POPULARITY
You've found The Backup Wrap-up, your go-to podcast for all things backup, recovery, and cyber-recovery. In this episode, we tackle one of the scariest threats out there - ransomware targeting VMware ESXi environments. I'm joined by Prasanna Malaiyandi and our special guest Melissa Palmer, also known as @vmiss, who's an independent technology analyst and ransomware resiliency architect. We get into why virtualization environments are such juicy targets for attackers, how they're specifically going after vCenter and ESXi hosts, and why your backup strategy is probably missing some critical components. If you've got a virtualized environment, you need to listen to this. Melissa brings her unique perspective from both the virtualization and security worlds to help you protect your most critical infrastructure. So buckle up - this is an episode you can't afford to miss if you want to keep your VMware environment safe from ransomware attacks.
Robby Stahl, technical account manager at Platform9, joins the vBrownBag crew to vJailbreak, an open source tool that automates VM migration from VMware ESXi to KVM. Chapters: 00:00 Robby & Damian banter 04:49 What is vJailbreak? 10:06 vJailbreak on GitHub 13:45 A demo is attempted, but the demo gods do not approve 22:00 A video of the demo is attempted, but the video gods do not approve 23:40 Robby shares some successful customer anecdotes 34:12 Philosophizing ensues Resources: https://github.com/platform9/vjailbreak https://www.youtube.com/watch?v=seThilJ5ujM&list=PLUqDmxY3RncV-_mzIgL3P29Jssri7Y052&index=5 https://www.linkedin.com/in/robby-stahl/
Broadcom reports three actively exploited zero-day vulnerabilities affecting VMware ESXi, Workstation, and Fusion products that require immediate patching. Leaked chat logs from the Black Basta ransomware group reveal internal conflicts, operational tactics, and efforts to circumvent cybersecurity tools. Lastly, A demonstration of Sesame's new voice AI technology shows concerningly realistic capabilities that could potentially lead users to inadvertently share private information.Remember, Stay a Little Paranoid Subscribe: This Week Health Twitter: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer
Referências do EpisódioMalvertising campaign leads to info stealers hosted on GitHubGreyNoise Detects Active Exploitation of Silk Typhoon-Linked CVEsKibana 8.17.3 Security Update (ESA-2025-06)Over 37,000 VMware ESXi servers vulnerable to ongoing attacksA Deep Dive into Strela Stealer and how it Targets European CountriesUnmasking the new persistent attacks on JapanUnmasking GrassCall Campaign: The APT Behind Job Recruitment Cyber ScamsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioVMSA-2025-0004: VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)Android Security Bulletin—March 2025Cellebrite zero-day exploit used to target phone of Serbian student activistSilk Typhoon targeting IT supply chainUnveiling EncryptHub: Analysis of a multi-stage malware campaign Not Lost in Translation: Rosetta 2 Artifacts in macOS IntrusionsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-859
This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Show Notes: https://securityweekly.com/psw-859
This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-859
This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Show Notes: https://securityweekly.com/psw-859
[Referências do Episódio] I Spy With My Little Eye: Uncovering an Iranian Counterintelligence Operation - https://cloud.google.com/blog/topics/threat-intelligence/uncovering-iranian-counterintelligence-operation/ Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations - https://www.microsoft.com/en-us/security/blog/2024/08/28/peach-sandstorm-deploys-new-custom-tickler-malware-in-long-running-intelligence-gathering-operations/ The vulnerabilities we uncovered by fuzzing µC/OS protocol stacks - https://blog.talosintelligence.com/fuzzing-uc-os-protocol-stacks/ BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks - https://blog.talosintelligence.com/blackbyte-blends-tried-and-true-tradecraft-with-newly-disclosed-vulnerabilities-to-support-ongoing-attacks/ VMSA-2024-0013:VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2024-37085, CVE-2024-37086, CVE-2024-37087) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 Analysis of two arbitrary code execution vulnerabilities affecting WPS Office - https://www.welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office/ Beware the Unpatchable: Corona Mirai Botnet Spreads via Zero-Day - https://www.akamai.com/blog/security-research/2024/aug/2024-corona-mirai-botnet-infects-zero-day-sirt Rocinante: The trojan horse that wanted to fly - https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante Insecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier) - https://www.fortra.com/security/advisories/product-security/fi-2024-011 Kursk Offensive Unveiled: Ukraine's Strategic Planning and Cyber-Kinetic Convergence - https://cyble.com/blog/kursk-offensive-unveiled-ukraines-strategic-planning-and-cyber-kinetic-convergence/ Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
Threat actors use a malicious Pidgin plugin to deliver malware. The BlackByte ransomware group is exploiting a recently patched VMware ESXi vulnerability. The State Department offers a $2.5 million reward for a major malware distributor. A Swiss industrial manufacturer suffers a cyberattack. The U.S. Marshals Service (USMS) responds to claims of data theft by the Hunters International ransomware gang. Park'N Fly reports a data breach affecting 1 million customers. Black Lotus Labs documents the active exploitation of a zero-day vulnerability in Versa Director servers. Federal law enforcement agencies warn that Iran-based cyber actors continue to exploit U.S. and foreign organizations. We kick off our new educational CertByte segment with hosts Chris Hare and George Monsalvatge. Precrime detectives root out election related misinformation before it happens. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's show, our guests are N2K's Chris Hare and George Monsalvatge introducing our new bi-weekly CertByte segments that kick off today on the CyberWire Daily podcast. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from our suite of industry-leading content and a study tip to help you achieve the professional certifications you need to fast-track your career growth. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by George Monsalvatge to break down a question targeting the Project Management Professional (PMP)® certification by the Project Management Institute®. Today's question comes from N2K's PMI® Project Management Professional (PMP®) Practice Test. The PMP® is the global gold standard certification typically targeted for those who have about three to five years of project management experience. To learn more about this and other related topics under this objective, please refer to the following resource: Project Management Institute - Code of Ethics and Professional Conduct. Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Selected Reading Malware Delivered via Malicious Pidgin Plugin, Signal Fork (SecurityWeek) BlackByte Hackers Exploiting VMware ESXi Auth Bypass Flaw to Deploy Ransomware (Cyber Security News) US Offering $2.5 Million Reward for Belarusian Malware Distributor (SecurityWeek) Services at Swiss manufacturer Schlatter disrupted in likely ransomware attack (SiliconANGLE) US Marshals say data posted by ransomware gang not from 'new or undisclosed incident' (The Record) Park'N Fly notifies 1 million customers of data breach (Bleeping Computer) Taking the Crossroads: The Versa Director Zero-Day Exploitation (Lumen) Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations (CISA) Hundreds of 'PreCrime' Election-Related Fraud Sites Spotted (Metacurity) Learn more about your ad choices. Visit megaphone.fm/adchoices
