News
Latest cybersecurity news — hacks, breaches, vulnerabilities, regulatory moves
MediBank Australia Ransomware 2022 — How a Refusal to Pay Set the Australian Precedent: 9.7M Records Leaked, $1.7B Cost, BlogXX Sanctions
Australian health insurer MediBank refused to pay attackers' ransom demand for 9.7M customer records; attackers progressively leaked the data including extracted medical…
NewsMicrosoft Midnight Blizzard 2024 — How APT29 Used Password Spraying to Read Microsoft Senior Executive Email: Anatomy of the Russian SVR Intrusion
Russian SVR-aligned APT29 used password spraying on a legacy non-MFA Microsoft test tenant, then OAuth-abused a malicious application to read months of…
NewsHeartbleed (CVE-2014-0160) — How a 64KB Memory Leak in OpenSSL Compromised 17% of the Internet: The Vulnerability That Changed TLS Forever
A simple bounds-check error in OpenSSL's heartbeat extension allowed unauthenticated attackers to read 64KB of server memory at a time — exposing…
NewsLog4Shell (CVE-2021-44228) — How a JNDI Lookup Feature in Log4j Became “the Bug of the Century”: Anatomy of the Worst Java Vulnerability
A logging library feature for JNDI lookups, intended to make config lookups easier, became the worst Java vulnerability in history when attackers…
NewsEternalBlue, WannaCry & NotPetya — How an NSA-Leaked Windows SMB Exploit Cost $10 Billion: Anatomy of 2017’s Internet-Shaking Worm
A Windows SMB vulnerability discovered and weaponised by NSA, leaked by the Shadow Brokers, and used to power WannaCry and NotPetya —…
NewsShellshock (CVE-2014-6271) — How a 25-Year-Old Bash Bug Exposed Every Unix System on the Internet: Anatomy of the Server-Side Catastrophe
A code path in Bash going back 25 years allowed environment variables to contain executable function definitions plus extra commands — turning…
NewsSpectre & Meltdown 2018 — How Speculative Execution in Every Modern CPU Created Side-Channel Attack Vectors: Anatomy & Persistent Mitigations
Three vulnerabilities affecting virtually every CPU manufactured for the previous 20 years exploited speculative execution to leak data across security boundaries —…
NewsStuxnet (2010) — How a US-Israeli Cyber Weapon with Four Zero-Days Sabotaged Iran’s Nuclear Program: The First True Cyber-Kinetic Attack
Four Windows zero-days plus stolen code-signing certificates plus deep knowledge of Siemens industrial systems plus an air-gap-bridging USB worm equals the first…
NewsEquifax Breach 2017 — How an Unpatched Apache Struts Vulnerability Cost 147M Americans Their Identities: $1.4B Settlement Analysis
A two-month-old Apache Struts patch that Equifax had not deployed allowed attackers to access internal systems and exfiltrate personally-identifying data on 147…
NewsProxyLogon & Hafnium 2021 — How Four Microsoft Exchange Zero-Days Compromised 250,000+ Servers Globally: The Most Damaging Mass Exploitation in History
Four chained zero-days in on-premises Microsoft Exchange Server — exploited first by Chinese APT Hafnium, then by half a dozen other threat…