Google fixes fifth Chrome zero-day bug exploited this year (bleepingcomputer.com)
Do you have a password on your VNC server? 9000 users didn’t.
We have clients who use the popular VNC (Virtual Network Computing) service to access computers – all of them implement our security policy. Do you have a security policy that covers this type of software and access? Over 9,000 VNC servers exposed online without a password (bleepingcomputer.com)
Malicious software
Software depositories are a prime target for threat actors, especially those offering modules that other developers include in their software. Here is an attack aimed at a Python repository: Malicious PyPi packages aim DDoS attacks at Counter-Strike servers (bleepingcomputer.com) How secure is open source software? Do you use open source …
Ransomware highlights from Bleeping Computers
There are a rush of ransomware stories on Bleeping computers, mainly high profile organisations being hit, not only with crypto-malware but being blackmailed over data exfiltrated by the threat actors. Automotive supplier breached by 3 ransomware gangs in 2 weeks (bleepingcomputer.com) Hacker uses new RAT malware in Cuba Ransomware attacks …
Continue reading “Ransomware highlights from Bleeping Computers”
Yesterday was Patch Tuesday – Exchange server gets a special mention
Microsoft has issued it’s monthly round of patches and updates, SANS Internet Storm Centre has a round-up here: Microsoft August 2022 Patch Tuesday – SANS Internet Storm Center This update addresses the DogWalk zero-day vulnerability. Here are the Microsoft release notes: August 2022 Security Updates – Release Notes – Security …
Continue reading “Yesterday was Patch Tuesday – Exchange server gets a special mention”
