Cisco CVE-2023-20198 exploitation activity: We see over 32.8K Cisco IOS XE IPs compromised with implants based on the check published by Cisco in https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/
IP data on implants shared out daily in: https://shadowserver.org/what-we-do/network-reporting/compromised-website-report/ tagged 'device-implant'.
All existing #curl CVEs are now available as #JSON: https://curl.se/docs/vuln.json
All individual issues are also available as JSON, like for example CVE-2023-27538 like this: https://curl.se/docs/CVE-2023-27538.json
Enjoy!
Google leaking 2FA secrets – researchers advise against new “account sync” feature for now https://nakedsecurity.sophos.com/2023/04/26/google-leaking-2fa-secrets-researchers-advise-against-new-account-sync-feature-for-now/
WiFi protocol flaw allows attackers to hijack network traffic 👇🏾
"Cisco, admitting that the attacks outlined in the paper may be successful against Cisco Wireless Access Point products and Cisco Meraki products with wireless capabilities.
However, Cisco believes says that the retrieved frames are unlikely to jeopardize the overall security of a properly secured network."
Okta Post-Exploitation Method Exposes User Passwords https://www.darkreading.com/endpoint/okta-post-exploit-method-exposes-user-passwords
Australian police arrest four BEC actors who stole $1.7 million
https://www.bleepingcomputer.com/news/security/australian-police-arrest-four-bec-actors-who-stole-17-million/
#Security
This is great - Google providing 100,000 free security keys through 2023 to high-risk users. (Though I am still disappointed that - after all of the joint early work Google did with Yubico - they went with Feitian instead of Yubico to provide the raw hardware for the current Titan Security Key series.)
WHOA...Leave USB flash drives alone 👀👀
Journalist opens USB letter bomb in newsroom👇🏾
Now patched Outlook zero-day gains PoC and growing concerns
https://www.scmagazine.com/news/email-security/outlook-zero-day-poc-concerns
"John Hogan told reporters today that advice from security experts prevents him from saying whether the province paid the group a ransom." #Hive #ransomware #newfoundlandandlabrador
Free decryptor released for Conti-based ransomware following data leak.
Read more in my article on the Tripwire blog: