From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
1 1
FortiJump Higher details are out. Even with the patch installed, apparently you can get RCE on FortiManager using a FortiGate it manages. https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/
11h ago
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
1 1
Attached: 1 image This is brill. The Onion, with the help of the Sandy Hook families, has purchased InfoWars. Bravo @oneunderscore__@mastodon.social https://www.nytimes.com/2024/11/14/business/media/alex-jones-infowars-the-onion.html?unlocked_article_code=1.Z04.Wiwi.UMUgUSO1vzUW&smid=url-share
21h ago
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
1 2
Attached: 1 image Oh good, Elon has been given a US government department called DOGE.
on Wed, 11PM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
1 1
Hello everybody. If you use FortiManager from FortiNet you should be prepared to grab the latest available release from the support portal and upgrade. Patches aren’t out yet. Mitigation is available. If you have FortiManager facing the internet, I’d say remove it from the internet now....
#cti #cve #eitw #infosec #Fortinet #fortijump #threatintel #cybersecurity #vulnerability #cve_2024_47575
on Oct 23
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
Attached: 1 image
on Wed, 11PM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
I also think the whole industry obsession with threat intel has increased the security poverty line chronically. Most orgs can’t afford staff members to go to conferences, network, get into private groups, afford industry memberships, 6 figure TI vendor deals to get one email a day etc. It’s...
on Wed, 3PM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
This is good. https://ventureinsecurity.net/p/trust-no-one-why-we-cant-trust-most
on Wed, 2AM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
Used 16th of internet traffic in the past week, my ISPs will be happy 🤣
on Wed, 1AM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
It’s not just FortiGate, it’s happening across a variety of SSL VPN products. Happening in honeypots too, it’s spray and pray. Likely initial access broker credential resale. Usual fake ISPs involved - SSHVPS, Stark Industries Solutions etc. https://infosec.exchange/@m_rothe/113465870688854802
on Tue, 5AM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 3
Attached: 1 image Financial Times has a look inside how Elon Musk plans to take over the US government. https://www.ft.com/content/d207c4a9-0e6d-4ece-a44d-abf890316b5a
on Mon, 3PM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
Attached: 1 image Just rename this Battlefield 2025
on Mon, 1AM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
One thing I think really revealing about the Fediverse is it actually offers true free speech as anybody can run a server.. ..but Elon Musk spunked billions on Twitter, where he complies with Turkish government access blah blah.. And Donald Trump spent millions on Truth Social, which runs...
on Sun, 1AM
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 3
For the second year in a row the BBC has caught the host nation of the big annual climate change conference using it to sell fossil fuels https://www.bbc.com/news/articles/crmzvdn9e18o
on Nov 8
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Steam founder Gabe Newell has $1bn worth of yachts all around the world. Steam doesn’t get nearly enough shit from gamers btw. It is DRM lock in, they make $10bn with about 200 employees and shut everyone out of the PC market. https://luxurylaunches.com/transport/gabe-newell-luxury-yachts.php
on Nov 8
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 1 image “Wind down”
on Nov 7
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Microsoft are effectively giving up on Copilot Pro subscription ($20/month) as almost nobody paid for it. Instead they are bundling it into Microsoft 365 consumer subscriptions and inflating the renewal prices there. There’s no opt out. Effectively allows the Copilot revenue and user numbers...
on Nov 7
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 3 images
on Nov 6
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Trump’s supposed to be sentenced for his felony conviction in 3 weeks 🤣
on Nov 6
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 2 images
on Nov 6
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 2 images Just in case there was any doubt about what's happening in the US election https://www.nytimes.com/2024/11/05/us/politics/elon-musk-trump-election-night.html
on Nov 5
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Elon Musk continues to be a man free of consequence. https://www.bbc.co.uk/news/articles/crlnjzzk919o
on Nov 5
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 1 image That Cisco data breach, that they say definitely wasn't a data breach, has data breach. https://therecord.media/cisco-notifies-limited-set-of-customers-hacker-accessed-non-public-info
on Nov 5
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Good on Google, finally enforcing MFA on Google Cloud. https://cloud.google.com/blog/products/identity-security/mandatory-mfa-is-coming-to-google-cloud-heres-what-you-need-to-know
on Nov 5
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
Attached: 1 image If anybody has seen the latest fediverse reply spam wave, this time using QR codes - it's the warring Japanese teenagers again fighting over Discord.
on Nov 5
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Happy Diwali! https://www.bbc.com/news/articles/c99rx7nyypgo
on Oct 31
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 1 image Kingdom Bank in the UK have got their online banking available in the past 30 minutes by... changing the URL. It's now https://onl1ne44.kingdom.bank As before it's behind Microsoft Azure Application Gateway. Many of the NoName victims over the last few days use Azure...
on Oct 31
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 1 image Maybe MSPs can use the Lambo to race to the bottom.
on Oct 31
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
What gets me with this is the US intelligence community are all about Iran influencing the election.. but the group actually doing this right now, for months, is Elon Musk’s PAC. Iran don’t need to do shit....
