Category: Cyber
-
Wazuh for Your Homelab?
Do You Need a SIEM at Home? Are you the kind of person with more endpoints than a small business? Do you love stats, enjoy making life more complicated than it needs to be, want to enhance your cybersecurity, and you are comfortable with Linux and PowerShell? If so, you might be wondering if you…
//
-
Critical SonicOS Vulnerability: What You Need to Know
A critical vulnerability in SonicOS (CVE-2024-40766) could allow attackers to gain unauthorized access to your network or crash your firewall. Understanding the Vulnerability SonicWall’s recently disclosed flaw affects their SonicOS, which powers many of their firewalls. The identified vulnerability is a critical access control issue (CVE-2024-40766) with a severity rating of 9.3 out of 10.…
//
-
Windows TCP/IP RCE Vulnerability
CVE-2024-38063 This has to do with the Windows TCP/IP stack, affecting nearly all supported Windows . it has a CVSS score of 9.8, and poses a threat due to its remote code execution capability. Some Details: Nature of the Vulnerability: CVE-2024-38063 is a “zero-click” exploit, “Attackers” can remotely send specially crafted IPv6 packets to target…
//
-
NZ Response to the CrowdStrike Outage
This all started when I was trying to pay for my groceries at New World. Both my credit cards were declined, as was my Eftpos PayWave, but swiping my Eftpos card worked. Yesterday, a major IT glitch impacted CrowdStrike, a prominent cybersecurity firm, affecting numerous global services, including airlines, healthcare, and financial sectors. This incident,…
//
-
New Blast-RADIUS Attack: A Wake-Up Call for Network Security
There’s a new cyber threat that’s got the tech world buzzing. Dubbed the “Blast-RADIUS” attack, this security flaw takes advantage of the widely-used RADIUS authentication protocol. Essentially, it allows cybercriminals to slip past network defences and gain admin access without needing to crack passwords or credentials. What’s particularly worrying is that this exploit can be…
//
-
CVE-2024-6387 openssh-server in Proxmox 8 (Debian Bookworm) time to Update
If you are running Proxmox 8, make sure you update the openssh-server package. This doesn’t affect version 7 as it’s based on Bullseye, not Bookworm. From https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt regreSSHion background The Qualys Threat Research Unit (TRU) discovered this unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. This bug marks the first OpenSSH…
//
-
Turns out LockBit did not have stolen data from the US Federal Reserve
The X universe was on fire last week as Lockbit claimed that they had 33TBs of data from the fed reserve Most people were skeptical and it turns out they were right from HackManac on X “To summarize briefly, here’s what’s in the LockBit leak in the claimed attack on the US Federal Reserve: They…
//
-
Netsafe Launches Rescam to disrupt scammers Using AI
New Zealands Netsafe ( https://netsafe.org.nz/ ) has relaunched www.ReScam.org to cause havoc with scammers using AI. All you need to do is forward a scam email to ME@RESCAM.ORG; they will then use AI to create a personality and engage in an endless conversation with the scammer. They even provide you with a link to watch…
//
