Thursday 28 December 2023

Monday 13 November 2023

LockBit Crashes Boeing Dark Web Data — No Ransom Paid - Security Boulevard

Seattle plane maker tries to tell us the 50GB dump is ever so boring and not worth spinning up Tor for.

Thursday 2 November 2023

AI Safety: 28 Nations+EU Agree to Test in Turing’s Huts - Security Boulevard

Foo, bar, #BletchleyDeclaration—signed at UK’s AI Safety Summit: Not much substance, but unity is impressive.

Wednesday 1 November 2023

We Won’t Pay Ransomware Crims — 40 Nations Promise Biden’s WH - Security Boulevard

Will CRI pledge work? International Counter Ransomware Initiative hopes to pull rug from under scrotes.

Tuesday 31 October 2023

Thursday 26 October 2023

#iLeakage: All Apple CPUs Vulnerable — No Patch in Sight - Security Boulevard

Son of Spectre: No fix for iOS, “unstable” workaround for macOS.

Tuesday 24 October 2023

Don’t Be Evil: Google’s Scary ‘IP Protection’ Privacy Plan - Security Boulevard

Firefox here we come! “Free” privacy proxy for all Chrome users? What could possibly go wrong?

Monday 23 October 2023

Okta Hacked Yet Again: 2FA Firm Failed to 2FA - Security Boulevard

You had one job: Once is happenstance, twice is coincidence, FIVE TIMES is sheer incompetence.

Friday 20 October 2023

KeePass Malicious Ads: Google Goof Permits Punycode Attacks Again - Security Boulevard

Mote below ķ: Not only malvertising, but also “verified by Google.”

Tuesday 17 October 2023

Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in - Security Boulevard

Keeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10.

Monday 16 October 2023

Elon’s CSAM FAIL: Twitter Fined by Australian Govt. - Security Boulevard

Straya strikes back: Musk’s mob declines to answer questions, breaking law dunundah.

Friday 13 October 2023

Stalking: Fear of Apple AirTag ‘Explodes’ — Lawsuit Momentum Grows - Security Boulevard

This is why we can’t have nice things: 38 victims of Apple’s “negligence” named in amended class action.

Wednesday 11 October 2023

Tuesday 10 October 2023

Google Pushes ‘Passkeys’ Plan — but it’s Too Soon for Mass Rollout - Security Boulevard

FIDO FAIL: “Killing passwords” is a worthy goal—but is coercion the best way?

Monday 9 October 2023

Huge DNA PII Leak: 23andMe Must Share the Blame - Security Boulevard

The firm’s PR spin implies it’s the users’ fault for not using unique passwords—but is that fair? No, of course it isn’t.

Friday 6 October 2023

iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain - Security Boulevard

Apple’s embarrassing regression: iOS 17.0.3 fixes yet more nasty zero days (and the overheating bug)

Wednesday 4 October 2023

Meta Mayhem: Hybrid Work FAIL ¦ Yet More Layoffs - DevOps.com

The moral of the story: Be where you are—otherwise you will miss your life

Tuesday 3 October 2023

Broken ARM: Mali Malware Pwns Phones - Security Boulevard

Exploited in the wild: Yet more use-after-free vulns in Arm’s Mali GPU driver.

Monday 2 October 2023

Don’t Say ‘Skynet’ — NSA’s AI Security Center is New Hub for Agency Efforts - Security Boulevard

COME WITH ME IF YOU WANT TO LIVE: Nothing suspicious to see here—move along.

Friday 29 September 2023

Raspberry Pi 5: Faster, Better, Stronger — Spendier - DevOps.com

The moral of the story: You’re not defined by your past—you’re prepared by it

Thursday 28 September 2023

China-Backed Hacks of Cisco Routers Worry Feds — BlackTech Revenge? - Security Boulevard

TTP: IOS EEM CLI BBQ LOL—FBI, NSA, CISA join Japan’s NISC to warn of espionage group linked to Chinese Communist Party.

