Olivia
Online
(x) Blogwatch—not a bot, nor a parody
@xBlogwatch
Foolish columns for @SecurityBlvd @ReversingLabs: @RiCHi curates the best bloggy bits, finest forums, and weirdest websites—a/k/a OTOH. Also @DevOpsDotCom’s TLV
Formerly Computerworld, Forbes
Joined August 2016
2 Following
71 Followers
1.4K Posts
Former head of #L3Harris’s #Trenchant “offensive cyber” division has admitted to stealing a weapons-grade exploit chain worth $35M and selling it for personal gain.
Company’s not on trial, but the feds charged #PeterWilliams last week—and this week he’s decided to ’fess up:
So long and thanks for all the fish: Admits to selling unpatched bugs to a shady Russian broker.
Raises important questions about national security risks. In #SBBlogwatch, we go out with a whimper.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/ysHaEKC8Yw $LHX
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd Former head of #L3Harris’s #Trenchant “offensive cyber” division has admitted to stealing a weapons-grade exploit chain worth $35M and selling it for personal gain.
Company’s not on trial, but the feds charged #PeterWilliams last week—and this week he’s decided to ’fess up.
As we discussed earlier this year, organized crime groups are using slaves to scam people from massive “pig butchering” factories. One notorious center for the grotesquely evil practice is Myanmar.
Low Earth Pork: #PigButchering scammers in #Myanmar lose use of 2,500 Starlink terminals.
#SpaceX is crowing about how it’s blocked the scammers’ use. In #SBBlogwatch, we wonder what took Elon so long.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/iNLhMdFRUR
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd As we discussed earlier this year, organized crime groups are using slaves to scam people from massive “pig butchering” factories. One notorious center for the grotesquely evil practice is Myanmar.
#Microsoft’s #Windows security update rollup is badly buggy this month.
Post-patch, the #WinRE recovery environment doesn’t work with most keyboards and mice. And a fix for a cryptography bypass bug is causing failures, requiring rollbacks or registry edits to resolve.
Satya fiddles while Redmond burns? Bugs with security certs—plus failing USB keyboards and mice—cause QA questions.
Leads to concerns about #Windows dev process. In #SBBlogwatch, we grab a Linux ISO.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/QtwrLRY3jp $MSFT
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd #Microsoft’s #Windows security update rollup is badly buggy this month.
Post-patch, the #WinRE recovery environment doesn’t work with most keyboards and mice. And a fix for a cryptography bypass bug is causing failures, requiring rollbacks or registry edits to resolve.
Anything any #Android app can display is vulnerable to the #Pixnapping attack—including #2FA codes. That’s the worrying claim from a group of researchers this week.
“It’s like Rowhammer, but for the screen,” quips one wag:
If at first you don’t succeed: Researchers discover a new way to steal secrets from #Android apps: #Pixnapping
$GOOG thought it fixed the flaw. But group’s demo says not. In #SBBlogwatch, we blur the pels.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/wideupPhGz
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd Anything any #Android app can display is vulnerable to the #Pixnapping attack—including #2FA codes. That’s the worrying claim from a group of researchers this week.
“It’s like Rowhammer, but for the screen,” quips one wag.
Redis hell: CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW.
#Redis shouldn’t normally be exposed to the internet, but it often is. In #SBBlogwatch, we descend a layer.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/dJg41ZgonH
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd #Redis (Remote Dictionary Server) and its open source fork #Valkey share a scary flaw that can give an attacker full remote code execution.
It’s been assigned a maximum CVSS score of 10.0—which is something you don’t often see.
金のうんこ! Breaking: Big #beer brewer belatedly believes bitten by ransomware—and likely a data breach.
Today #Asahi confirmed fears of #ransomware. In #SBBlogwatch, we dry out.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/97TJI3PXTm
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd #Japan’s biggest producer of beer is still not producing any beer this week.
#Asahi Group Holdings shut down production Monday after detecting a cyber intruder.
The #Akira #ransomware gang have found a way to override the multifactor authentication in #SonicWall SSL VPN appliances.
These scrotes appear to be able to move laterally from the VPN boxes to deploy ransomware.
Strange factors: Yet another security problem plaguing #SonicWall customers.
It’s worrying that #ransomware scrotes have broken SonicWall’s #2FA. In #SBBlogwatch, we hear customers’ anger.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/O2CZFYfRqV
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd The #Akira #ransomware gang have found a way to override the multifactor authentication in #SonicWall SSL VPN appliances.
These scrotes appear to be able to move laterally from the VPN boxes to deploy ransomware.
Iconic British brand today warned its business would stay stalled for even longer.
And a loose confederation of threat actors, now calling itself Scattered Lapsus$ Hunters, has claimed responsibility for hacking the big car firm—via tedious Telegram trolling:
#JLR vs. SLH: #JaguarLandRover woes worse than previously thought.
Yes, it’s those Salesforce vish kiddies again. In #SBBlogwatch, we drive the point home.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/5AuoLT801z
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd Iconic British brand today warned its business would stay stalled for even longer.
And a loose confederation of threat actors, now calling itself Scattered Lapsus$ Hunters, has claimed responsibility for hacking the big car firm—via tedious Telegram trolling.
U.S. senator #RonWyden (pictured) is demanding the #FTC do something about #Microsoft $MSFT already.
He says Satya’s crew are to blame for some awful #ransomware attacks exploiting a vulnerability that’s more than 10 years old:
Roasting Redmond for #Kerberoasting: “Like an arsonist selling firefighting services,” quips 76-year-old.
Exploit affects #ActiveDirectory with old specs. In #SBBlogwatch, we wonder where to point fingers.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/ig4pyGCqRg
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd U.S. senator #RonWyden (pictured) is demanding the #FTC do something about #Microsoft already.
He says Satya’s crew are to blame for some awful #ransomware attacks exploiting a vulnerability that’s more than 10 years old.
A pair of ethical hackers discovered a bunch of “catastrophic” vulns in the code running 30,000 #BurgerKing, #TimHortons, #Popeyes and #FirehouseSubs locations.
Owner #RBI quickly fixed the flaws, but then its contractor #Cyble issued a sus-seeming #DMCA takedown notice:
#StreisandEffect in full effect: #RBI platform riddled with terrible #security flaws.
Tale as old as time: Poor, unfortunate $8½B corp vs. evil, vindictive, millennial hackers. In #SBBlogwatch, we rule.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://t.co/2LsedwD4Yv
@RiCHi @TheFuturumGroup @TechstrongGroup @securityblvd A pair of ethical hackers discovered a bunch of “catastrophic” vulns in the code running 30,000 #BurgerKing, #TimHortons, #Popeyes and #FirehouseSubs locations.
Owner #RBI quickly fixed the flaws, but then its contractor #Cyble issued a sus-seeming #DMCA takedown notice.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
73M followers
Virat Kohli
@imvkohli
69.8M followers
Kim Kardashian
@kimkardashian
69.8M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.9M followers
Neymar Jr
@neymarjr
62.5M followers
The Ellen Show
@theellenshow
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers