Reposted by Deva
AWS dug through its honeypot data and confirmed that CVE-2025-5777 (Cisco ISE RCE) and CVE-2025-5777 (memory leak in Citrix NetScaler) were exploited as zero-days before their patches.
Nothing new here except the confirmation that an APT was behind the attacks
aws.amazon.com/blogs/securi...
Nothing new here except the confirmation that an APT was behind the attacks
aws.amazon.com/blogs/securi...
Amazon discovers APT exploiting Cisco and Citrix zero-days | Amazon Web Services
The Amazon threat intelligence team has identified an advanced threat actor exploiting previously undisclosed zero-day vulnerabilities in Cisco Identity Service Engine (ISE) and Citrix systems. The ca...
aws.amazon.com
November 13, 2025 at 10:13 AM
AWS dug through its honeypot data and confirmed that CVE-2025-5777 (Cisco ISE RCE) and CVE-2025-5777 (memory leak in Citrix NetScaler) were exploited as zero-days before their patches.
Nothing new here except the confirmation that an APT was behind the attacks
aws.amazon.com/blogs/securi...
Nothing new here except the confirmation that an APT was behind the attacks
aws.amazon.com/blogs/securi...
Reposted by Deva
also yes it's dumb as shit that browsers allow this
November 13, 2025 at 12:45 PM
also yes it's dumb as shit that browsers allow this
Reposted by Deva
-US indicts two rogue cybersecurity employees for ransomware attacks
-Hackers extort massage parlor visitors
-Balancer hacked for $128 million
-Cargo thieves use hackers to go after trucking and freight companies
Podcast: risky.biz/RBNEWS500/
Newsletter: news.risky.biz/risky-bullet...
-Hackers extort massage parlor visitors
-Balancer hacked for $128 million
-Cargo thieves use hackers to go after trucking and freight companies
Podcast: risky.biz/RBNEWS500/
Newsletter: news.risky.biz/risky-bullet...
November 5, 2025 at 9:30 AM
-US indicts two rogue cybersecurity employees for ransomware attacks
-Hackers extort massage parlor visitors
-Balancer hacked for $128 million
-Cargo thieves use hackers to go after trucking and freight companies
Podcast: risky.biz/RBNEWS500/
Newsletter: news.risky.biz/risky-bullet...
-Hackers extort massage parlor visitors
-Balancer hacked for $128 million
-Cargo thieves use hackers to go after trucking and freight companies
Podcast: risky.biz/RBNEWS500/
Newsletter: news.risky.biz/risky-bullet...
Reposted by Deva
One the craziest elements about cybersecurity is you have half the industry sat worrying about cyberwar!1! and going on about quantum and AI, then you have you have the operational reality of what is actually happening on the ground - it bares no resemblance, at all, to what people are focused on.
October 1, 2025 at 3:21 PM
One the craziest elements about cybersecurity is you have half the industry sat worrying about cyberwar!1! and going on about quantum and AI, then you have you have the operational reality of what is actually happening on the ground - it bares no resemblance, at all, to what people are focused on.
Reposted by Deva
Dont think, just do
May 27, 2025 at 10:16 PM
Dont think, just do
Reposted by Deva
There's a new Microsoft SharePoint zero-day getting exploited right now: CVE-2025-53770
msrc.microsoft.com/blog/2025/07...
msrc.microsoft.com/blog/2025/07...
July 20, 2025 at 3:19 PM
There's a new Microsoft SharePoint zero-day getting exploited right now: CVE-2025-53770
msrc.microsoft.com/blog/2025/07...
msrc.microsoft.com/blog/2025/07...
Reposted by Deva
FBI/Europol couldn't seize the Lumma servers, so they hacked them, deleted backups, and phished threat actors
theravenfile.com/2025/05/23/l...
theravenfile.com/2025/05/23/l...
May 24, 2025 at 11:55 AM
FBI/Europol couldn't seize the Lumma servers, so they hacked them, deleted backups, and phished threat actors
theravenfile.com/2025/05/23/l...
theravenfile.com/2025/05/23/l...
Reposted by Deva
It looks like there's a SAP NetWeaver zero-day in the wild:
reliaquest.com/blog/threat-...
SAP advisory (via cr0w on Mastodon): me.sap.com/notes/3594142
reliaquest.com/blog/threat-...
SAP advisory (via cr0w on Mastodon): me.sap.com/notes/3594142
ReliaQuest Uncovers Potential New Vulnerability in SAP NetWeaver
ReliaQuest has observed SAP NetWeaver incidents with unauthorized file uploads and malicious execution, hinting at a possible unreported vulnerability.
reliaquest.com
April 24, 2025 at 6:44 PM
It looks like there's a SAP NetWeaver zero-day in the wild:
reliaquest.com/blog/threat-...
SAP advisory (via cr0w on Mastodon): me.sap.com/notes/3594142
reliaquest.com/blog/threat-...
SAP advisory (via cr0w on Mastodon): me.sap.com/notes/3594142
Patch asap or do the control steps immediately #vulnerability #wiz @wizsecurity.bsky.social great work for consistently challenging each patch
#IngressNightmare: Wiz Research uncovers a critical vulnerability in Ingress-NGINX 🚨
Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
March 25, 2025 at 5:40 PM
Patch asap or do the control steps immediately #vulnerability #wiz @wizsecurity.bsky.social great work for consistently challenging each patch
Reposted by Deva
I played GTA3 on a 20" television in a friend's bedroom once a week I could walk to from my middle school and it was the best gaming thing that ever happened to me.
You're on Discord.
We aren't the same.
You're on Discord.
We aren't the same.
March 8, 2025 at 10:34 PM
I played GTA3 on a 20" television in a friend's bedroom once a week I could walk to from my middle school and it was the best gaming thing that ever happened to me.
You're on Discord.
We aren't the same.
You're on Discord.
We aren't the same.
😭 ya.. I too tried, and found out most of the times we have to work off the books and mostly with veterans of that org to get things done.
March 7, 2025 at 6:54 AM
😭 ya.. I too tried, and found out most of the times we have to work off the books and mostly with veterans of that org to get things done.
Reposted by Deva
When the admins enable anonymous user accesses and guests in Teams without knowing the differences between anonymous, vs public, vs consumer, vs org managed, vs federated domain list, etc, and then get mad when you change the settings because they don't know what they mean
elmo says take me lucifer while standing in front of flames
ALT: elmo says take me lucifer while standing in front of flames
media.tenor.com
February 28, 2025 at 3:27 AM
When the admins enable anonymous user accesses and guests in Teams without knowing the differences between anonymous, vs public, vs consumer, vs org managed, vs federated domain list, etc, and then get mad when you change the settings because they don't know what they mean
I still find the same thing
February 28, 2025 at 4:21 AM
I still find the same thing
I came across someone abusing the graph API, to get all sorts of data, including CAS policies and then using the policy gaps. I was intrigued by the fact, that while entra admins didn't know much about graphs, even the team who enforce security policies to the whole m365 suite, knew very little.
February 11, 2025 at 2:45 AM
I came across someone abusing the graph API, to get all sorts of data, including CAS policies and then using the policy gaps. I was intrigued by the fact, that while entra admins didn't know much about graphs, even the team who enforce security policies to the whole m365 suite, knew very little.