InfoSec News Nuggets 07/22/2022

Windows 11 is getting a new security setting to block ransomware attacks Microsoft is rolling out a new security default for Windows 11 that will go a long way to preventing ransomware attacks that begin with password-guessing attacks and compromised credentials. The new account security default on account credentials should help thwart ransomware attacks that are initiated after using compromised credentials or brute-force password attacks to access remote desktop protocol (RDP) endpoints, which are often exposed…
Read More

InfoSec News Nuggets 09/08/2021

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. The "successful attack," which is believed to have occurred last week, was mounted against its Confluence service that had been deprecated since October 2019, leading the…
Read More

InfoSec News Nuggets 12/06/2019

1 - How Internet resources worth R800 million were stolen and sold on the black market The theft and sale of large swaths of valuable African Internet resources was an inside job, Internet investigator Ron Guilmette has concluded after five months of detective work. Documents obtained from industry sources and public records in Uganda show that at least one insider at AFRINIC is also a shareholder of a company that received money for selling IP…
Read More