeen in de lift zit. Onderwerpen ChatGPT: Universiteit Antwerpen onderzoekt of student paper schreef met artificiële intelligentie van ChatGPT ChatGPT in Bing? Tay: Microsoft issues apology over racist chatbot fiasco Facebook’s BlenderBot en Galactica zijn snel afgevoerd. Google houdt LaMDA dicht tegen de borst, maar de druk neemt toe. ChatGPT in het onderwijs: het gemeenschapsonderwijs heeft ‘handvaten’ klaar. (pdf-link) ‘Dat ChatGPT geregeld “feiten” verzint, is beangstigend’, de woorden van Luc Steels: professor Emeritus AI aan de VUB, richtte in 1983 het AI Lab aan de VUB op. ‘Arcadia’ in première, een van de duurste reeksen ooit gemaakt in Vlaanderen NCSC waarschuwt voor misbruik van oud VMWare ESXi-lek door ransomware. De laatste dagen is een enorme golf van ransomware aanvallen uitgevoerd. Tips Maarten: ZeroTier Toon: World Wide Walls (tag on a train) & De Kunst van het Verdwijnen & Coolest Projects 2023 Steven: ShortCat Ruurd: Last Week Tonight with John Oliver over Coal en SLAPP suits | Anker MagSafe MagGo powerbank klein en groot | Gebruik hide self tegen (Zoom) Fatigue

In the latest episode of the Risk Roundtable, Andy does double duty, first welcoming Jen to get the latest on the ransomware threats, before bringing Dave in to talk about weather and natural disasters. Jen kicked things off talking about all things ransomware to include preparedness items, the recent Hive takedown, the importance of reporting, and ways to protect yourself. Dave then joined Andy to talk about the third-wheel in the all-hazards preparedness model - weather and natural disasters, especially in light of the recent earthquake in Turkey. The roundtable took a split approach to the end of pod questions talking about marathon's, some show dilemmas and the arc of Paul Rudd! US Secret Service: New Secret Service Research Examines for the First Time Five Years of Mass Violence Data, 25 Jan Washington Post: N. Carolina church says it lost nearly $800K in email scam, 28 Jan NWS: Hurricane Matthew in the Carolinas: October 8, 2016, page created: 29 Sep 2017, last updated: 26 Aug 2021 Ransomware and Cyber News: Bleeping Computer: VMware warns admins to patch ESXi servers, disable OpenSLP service, 06 Feb Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 03 Feb Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb

The Security Squawk Podcast crew discusses cybersecurity. The hosts, Bryan Horning, Reginald Andre, Randy Brian, and Ryan O'Hara, talk about the current state of ransomware attacks happening in the world. They discuss the recent attack on a hospital in Tallahassee, which has led to a security issue, and the hospital has suspended all non-emergency procedures. The word "issue" to describe the attack is noted as being too weak, and the hosts suggest it is being used to minimize public fear and legal implications. The hospital has been targeted due to its large amount of valuable data, making it a high-value target for criminals. The hospital is prioritizing its IT systems and bringing them back online one by one. Ryan, Randy, and Bryan are discussing the recent ransomware attacks on hospitals and other organizations. They mention that the increase in ransomware attacks was expected due to a combination of factors, including the position of the hackers, the release of vulnerabilities, and the recent boasting of the FBI and Justice Department about their takedown of some cybercrime groups. They also discuss the vulnerability in VMware ESXi servers, a common technology many organizations use for their server infrastructure. The ransomware variant, DougE, is fast and widespread, causing admins to scramble to patch their systems. The recommendation is to apply the patch as soon as possible and to scan for signs of compromise if the system is left unpatched. The vulnerability is considered serious as it gives the attacker's God mode access to all virtual machines running on the VMware ESXi server. The conversation is about cyber security and the recent ransomware attacks on various organizations. The crew discusses the importance of having an independent cybersecurity risk assessment to understand the full picture of the security situation. They are also discussing the need for regular maintenance and updates to keep systems secure and the importance of educating people about cybersecurity, including the next generation. The cyber experts also mention the recent attack on a chipmaker and a school district, as well as Italy's recent ransomware attack, which was related to the VMware issue. They also mention the use of the Conte ransomware source code by the LockBit ransomware group, highlighting the need for constant vigilance and updates to stay ahead of evolving threats.

