news
Security Leftovers and Windows TCO
-
The Strategist ☛ Remote work has opened Australia’s cyber backdoor
Australia’s adoption of remote work has opened a national security blind spot that foreign adversaries are actively exploiting to infiltrate critical infrastructure.
-
Hackaday ☛ Chicken Squisher 3000: Squish-Proof Security
Keeping chickens in predator-prone areas demands serious fortifications, but even the most robust coop can become a hassle without automation. That’s where [lcamtuf] steps in with his Chicken Squisher 3000, a clever DIY automatic door mechanism that opens and closes based on ambient light levels.
-
Security Week ☛ F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts
More information has come to light on the cyberattack disclosed this week by F5, including on attribution and potential risks.
-
Security Week ☛ Fuji Electric HMI Configurator Flaws Expose Industrial Organizations to Hacking
Fuji Electric has released patches and Japan’s JPCERT has informed organizations about the vulnerabilities.
-
Security Week ☛ Organizations Warned of Exploited Adobe AEM Forms Vulnerability
A public PoC existed when Adobe patched the Experience Manager Forms (AEM Forms) bug in early August.
-
Scoop News Group ☛ North Korean operatives spotted using evasive techniques to steal data and cryptocurrency
Research from Cisco Talos and Surveillance Giant Google Threat Intelligence Group underscores the extent to which North Korea-aligned attackers attempt to avoid detection.
-
Hacker News ☛ Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks
Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems.
The activity, codenamed Operation Zero Disco by Trend Micro, involves the weaponization of CVE-2025-20352 (CVSS score: 7.7), a stack overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow an authenticated, remote attacker to execute arbitrary code by sending crafted SNMP packets to a susceptible device. The intrusions have not been attributed to any known threat actor or group.
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign
The tech giant attributed the attacks to Vanilla Tempest, also known as Vice Spider and Vice Society.
>
-