In today's episode of the Security Swarm Podcast, Andy and Eric Siron discuss the Monthly Threat Report of August 2024. They cover the aftermath of the CrowdStrike incident, Microsoft's proposed enhancements to improve the security of their ecosystem, as well as the discovery of a vulnerability in AMD processors that could allow persistent malware. Additionally, they discuss the emergence of new AI jailbreak attacks, which can bypass content restrictions and generate harmful outputs and a VMware ESXi vulnerability that could allow attackers to gain access to virtual machines. Key Takeaways: The CrowdStrike incident highlights the need for rigorous software testing. Microsoft is moving forward with some changes and guidance on kernel access as a direct response to the CrowdStrike incident. Researchers have discovered a vulnerability in AMD processors that could allow threat actors to embed persistent malware, underscoring the ongoing battle against advanced threats. The Olympic Games have been the target of dozens of foiled cyberattacks, demonstrating the high-stakes nature of nation-state cyber conflicts. There is a new critical vulnerability in the VMware ESXi Hypervisor that allows authentication bypass. Broadcom has released a patch Timestamps: (01:00) CrowdStrike Incident and Lessons Learned (04:14) Importance of Proper Software Testing and Development Processes (7:21) Potential Consequences of Rushed Software Updates (28:18) AI Jailbreak Attacks and Generative AI Risks (33:43) VMware ESXi Vulnerability and Potential Ransomware Implications (37:53) Bumblebee Loader and the Threat of Rapid Active Directory Compromise (39:41) HealthEquity Data Breach and the Normalization of PII Breaches (40:17) Anonymous Sudan and Their Disruptive DDOS Attacks (41:54) Cyber Attacks on the Olympic Games and the Role of Nation-State Actors Episode Resources: Full Monthly Threat Report Podcast episode on Anonymous Sudan AMD CPU Vulnerability Info Webinar where Andy covers the ways threat actors use Generative AI VMware ESXi Authentication Bypass Exploit Security Swarm Podcast re: threat actor attacks on the Olympic Games
The conversation discusses a vulnerability in VMware ESXi hypervisors that grants full admin privileges to threat actors. The vulnerability has been exploited by ransomware groups to deploy ransomware after gaining access to a network. The hosts emphasize the importance of patching systems and working with security teams or MSP/MSSPs to address the vulnerability. They also highlight the need for better monitoring and detection tools for ESXi hypervisors and the potential risks associated with domain access and group creation. The conversation concludes with a reminder to stay vigilant and secure. Article: VMware ESXi hypervisor vulnerability grants full admin privileges https://www.csoonline.com/article/3478658/vmware-esxi-hypervisor-vulnerability-grants-full-admin-privileges.html?fbclid=IwY2xjawEcQr9leHRuA2FlbQIxMAABHcdeBdrmjA-lnkJbw6prQ-v38t6CLlZCzmMJXUWgGSZbmZpdAp54EXZpHw_aem_ir4GNeCxoUn1V4IwZzNKwg& Please LISTEN
[Referências do Episódio] Quartet of Trouble: XWorm, AsyncRAT, VenomRAT, and PureLogs Stealer Leverage TryCloudflare - https://www.esentire.com/blog/quartet-of-trouble-xworm-asyncrat-venomrat-and-purelogs-stealer-leverage-trycloudflare Threat Actor Abuses Cloudflare Tunnels to Deliver RATs - https://www.proofpoint.com/us/blog/threat-insight/threat-actor-abuses-cloudflare-tunnels-deliver-rats BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor - https://www.elastic.co/security-labs/bits-and-bytes-analyzing-bitsloth Detecting evolving threats: NetSupport RAT campaign - https://blog.talosintelligence.com/detecting-evolving-threats-netsupport-rat/ APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike - https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/ Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085 - https://securityaffairs.com/166432/hacking/vmware-esxi-cve-2024-37085-vulnerable-instances.html VMSA-2024-0013:VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2024-37085, CVE-2024-37086, CVE-2024-37087) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 StackExchange Abused to Spread Malicious Python Package That Drains Victims' Crypto Wallets - https://checkmarx.com/blog/stackexchange-abused-to-spread-malicious-python-package-that-drains-victims-crypto-wallets/ BlankBot - a new Android banking trojan with screen recording, keylogging and remote control capabilities - https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
Új funkciók a MÁV okostelefon-alkalmazásában Mínuszos 2024-08-01 10:33:56 Mobiltech Telefon MÁV Zrt. Okostelefon Volánbusz Térkép Már elérhető a MÁV okostelefon-alkalmazásának legújabb verziója, amelyben fontos tartalmi változás, hogy a főmenüben található térképet felváltotta az EMMA, a MÁV-VOLÁN-csoport egységes menetrendi és térképes útvonaltervezője. A vasúttársaság közleménye szerint a tesztüzemben már nyár elején elindult Egységes Menetrend Magyarországon (EMMA) az első 4 gyakori hiba, ami lenullázza a laptop élettartamát ICT Global 2024-08-01 08:37:24 Infotech A laptopok élettartama attól is függ, hogyan használjuk őket. A legtöbb esetben ugyanis a felhasználó rövidíti meg értékes évekkel az eszköz élettartamát, méghozzá olyan dolgokkal, amelyek kivédhetők lennének. Ezeket gyűjtöttük most össze. Hasznos új funkciókat kapott a Waze és a Térkép 24.hu 2024-08-01 10:53:03 Mobiltech Baleset Közlekedés Térkép Útlezárások GPS Waze A frissítés megkönnyíti az ismeretlen helyszínekre érkezést, valamint a balesetek és útlezárások bejelentését is. VMware sebezhetőségre figyelmeztet a Microsoft ITBusiness 2024-08-01 10:10:07 Infotech Microsoft Hacker Egy nemrégiben felfedezett VMware sebezhetőség lehetővé teszi a hackerek számára a hypervisor adminisztrátori jogok megszerzését. Csak létre kell hozni egy új csoportot "ESX Admins" néven, és az automatikusan adminisztrátori jogokat kap az ESXi-rendszeren. A Microsoft sürgeti a VMware ESXi hypervisor felhasználóit, hogy tegyenek azonnali lépéseket Innovatív előrelépés a tiszta energia terén egy új fotokatalizátorral PlanetZ 2024-08-01 08:02:54 Tudomány Energia Innováció Az OSU új fotokatalizátora napfényt és vizet hidrogénné alakít. Ez az innováció jelentős lépés a tiszta energia felé, csökkentve az üvegházhatású gázok kibocsátását. Ha muszáj lenne egymillióért vennem telefont, biztos ezt választanám Telex 2024-08-01 05:02:39 Tudomány Telefon Samsung A Samsung Z Fold 6-ot mindenféle MI-s szemfényvesztéssel akarják eladni, pedig azzal kéne, hogy ez a hajtogatós telefon végre nem egy ormótlan féltégla. Turbó fokozatba kapcsolt Zuckerberg birodalma Bitport 2024-08-01 13:38:00 Infotech Mesterséges intelligencia Instagram Facebook Mark Zuckerberg A Facebookot és az Instagramot birtokló Meta bevétele és nettó profitja is hatalmasat ugrott. Mindez jó jön, mivel a cég tonnaszám önti a pénzt a mesterséges intelligenciával kapcsolatos fejlesztésekre. A mesterséges intelligencián is múlhat, hogy nyertes vagy vesztes lesz-e egy bank Digital Hungary 2024-08-01 08:09:00 Infotech Mesterséges intelligencia Deloitte Számos előrejelzés szerint a mesterséges intelligencia fogja meghatározni a pénzügyi szektor nyerteseit és veszteseit a következő években. Ma már egyetlen vállalat sem engedheti meg magának, hogy ne vegye komolyan a technológia fejlődését és annak felhasználási területeit. A Deloitte globális tanulmánya kiemeli a mesterséges intelligencia banki és Mikrobiológiai anyagvizsgálatokban nyújthat nagy segítséget a magyar kutatók megoldása Helló Sajtó! 2024-08-01 07:33:43 Tudomány Gomba A termőtestes nagygombák az utóbbi évtizedekben a kutatások előterébe kerültek, mivel több olyan anyagcsereterméket is képesek előállítani, amelyek általában csak egy adott gombafajra jellemzőek. A HUN-REN ATK NÖVI módszere az antioxidáns és az antimikrobiális anyagokat két lépésben választja szét, miközben a zavaró komponensek mennyiségét csökkent Natív backup megoldással bővül a Microsoft 365 HWSW 2024-08-01 10:39:26 Infotech Migráció Microsoft A hagyományos migráción alapuló backup megoldásoknál lényegesebben gyorsabb helyreállítást ígér a Microsoft 365 Backup. A Hankook leányvállalata, a Model Solution okos szemüvegek közös fejlesztéséről kötött megállapodást a Virnect-tel okosipar.hu 2024-08-01 04:03:23 Infotech Cégvilág Mesterséges intelligencia Dél-Korea Leányvállalat Virtuális valóság A Hankook & Company Group komplett hardverplatformot kínáló leányvállalata, a Model Solution, megállapodást kötött a mesterséges intelligenciával (AI) és kiterjesztett valóság (XR) technológiával foglalkozó Virnect vállalattal. A két vállalat okos szemüvegek kutatás-fejlesztésében fog együttműködni a Model Solution dél-koreai Bucheonban található l Fárasztó terhet vesz le az AI a felhasználók válláról a Meta platformjain PCW 2024-08-01 07:37:45 Infotech Mesterséges intelligencia Unod a csevegést másokkal? Nyugi, rövidesen rábízhatod az egészet a mesterséges intelligenciára. A GVH elnökhelyettese szerint hátrányos a gazdaságnak az AI Act Mínuszos 2024-08-01 13:33:30 Gazdaság Európai Unió Mesterséges intelligencia GVH Az AI Act Augusztus 1-jén lép hatályba, a jogszabályt fokozatosan, több lépcsőben kell majd alkalmazni, 2026 közepétől válik kötelezővé. 2024. július 12-én hirdették ki az Európai Unió Hivatalos Lapjában a világ első, mesterséges intelligencia (AI) megoldások működését átfogóan szabályozó rendelete, az AI Act szövegét. A jogszabály augusztus 1-jén A további adásainkat keresd a podcast.hirstart.hu oldalunkon.
Új funkciók a MÁV okostelefon-alkalmazásában Mínuszos 2024-08-01 10:33:56 Mobiltech Telefon MÁV Zrt. Okostelefon Volánbusz Térkép Már elérhető a MÁV okostelefon-alkalmazásának legújabb verziója, amelyben fontos tartalmi változás, hogy a főmenüben található térképet felváltotta az EMMA, a MÁV-VOLÁN-csoport egységes menetrendi és térképes útvonaltervezője. A vasúttársaság közleménye szerint a tesztüzemben már nyár elején elindult Egységes Menetrend Magyarországon (EMMA) az első 4 gyakori hiba, ami lenullázza a laptop élettartamát ICT Global 2024-08-01 08:37:24 Infotech A laptopok élettartama attól is függ, hogyan használjuk őket. A legtöbb esetben ugyanis a felhasználó rövidíti meg értékes évekkel az eszköz élettartamát, méghozzá olyan dolgokkal, amelyek kivédhetők lennének. Ezeket gyűjtöttük most össze. Hasznos új funkciókat kapott a Waze és a Térkép 24.hu 2024-08-01 10:53:03 Mobiltech Baleset Közlekedés Térkép Útlezárások GPS Waze A frissítés megkönnyíti az ismeretlen helyszínekre érkezést, valamint a balesetek és útlezárások bejelentését is. VMware sebezhetőségre figyelmeztet a Microsoft ITBusiness 2024-08-01 10:10:07 Infotech Microsoft Hacker Egy nemrégiben felfedezett VMware sebezhetőség lehetővé teszi a hackerek számára a hypervisor adminisztrátori jogok megszerzését. Csak létre kell hozni egy új csoportot "ESX Admins" néven, és az automatikusan adminisztrátori jogokat kap az ESXi-rendszeren. A Microsoft sürgeti a VMware ESXi hypervisor felhasználóit, hogy tegyenek azonnali lépéseket Innovatív előrelépés a tiszta energia terén egy új fotokatalizátorral PlanetZ 2024-08-01 08:02:54 Tudomány Energia Innováció Az OSU új fotokatalizátora napfényt és vizet hidrogénné alakít. Ez az innováció jelentős lépés a tiszta energia felé, csökkentve az üvegházhatású gázok kibocsátását. Ha muszáj lenne egymillióért vennem telefont, biztos ezt választanám Telex 2024-08-01 05:02:39 Tudomány Telefon Samsung A Samsung Z Fold 6-ot mindenféle MI-s szemfényvesztéssel akarják eladni, pedig azzal kéne, hogy ez a hajtogatós telefon végre nem egy ormótlan féltégla. Turbó fokozatba kapcsolt Zuckerberg birodalma Bitport 2024-08-01 13:38:00 Infotech Mesterséges intelligencia Instagram Facebook Mark Zuckerberg A Facebookot és az Instagramot birtokló Meta bevétele és nettó profitja is hatalmasat ugrott. Mindez jó jön, mivel a cég tonnaszám önti a pénzt a mesterséges intelligenciával kapcsolatos fejlesztésekre. A mesterséges intelligencián is múlhat, hogy nyertes vagy vesztes lesz-e egy bank Digital Hungary 2024-08-01 08:09:00 Infotech Mesterséges intelligencia Deloitte Számos előrejelzés szerint a mesterséges intelligencia fogja meghatározni a pénzügyi szektor nyerteseit és veszteseit a következő években. Ma már egyetlen vállalat sem engedheti meg magának, hogy ne vegye komolyan a technológia fejlődését és annak felhasználási területeit. A Deloitte globális tanulmánya kiemeli a mesterséges intelligencia banki és Mikrobiológiai anyagvizsgálatokban nyújthat nagy segítséget a magyar kutatók megoldása Helló Sajtó! 2024-08-01 07:33:43 Tudomány Gomba A termőtestes nagygombák az utóbbi évtizedekben a kutatások előterébe kerültek, mivel több olyan anyagcsereterméket is képesek előállítani, amelyek általában csak egy adott gombafajra jellemzőek. A HUN-REN ATK NÖVI módszere az antioxidáns és az antimikrobiális anyagokat két lépésben választja szét, miközben a zavaró komponensek mennyiségét csökkent Natív backup megoldással bővül a Microsoft 365 HWSW 2024-08-01 10:39:26 Infotech Migráció Microsoft A hagyományos migráción alapuló backup megoldásoknál lényegesebben gyorsabb helyreállítást ígér a Microsoft 365 Backup. A Hankook leányvállalata, a Model Solution okos szemüvegek közös fejlesztéséről kötött megállapodást a Virnect-tel okosipar.hu 2024-08-01 04:03:23 Infotech Cégvilág Mesterséges intelligencia Dél-Korea Leányvállalat Virtuális valóság A Hankook & Company Group komplett hardverplatformot kínáló leányvállalata, a Model Solution, megállapodást kötött a mesterséges intelligenciával (AI) és kiterjesztett valóság (XR) technológiával foglalkozó Virnect vállalattal. A két vállalat okos szemüvegek kutatás-fejlesztésében fog együttműködni a Model Solution dél-koreai Bucheonban található l Fárasztó terhet vesz le az AI a felhasználók válláról a Meta platformjain PCW 2024-08-01 07:37:45 Infotech Mesterséges intelligencia Unod a csevegést másokkal? Nyugi, rövidesen rábízhatod az egészet a mesterséges intelligenciára. A GVH elnökhelyettese szerint hátrányos a gazdaságnak az AI Act Mínuszos 2024-08-01 13:33:30 Gazdaság Európai Unió Mesterséges intelligencia GVH Az AI Act Augusztus 1-jén lép hatályba, a jogszabályt fokozatosan, több lépcsőben kell majd alkalmazni, 2026 közepétől válik kötelezővé. 2024. július 12-én hirdették ki az Európai Unió Hivatalos Lapjában a világ első, mesterséges intelligencia (AI) megoldások működését átfogóan szabályozó rendelete, az AI Act szövegét. A jogszabály augusztus 1-jén A további adásainkat keresd a podcast.hirstart.hu oldalunkon.
