This International Women’s Day, women currently in cybersecurity positions should be a guide and mentor for those entering the profession.
AWS Deploymnet Risks – Configuration and Credential File Targeting
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20AWS%20Deployment%20Risks%20-%20Configuration%20and%20Credential%20File%20Targeting/30722
Apple Updates
https://isc.sans.edu/diary/MacOS%20Patches%20%28and%20Safari%2C%20TVOS%2C%20VisionOS%2C%20WatchOS%29/30726
NSA/CISA Secure Cloud Guides
https://media.defense.gov/2024/Mar/07/2003407866/-1/-1/0/CSI-CloudTop10-Identity-Access-Management.PDF
https://media.defense.gov/2024/Mar/07/2003407858/-1/-1/0/CSI-CloudTop10-Key-Management.PDF
https://media.defense.gov/2024/Mar/07/2003407859/-1/-1/0/CSI-CloudTop10-Managed-Service-Providers.PDF
https://media.defense.gov/2024/Mar/07/2003407862/-1/-1/0/CSI-CloudTop10-Secure-Data.PDF
https://media.defense.gov/2024/Mar/07/2003407861/-1/-1/0/CSI-CloudTop10-Network-Segmentation.PDF
Scanning and Abusing the QUIC Protocol
https://isc.sans.edu/diary/Scanning%20and%20abusing%20the%20QUIC%20protocol/30720
Google Chrome Update
https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
Spinning YARN
https://www.cadosecurity.com/spinning-yarn-a-new-linux-malware-campaign-targets-docker-apache-hadoop-redis-and-confluence/
Teamcity Exploited
https://twitter.com/leak_ix/status/1765460190621581347
iOS/iPadOS Updates with Zero Day Fixes
https://isc.sans.edu/diary/Apple%20Releases%20iOS%20iPadOS%20Updates%20with%20Zero%20Day%20Fixes./30716
Why Your Firewall Will Kill You
https://isc.sans.edu/diary/Why+Your+Firewall+Will+Kill+You/30714/
QEMU Tunnel
https://securelist.com/network-tunneling-with-qemu/111803/
VMware Vulnerabilities Patched
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
Capturing DShield Packets with a LAN Tap
https://isc.sans.edu/diary/Capturing%20DShield%20Packets%20with%20a%20LAN%20Tap%20%5BGuest%20Diary%5D/30708
Additional Critical Security Issues Affecting Teamcity
https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/
GitHub Push Protection Now On By Default
https://github.blog/2024-02-29-keeping-secrets-out-of-public-repositories/
Android Updates
https://source.android.com/docs/security/bulletin/2024-03-01
Linksys E-2000 Vulnerablity
https://warp-desk-89d.notion.site/Linksys-E-2000-efcd532d8dcf4710a4af13fca131a5b8
Scanning for Confluence CVE-2022-26134
https://isc.sans.edu/diary/Scanning%20for%20Confluence%20CVE-2022-26134/30704
Exploiting CSP Wildcards for Google Domains
https://attackshipsonfi.re/p/exploiting-csp-wildcards-for-google
Silver SAML: Golden SAML in the Cloud
https://www.semperis.com/blog/meet-silver-saml/
Dissecting DarkGate: Module Malware Delivery and Persistence as a Service
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Dissecting%20DarkGate%3A%20Modular%20Malware%20Delivery%20and%20Persistence%20as%20a%20Service./30700
Ivanti Incident Response Update
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
Github Flooded with Infected Repos
https://apiiro.com/blog/malicious-code-campaign-github-repo-confusion-attack
Security Flaws in NoName Doorbell Cameras
https://www.consumerreports.org/home-garden/home-security-cameras/video-doorbells-sold-by-major-retailers-have-security-flaws-a2579288796/
Exploit Attempts for Unknown Password Reset Vulnerability
https://isc.sans.edu/diary/Exploit%20Attempts%20for%20Unknown%20Password%20Reset%20Vulnerability/30698
StopRansomware: Updated ALPHV Blackcat Advisory
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353a
GlobalBlock Service To Prevent Trademark abuse
https://www.bleepingcomputer.com/news/technology/registrars-can-now-block-all-domains-that-resemble-brand-names/
Take Downs and the Rest of Us: Do they matter?
https://isc.sans.edu/diary/Take%20Downs%20and%20the%20Rest%20of%20Us%3A%20Do%20they%20matter%3F/30694
Joint Cybersecurity Advisory
https://www.ic3.gov/Media/News/2024/240227.pdf
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
https://www.ncsc.gov.uk/news/svr-cyber-actors-adapt-tactics-for-initial-cloud-access
Data Scientists Targeted by Malicious Hugging Face ML Models with Silent Backdoor
https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor/
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
PHPSESSID | session | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. |
pmpro_visit | session | The cookie is set by PaidMembership Pro plugin. The cookie is used to manage user memberships. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |