You might be interested in …

[HackerNews] Critical Auth Bypass Bug Affects VMware Carbon Black App Control

All posts, HackerNews

VMware has rolled out security updates to resolve a critical flaw affecting Carbon Black App Control that could be exploited to bypass authentication and take control of vulnerable systems. The vulnerability, identified as CVE-2021-21998, is rated 9.4 out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and affects App Control (AppC) […]

Read More

[HackerNews] QNAP Warns of DeadBolt Ransomware Targeting Internet-Facing NAS Devices

All posts, HackerNews

Taiwanese company QNAP has warned customers to secure network-attached storage (NAS) appliances and routers against a new ransomware variant called DeadBolt. “DeadBolt has been widely targeting all NAS exposed to the Internet without any protection and encrypting users’ data for Bitcoin ransom,” the company said. “QNAP urges all QNAP NAS users to […] immediately update QTS […]

Read More

[SANS ISC] MGLNDD_* Scans, (Sun, Mar 20th)

All posts, Sans-ISC

Reader Markus reported TCP connections on his servers with data that starts with MGLNDD_*. Like MGLNDD_<IP_ADDRESS_OF_TARGET>  and MGLNDD_<IP_ADDRESS_OF_TARGET>_<TARGET_PORT>. I took a look at my server and honeypot logs, and I’m seeing this too. It started on March 1st, with TCP data like this: MGLNDD_<IP_ADDRESS_OF_TARGET>n Where <IP_ADDRESS_OF_TARGET> is the IPv4 address of my servers. And starting […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.