Wednesday 27 September 2023

FCC: Net Neutrality is a ‘Thing’ Again ¦ Meta Shutters Big UK Site - DevOps.com

The moral of the story: In the long run, the sharpest weapon of all is a kind and gentle spirit

Tuesday 26 September 2023

‘All of Sony’ Hacked, Claims Ransomed.vc Group - Security Boulevard

Hackers Play in Sony’s World:

Monday 25 September 2023

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator - Security Boulevard

Apple Scrambled to Fix 3 More CVEs:

Thursday 14 September 2023

Google De-Recruits 100s of Recruiters ¦ ARM Valued at $45½B in IPO - DevOps.com

The moral of the story: You only pass through this life once—you don’t come back for an encore.

Wednesday 13 September 2023

Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug - Security Boulevard

WebP FAIL:

Tuesday 12 September 2023

What Happens in Vegas: MGM Resorts ‘Ransomware’ Attack - Security Boulevard

You’re welcome to it:

Monday 11 September 2023

‘BLASTPASS’ iPhone Exploit — Apple Asleep at the Switch - Security Boulevard

Zero click, zero day, zero clue:

Friday 8 September 2023

Google Kills 3rd-Party Cookies — but Monopolizes AdTech - Security Boulevard

#Firefox looking good right now:

Thursday 7 September 2023

Oracle Bill is 5x Client’s Budget ¦ Toyota Out of Space - DevOps.com

The moral of the story: Comparison is the thief of joy

Wednesday 6 September 2023

This SUCKS: ‘Cars Are a Privacy Nightmare,’ Mozilla Fumes - Security Boulevard

IoT cars considered harmful:

Tuesday 5 September 2023

Sourcegraph’s Shocking Screwup: Private Secrets in Public Repo - Security Boulevard

Credentials create crisis:

Thursday 31 August 2023

BadBazaar: Chinese Spyware Shams Signal, Telegram Apps - Security Boulevard

I’m Shocked. SHOCKED!

Wednesday 30 August 2023

Qakbot Cracked: FBI and Friends Hack the Hackers - Security Boulevard

Or is it just resting? Beautiful plumage.

Tuesday 29 August 2023

Did Russia Hack Poland’s Trains? MSM Says Yes, but … Well, You Decide - Security Boulevard

Train Phreaking:

Monday 28 August 2023

‘Scrum == Cancer’ ¦ Plus: Linux 6.5 Ships - DevOps.com

The moral of the story: When we strive to become better than we are, everything around us becomes better too

Friday 25 August 2023

Gmail Adds Extra Checks, Thwarting Sneaky Hackers - Security Boulevard

But Please Don’t Use SMS:

Thursday 24 August 2023

Lapsus$ Jury Says Teen Duo Did Do Crimes - Security Boulevard

‘teapotuberhacker’ is not Guilty but not ‘Not Guilty’

Wednesday 23 August 2023

IBM LLM AI: COBOL to Java ASAP ¦ ARM IPO is GO! - DevOps.com

The moral of the story: Life’s tough—but it’s tougher when you’re stupid

Monday 21 August 2023

LOL WinRAR: Serious One-Click Bug (Patch NOW) - Security Boulevard

LOL WinRAR:

Thursday 17 August 2023

80% of Bosses ‘Regret’ Stopping WFH ¦ PSA: Disable STS! - DevOps.com

The moral of the story: Be nice to people on the way up, because you may meet them on the way down

Wednesday 16 August 2023

Ransomware Robs Realtors — Rapattoni MLS-aaS Down: Day 8 and Counting - Security Boulevard

MLS FAIL:

Tuesday 15 August 2023

AI coding helpers get FAILing grade - ReversingLabs

Fools rush in:

Monday 14 August 2023

‘Sabotage the Factory’ — 16 Big Bugs in Codesys ICS/OT/SCADA Software - Security Boulevard

#CoDe16 FAIL:

Friday 11 August 2023

Teenage Hackers Must be Stopped: US DHS’s CSRB Report - Security Boulevard

TL;DR: 2FA SMS FAIL

Thursday 10 August 2023

Google’s Shiny New AI Dev Environment — the ‘Experimental’ Project IDX - DevOps.com

