Allaboutclait
LightNews LightNews
Allaboutclait
@allaboutclait.bsky.social
83 followers 130 following 230 posts
Lead Information Security Analyst, recently completed MBA, ex DPO.
Posts Media Videos Starter Packs
Reposted by Allaboutclait
malwaretech.com
Marcus Hutchins @malwaretech.com · May 6
After 7 years of external circumstances getting in the way, I finally managed to sit down with @jackrhysider.bsky.social and record a Darknet Diaries episode. Check it out here! :D

darknetdiaries.com/episode/158/
MalwareTech – Darknet Diaries
MalwareTech was an anonymous security researcher, until he accidentally stopped WannaCry, one of the largest ransomware attacks in history. That single act of heroism shattered his anonymity and pulle...
darknetdiaries.com
18 43 340
Allaboutclait @allaboutclait.bsky.social · Mar 24
Critical flaw in Next.js lets hackers bypass authorization

www.bleepingcomputer.com/news/securit... #infosec
Critical flaw in Next.js lets hackers bypass authorization
A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Mar 24
DrayTek routers worldwide go into reboot loops over weekend

www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Mar 24
Cyberattack takes down Ukrainian state railway’s online services

www.bleepingcomputer.com/news/securit...
Cyberattack takes down Ukrainian state railway’s online services
Ukrzaliznytsia, Ukraine's national railway operator, has been hit by a massive cyberattack that disrupted online services for buying tickets both through mobile apps and the website.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Mar 24
New VanHelsing ransomware targets Windows, ARM, ESXi systems

www.bleepingcomputer.com/news/securit... #infosec #ransomware
New VanHelsing ransomware targets Windows, ARM, ESXi systems
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Mar 1
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks

www.bleepingcomputer.com/news/securit... #infosec
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 19
CISA and Partners Release Advisory on Ghost (Cring) Ransomware www.cisa.gov/news-events/... #infosec
CISA and Partners Release Advisory on Ghost (Cring) Ransomware | CISA
www.cisa.gov
Allaboutclait @allaboutclait.bsky.social · Feb 19
Russian phishing campaigns exploit Signal's device-linking feature

www.bleepingcomputer.com/news/securit... #infosec
Russian phishing campaigns exploit Signal's device-linking feature
Russian threat actors have been launching phishing campaigns that exploit the legitimate "Linked Devices" feature in the Signal messaging app to gain unauthorized access to accounts of interest.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 19
Palo Alto Networks tags new firewall bug as exploited in attacks

www.bleepingcomputer.com/news/securit... #infosec
Palo Alto Networks tags new firewall bug as exploited in attacks
Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach devices in...
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 19
New FrigidStealer infostealer infects Macs via fake browser updates

www.bleepingcomputer.com/news/securit... #infosec
New FrigidStealer infostealer infects Macs via fake browser updates
The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware call...
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 18
Juniper patches critical auth bypass in Session Smart routers

www.bleepingcomputer.com/news/securit...
Juniper patches critical auth bypass in Session Smart routers
​Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 18
New OpenSSH flaws expose SSH servers to MiTM and DoS attacks

www.bleepingcomputer.com/news/securit... #infosec
New OpenSSH flaws expose SSH servers to MiTM and DoS attacks
OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago.
www.bleepingcomputer.com
1
Allaboutclait @allaboutclait.bsky.social · Feb 11
Apple Releases Urgent Patch for USB Vulnerability

www.darkreading.com/endpoint-sec... #infosec
Apple Releases Urgent Patch for USB Vulnerability
The vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to user data.
www.darkreading.com
Allaboutclait @allaboutclait.bsky.social · Feb 11
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw

www.bleepingcomputer.com/news/securit... #infosec
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 7
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers

www.bleepingcomputer.com/news/securit... #infosec
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial networ...
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 7
HPE notifies employees of data breach after Russian Office 365 hack

www.bleepingcomputer.com/news/securit... #infosec #privacy
HPE notifies employees of data breach after Russian Office 365 hack
Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company's Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 7
Microsoft shares workaround for Windows security update issues

www.bleepingcomputer.com/news/microso... #infosec
Microsoft shares workaround for Windows security update issues
Microsoft has shared a workaround for users affected by a known issue that blocks Windows security updates from deploying on some Windows 11 24H2 systems.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 7
Cloudflare outage caused by botched blocking of phishing URL

www.bleepingcomputer.com/news/securit... #Infosec
Cloudflare outage caused by botched blocking of phishing URL
An attempt to block a phishing URL in Cloudflare's R2 object storage platform backfired yesterday, triggering a widespread outage that brought down multiple services for nearly an hour.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 7
US health system notifies 882,000 patients of August 2023 breach

www.bleepingcomputer.com/news/securit... #Infosec
#privacy
US health system notifies 882,000 patients of August 2023 breach
Hospital Sisters Health System notified over 882,000 patients that an August 2023 cyberattack led to a data breach that exposed their personal and health information.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 7
U.K. orders Apple to let it spy on users’ encrypted accounts

Secret order requires blanket access to protected cloud backups around the world, which if implemented would undermine Apple’s privacy pledge to its users. www.washingtonpost.com/technology/2...
#infosec #privacy
https://washingtonpost.com/technology/202…
Allaboutclait @allaboutclait.bsky.social · Feb 6
Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware

www.bleepingcomputer.com/news/securit... #infosec
Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware
Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 6
Critical RCE bug in Microsoft Outlook now exploited in attacks

www.bleepingcomputer.com/news/securit... #infosec
Critical RCE bug in Microsoft Outlook now exploited in attacks
CISA warned U.S. federal agencies on Thursday to secure their systems against ongoing attacks targeting a critical Microsoft Outlook remote code execution (RCE) vulnerability.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 6
Kimsuky hackers use new custom RDP Wrapper for remote access

www.bleepingcomputer.com/news/securit... #infosec
Kimsuky hackers use new custom RDP Wrapper for remote access
The North Korean hacking group known as Kimsuky was observed in recent attacks using a custom-built RDP Wrapper and proxy tools to directly access infected machines.
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 5
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks

www.bleepingcomputer.com/news/securit... #infosec
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the...
www.bleepingcomputer.com
Allaboutclait @allaboutclait.bsky.social · Feb 5
AMD fixes bug that lets hackers load malicious microcode patches

www.bleepingcomputer.com/news/securit... #infosec
AMD fixes bug that lets hackers load malicious microcode patches
​AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices.
www.bleepingcomputer.com