Welcome to another Morning Bowl breakout:
Fashion brand SHEIN fined $1.9m for lying about data breach
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
Read more....
Dangerous hole in Apache Commons Text – like Log4Shell all over again
Third time unlucky. Time to put your patching boots on again...
Read more....
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobalt Strike is a commercial red-team framework that's mainly used for adversary simulation, but cracked versions of the software have been actively abused by ransomware
Read more....
Fashion brand SHEIN fined $1.9m for lying about data breach
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
Read more....
Dangerous hole in Apache Commons Text – like Log4Shell all over again
Third time unlucky. Time to put your patching boots on again...
Read more....
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobalt Strike is a commercial red-team framework that's mainly used for adversary simulation, but cracked versions of the software have been actively abused by ransomware
Read more....