The moral of the story: You live once and life is wonderful, so eat the damned red velvet cupcake

Wednesday 9 August 2023

Ransomware in Schools: White House Wants Action NOW - Security Boulevard

Don’t make me tap the sign:

Tuesday 8 August 2023

Listen up, devs: AI trained to overhear passwords - ReversingLabs

Sing loudly at login:

Monday 7 August 2023

How to Get Unlimited Airline Miles: Researchers Find the Cheat Codes - Security Boulevard

Points of Interest:

Thursday 3 August 2023

Microsoft is a “Strategic Problem in the Security Space,” Says CEO - Security Boulevard

Fist of FAIL: Amit Yoran has had enough—and he’s not gonna take it anymore.

2024—Year of the Linux Desktop? ChromeOS Reflects its Inner Penguin ¦ GNOME Rethink - DevOps.com

The moral of the story: People of accomplishment rarely sit back and let things happen to them

Tuesday 1 August 2023

BREAKING NEWS: You’re not Anonymous on Facebook (Duh) - Security Boulevard

Apparently this is news to some people:

Friday 28 July 2023

Android Foils AirTag Stalkers and Thieves — While Apple Does Nothing - Security Boulevard

C’mon Cupertino:

Thursday 27 July 2023

Overture Maps’ Challenge to Google ¦ Frontier Model Forum’s AI Safety Shtick - DevOps.com

The moral of the story: You have two hands—one for helping yourself, the other for helping others

Wednesday 26 July 2023

ALERT: Google Wants to DRM your OS for ‘Web Environment Integrity’ - Security Boulevard

We Will Kill WEI:

Tuesday 25 July 2023

No net for some, no root for devs — Google pilot walls off staff internet, access for ‘safety’ - ReversingLabs

The future of zero trust?

Monday 24 July 2023

‘China’ Azure Breach: MUCH Worse Than Microsoft Said - Security Boulevard

Storm-0558 Breaks:

Friday 21 July 2023

R.I.P. Kevin Mitnick, 1963–2023 - Security Boulevard

Kevin is Free:

Thursday 20 July 2023

AI ‘is Getting Worse’ ¦ AI ‘Will Lose India Jobs’ (Probably Isn’t ¦ Probably Won’t)

The moral of the story: It takes 20 years to build a reputation and five minutes to ruin it

Wednesday 19 July 2023

Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List - Security Boulevard

Predator/ALIEN not welcome in U.S.

Monday 17 July 2023

OPSEC FAIL: US Military Email Going to Mali — via Typo - Security Boulevard

MX Mixup:

Thursday 13 July 2023

China Breaches Microsoft Cloud — Spied on US Govt. Email - Security Boulevard

The government is greatly displeased—even U.S. spokespeople aren’t holding back:

Wednesday 12 July 2023

Forking RHEL! Oracle and SUSE Join the Fight ¦ Silverman Sues AI Firms - DevOps.com

The moral of the story: There are no mistakes, only opportunities

Tuesday 11 July 2023

EU-US data transfers back in hotseat: Security of user data adds to privacy concerns - ReversingLabs

EU and US try yet again:

Monday 10 July 2023

StackRot: Linux Bug so bad Linus Dives Into Code to Fix It - Security Boulevard

Maple Tree Side Effects: Torvalds feels the pressure, fixes lazy locks.

Friday 7 July 2023

Contec SolarView: Critical Bug Unpatched After 14 MONTHS - Security Boulevard

PV OT: VPN PDQ

Thursday 6 July 2023

Threads: Twitter Killer or Ad-Infested Hellscape? - DevOps.com

The moral of the story: When you cease to dream you cease to live

Wednesday 5 July 2023

Fortinet Bug: RUN — Don’t Walk — to Patch Critical RCE - Security Boulevard

#Xortigate Xceptional Xploits:

Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites - ReversingLabs

It’s not rocket surgery:

Friday 30 June 2023

‘Wagner Mercenary’ Hackers Destroy Russian Satellite Comms - Security Boulevard

Слава Україні — Героям слава!
Dozor-Teleport hack, vandalism and data breach. But is it a Ukrainian false flag op?

