John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
Patch Alert: Wing FTP Exploited, Two Patch Tuesday Zero-Days, and a D-Link RCE That Doesn't Need a Login
Three vulnerability disclosures in one week across different parts of the stack. Wing FTP is actively exploited, March Patch Tuesday dropped two zero-days, and D-Link has an unauthenticated RCE in its DNS config.
Read More
Four Major Companies Still Won't Talk About the Oracle EBS Breach
Broadcom, Bechtel, Estee Lauder, and Abbott Technologies got named in the Cl0p Oracle EBS breach. None have said a word. The silence is becoming its own problem.
Read More
Iran Didn't Need Malware to Cripple Stryker. They Just Used Microsoft Intune.
The Handala group wiped tens of thousands of Stryker devices using the company's own MDM platform. No malware. No exploit. Just admin access and the willingness to press the button.
Read More
GlassWorm Is Hiding Malware in Invisible Code and Pushing It Into Your Python Repos
GlassWorm steals GitHub tokens, then injects malicious code written in invisible Unicode characters into repos developers already trust. 151 packages hit in one week.
Read More
Europe's Biggest Tech Fines Are Getting Overturned in Court
Amazon just got a $858 million GDPR fine thrown out. Cloudflare is fighting Italy's Piracy Shield. Big Tech's legal teams are now the real counterparty to European regulation.
Read More
ClickFix Went Cross-Platform This Week. Mac Users, You're Not Safe.
Three separate campaigns are using ClickFix to trick people into installing malware themselves. macOS, Windows, enterprise VPN users. No exploit needed. Just copy, paste, execute.
Read More