CyberSecurity Blog

Watch out, experts warn of a critical flaw in Jenkins Pierluigi Paganini January 26, 2024 Jenkins maintainers addressed several security vulnerabilities, including a critical remote code execution (RCE) flaw. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The automation server supports developers build, test and deploy…
Read more

ICYMI: ‘Midnight Blizzard’ Was Inside Company Network for 7 Months Hewlett Packard Enterprise in an after-hours regulatory filing disclosed that suspected Russian state hackers had gained access to corporate email inboxes for more than seven months. A threat group tracked as “Midnight Blizzard” first penetrated HPE’s cloud-based email service in May 2023.http://dlvr.it/T1tZ1Z

Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. The malicious ads, which appear above organic search results and often precede links to legitimate sources of the same software, can make searching for software on Google a dicey affair.…
Read more

“Everyone is ready to believe that AI can do things, even if it can’t.” The post Did an AI write that hour-long “George Carlin” special? I’m not convinced. appeared first on DanTechServices, Inc.http://dlvr.it/T1sT28

ICYMI: PixieFail is a huge deal for cloud and data centers. For the rest, less so. The post New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling appeared first on DanTechServices, Inc.http://dlvr.it/T1s7zj

Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE) Pierluigi Paganini January 25, 2024 Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT group Midnight Blizzard gained access to its Microsoft Office 365 email system. Hewlett Packard Enterprise (HPE) revealed that alleged Russia-linked cyberespionage group Midnight Blizzard gained access to its Microsoft Office 365 cloud-based…
Read more

‘Midnight Blizzard’ Was Inside Company Network for 7 Months Hewlett Packard Enterprise in an after-hours regulatory filing disclosed that suspected Russian state hackers had gained access to corporate email inboxes for more than seven months. A threat group tracked as “Midnight Blizzard” first penetrated HPE’s cloud-based email service in May 2023.http://dlvr.it/T1r1rh

ICYMI: Hackers Spread Fake News About SEC Approving Spot Bitcoin Exchange-Traded Fund It wasn’t a sophisticated hack on Jan. 9 that allowed hackers to briefly take control of an official U.S. Securities and Exchange Commission social media account, the agency said Monday. The hackers simply scammed the account’s mobile phone provider in a SIM swap…
Read more

ICYMI: The Cygnus Wall is part of a larger nebula. The post Daily Telescope: The Cygnus Wall lights up the night sky appeared first on DanTechServices, Inc.http://dlvr.it/T1pxwz

ICYMI: Experts warn of a vulnerability affecting Bosch BCC100 Thermostat Pierluigi Paganini January 16, 2024 Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS score: 8.3), that can be exploited by an attacker on the…
Read more