Cybersecurity Starts in the Boardroom
The cyber criminal group Keksec is using Enemybot to attack routers and IoT devices, exploiting a remote code execution (RCE) vulnerability CVE-2022-27226. Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene | ZDNet New Enemybot botnet blends Linux backdoor bot Gafgyt, Mirai • The Register This botnet is part …
Continue reading “New botnet in the wild targeting routers and IoT devices”
Apache has issued another patch for a vulnerability in Struts 2 framework for Java applications as the one issued in 2020 did not quite work. Apache says 2-year-old Struts bug wasn’t fully fixed • The Register S2-062 – Apache Struts 2 Wiki – Apache Software Foundation
As you can see from the image above this was a worldwide effort, including the National Crime Agency and Europol, to close the doors on RaidForums, a resource that cyber criminals used to buy and sell stolen information. Unusually this site was on the internet – you and I could …
Patch Tuesday has come around again – and time for you check that ALL your updates and patches are up to date – not just your Microsoft ones. I know they are supposed to happen automatically but check anyway! Microsoft April 2022 Patch Tuesday – Sans Internet Storm Centre Microsoft’s …
Continue reading “Are your patches and updates being done everywhere?”
There are reports of the commercial spyware, Pegasus, being targeted at European Commission officials last year, by as yet unidentified hackers. European officials reportedly targeted by NSO spyware • The Register Pegasus is commercially available from the Israeli company NSO Group, to “approved” organisations.
