.Cybersecurity and Infrastructure Security Agency encourages users and organizations to review Microsoft's mitigations and workarounds to address CVE-2021-40444, a remote code execution vulnerability in Microsoft Windows: msrc.microsoft.com/update-guide/v…

Free for 2 days! Digital Forensics - Complete Digital Forensics Masterclass: udemy.com/course/digital… Reverse Engineering, Debugging and Malware Analysis - 2021: udemy.com/course/reverse…

I've taken a break from public speaking to recharge, but I'm back in action Friday at 2 pm ET! Kevin Holvoet and I will chat about recent threats you should pay attention to. I will also almost certainly rant about vulnerabilities a bit. 🙂 Grab a beverage and join us!

🚨 Active scanning of Apache HTTP Server CVE-2021-41773 & CVE-2021-42013 is ongoing and expected to accelerate, likely leading to exploitation. Please patch immediately if you haven’t already—this cannot wait until after the weekend. Read more: us-cert.cisa.gov/ncas/current-a…

PSA: Shitty frat boy behavior at tech cons *always* bothered and pushed away a ton of people, but for decades the only way to network and do the work you loved was to shut up and deal with it with alcohol or a therapist, because shitty frat boys owned such a huge market share.

My next Pay What You Can (PWYC) intro to security class starts next Monday: antisyphontraining.com/event/getting-… The goal is to reduce the barriers for people getting into this field as much as possible. Hope to see you there!

The email campaign abusing the Craigslist messaging system continues to evolve and has been observed delivering Qakbot. The latest emails don’t have clickable links; they contain just an image instructing recipients to manually enter a URL on a browser.

I spoke with vmw_carbonblack's Taree Reardon 🌈 #BLM about #VMware's new #MDR service ⬇️ sdxcentral.com/articles/news/…

We are doing an emergency newscast on the Log4Shell vulnerability. Today, 4:30pm ET -- youtu.be/igoDXnkYDy8 Why? Well, with most vulnerabilities it is simply an issue of "install the patch" — this one is different. How is this different? Let's have a chat to find out.

CVE-2021-43326, a privilege escalation #vulnerability within the automation and patch management software provider, Automox. lacework.com/blog/cve-2021-… After 15+ years in security, I am happy to share my first official #CVE following many private disclosures over the years!

Here’s a #Log4Shell Remediation cheat sheet I wrote with my Snyk colleague Kirill Efimov Plenty of options of how to find and fix your #log4j vulnerabilities. **Please share with the community!** snyk.io/blog/log4shell…

😂😂

New research published today from the VMware Threat Analysis Unit (TAU) exposes how cybercriminals are using malware to target Linux-based operating systems with ransomware, cryptojacking attacks, and RATs. Learn more in our new threat report: bit.ly/3Gzm8JR

If you're worried about wiper malware between Ukraine and RU, please consider worrying about document macros from stuff like Qbot and Emotet first.

📢 While we're on the topic of our upcoming June event, here's a reminder that our Call for Speakers runs until the end of the month! Send us your proposed talks on Sessionize: sessionize.com/bsides-boulder… x.com/BSidesBoulder/…

This is going to be excellent!

I was able to access thousands of companies’ passwords on #Azure and run code on their VMs. This includes access to Microsoft’s own credentials… 💣 Here’s HOW I did it. This is the story of #SynLapse. (1/11)

Here we go!!! My next Pay What You Can class!!!!!

TAU identified the APT41's Cobalt Strike team server (91[.]238.50.114, HTTPS/DNS) since Jan 4th.