VMware ESXi exploitations. Super Bowl cyber risks. Scalping bots. The curious case of the Moscow billboards. Joe Carrigan tracks pig butchering apps in online app stores. Our guest is David Liebenberg from Cisco Talos, to discuss incident response trends. And, in sportsball, it's gonna be the Chiefs by a couple of hat tricks, or something. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/25 Selected reading. Ransomware Hits Unpatched VMware Systems: 'Send Money Within 3 Days' (Virtualization Review)  Massive ransomware attack targets VMware ESXi servers worldwide (CSO Online)  CISA steps up to help VMware ESXi ransomware victims (SC Media) ‘Massive' new ESXiArgs ransomware campaign has compromised thousands of victims (The Record from Recorded Future News)  Have you clicked “Report Junk” lately on your #mobile device? (Proofpoint)  CyRC special report: Secure apps? Don't bet on it (Synopsys) DataDome's Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the US as the Top Source of Bot Attacks (DataDome) Darknet drug market BlackSprut openly advertises on billboards in Moscow (The Record from Recorded Future News)

In this week's Security Sprint, Dave and Andy talked about the following topics: Ransomware: Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 3 Feb Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb Valentine's Day 2023, :sparkling_heart: and Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb DDoS: Radware, Passion: A Russian Botnet, 31 Jan Bleeping Computer, New DDoS-as-a-Service platform used in recent attacks on hospitals, 01 Feb The Record: Customizable new DDoS service already appears to have fans among pro-Russia hacking groups, 03 Feb Faith-Based Security: Fox 5, Las Vegas: Man threatened mass shooting at Las Vegas synagogue, police say, 31 Jan ABC 7 News: SFPD arrest man suspected of firing blank rounds inside synagogue, bringing gun into theater, 05 Feb Chinese Balloons: US DOD: Statement From Secretary of Defense Lloyd J. Austin III, 04 Feb And see the Gate 15 SUN from Friday and Monday for numerous links. Baking in Cybersecurity: Foreign Affairs: Stop Passing the Buck on Cybersecurity; Why Companies Must Build Safety Into Tech Products, 01 Feb Washington Post Cybersecurity 202: How CISA plans to get tech firms to bake security into their products, 06 Feb Others: FBI: Elicitation Techniques, 31 Jan Voice of America, Russia Developing Weapons to Target Critical Subsea Cables, Pipelines, 02 Feb Reuters: Huge earthquake kills 2,600 in Turkey and Syria, bad weather worsens plight, 06 Feb

New ransomware exploits a VMware ESXi vulnerability. Roasted 0ktapus squads up. LockBit says ION paid the ransom. Russian cyber auxiliaries continue attacks against healthcare organizations. Attribution on the Charlie Hebdo attack. Deepen Desai from Zscaler describes recent activity by Ducktail malware. Rick Howard looks at cyber threat intelligence. And the top US cyber diplomat says his Twitter account was hacked. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/24 Selected reading. Ransomware Gang in Trading Hack Says Ransom Was Paid (Bloomberg) Regulators weigh in on ION attack as LockBit takes credit (Register) Russian hackers launch attack on City of London infrastructure (The Armchair Trader) Ransomware attack on data firm ION could take days to fix -sources (Reuters) Linux version of Royal Ransomware targets VMware ESXi servers (BleepingComputer) Ransomware scum attack old VMWare ESXi vulnerability (Register) Italy sounds alarm on large-scale computer hacking attack (Reuters) Italy's TIM suffers internet connection problems (Reuters) Italy sounds alarm on large-scale computer hacking attack (Jerusalem Post) Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers (Security Affairs) Campagne d'exploitation d'une vulnérabilité affectant VMware ESXi (CERT-FR) VMSA-2021-0002 (VMware) CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers (Security Affairs) ‘0ktapus' hackers are back and targeting tech and gaming companies, says leaked report (TechCrunch) Customizable new DDoS service already appears to have fans among pro-Russia hacking groups (The Record from Recorded Future News) Russian Hackers Take Down At Least 17 U.S. Health System Websites (MedCity News) Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack (Security Affairs) Iran responsible for Charlie Hebdo attacks - Microsoft On the Issues (Microsoft On the Issues) Piratage de « Charlie Hebdo » : un groupe iranien à la manœuvre, selon Microsoft (Le Monde) Iran behind hack of French magazine Charlie Hebdo, Microsoft says (Reuters) Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT (Security Affairs America's top cyber diplomat says his Twitter account was hacked (CNN)

Assemblyline as a Malware Analysis Sandbox https://isc.sans.edu/diary/Assemblyline%20as%20a%20Malware%20Analysis%20Sandbox/29510 GoAnywhere MFT zero-day Exploited https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/ Ransomware targeting VMware ESXi https://blog.ovhcloud.com/ransomware-targeting-vmware-esxi/ Jira Service Managment Server and Data Center Advisory CVE-2023-22501 https://confluence.atlassian.com/jira/jira-service-management-server-and-data-center-advisory-cve-2023-22501-1188786458.html OpenSSH Update https://www.openssh.com/releasenotes.html F5 BigIP Vulnerability CVE-2023-22374 https://my.f5.com/manage/s/article/K000130415

Assemblyline as a Malware Analysis Sandbox https://isc.sans.edu/diary/Assemblyline%20as%20a%20Malware%20Analysis%20Sandbox/29510 GoAnywhere MFT zero-day Exploited https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/ Ransomware targeting VMware ESXi https://blog.ovhcloud.com/ransomware-targeting-vmware-esxi/ Jira Service Managment Server and Data Center Advisory CVE-2023-22501 https://confluence.atlassian.com/jira/jira-service-management-server-and-data-center-advisory-cve-2023-22501-1188786458.html OpenSSH Update https://www.openssh.com/releasenotes.html F5 BigIP Vulnerability CVE-2023-22374 https://my.f5.com/manage/s/article/K000130415

Hello World! It's February 01, 2023. Welcome to a new edition of Cyber Briefing by CyberMaterial. Let's review the latest cybersecurity alerts and incidents. Cyber Alerts New Nevada ransomware targets Windows and VMware ESXi systems Experts Warn of 'Ice Breaker' cyber attacks targeting gaming and gambling Industry DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000 New Sh1mmer Chromebook exploit unenrolls managed devices Porsche AG halts NFT launch and phishing sites fill the void Add alt text No alt text provided for this image Cyber Incidents FTC Hits Firm With $1.5M Fine in Health Data-Sharing Case Google Fi says hackers accessed customers' information Planet Ice hacked, 240,000 skating fans' details stolen Ransomware attack closes schools in Nantucket, Massachusetts Maryland hospital facing outages after ‘significant' ransomware attack Subscribe and Comment. Copyright © 2023 CyberMaterial. All Rights Reserved. Listen to CyberBriefing on Apple Podcasts and Spotify. Follow CyberMaterial on LinkedIn, Twitter, Reddit, Instagram, Facebook, Youtube, and Medium

The FBI's InfraGard user data shows up for sale. An update on Iranian cyber operations. NSA warns of Chinese cyber threats. Challenges in sharing data for threat detection and prevention. Legitimately signed drivers are used in targeted attacks. Patch Tuesday addressed a lot of actively exploited issues. Tim Starks from the Washington Post Cybersecurity 202 shares his reporting on ICS vulnerabilities. Our guest is Mike Fey from Island with an introduction to the enterprise browser space. And the US indicts five Russian nationals on sanctions-evasion charges. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/238 Selected reading. FBI's Vetted Info Sharing Network ‘InfraGard' Hacked (KrebsOnSecurity) Would've, Could've, Should've…Did: TA453 Refuses to be Bound by Expectations (Proofpoint)  APT5: Citrix ADC Threat Hunting Guidance (NSA) U.S. agency warns that hackers are going after Citrix networking gear (Reuters) NSA Outs Chinese Hackers Exploiting Citrix Zero-Day (SecurityWeek)  Effect of data on Federal agencies' policies. (CyberWire) I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware (Mandiant) Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers (SentinelOne) SAP Security Patch Day December 2022 (Onapsis) December 2022 Security Updates (Microsoft Security Response Center) December Patch Tuesday Updates | 2022 - Syxsense Inc (Syxsense Inc) Microsoft December 2022 Patch Tuesday fixes 2 zero-days, 49 flaws (BleepingComputer) Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update (Dark Reading)  Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698) (Help Net Security) Microsoft Releases December 2022 Security Updates (CISA) Apple security updates (Apple Support) We finally know why Apple pushed out that emergency 16.1.2 update (Macworld)  Why You Should Enable Apple's New Security Feature in iOS 16.2 Right Now (Wirecutter) Apple Releases Security Updates for Multiple Products (CISA) Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 (Citrix) State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518) (Help Net Security)  Citrix Releases Security Updates for Citrix ADC, Citrix Gateway (CISA) VMware Patches VM Escape Flaw Exploited at Geekpwn Event (SecurityWeek)  Experts detailed a previously undetected VMware ESXi backdoor (Security Affairs) VMware Releases Security Updates for Multiple products (CISA) Mozilla Releases Security Updates for Thunderbird and Firefox (CISA) Adobe Patches 38 Flaws in Enterprise Software Products (SecurityWeek) CISA Releases Three Industrial Control Systems Advisories (CISA) Five Russian Nationals, Including Suspected FSB Officer, and Two U.S. Nationals Charged with Helping the Russian Military and Intelligence Agencies Evade Sanctions (US Department of Justice) Russian Military and Intelligence Agencies Procurement Network Indicted in Brooklyn Federal Court (US Department of Justice)

Mai menü:wittsec confBring Your Own Vulnerable Driver:Link1Link2Link3Link4Link5Aláírás ellenőrzésSqlite 22 éves vulnMár a rendőrökben se lehet bízniHacking Automobile Keyless Entry SystemsOver 45,000 VMware ESXi servers just reached end-of-lifeOpenSSL 3.0 critical issue aheadElérhetőségeink:TelegramTwitterInstagramFacebookMail: info@hackeslangos.show

Descubren un nuevo APT o grupo sofisticado de amenazas centrado en el espionaje y presente sobre todo en empresas telefónicas y universidades que tiene además un toque hispano. Un grupo de cibercriminales desconocidos ha estado infectando hipervisores VMware ESXi y robando datos de máquinas virtuales en una campaña de ciberespionaje digna de la Blue Pill de Matrix. Si te gusta el podcast y consideras que lo merecemos, danos tu voto en los premios iVoox 2022. Nos haría muchísima ilusión. Puedes votarnos en este enlace, (estamos en la categoría "Empresa y Tecnología"): https://www.tierradehackers.com/premiosivoox Notas y referencias en https://www.tierradehackers.com YouTube: https://www.youtube.com/tierradehackers Twitch: https://www.twitch.tv/tierradehackers Twitter: https://www.twitter.com/tierradehackers LinkedIn: https://www.linkedin.com/company/tierradehackers Si te gusta lo que hacemos, considera apoyarnos en Patreon para que podamos seguir creciendo y crear aun más contenido: https://www.patreon.com/tierradehackers No olvides unirte a nuestra comunidad de discord: https://www.tierradehackers.com/discord Gracias a Monad, onBRANDING y a Prowler por apoyarnos.

