VMware vulnerabilities. CISA will not stop monitoring Russia. North-Korea tries to launder $1.4B in crypto.  

News

Hi folks,

Some interesting stuff this week. The VMware vulnerabilities are a must to look at, if you run VMware in your stack. Also some conflicting reports on whether Russia gets a "free pass" in cyberspace by the US, but that seems to be overblown. All in all, just the world being the world as usual :-)

I hope you find some peace and quiet time away from all of that this weekend. I am going to try just that by having a nice, sunny citytrip, mostly offline, with friends :-)

Have a good one folks, cheers!

Dieter

Threat posed by new VMware hyperjacking vulnerabilities is hard to overstate

The vulnerabilities in question make it so that just one compromised VM can doom the other VM's on the same machine. The issues allow for a break-out to the VM hypervisor, and from there on anything is possible. It's already being exploited in the wild, so time to patch up.

arstechnica.com

North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit

Interesting read on the race to launder the $1.4B in crypto that North Korea stole from Bybit. The latter has published a bounty program, offering up to 10% in bounty for those who can help trace and freeze the assets.

therecord.media

DHS says CISA will not stop monitoring Russian cyber threats

Despite reports to the contrary this week, CISA is firm in saying that it will continue to monitor all cyber threats, including Russia.

bleepingcomputer.com

Open-source tool 'Rayhunter' helps users detect Stingray attacks

This is so cool. The Electronic Frontier Foundation (EFF) has released an open-source tool named Rayhunter that is designed to detect cell-site simulators (CSS), also known as IMSI catchers or Stingrays. Those are essentially fake celltowers that trick your phone into connecting to them to intercept traffic. The tool is meant to be installed on a mobile hotspot, and will warn when such activities seem to be taking place.

bleepingcomputer.com

Quick links

  • Over 49,000 misconfigured building access systems exposed online: link.
  • Nearly 12,000 API keys and passwords found in AI training dataset: link.
  • House passes bill requiring federal contractors to have vulnerability disclosure policies: link.
  • Google fixes Android zero-day exploited by Serbian authorities: link.

MDM vs Device Trust: technical limitations

A recent blogpost by 1Password comparing standard MDM solutions to their Device Trust offering, based on osquery, which offers up a lot of possibilities. (Sponsored)

1password.com

No spam, ever. We'll never share your email address and you can opt out at any time.