A global Microsoft outage takes down Outlook and Minecraft. The US Senate passes The Kids Online Safety and Privacy Act. Lame Duck domain names are targets for takeovers. A GeoServer vulnerability exposes thousands to remote code execution. China proposes a national internet ID. Email attacks surge dramatically in 2024. Columbus Ohio thwarts a ransomware attack. When it comes to invading your privacy, the Paris 2024 Olympics app goes for the gold. Our guest is Rakesh Nair, Senior Vice President of Engineering and Product at Devo, discussing the issues that security teams face when dealing with data control and data orchestration. Was it really Windows 3.1 that saved Southwest Airlines? Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Rakesh Nair, Senior Vice President of Engineering and Product at Devo, discussing the issues that security teams face when dealing with data control and data orchestration. You can read more here. Selected Reading Microsoft apologises after thousands report new outage (BBC News) Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks (Bleeping Computer) Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content (SecurityWeek) Don't Let Your Domain Name Become a “Sitting Duck” (Krebs on Security) Hackers Actively Exploiting GeoServer RCE Flaw, 6635 Servers Vulnerable (Cyber Security News) China Wants to Start a National Internet ID System (The New York Times) Email Attacks Surge, Ransomware Threat Remains Elevated (Security Boulevard) Columbus says it thwarted overseas ransomware attack that caused tech shutdown (Dispatch) Gold rush for data: Paris 2024 Olympic apps are eavesdropping on users (Cyber News) No, Southwest Airlines is not still using Windows 3.1 (OSnews) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In today's episode, we uncover the CrowdStrike outage's silver linings, delve into Microsoft's warning about VMware ESXi authentication bypass exploits, expose the Proofpoint email routing flaw used in massive spoofed phishing campaigns, and explore the creation of 3,000 fake GitHub accounts by Stargazer Goblin for malware distribution. 00:00 - Intro 01:14 - Ransomware gangs exploit VMware ESXi 03:02 - Proofpoint Flaw Exploited for EchoSpoofing Phishing Campaign 05:12 - Stargazer Goblin Exploits GitHub 06:42 - CrowdStrike Outage Spurs Cybersecurity Overhaul https://www.helpnetsecurity.com/2024/07/29/crowdstrike-outage-positive-effects/ https://www.bleepingcomputer.com/news/microsoft/microsoft-ransomware-gangs-exploit-vmware-esxi-auth-bypass-in-attacks/ https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html https://thehackernews.com/2024/07/stargazer-goblin-creates-3000-fake.html Video Episode: https://youtu.be/412WyUptaN0 Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags CrowdStrike, Cybersecurity, Transparency, Mitigate, Ransomware, VMware ESXi, CVE-2024-37085, Hypervisors, Proofpoint, EchoSpoofing, Phishing, Misconfiguration, Stargazer Goblin, Malware, GitHub, Check Point Search Phrases What are today's top cybersecurity news stories? Impact of CrowdStrike outage on cybersecurity practices Latest cybersecurity updates and improvements How to mitigate ransomware attacks Protecting VMware ESXi from vulnerabilities Preventing CVE-2024-37085 exploitation EchoSpoofing phishing campaign details Measures against email system misconfiguration Securing GitHub from malicious activities Understanding Stargazer Goblin malware attacks
Forecast = Persistent cyber heat dome in effect with no sign of abatement. In this episode of Storm⚡️Watch, we dive into the latest cybersecurity news and trends. We kick things off with a breaking story about DigiCert's certificate revocation incident. Due to a validation issue affecting about 0.4% of their domain validations, DigiCert is revoking certificates with less than 24 hours' notice. This could impact thousands of SSL certs and potentially cause outages worldwide starting July 30 at 19:30 UTC. Organizations using affected certificates should be prepared for a busy night of renewals. Our Cyberside Chat focuses on a critical vulnerability in VMware ESXi hypervisors that ransomware operators are actively exploiting. Identified as CVE-2024-37085, this flaw allows attackers to gain full administrative access to ESXi servers without proper validation. Several ransomware groups, including Storm-0506 and Storm-1175, have been using this vulnerability to deploy ransomware like Akira and Black Basta. Microsoft reports that incidents targeting ESXi hypervisors have doubled over the past three years, highlighting the growing threat to these systems. In our Cyber Spotlight, we examine a global cyber espionage campaign conducted by North Korean hackers. This operation aims to steal classified military intelligence to advance Pyongyang's nuclear weapons program. The hackers, known as Anadriel or APT45, have targeted defense and engineering companies involved in producing tanks, submarines, naval ships, fighter jets, and missile technologies. The campaign affects not only the US, UK, and South Korea but also entities in Japan and India. This underscores the persistent threat posed by state-sponsored actors from North Korea in their pursuit of military and nuclear ambitions. We wrap up with our Tag Roundup, highlighting recent trends in cyber threats, and our KEV Roundup, discussing the latest known exploited vulnerabilities cataloged by CISA. These segments provide valuable insights into the current threat landscape and help our listeners stay informed about potential risks to their organizations. Don't forget to check out the Storm Watch homepage and learn more about GreyNoise for additional cybersecurity resources and updates. Storm Watch Homepage >> Learn more about GreyNoise >>
