Lunch Time Nibbles - 2022-09-12

Welcome to another Lunch Time breakout:

High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices
A number of firmware security flaws uncovered in HP's business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure. Binarly, which first revealed details of the issues at the Black Hat USA conference in mid-August 2022, said the vulnerabilities "can't be detected by firmware integrity monitoring systems due to limitations of the Trusted
Read more....

Cisco confirms Yanluowang ransomware leaked stolen company data
Cisco has confirmed that the data leaked yessterday by the Yanluowang ransomware gang was stolen from the company network during a cyberattack in May. [...]
Read more....

Palestinian Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel
A hacktivist collective called GhostSec has claimed credit for compromising as many as 55 Berghof programmable logic controllers (PLCs) used by Israeli organizations as part of a "Free Palestine" campaign. Industrial cybersecurity firm OTORIO, which dug deeper into the incident, said the breach was made possible owing to the fact that the PLCs were accessible through the Internet and were
Read more....

Why Vulnerability Scanning is Critical for SOC 2
SOC 2 may be a voluntary standard, but for today's security-conscious business, it's a minimal requirement when considering a SaaS provider. Compliance can be a long and complicated process, but a scanner like Intruder makes it easy to tick the vulnerability management box. Security is critical for all organisations, including those that outsource key business operation to third parties like
Read more....