A quarter full of risk – get to know the notable vulnerabilities of Q3 2024 >>

The CyberRisk Summit is back! RSVP for free for our live event | November 20 >>

Exposure management analytics and KPIs you need to know about  >>

Get a demo

A quarter full of risk – get to know the notable vulnerabilities of Q3 2024 >>

The CyberRisk Summit is back! RSVP for free for our live event | November 20 >>

Exposure management analytics and KPIs you need to know about  >>

Get a demo
Get a demo

Author: Mike Parkin

Two new XSS bugs, a Cisco hack, and more: first officer’s blog – week 12

First Officer’s log, Terrestrial date, 20220815. Officer of the Deck reporting.   While my crewmates continued to execute the Officer of the Deck duties during my shore leave with the expected skill and professionalism, we were unable to dispatch our usual First Officer’s report. It falls to me now to again take up that mantle and… Continue reading Two new XSS bugs, a Cisco hack, and more: first officer’s blog – week 12

Qakbot, Luca Stealer, and more: first officer’s blog – week 11

First Officer’s log, Terrestrial date, 20220801. Officer of the Deck reporting.   Our presentations on 20220727 were quite successful, with mission professionals attending virtually from across the planet. It is always gratifying to know that people appreciate the work we do to support the mission and are willing to come and participate in a mission-focused… Continue reading Qakbot, Luca Stealer, and more: first officer’s blog – week 11

CVE-2022-26138 and more: first officer’s blog – week 10

First Officer’s log, Terrestrial date, 20220825. Officer of the Deck reporting.   The crew is preparing for a series of presentations on Terrestrial date 20220827 at the CyberRisk Summit, where many of the senior officers will discuss our mission with representatives of the worlds we serve, and, hopefully, will serve in the future. It’s a reminder… Continue reading CVE-2022-26138 and more: first officer’s blog – week 10

An Instagram hack and the rise of purple teams: first officer’s blog – week 9

First Officer’s log, Terrestrial date, 20220818. Officer of the Deck reporting.    A great deal of our mission happens behind the scenes. It is the very nature of a support ship, after all. And this last cycle has been no exception. Though, it seems that more of our mission has been behind the scenes this last… Continue reading An Instagram hack and the rise of purple teams: first officer’s blog – week 9

Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

First Officer’s log, Terrestrial date, 20220811. Officer of the Deck reporting. The ship is back to normal operation and our patrol continues. As a support vessel, we are often in a position to “clean up the mess” discovered, or sometimes instigated, by the ships engaged in First Contact situations. They get all the glory. And… Continue reading Chrome zero-day, DoD bug bounty, and more: first officer’s blog – week 8

LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7

First Officer’s log, Terrestrial date, 20220804. Officer of the Deck reporting. The Captain has authorized liberty call for much of the crew to take part in a local Independence Day celebration. Apparently, the world separated from their colonial power after a disagreement over some beverage imports. It is quite a big deal for the locals… Continue reading LockBit, Malware “gangs”, Hermit spyware framework and more: first officer’s blog – week 7

OT security flaws, Microsoft adds a patch, and more: first officer’s log – week 6

First Officer’s log, Terrestrial date, 20220727. Officer of the Deck reporting. Now recovered from the dreaded Covid, it is time to fully return to duty and continue the mission. While the last week was comparatively quiet, there were still several significant reports. It also seems likely that some recent discoveries will warrant more attention as… Continue reading OT security flaws, Microsoft adds a patch, and more: first officer’s log – week 6

Citrix ADM, Sharepoint, Pegasus: first officer’s log – week 5

First Officer’s log, Terrestrial date, 20220720. Officer of the Deck reporting. One of the challenges of any major planetside expedition, as we were engaged in, is the potential exposure of crew members to local contagions. In this case, the near-endemic Coronavirus, that has been an issue for some time now. Fortunately, only one of our… Continue reading Citrix ADM, Sharepoint, Pegasus: first officer’s log – week 5

Linux vulnerability, ransomware, hidden threats: first officer’s log – week 4

First Officer’s log, Terrestrial date, 202200713. Officer of the Deck reporting. In spite of the ship being in port for a major conference, we were able to continue with our duty to log the mission.  As expected, the conference brought specialists in from other crews to share insights, techniques, and comradery, along with some friendly… Continue reading Linux vulnerability, ransomware, hidden threats: first officer’s log – week 4

Microsoft zero day, More Musk drama, and more: first officer’s log – week 3

First Officer’s log, Terrestrial date, 202200706. Officer of the Deck reporting.  The pace of recent activity has diminished very slightly, but we expect that it is just part of the natural ebb and flow of hostile activity in our sector.  In spite of the brief lull, the crew remains vigilant.   Our next log entry may… Continue reading Microsoft zero day, More Musk drama, and more: first officer’s log – week 3