Security Leftovers
Friendly Reminder: ZIP Metadata is Not Encrypted, (Mon, Oct 2nd)
ZIP archives store compressed files including their metadata (filesize, date/time, ...). When a contained file is password protected, the compressed data is encrypted, but the metadata is not.
Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks
Patches are being developed for serious Exim vulnerabilities that could expose many mail servers to attacks.
Recently Patched TeamCity Vulnerability Exploited to Hack Servers
In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers.
Johnson Controls Ransomware Attack Could Impact DHS
DHS is reportedly investigating the impact of the recent Johnson Controls ransomware attack on its systems and facilities.
CISA Kicks Off Cybersecurity Awareness Month With New Program
CISA has announced the Secure Our World cybersecurity awareness program, targeting both businesses and end users.
New NSA center will oversee development and integration of AI capabilities
The U.S. National Security Agency has announced the creation of a new entity to oversee the development and integration of artificial intelligence capabilities within U.S. national security systems.
Network security company IronNet ceases operations two years after going public
Network security company IronNet Inc. has ceased operations two years after it became a publicly traded company through a merger with a special-purpose acquisition company. The disclosure came via a Sept. 29 filing with the U.S. Securities and Exchange Commission.