on Oct 30
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Sundar Pichai says "more than a quarter of all new code at Google is generated by AI, then reviewed and accepted by engineers" Be interesting to see what a state Googles products and security are in, in five years time. https://www.theverge.com/2024/10/29/24282757/google-new-code-generated-ai-q3-2024
on Oct 29
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 2 images First screenshot, NY Times story from October 14th this month about how Washington Post is losing $100m a year and they’re very happy to have added 4000 subscribers. Second screenshot, a few weeks later after Jeff Bezos set fire to his own company.
on Oct 29
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 1
Since I don’t have the 2022 Twitter thread on it here - if you run a Speedtest.net (aka Ookla) server, make sure it is a properly segmented DMZ with nothing else in it and no internal network access. In particular, if you’re an ISP or telco make 100% sure you do this. I don’t want to get...
on Oct 28
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 4 images
on Oct 28
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 1 image
on Oct 26
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
https://www.eurogamer.net/microsoft-ceos-pay-rises-63-to-73m-despite-devastating-year-for-layoffs
on Oct 25
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
A reminder that Visual Studio Code’s marketplace is still an absolute security clusterfuck that Microsoft have engineered. There’s active supply chain attacks in there nobody has reported on. (That, yes, will get a cartoon porg blog on one day).
on Oct 25
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
There's a follow on blog post which is also relevant: https://medium.com/@amitassaraf/2-6-exposing-malicious-extensions-shocking-statistics-from-the-vs-code-marketplace-cf88b7a7f38f I'm still digging through the extensions myself and there's a lot to unpack, there's essentially supply chain...
on Oct 25
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Change Healthcare say their data breach, caused by their lack of MFA on Citrix Netscaler and AlphV ransomware group, impacted 100m Americans, making it the largest healthcare breach to date....
on Oct 24
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
@ColinHaynes@mastodon.scot ahaha, all good. I used to give in Scotland so should probably know better.
on Oct 24
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Shout out to those in the media who declared Apple Vision Pro the new iPhone. https://www.theinformation.com/articles/apple-sharply-scales-back-production-of-vision-pro
on Oct 23
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 1 image Regarding this - does anybody know if this is a legit ESET email? @ESETresearch@infosec.exchange I'm trying to establish if the ESET download is the cause or a symptom of existing access https://cyberplace.social/@ericshmeric/113324868680730631
on Oct 23
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Oh wow, #EIW really does spread via Active Directory joined computers. 🔥 It’s basically NotPetya 2.0. The method they use of locking it to Israeli PCs is interesting. They used the IDF’s rocket fire alarm API.
on Oct 23
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
The bit of this interview where the CEO says “I love your question” is where you know he’s also instant messaging his PR guy going ‘oh god the reporter did some research’ https://www.theverge.com/2024/10/21/24273820/intuit-ceo-sasan-goodarzi-turbotax-irs-quickbooks-ai-software-decoder-interview
on Oct 21
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Attached: 1 image https://www.bbc.co.uk/news/articles/cg78ljxn8g7o
on Oct 20
From cyberplace.social
ericshmeric (@ericshmeric@cyberplace.social)
0 0
@GossiTheDog A friend in .il said his network was hit with this wiper last week. MO seems similar to Handala's. He said the trigger was the same email from ESET and payload hosted on their infra...
on Oct 17
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Thread res and reminder to vendors: please add robust detection for EDRSilencer. It is unsurprisingly being used in real world attacks. https://www.trendmicro.com/en_us/research/24/j/edrsilencer-disrupting-endpoint-security-solutions.html #threatintel #edrsilencer
on Oct 17
From cyberplace.social
gasinfo europe (@gasinfo_bot@cyberplace.social)
0 0
2024-10-13 06:00 - 2024-10-14 06:00: natural gas storage level (+/-) / % of annual consumption Austria 🇦🇹: 93.69% (+0.17%) / 104.58% France 🇫🇷: 93.67% (+0.14%) / 28.55% Germany 🇩🇪: 97.2% (+0.12%) / 27.47% #gas #natgas #storage #austria #france #germany
on Oct 17
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
lol of the day - EU warns X that it may calculate fines against X by including Elon Musk's other companies' revenue; the DSA can fine 6% of global annual revenue https://www.bloomberg.com/news/articles/2024-10-17/musk-s-empire-risks-being-targeted-by-eu-for-potential-x-fines
on Oct 17
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
lol at this Watchtowr write up - it’s on the money. Vulns from 1998. Wait until they see the new FortiManager zero day, I wanna see their write up. https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/
on Oct 17
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
Well done to Microsoft for losing billions of dollars on failed mixed reality headsets, alienated staff who raised concerns about the military contracts by ignoring them on Yammer, and supported the manager of the project who used the headsets to watch porn in the office until enough people...
on Oct 17
From cyberplace.social
Kevin Beaumont (@GossiTheDog@cyberplace.social)
0 0
If people in the US want to know why data breach disclosure laws are important - the only reason we know about this is because of state law. Fidelity are quite happy to sweep it under the carpet otherwise....
on Oct 10