In a recent development, the Cybersecurity and Infrastructure Security Agency (CISA) is moving away from utilizing Censys and VirusTotal as part of its broader operational reductions. This decision comes as CISA aims to streamline its threat hunting operations and triage potential threats more efficiently. VirusTotal, a widely used free tool for analyzing suspicious files … [Read more...] about CISA plans to drop Censys and VirusTotal
4chan suffers major hack
In a significant security breach, 4chan has been compromised, with hackers gaining shell access to its hosting servers. The attackers exploited a vulnerability in the site's outdated Ghostscript software, specifically an old 2012 version of PostScript, allowing them to elevate privileges using SUID and ultimately secure unauthorized access. The data leak is extensive, … [Read more...] about 4chan suffers major hack
Signalgate: Retired Army General Barry McCaffrey criticizes opsec failures
A retired Army general is calling out the White House for questionable communication practices, spotlighting an alleged "bro" channel on the private messaging app Signal. This so-called "Signalgate" raises serious concerns about operational security (OpSec) at the highest levels of military command. While OpSec lapses can happen, especially with newcomers, such mistakes are … [Read more...] about Signalgate: Retired Army General Barry McCaffrey criticizes opsec failures
Slopsquatting: The Cybersecurity Threat That Could Catch You Off Guard!
Bleeping computer reports about a new attack called "Slopsquatting." This is a supply chain attack similar to Typosquatting–when hackers purchase domains that look similar to legitimate ones. LLMs sometimes generate nonsense, which we call hallucinations or slop. Typosquatting, a phishing attack targeting human finger dexterity failures, is the squatting part of the … [Read more...] about Slopsquatting: The Cybersecurity Threat That Could Catch You Off Guard!
Oracle Denies Alleged Cloud Breach
In recent weeks, reports of a potential security breach involving Oracle’s cloud infrastructure have circulated. A hacker named “rose87168” claimed to have infiltrated Oracle’s systems, exfiltrating 6 million sensitive records and potentially affecting over 140,000 Oracle Cloud tenants globally. Despite these assertions and supporting evidence from cybersecurity … [Read more...] about Oracle Denies Alleged Cloud Breach