Belgian defence ministry admits attackers accessed its computer network by exploiting Log4j vulnerability • The Register As if you needed reminding that if the Log4j vulnerability impacts you, you need to take action.
Police National Computer not compromised
The Home Office is insisting that the Police National Computer was not compromised, via an attack on Dacoll (an MSP). Police National Computer not pwned by Clop ransomware crims • The Register
More on the sharing of compromised passwords with “‘;–have i been pwned?”
I wrote about this yesterday: UK National Crime Agency shares compromised passwords – Smart Thinking Solutions Here are two more stories about The National Crime Agency’s (NCA) donation of passwords in the wild. UK donates 225 million stolen passwords to hack-checking site – BBC News UK National Crime Agency finds …
Continue reading “More on the sharing of compromised passwords with “‘;–have i been pwned?””
Two more stories about, spyware, the NSO Group, Pegasus and another player in the commercial cyberweapons market
So if one company can produce commercial spyware then why not two. More on NSO Group and Cytrox: Two Cyberweapons Arms Manufacturers – Schneier on Security Then there are the consequences of the use of Pegasus and Predator. UN-backed investigator into possible Yemen war crimes targeted by spyware | United …
Just like buses – Log4j flaws come in threes
Bad things come in threes: Apache reveals another Log4J bug • The Register A third bug has been found in the Log4j system. There has been three new versions of the software since the crisis started.