Gray-hat support for Iranian dissidents. Selling access wholesale in the C2C market. Novel malware's discovered targeting VMware hypervisors. The Witchetty espionage group uses an updated toolkit. Deepen Desai from Zscaler has a Technical Analysis of Industrial Spy Ransomware. Ann Johnson of Afternoon Cyber Tea speaks with Michal Braverman-Blumenstyk, CTO for Microsoft Security, about Israel's cyber innovation. And Russian troops phone call revelations. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/188 Selected reading. Hacker Groups take to Telegram, Signal and Darkweb to assist Protestors in Iran (Check Point Software) Hackers Use Telegram and Signal to Assist Protestors in Iran (Infosecurity Magazine) Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks (The Hacker News) Hackers seek to help — and profit from — Iran protests (The Record by Recorded Future) Ransomware and Wholesale Access Markets: A $10 investment can lead to millions in profit (Cybersixgill) Selling access wholesale in the C2C market. (CyberWire)  Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors (Mandiant) Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors (Mandiant)  Mandiant has identified new malware that targets VMware ESXi, Linux vCenter servers, and Windows virtual machines. (CyberWire) Securonix Threat Labs Security Advisory: Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors (Securonix) Steep#Maverick cyberespionage campaign. (CyberWire) Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East (Symantec) Witchetty espionage group uses updated toolkit. (CyberWire) ‘Putin Is a Fool': Intercepted Calls Reveal Russian Army in Disarray (New York Times)  Cyber Warfare Rife in Ukraine, But Impact Stays in Shadows (SecurityWeek) Russian hackers' lack of success against Ukraine shows that strong cyber defences work, says cybersecurity chief (ZDNET) Failure of Russia's cyber attacks on Ukraine is most important lesson for NCSC (ComputerWeekly)

I'm extra psyched today, because today's episode (which is all about updating your VMWare ESXi version via command line) is complemented by video: https://www.youtube.com/watch?v=0-XAO32LEPY Shortly after recording this video, I found this awesome article which walks you through a different way to tackle these updates: List all upgrade profiles: esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml Grep for just the ones you want (in my case ESXi 7.x): esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-7.0 Apply the one you want! esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-7.0    

A Linux user tries out FreeBSD's Bhyve hypervisor, choosing storage for a VMware ESXi server, and perfect use case for WireGuard.   Discussion Jim has been testing Bhyve   Free Consulting We were asked about connecting home and small business networks, and choosing storage for a VMware ESXi server.       Linode Simplify your […]

A daily look at the relevant information security news from overnight.Episode 233 - 26 May 2022Curb Kerberos- https://www.zdnet.com/article/microsoft-heres-how-to-defend-windows-against-these-new-privilege-escalation-attacks/Tales from the Cheerscrypt - https://www.bleepingcomputer.com/news/security/new-cheers-linux-ransomware-targets-vmware-esxi-servers/Broadcom buy - https://www.securityweek.com/vmware-absorb-broadcom-security-solutions-following-61-billion-dealChromeloader rises - https://www.bleepingcomputer.com/news/security/new-chromeloader-malware-surge-threatens-browsers-worldwide/DuckDuck no- https://www.techradar.com/news/duckduckgo-in-hot-water-over-hidden-tracking-agreement-with-microsoftHi, I'm Paul Torgersen. It's Wednesday May 26th, 2022, and again from Las Vegas, this is a look at the information security news from overnight. From ZDNet.com:Microsoft has detailed mitigation techniques to help Windows users defend themselves from automated 'Kerberos Relay' attacks. The KrbRelayUp tool flaw can give an attacker System privileges on Windows machines. See the details in the article. From BleepingComputer.com:A new Cheers ransomware called Cheerscrypt has appeared and is starting its operations by targeting VMware ESXi servers. I guess they learned that from the LockBit and Hive ransomware crowd. There is the full Trend Micro writeup in the article. From SecurityWeek.com:Speaking of VMWare, Broadcom announced they are acquiring the company for about $61 billion in cash and stock. Man, just a small sliver of that and I can keep this podcast running forever. I need to find out who to talk to. If you recall, Broadcom acquired Symantec's enterprise unit back in 2019. Not sure how those technologies and services will migrate to VMWare. From BleepingComputer.com:The ChromeLoader malware is seeing a significant uptick this month, after being relatively stable through the beginning of the year. ChromeLoader is a browser hijacker that can modify web browser settings to show search results that promote unwanted software, fake giveaways and surveys, and adult games and dating sites. You know where to find the details. And last today, from TechRadar.comI'm sure many of you are DuckDuckGo users, wanting the privacy the search engine offers. Unfortunately, while Google and Facebook trackers are being blocked, Microsoft trackers are allowed to continue running, as are trackers related to the bing.com and linkedin.com domains. Apparently, DuckDuckGo has a search syndication agreement with Microsoft. For a company known for its transparency, strange how this agreement remained a secret for so long. DuckDuck, no. That's all for me today. Have a great rest of your day. And until tomorrow, be safe out there.