Thursday 29 June 2023

IBM/Red Hat Sparks Anger at GPL ‘breach’ as RHEL Source Locked Up - DevOps.com

The moral of the story: Every moment is a fresh beginning

Wednesday 28 June 2023

Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers) - Security Boulevard

Content warning: Abuse, stalking, controlling behavior, Schadenfreude, irony, doxxing.

Tuesday 27 June 2023

Hackers breached UPS data for SMS phish spree - ReversingLabs

UPS SMS oops:

Monday 26 June 2023

GDPR FAIL: US Firm ‘Profiles Half the World’ — it’s Max Schrems Again - Security Boulevard

NYOB accuses Telesign, Proximus and BICS of misusing phone users’ private data:

Friday 23 June 2023

Apple Fixes 0-Days — Russia Says US Used for Spying - Security Boulevard

‘#Triangulation’ spyware said to use backdoor Apple gave to NSA:

Thursday 22 June 2023

Google Calls Microsoft Azure Anti-Competitive ¦ Gen-Z Can’t Email - DevOps.com

The moral of the story: The longer I live, the more beautiful life becomes

Wednesday 21 June 2023

Passkeys standard: Time to add it to your dev plans? - ReversingLabs

Momentum is building:

Tuesday 20 June 2023

Microsoft Repeatedly Burned in ‘Layer 7’ DDoS - Security Boulevard

Unlucky Number:

Monday 19 June 2023

Reddit Ransomware Raid Redux: BlackCat/ALPHV Demands $4.5M - Security Boulevard

And Now, This:

Friday 16 June 2023

CISA Warning: MOVEit Has Yet Another Zero-Day SQL Injection RCE Bug - Security Boulevard

Alt. Angle: Russia-Russia-Russia Cl1p Clop

Thursday 15 June 2023

92% of Devs Use AI, Survey Says ¦ Intel One Mono Font

The moral of the story: Live as if you were to die tomorrow—learn as if you were to live forever

Wednesday 14 June 2023

Your Personal Data Sold to US Intelligence Agencies - Security Boulevard

What Price 4th Amendment? Warrant not needed if info bought from brokers:

Monday 12 June 2023

What a Mess: Barracuda Swaps Countless Appliances — Malware Can’t be Removed - Security Boulevard

ESG FAIL:

Thursday 8 June 2023

Pics AND it Didn’t Happen: Sex Deepfake FBI Alert - Security Boulevard

Fake Pr0n Hint:

Wednesday 7 June 2023

Microsoft’s 9th Outage in 2023 ¦ RISE of RISC-V ¦ Meta Ends WFH - DevOps.com

The moral of the story: Every human has a finite number of heartbeats—I don’t intend to waste any of mine

Tuesday 6 June 2023

PyPI hackers code sneaky new tactic. Researchers caught 'em red handed - ReversingLabs

AST/SCA FAIL — RL FTW:

Monday 5 June 2023

Chrome Extensions Warning — Millions of Users Infected - Security Boulevard

Perhaps as many as 87 million victims—maybe more:

Friday 2 June 2023

Russia Says NSA Hacked iOS With Apple’s Help — we Triangulate Kaspersky’s Research - Security Boulevard

Tit-For-Tat #Triangulation Trojan Talk:

Thursday 1 June 2023

Dev Jobs are Dead: ‘Everyone’s a Programmer’ With AI ¦ Intel VPUs - DevOps.com

The moral of the story: Too many of us are not living our dreams because we are living our fears

Wednesday 31 May 2023

‘Extinction risk’: Could AI wipe out humans via software backdoors? - ReversingLabs

Generative, schmenerative:

Tuesday 30 May 2023

‘Predator’ — Nasty Android Spyware Revealed - Security Boulevard

‘Alien’ Technology:

Friday 26 May 2023

COSMICENERGY: ‘Russian’ Threat to Power Grids ICS/OT - Security Boulevard

IEC 60870-5-104 ‘insecure by design’: