The Home Office is insisting that the Police National Computer was not compromised, via an attack on Dacoll (an MSP). Police National Computer not pwned by Clop ransomware crims • The Register
More on the sharing of compromised passwords with “‘;–have i been pwned?”
I wrote about this yesterday: UK National Crime Agency shares compromised passwords – Smart Thinking Solutions Here are two more stories about The National Crime Agency’s (NCA) donation of passwords in the wild. UK donates 225 million stolen passwords to hack-checking site – BBC News UK National Crime Agency finds …
Continue reading “More on the sharing of compromised passwords with “‘;–have i been pwned?””
Just like buses – Log4j flaws come in threes
Bad things come in threes: Apache reveals another Log4J bug • The Register A third bug has been found in the Log4j system. There has been three new versions of the software since the crisis started.
VMware vulnerability
A serious vulnerability in VMware has been discovered: VMSA-2021-0029 (vmware.com) As the article on The Register says “ignore this at your peril”. Over Log4j? VMware has another critical flaw for you to fix • The Register
More about Log4j
This was always going to be an issue when we posted about it last week – here is more information. Log4shell: US demands Christmas Eve deadline for hack fix – BBC News CISA issues emergency directive to fix Log4j vulnerability • The Register CISA issues ’emergency directive,’ orders federal agencies …
