Good lord, AI sucks...
Rob Wright
- 36 Followers
- 107 Following
- 309 Posts
Security news director at Informa TechTarget's Dark Reading, patron saint of TT's "Bagel Wednesday." Formerly of SearchSecurity, Tom's Hardware, CRN, and a whole lot more. Signal: rwrightTT.20
Name this boy band. https://www.nationalcrimeagency.gov.uk/news/further-evil-corp-cyber-criminals-exposed-one-unmasked-as-lockbit-affiliate
CrowdStrike's preliminary post incident review attributes Friday's defective channel file update to a bug in the company's Content Validator.
https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
I know a lot of folks are probably sick of the attention that side channel attacks have swallowed up since Meltdown & Spectre first emerged and may be saying "Stop trying to make GoFetch happen!" -- but I think this one is worth watching. https://www.techtarget.com/searchsecurity/news/366575096/GoFetch-attack-spells-trouble-for-Apple-M-series-chips
Microsoft this morning published a very short update on the Midnight Blizzard breach that raises a lot of questions. https://msrc.microsoft.com/blog/2024/03/update-on-microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/
If there isn't something more to this apparently very simple technique, then it seems like a major fly in the ointment for Google's security posture.
Given the severity of the zero-day vulnerability and the fact that it was under exploitation *since October*, it feels like we need more info from Barracuda than just a couple sentences saying "replace your ESG device immediately."