Apple Issues Emergency Fix for NSO Zero-Click Zero Day
Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches.
Lisa Vaas
REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key?
How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.”
Thousands of Fortinet VPN Account Credentials Leaked
They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit.
Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers.
There are a lot of "tells" that the ransomware group doesn’t understand how negotiators work, despite threatening to dox data if victims call for help.
The attackers are indiscriminately striking thousands of victims worldwide with their new “Chimaera” campaign.
Investigators/the FBI/ransomware negotiators just screw everything up, the ransomware gang said, threatening to publish files if victims look for help.
The privacy-touting, end-to-end encrypted email provider erased its site’s “we don’t log your IP” boast after France sicced Swiss cops on it.
Verizon DBIR is already funny, useful & well-written, and it just got better with mapping to MITRE ATT&CK TTPs. The marriage could finally bring answers to “What are we doing right?” instead of the constant reminders of what’s not working in fending off threats.
The FTC’s first spyware ban nixes a company whose “slipshod” security practices led to exposure of thousands of victims’ illegally collected personal data.
