In a rapid cyber drama, LockBit ransomware made its debut in just over two hours, exploiting CVE-2023-22527 on a Windows Confluence server. With tools like Mimikatz and AnyDesk, the threat actor danced through the network, exfiltrating data to MEGA.io. The plot thickened as PDQ Deploy helped spread the encryption chaos.

Wireshark release 4.4.4 tackles one pesky vulnerability and 12 bugs, proving that even software has its own version of spring cleaning.

Who knew AI could have a jailbreak problem? Our investigation into jailbreaking 17 popular GenAI web products reveals some shocking vulnerabilities. Turns out, these apps have more escape routes than a Hollywood heist movie. Despite robust safety measures, LLM jailbreaks are as effective as ever, proving there’s always a way to break free.

In the realm of cybersecurity, we’ve discovered a MitM attack against OpenSSH’s VerifyHostKeyDNS-enabled client. The attack hinges on a clever out-of-memory tactic, allowing a fake server to impersonate a real one while the client is none the wiser. Remember, with great power comes great responsibility—or at least a better firewall.

Andrey Stoykov cracks open Self Stored XSS in version 7.2.2 like a piñata, revealing a vulnerability that lets you add an admin with the name “greater than” symbol. Tested on Ubuntu 22.04, it’s the cybersecurity equivalent of leaving your front door open with a welcome mat that says “Hackers Welcome.”

Python’s official documentation contains textbook example of insecure code (XSS). The CGI module example in Python 3.12 is a classic XSS vulnerability, leaving many developers scratching their heads and questioning if they should read the manual or just wing it. After all, it’s deprecated, but the legacy lives on!

Jim Clausing is on duty, and the threat level is green. Meanwhile, prepare for a deep dive into Network Monitoring and Threat Detection in Baltimore this March! Stay tuned for the latest ISC Stormcast—it’s more riveting than a cat video binge!

Meet sigs.py, the multitasking wizard of file hashing! This Python script effortlessly swings between MD5, SHA1, and SHA256, putting traditional Linux tools to shame. Now with a new “check” feature, it practically makes your morning coffee while confirming file integrity. Embrace the future of hashing—your files deserve it.

Attention RadiAnt DICOM Viewer users! Your software might just be the life of the party, but it’s inviting a machine-in-the-middle attack to the dance floor. The vulnerability is due to improper certificate validation. Update to v2025.1 or later, or prepare for some unwelcome guests. Remember, safety first, even in the digital realm.

View CSAF: The Vinci Protocol Analyzer’s OS command injection vulnerability is like leaving your front door open during a zombie apocalypse—it’s bad news! With a CVSS v4 score of 9.4, it’s crucial to update to version 3.2.3.19 or later to avoid cyber mayhem. Don’t let hackers crash your protocol party!

The My Security Account App has a major vulnerability, an “authorization bypass through user-controlled key,” allowing attackers to access sensitive user info. Rapid Response Monitoring patched it, so don’t panic. Just imagine the app as a nosy neighbor, now finally locked out of your diary!

Siemens’ SiPass integrated has a vulnerability that lets bad guys execute arbitrary code if they use a crafty backup. But fear not! Siemens has updates and tips to keep your systems safe from cyber calamities. Stay informed with Siemens ProductCERT Security Advisories for the most up-to-date information on vulnerabilities.

Block Load software users beware! A vulnerability in Carrier’s HVAC calculation tool could let cybercriminals perform DLL hijacking, executing code with elevated privileges. Dubbed CVE-2024-10930, it’s got a CVSS v4 score of 7.1. Upgrade to version 4.2 or later and follow defensive measures to keep your Block Load secure!

View CSAF: Beware of the FLXEON Controllers’ vulnerabilities! Your network’s gatekeepers might be having a midlife crisis, allowing unauthorized HTTPS shenanigans, and spilling secrets like a leaky faucet. Update to version 9.3.5 before they start a full-blown rebellion. After all, your network shouldn’t be more dramatic than a soap opera!

Warning: The ABB ASPECT-Enterprise, NEXUS, and MATRIX series are vulnerable to remote exploitation due to hard-coded credentials. With a CVSS score of 9.3, it’s a hacker’s dream. So, unless you want unauthorized access to your devices, it’s time to update that firmware and secure your network! View CSAF for more details.

Stately Taurus has finally been linked to Bookworm malware—a connection nine years in the making! This cyber drama unfolds across Southeast Asia with more twists than a detective novel. Stately Taurus, our cyber-sleuths, uses DLL sideloading, and the infamous PubLoad. Stay tuned for more digital espionage adventures!

Join Guy Bruneau as he keeps the Internet Storm Center calm with a threat level of green. Dive into network monitoring and threat detection without breaking a sweat—or a server. For those who love the smell of cybersecurity in the morning, mark your calendars for the Baltimore class in March!

Lina’s blog post uncovers the NSA’s secret identity as “APT-C-40” in Chinese cybersecurity circles. Armed with translations, she profiles the agency’s antics. Her findings reveal a lack of collaboration in western DFIR teams, unlike their eastern counterparts. Kudos to Lina for diving into this spy saga and sharing her insights!

Beware the Ghost (Cring) ransomware! CISA, FBI, and MS-ISAC have released a joint advisory to help network defenders identify and combat this cyber menace. Don’t let outdated software haunt you—apply those patches and check out the #StopRansomware guidance for protection tips. Your digital safety might just depend on it!

The FBI, CISA, and MS-ISAC are here to help you ghost Ghost ransomware! Ghost actors in China target outdated systems for financial gain, hitting over 70 countries. They switch tactics more often than a chameleon changes colors, making it a challenge to pin them down. Visit stopransomware.gov for more on battling these cyber specters.