We all know that we're on camera pretty much constantly -- most coffee shops, convenience stores, and even offices employ security cameras for protection. But what happens when those devices built to keep us safe become unsafe?
To Akamai's Co-Founder Danny Lewin, calling someone a "Titan" was the highest praise he would give. Danny himself was a remarkably talented and hard-working leader whose heart, passion, and spirit still inspire us.
The first rule of edge compute thought leadership is: don't overuse the term edge. Over the course of my blog series on the topic, I have defined the edge, explained edge computing, and discussed the economics of edge computing.
Summary
Cisco has published fifteen Security Advisories. Of the advisories, two are rated as Critical, four are rated as High, and nine are rated as Medium.
Threat Type
Vulnerability
Overview
Cisco has published fifteen Security Advisories. Of the advisories, two are rated as Critical, four are rated as High, and nine are rated as Medium. For all advisories listed below, it is noted that Cisco's Product Security Incident Response Team (PSIRT) is "not aware of any public announcements or malicious use of the
We dig into the credential stuffing attack tool OpenBullet and look at configuring combolists, proxies, parse tokens, and check blocks for launching attacks.
Summary
Microsoft released a security update for its Chromium-based Edge browser that addresses six CVE-numbered vulnerabilities.
Threat Type
Vulnerability
Overview
A security update for Microsoft's Chromium-based Edge browser has been released. Six CVE-numbered vulnerabilities are addressed in the update. The most serious of the vulnerabilities, if successfully exploited, could potentially allow a remote attacker to execute arbitrary code on an affected system. Further details are available from the links
Summary
VMWare published a security advisory, VMSA-2021-0005, that addresses an authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance.
Threat Type
Vulnerability
Overview
VMWare published a security advisory, VMSA-2021-0005, that addresses a vulnerability (CVE-2021-21982) in the VMware Carbon Black Cloud Workload appliance. The vulnerability is an authentication bypass issue which could potentially allow a remote attacker to obtain administrative access to an affected device
Summary
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint cybersecurity advisory on APT actors exploiting vulnerabilities in FortiOS to gain initial access to commercial, government, and technology services networks.
Threat Type
Vulnerability
Overview
APT actors have been observed scanning devices on certain ports which are associated with the FortiOS vulnerability, CVE-2018-13379. The actors have also been enumerating devices that
Summary
The ICS-CERT has published an advisory that affects Rockwell Automation's FactoryTalk AssetCentre.
Threat Type
Vulnerability
Overview
The ICS-CERT has published an advisory that affects Rockwell Automation's FactoryTalk AssetCentre. Further information is available from the advisory which is summarized below.
ICS Advisory ICSA-21-091-01 - Rockwell Automation FactoryTalk AssetCentre
CVE-2021-27462 - A deserialization vulnerability exists in how the AosService.rem service in FactoryTalk AssetCentre ve
Summary
Proofpoint Threat Research discovered in late 2020 a new credential phishing campaign named BadBlood, carried out by threat group TA453, aka Charming Kitten. The campaign targets senior medical professionals who specialize in genetic, neurology, and oncology research in the United States and Israel. These targets are not the traditional targets for TA453, however, the tactics and techniques observed in BadBlood continue to mirror those used in historic TA453 campaigns.
Threat Type
Malware, Phishing,