[Referências do Episódio] - Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption - https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/ - VMSA-2024-0013:VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2024-37085, CVE-2024-37086, CVE-2024-37087) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 - “EchoSpoofing” — A Massive Phishing Campaign Exploiting Proofpoint's Email Protection to Dispatch Millions of Perfectly Spoofed Emails - https://labs.guard.io/echospoofing-a-massive-phishing-campaign-exploiting-proofpoints-email-protection-to-dispatch-3dd6b5417db6?source=rss-6a038e71ff0f------2 - UNC4393 Goes Gently into the SILENTNIGHT - https://cloud.google.com/blog/topics/threat-intelligence/unc4393-goes-gently-into-silentnight/ - OneDrive Pastejacking: The crafty phishing and downloader campaign - https://www.trellix.com/blogs/research/onedrive-pastejacking/ - Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild - https://thehackernews.com/2024/07/critical-flaw-in-acronis-cyber.html - Mandrake spyware sneaks onto Google Play again, flying under the radar for two years - https://securelist.com/mandrake-apps-return-to-google-play/113147/ - About the security content of iOS 16.7.9 and iPadOS 16.7.9 - https://support.apple.com/pt-br/HT214116 - About the security content of macOS Sonoma 14.6 - https://support.apple.com/pt-br/HT214119 - About the security content of macOS Ventura 13.6.8 - https://support.apple.com/pt-br/HT214120 - About the security content of macOS Monterey 12.7.6 - https://support.apple.com/pt-br/HT214118 - About the security content of watchOS 10.6 - https://support.apple.com/pt-br/HT214124 - About the security content of tvOS 17.6 - https://support.apple.com/pt-br/HT214122 - About the security content of visionOS 1.3 - https://support.apple.com/pt-br/HT214123 Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
In today's episode, we discuss how cybercriminals exploit Facebook ads to distribute SYS01 password-stealing malware (https://www.bleepingcomputer.com/news/security/facebook-ads-for-windows-themes-push-sys01-info-stealing-malware/), Microsoft 365 Defender disruptions caused by recent Windows Server updates (https://www.bleepingcomputer.com/news/microsoft/june-windows-server-updates-break-microsoft-365-defender-features/), the SEXi ransomware rebranding to APT INC and targeting VMware ESXi servers (https://www.bleepingcomputer.com/news/security/sexi-ransomware-rebrands-to-apt-inc-continues-vmware-esxi-attacks/), and weaknesses in Squarespace security leading to domain hijacks targeting cryptocurrency businesses (https://krebsonsecurity.com/2024/07/researchers-weak-security-defaults-enabled-squarespace-domains-hijacks/). Video Episode: https://youtu.be/feJqlYfCHZw Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags Trustwave, Cybercriminals, Facebook Ads, Malware, Windows Server 2022, Microsoft 365 Defender, Network Detection and Response, Patch Tuesday, Ransomware, VMware ESXi, APT INC, Encryptors, Babuk, LockBit 3, Squarespace, Security Flaws, Domain Hijacks, Cryptocurrency Websites Search Phrases What are today's top cybersecurity news stories? How are cybercriminals using Facebook ads to distribute malware? Protecting against info-stealing malware in Facebook ads June Patch Tuesday updates Windows Server 2022 issues Microsoft 365 Defender affected by Windows updates Ransomware attacks on VMware ESXi servers APT INC ransomware and its impact on businesses How to mitigate ransomware attacks using Babuk and LockBit 3 encryptors Squarespace security flaws and domain hijacking incidents Securing your domain during migration from Google Domains to Squarespace
As your guide, Professor J-Rod, I'm back to escort you through the digital landscape of operating systems, where we'll uncover the secrets of user interfaces and networking. Ever wonder how your fingertips command technology or how voice commands transform into actions? We unravel these mysteries and more, examining the tapestry of command lines, graphical interfaces, and the unseen network wizardry that keeps our world spinning. Get ready to grasp the essence of TCP/IP protocols and the OSI model – the silent heroes making sure your digital messages don't get lost in translation.Then, we shift our focus to the diverse terrains of operating systems. Imagine strolling through the seamless Apple ecosystem, venturing into the wilds of open-source Linux, and scaling the robust fortress of server-based systems. We'll dissect the functionality of Windows Server, the adaptability of Linux servers, and the steadfastness of Unix, with a special spotlight on the art of virtualization through VMware ESXi. Plus, we'll peek into the mobile realm where Android's customization reigns supreme. Join me as I share tales from the trenches of education and software development, providing insights that will serve you whether you're an IT rookie or a veteran programmer.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod
Popular Blogger Piotr Tarnawski talks about his blog on the Abyss Locker Ransomeware with Corey and Matt
New targets of Chinese cyberespionage are uncovered. Monti ransomware is back. An evasive phishing campaign exposed. A Realtors' network taken down by cyberattack. A closer look at NoName057(16). Perspective on cyberwar - remember Pearl Harbor, but don't see it everywhere. Ben Yelin on the Consumer Financial Protection Bureau's plans to regulate surveillance tech. Microsoft's Ann Johnson and Charlie Bell ponder the future of security. And scammers are targeting kids playing Fortnite and Roblox. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/155 Selected reading. Chinese spies who read State Dept. email also hacked GOP congressman (Washington Post) Binary Ballet: China's Espionage Tango with Microsoft (SecurityHQ) Microsoft Exchange hack to be investigated by US Cyber Safety Board (Computing) Monti ransomware targets VMware ESXi servers with new Linux locker (BleepingComputer) Evasive Phishing Campaign Steals Cloud Credentials Using Cloudflare R2 and Turnstile (Netskope) Cyberattack on Bay area vendor cripples real estate industry (The Real Deal) Intel insiders go undercover revealing fresh details into NoName hacktivist operations (Cybernews) Why the US Military Wants You To Rethink the Idea of 'Cyber War' (The Messenger) A Huge Scam Targeting Kids With Roblox and Fortnite 'Offers' Has Been Hiding in Plain Sight (WIRED)
Come see us at Black Hat USA 2023 @ Booth #2817 as we unveil the future of threat hunting! With a myriad of unique activities, insightful discussions, and special offers, Cyborg Security has something in store for everyone
China-linked APT group spotted exploiting a VMware ESXi zero-day Hundreds of thousands of ecommerce sites impacted by critical plugin vulnerability 7-Nation LockBit report shows US paid over $90m in ransoms since 2020 Thanks to today's episode sponsor, Conveyor Let's gladly pass the most thankless job in cybersecurity – completing customer security questionnaires – to the AI bots. Conveyor's GPT-questionnaire response tool auto-generates precise, accurate answers to entire questionnaires. With accuracy far superior to other tools, you can spend almost zero time reviewing generated answers. There's an in platform auto-fill feature or a browser extension for tricky portals. Stop settling for mediocre tools that only provide lousy “near hits” from your library. Try a free proof of concept with your own data. Learn more at www.conveyor.com. For the stories behind the headlines, head to CISOseries.com.
In today's podcast we cover four crucial cyber and technology topics, including: 1. WooCommcerce Stripe Gateway flaw abused to steal customer data 2. China-linked actors abused zero day in targeting VMware ESXi 3. Hospital closure partly due to ransomware attack 4. Microsoft fined 20 million USD for COPPA violation I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
Babuk source code provides criminal inspiration. CISA and FBI release a joint report on PaperCut. There are more bad bots out there than anyone would like. Phishing-as-a-service tools in the C2C market. CISA's Eric Goldstein advocates the adoption of strong controls, defensible networks and coordination of strategic cyber risks. Our cyberwire producer Liz Irvin speaks with Crystle-Day Villanueva, Learning and Development Specialist for Lumu Technologies. And KillNet's short-lived venture, with a dash of regret. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/92 Selected reading. Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers (Bleeping Computer) Ransomware actors adopt leaked Babuk code to hit Linux systems (Decipher) Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers (SentinelOne) Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG (CISA) CVE-2023-27350 Detail (NIST) Proofpoint Emerging Threats Rules (Proofpoint) 2023 Imperva Bad Bot Report (Imperva) New phishing-as-a-service tool “Greatness” already seen in the wild (Cisco Talos) Ukraine at D+442: Russians say the Ukrainian counteroffensive has begun. (CyberWire)
It's been a mixed few weeks if you are in the ransomware game. (If you listen to this podcast we presume you are not a cybercriminal, but do get in touch if you are and leave us your full contact details).In this episode Rob and Stan look at the hacks that have made the headlines and suggest what can be done to stop it happening to you.First up for discussion is ransomware-as-a-service malware LockBit hitting ION Trading UK:“It left scores of brokers unable to process derivative trades and they had to resort to manual methods. Imagine them going back to using spreadsheets to figure out what's going on as far as their trades”LockBit threatened to publish stolen data unless a ransom was paid and ION Trading did as they were told. Rob and Stan talk about the incident and the potential repercussions.The episode also looks at a ransomware campaign targeting VMware ESXi technology:“It's a previously known vulnerability. It's been out there for two years. But the reality is that organizations have been slow in patching it. There was a general warning put out by Italy's National Cybersecurity Agency, warning about a large-scale campaign now exploiting this vulnerability. Thousands of computer servers across Europe and North America could potentially be impacted. And this context is, well if you're not going to patch, we'll take a advantage of that”But there's also been bad news for the threat actors.Rob and Stan give their take on the sabotaging of the Hive ransomware group by the FBI and other law enforcement agencies.“This take down shows that international enforcement against ransomware threat actors is increasing. I think this is a good sign. It may make it more difficult for some of these entities to target organizations in the future, but, they're still ongoing and so it's going to be difficult to truly mitigate this threat if you can't reach those that are behind it.”There are call backs to other relevant episodes of the Reimagining Cyber podcast:Episode 12, Brett Thorson, Colonial Pipeline fuels the fire: not the first, not the last, and how to protect for the futurewww.buzzsprout.com/2004238/10791017Episode 2, Jim Routh, Unconventional approaches to improve enterprise resiliencewww.buzzsprout.com/2004238/10791027Episode 27, Shawn Tuma Cyber insurance in the wake of Log4jwww.buzzsprout.com/2004238/10791001Episode 15, Shawn Tuma – So you've been hacked, now what?www.buzzsprout.com/2004238/10791014Plus the Galaxy threat actors reporthttps://publications.cyberres.com/view/679673707/Rate and review the show on Apple Podcasts.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Reddit admits it was hacked and data stolen, says “don't panic” Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day CISA has a possibly-maybe fix for VMware ESXi ransomware campaign Thanks to today's episode sponsor, US, yes, CISO Series If you're looking to reach a committed audience of cybersecurity professionals every day, then consider advertising right here on Cyber Security Headlines, a show that consistently ranks in the top ten for tech news on Apple Podcasts in the U.S. That's pretty impressive for a show that's a niche within a niche. Cyber Security Headlines sponsorship includes continuous week-long brand awareness in newsletters, blog posts, and this very podcast. To learn more about pricing and audience, email us at info@cisoseries.com. For the stories behind the headlines, head to CISOseries.com.
This week's ShadowTalk podcast covers the latest in the VMware ESXI Ransomware campaign, Killnet, SocGholish, and morel Get this week's intelligence summary at: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-10-feb ***Resources from this week's podcast*** Subscribe to our threat intelligence email: info.digitalshadows.com/SubscribetoEm…cast_Reg.html Also, don't forget to reach out to - shadowtalk@digitalshadows.com - if you have any questions, comments, or suggestions for the next episodes.
CISA and the FBI are releasing this alert in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors are exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access and deploy ransomware. AA23-039A Alert, Technical Details, and Mitigations CISA has released an ESXiArgs recovery script at github.com/cisagov/ESXiArgs-Recover VMware Security Response Center (vSRC) Response to 'ESXiArgs' Ransomware Attack… Enes Sonmez and Ahmet Aykac, YoreGroup Tech Team: decrypt your crypted files in… See Stopransomware.gov, a whole-of-government approach, for ransomware resources and alerts. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center's DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.
CISA and the FBI are releasing this alert in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors are exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access and deploy ransomware. AA23-039A Alert, Technical Details, and Mitigations CISA has released an ESXiArgs recovery script at github.com/cisagov/ESXiArgs-Recover VMware Security Response Center (vSRC) Response to 'ESXiArgs' Ransomware Attack… Enes Sonmez and Ahmet Aykac, YoreGroup Tech Team: decrypt your crypted files in… See Stopransomware.gov, a whole-of-government approach, for ransomware resources and alerts. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center's DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig
Follow-up Apple vs. Nvidia Waterstof is ook niet de heilige graal. Dell ontslaat ook 5% van hun personeel en liet de laatste jaren al 33% van hun personeel gaan. Een totaal overzicht van ontslagenen in de tech industrie vind je hier En dat terwijl tewerkstelling in de VS over het algemeen in de lift zit. Onderwerpen ChatGPT: Universiteit Antwerpen onderzoekt of student paper schreef met artificiële intelligentie van ChatGPT ChatGPT in Bing? Tay: Microsoft issues apology over racist chatbot fiasco Facebook’s BlenderBot en Galactica zijn snel afgevoerd. Google houdt LaMDA dicht tegen de borst, maar de druk neemt toe. ChatGPT in het onderwijs: het gemeenschapsonderwijs heeft ‘handvaten’ klaar. (pdf-link) ‘Dat ChatGPT geregeld “feiten” verzint, is beangstigend’, de woorden van Luc Steels: professor Emeritus AI aan de VUB, richtte in 1983 het AI Lab aan de VUB op. ‘Arcadia’ in première, een van de duurste reeksen ooit gemaakt in Vlaanderen NCSC waarschuwt voor misbruik van oud VMWare ESXi-lek door ransomware. De laatste dagen is een enorme golf van ransomware aanvallen uitgevoerd. Tips Maarten: ZeroTier Toon: World Wide Walls (tag on a train) & De Kunst van het Verdwijnen & Coolest Projects 2023 Steven: ShortCat Ruurd: Last Week Tonight with John Oliver over Coal en SLAPP suits | Anker MagSafe MagGo powerbank klein en groot | Gebruik hide self tegen (Zoom) Fatigue
In the latest episode of the Risk Roundtable, Andy does double duty, first welcoming Jen to get the latest on the ransomware threats, before bringing Dave in to talk about weather and natural disasters. Jen kicked things off talking about all things ransomware to include preparedness items, the recent Hive takedown, the importance of reporting, and ways to protect yourself. Dave then joined Andy to talk about the third-wheel in the all-hazards preparedness model - weather and natural disasters, especially in light of the recent earthquake in Turkey. The roundtable took a split approach to the end of pod questions talking about marathon's, some show dilemmas and the arc of Paul Rudd! US Secret Service: New Secret Service Research Examines for the First Time Five Years of Mass Violence Data, 25 Jan Washington Post: N. Carolina church says it lost nearly $800K in email scam, 28 Jan NWS: Hurricane Matthew in the Carolinas: October 8, 2016, page created: 29 Sep 2017, last updated: 26 Aug 2021 Ransomware and Cyber News: Bleeping Computer: VMware warns admins to patch ESXi servers, disable OpenSLP service, 06 Feb Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 03 Feb Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb
The Security Squawk Podcast crew discusses cybersecurity. The hosts, Bryan Horning, Reginald Andre, Randy Brian, and Ryan O'Hara, talk about the current state of ransomware attacks happening in the world. They discuss the recent attack on a hospital in Tallahassee, which has led to a security issue, and the hospital has suspended all non-emergency procedures. The word "issue" to describe the attack is noted as being too weak, and the hosts suggest it is being used to minimize public fear and legal implications. The hospital has been targeted due to its large amount of valuable data, making it a high-value target for criminals. The hospital is prioritizing its IT systems and bringing them back online one by one. Ryan, Randy, and Bryan are discussing the recent ransomware attacks on hospitals and other organizations. They mention that the increase in ransomware attacks was expected due to a combination of factors, including the position of the hackers, the release of vulnerabilities, and the recent boasting of the FBI and Justice Department about their takedown of some cybercrime groups. They also discuss the vulnerability in VMware ESXi servers, a common technology many organizations use for their server infrastructure. The ransomware variant, DougE, is fast and widespread, causing admins to scramble to patch their systems. The recommendation is to apply the patch as soon as possible and to scan for signs of compromise if the system is left unpatched. The vulnerability is considered serious as it gives the attacker's God mode access to all virtual machines running on the VMware ESXi server. The conversation is about cyber security and the recent ransomware attacks on various organizations. The crew discusses the importance of having an independent cybersecurity risk assessment to understand the full picture of the security situation. They are also discussing the need for regular maintenance and updates to keep systems secure and the importance of educating people about cybersecurity, including the next generation. The cyber experts also mention the recent attack on a chipmaker and a school district, as well as Italy's recent ransomware attack, which was related to the VMware issue. They also mention the use of the Conte ransomware source code by the LockBit ransomware group, highlighting the need for constant vigilance and updates to stay ahead of evolving threats.
VMware ESXi exploitations. Super Bowl cyber risks. Scalping bots. The curious case of the Moscow billboards. Joe Carrigan tracks pig butchering apps in online app stores. Our guest is David Liebenberg from Cisco Talos, to discuss incident response trends. And, in sportsball, it's gonna be the Chiefs by a couple of hat tricks, or something. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/25 Selected reading. Ransomware Hits Unpatched VMware Systems: 'Send Money Within 3 Days' (Virtualization Review) Massive ransomware attack targets VMware ESXi servers worldwide (CSO Online) CISA steps up to help VMware ESXi ransomware victims (SC Media) ‘Massive' new ESXiArgs ransomware campaign has compromised thousands of victims (The Record from Recorded Future News) Have you clicked “Report Junk” lately on your #mobile device? (Proofpoint) CyRC special report: Secure apps? Don't bet on it (Synopsys) DataDome's Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the US as the Top Source of Bot Attacks (DataDome) Darknet drug market BlackSprut openly advertises on billboards in Moscow (The Record from Recorded Future News)
In this week's Security Sprint, Dave and Andy talked about the following topics: Ransomware: Bleeping Computer: Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide, 3 Feb Risky Business News: Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers, 06 Feb CISA: VMware Releases Security Update for VMware vRealize Operations, 1 Feb Canadian Centre for Cyber Security: VMware security advisory (AV23-066), 3 Feb Valentine's Day 2023, :sparkling_heart: and Ransomware! Webinar, REGISTER NOW! Ransomware: Planning and Protecting Your Organization, Recorded Future & Gate 15, 14 Feb DDoS: Radware, Passion: A Russian Botnet, 31 Jan Bleeping Computer, New DDoS-as-a-Service platform used in recent attacks on hospitals, 01 Feb The Record: Customizable new DDoS service already appears to have fans among pro-Russia hacking groups, 03 Feb Faith-Based Security: Fox 5, Las Vegas: Man threatened mass shooting at Las Vegas synagogue, police say, 31 Jan ABC 7 News: SFPD arrest man suspected of firing blank rounds inside synagogue, bringing gun into theater, 05 Feb Chinese Balloons: US DOD: Statement From Secretary of Defense Lloyd J. Austin III, 04 Feb And see the Gate 15 SUN from Friday and Monday for numerous links. Baking in Cybersecurity: Foreign Affairs: Stop Passing the Buck on Cybersecurity; Why Companies Must Build Safety Into Tech Products, 01 Feb Washington Post Cybersecurity 202: How CISA plans to get tech firms to bake security into their products, 06 Feb Others: FBI: Elicitation Techniques, 31 Jan Voice of America, Russia Developing Weapons to Target Critical Subsea Cables, Pipelines, 02 Feb Reuters: Huge earthquake kills 2,600 in Turkey and Syria, bad weather worsens plight, 06 Feb
New ransomware exploits a VMware ESXi vulnerability. Roasted 0ktapus squads up. LockBit says ION paid the ransom. Russian cyber auxiliaries continue attacks against healthcare organizations. Attribution on the Charlie Hebdo attack. Deepen Desai from Zscaler describes recent activity by Ducktail malware. Rick Howard looks at cyber threat intelligence. And the top US cyber diplomat says his Twitter account was hacked. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/24 Selected reading. Ransomware Gang in Trading Hack Says Ransom Was Paid (Bloomberg) Regulators weigh in on ION attack as LockBit takes credit (Register) Russian hackers launch attack on City of London infrastructure (The Armchair Trader) Ransomware attack on data firm ION could take days to fix -sources (Reuters) Linux version of Royal Ransomware targets VMware ESXi servers (BleepingComputer) Ransomware scum attack old VMWare ESXi vulnerability (Register) Italy sounds alarm on large-scale computer hacking attack (Reuters) Italy's TIM suffers internet connection problems (Reuters) Italy sounds alarm on large-scale computer hacking attack (Jerusalem Post) Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers (Security Affairs) Campagne d'exploitation d'une vulnérabilité affectant VMware ESXi (CERT-FR) VMSA-2021-0002 (VMware) CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers (Security Affairs) ‘0ktapus' hackers are back and targeting tech and gaming companies, says leaked report (TechCrunch) Customizable new DDoS service already appears to have fans among pro-Russia hacking groups (The Record from Recorded Future News) Russian Hackers Take Down At Least 17 U.S. Health System Websites (MedCity News) Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack (Security Affairs) Iran responsible for Charlie Hebdo attacks - Microsoft On the Issues (Microsoft On the Issues) Piratage de « Charlie Hebdo » : un groupe iranien à la manœuvre, selon Microsoft (Le Monde) Iran behind hack of French magazine Charlie Hebdo, Microsoft says (Reuters) Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT (Security Affairs America's top cyber diplomat says his Twitter account was hacked (CNN)
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Assemblyline as a Malware Analysis Sandbox https://isc.sans.edu/diary/Assemblyline%20as%20a%20Malware%20Analysis%20Sandbox/29510 GoAnywhere MFT zero-day Exploited https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/ Ransomware targeting VMware ESXi https://blog.ovhcloud.com/ransomware-targeting-vmware-esxi/ Jira Service Managment Server and Data Center Advisory CVE-2023-22501 https://confluence.atlassian.com/jira/jira-service-management-server-and-data-center-advisory-cve-2023-22501-1188786458.html OpenSSH Update https://www.openssh.com/releasenotes.html F5 BigIP Vulnerability CVE-2023-22374 https://my.f5.com/manage/s/article/K000130415
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Assemblyline as a Malware Analysis Sandbox https://isc.sans.edu/diary/Assemblyline%20as%20a%20Malware%20Analysis%20Sandbox/29510 GoAnywhere MFT zero-day Exploited https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/ Ransomware targeting VMware ESXi https://blog.ovhcloud.com/ransomware-targeting-vmware-esxi/ Jira Service Managment Server and Data Center Advisory CVE-2023-22501 https://confluence.atlassian.com/jira/jira-service-management-server-and-data-center-advisory-cve-2023-22501-1188786458.html OpenSSH Update https://www.openssh.com/releasenotes.html F5 BigIP Vulnerability CVE-2023-22374 https://my.f5.com/manage/s/article/K000130415
Hello World! It's February 01, 2023. Welcome to a new edition of Cyber Briefing by CyberMaterial. Let's review the latest cybersecurity alerts and incidents. Cyber Alerts New Nevada ransomware targets Windows and VMware ESXi systems Experts Warn of 'Ice Breaker' cyber attacks targeting gaming and gambling Industry DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000 New Sh1mmer Chromebook exploit unenrolls managed devices Porsche AG halts NFT launch and phishing sites fill the void Add alt text No alt text provided for this image Cyber Incidents FTC Hits Firm With $1.5M Fine in Health Data-Sharing Case Google Fi says hackers accessed customers' information Planet Ice hacked, 240,000 skating fans' details stolen Ransomware attack closes schools in Nantucket, Massachusetts Maryland hospital facing outages after ‘significant' ransomware attack Subscribe and Comment. Copyright © 2023 CyberMaterial. All Rights Reserved. Listen to CyberBriefing on Apple Podcasts and Spotify. Follow CyberMaterial on LinkedIn, Twitter, Reddit, Instagram, Facebook, Youtube, and Medium
The FBI's InfraGard user data shows up for sale. An update on Iranian cyber operations. NSA warns of Chinese cyber threats. Challenges in sharing data for threat detection and prevention. Legitimately signed drivers are used in targeted attacks. Patch Tuesday addressed a lot of actively exploited issues. Tim Starks from the Washington Post Cybersecurity 202 shares his reporting on ICS vulnerabilities. Our guest is Mike Fey from Island with an introduction to the enterprise browser space. And the US indicts five Russian nationals on sanctions-evasion charges. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/238 Selected reading. FBI's Vetted Info Sharing Network ‘InfraGard' Hacked (KrebsOnSecurity) Would've, Could've, Should've…Did: TA453 Refuses to be Bound by Expectations (Proofpoint) APT5: Citrix ADC Threat Hunting Guidance (NSA) U.S. agency warns that hackers are going after Citrix networking gear (Reuters) NSA Outs Chinese Hackers Exploiting Citrix Zero-Day (SecurityWeek) Effect of data on Federal agencies' policies. (CyberWire) I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware (Mandiant) Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers (SentinelOne) SAP Security Patch Day December 2022 (Onapsis) December 2022 Security Updates (Microsoft Security Response Center) December Patch Tuesday Updates | 2022 - Syxsense Inc (Syxsense Inc) Microsoft December 2022 Patch Tuesday fixes 2 zero-days, 49 flaws (BleepingComputer) Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update (Dark Reading) Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698) (Help Net Security) Microsoft Releases December 2022 Security Updates (CISA) Apple security updates (Apple Support) We finally know why Apple pushed out that emergency 16.1.2 update (Macworld) Why You Should Enable Apple's New Security Feature in iOS 16.2 Right Now (Wirecutter) Apple Releases Security Updates for Multiple Products (CISA) Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 (Citrix) State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518) (Help Net Security) Citrix Releases Security Updates for Citrix ADC, Citrix Gateway (CISA) VMware Patches VM Escape Flaw Exploited at Geekpwn Event (SecurityWeek) Experts detailed a previously undetected VMware ESXi backdoor (Security Affairs) VMware Releases Security Updates for Multiple products (CISA) Mozilla Releases Security Updates for Thunderbird and Firefox (CISA) Adobe Patches 38 Flaws in Enterprise Software Products (SecurityWeek) CISA Releases Three Industrial Control Systems Advisories (CISA) Five Russian Nationals, Including Suspected FSB Officer, and Two U.S. Nationals Charged with Helping the Russian Military and Intelligence Agencies Evade Sanctions (US Department of Justice) Russian Military and Intelligence Agencies Procurement Network Indicted in Brooklyn Federal Court (US Department of Justice)
Mai menü:wittsec confBring Your Own Vulnerable Driver:Link1Link2Link3Link4Link5Aláírás ellenőrzésSqlite 22 éves vulnMár a rendőrökben se lehet bízniHacking Automobile Keyless Entry SystemsOver 45,000 VMware ESXi servers just reached end-of-lifeOpenSSL 3.0 critical issue aheadElérhetőségeink:TelegramTwitterInstagramFacebookMail: info@hackeslangos.show
Descubren un nuevo APT o grupo sofisticado de amenazas centrado en el espionaje y presente sobre todo en empresas telefónicas y universidades que tiene además un toque hispano. Un grupo de cibercriminales desconocidos ha estado infectando hipervisores VMware ESXi y robando datos de máquinas virtuales en una campaña de ciberespionaje digna de la Blue Pill de Matrix. Si te gusta el podcast y consideras que lo merecemos, danos tu voto en los premios iVoox 2022. Nos haría muchísima ilusión. Puedes votarnos en este enlace, (estamos en la categoría "Empresa y Tecnología"): https://www.tierradehackers.com/premiosivoox Notas y referencias en https://www.tierradehackers.com YouTube: https://www.youtube.com/tierradehackers Twitch: https://www.twitch.tv/tierradehackers Twitter: https://www.twitter.com/tierradehackers LinkedIn: https://www.linkedin.com/company/tierradehackers Si te gusta lo que hacemos, considera apoyarnos en Patreon para que podamos seguir creciendo y crear aun más contenido: https://www.patreon.com/tierradehackers No olvides unirte a nuestra comunidad de discord: https://www.tierradehackers.com/discord Gracias a Monad, onBRANDING y a Prowler por apoyarnos.
Gray-hat support for Iranian dissidents. Selling access wholesale in the C2C market. Novel malware's discovered targeting VMware hypervisors. The Witchetty espionage group uses an updated toolkit. Deepen Desai from Zscaler has a Technical Analysis of Industrial Spy Ransomware. Ann Johnson of Afternoon Cyber Tea speaks with Michal Braverman-Blumenstyk, CTO for Microsoft Security, about Israel's cyber innovation. And Russian troops phone call revelations. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/188 Selected reading. Hacker Groups take to Telegram, Signal and Darkweb to assist Protestors in Iran (Check Point Software) Hackers Use Telegram and Signal to Assist Protestors in Iran (Infosecurity Magazine) Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks (The Hacker News) Hackers seek to help — and profit from — Iran protests (The Record by Recorded Future) Ransomware and Wholesale Access Markets: A $10 investment can lead to millions in profit (Cybersixgill) Selling access wholesale in the C2C market. (CyberWire) Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors (Mandiant) Bad VIB(E)s Part Two: Detection and Hardening within ESXi Hypervisors (Mandiant) Mandiant has identified new malware that targets VMware ESXi, Linux vCenter servers, and Windows virtual machines. (CyberWire) Securonix Threat Labs Security Advisory: Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors (Securonix) Steep#Maverick cyberespionage campaign. (CyberWire) Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East (Symantec) Witchetty espionage group uses updated toolkit. (CyberWire) ‘Putin Is a Fool': Intercepted Calls Reveal Russian Army in Disarray (New York Times) Cyber Warfare Rife in Ukraine, But Impact Stays in Shadows (SecurityWeek) Russian hackers' lack of success against Ukraine shows that strong cyber defences work, says cybersecurity chief (ZDNET) Failure of Russia's cyber attacks on Ukraine is most important lesson for NCSC (ComputerWeekly)
I'm extra psyched today, because today's episode (which is all about updating your VMWare ESXi version via command line) is complemented by video: https://www.youtube.com/watch?v=0-XAO32LEPY Shortly after recording this video, I found this awesome article which walks you through a different way to tackle these updates: List all upgrade profiles: esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml Grep for just the ones you want (in my case ESXi 7.x): esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-7.0 Apply the one you want! esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-7.0
A Linux user tries out FreeBSD's Bhyve hypervisor, choosing storage for a VMware ESXi server, and perfect use case for WireGuard. Discussion Jim has been testing Bhyve Free Consulting We were asked about connecting home and small business networks, and choosing storage for a VMware ESXi server. Linode Simplify your […]