DodgeThisSecurity

Any chance of an IOC list of IP Addresses, Hashes, domains, commands the attacker ran, etc?

02.02.2026 13:11 — 👍 4    🔁 0    💬 0    📌 0

In wake of Horizon scandal, forensics prof says digital evidence is a minefield Outdated and misinformed legal presumptions at the heart of concerns Digital forensics in the UK is in need of reform, says one expert, as the deadline to advise the government on computer evidence rules arrives.…

In wake of Horizon scandal, forensics prof says digital evidence is a minefield

16.04.2025 11:29 — 👍 13    🔁 4    💬 0    📌 1

After breach, SEC says hackers used stolen data to buy stocks After accessing the Security and Exchange Commission's nonpublic filings, hackers may have used the stolen data to pad their portfolios with tomorrow's hot stocks.

www.cnet.com/personal-fin...

“Security and Exchange Commission Chairman John Clayton released a lengthy statement yesterday on cybersecurity. Buried about 1,400 words in, you'll find an eyebrow-raising disclosure -- the SEC was apparently hacked in 2016.”

16.04.2025 06:58 — 👍 30    🔁 16    💬 0    📌 0

The Sophos Annual Threat Report: Cybercrime on Main Street 2025 Ransomware remains the biggest threat, but old and misconfigured network devices are making it too easy

I did a thing. news.sophos.com/en-us/2025/0...

16.04.2025 11:35 — 👍 17    🔁 4    💬 0    📌 0

Suspected 4chan Hack Could Expose Longtime, Anonymous Admins Though the exact details of the situation have not been confirmed, community infighting seems to have spilled out in a breach of the notorious image board.

RE: potential 4chan Hack: 'Rumors also started circulating... that the breach is the result of 4chan running legacy, unpatched software that exposed the platform to attack.' - @mattburgess1.bsky.social & @lhn.bsky.social in @wired.com www.wired.com/story/2025-4... @gate15.bsky.social #cybersecurity

16.04.2025 11:34 — 👍 12    🔁 3    💬 1    📌 0

Hello everyone! I’m proud and honored to introduce my very first academic white paper through SANS, which discusses the nuances and needs for planning for #ransomware in OT / industrial networks. www.sans.org/mlp/ics-ot-m...

16.04.2025 03:39 — 👍 257    🔁 51    💬 12    📌 2

Blue Screen of Panic: Microsoft Updates Turn PCs into Drama Queens Microsoft warns of a potential blue screen error on Windows 11 due to recent updates. The dreaded SECURE_KERNEL_ERROR could crash your PC, but fear not! Microsoft's Known Issue Rollback is here to save the day. Restart your device to hasten the fix, and remember, sometimes even technology needs a little reboot therapy.

Blue Screen of Panic: Microsoft Updates Turn PCs into Drama Queens

Windows 11 users beware: Blue screen chaos ahead! Learn how to dodge the dreaded SECURE_KERNEL_ERROR and keep your PC happy.
thenimblenerd.com?p=1042978

16.04.2025 11:46 — 👍 1    🔁 1    💬 0    📌 0

Apache Roller Bug: The Persistent Session Nightmare You Didn’t Know You Had A critical vulnerability in Apache Roller allows attackers to maintain persistent access even after password changes. Roller version 6.1.5 fixes this session management flaw, ensuring all active sessions are properly invalidated. With a CVSS score of 10/10, this patch is a must for users wishing to avoid surprise guests in their virtual living room.

Apache Roller Bug: The Persistent Session Nightmare You Didn’t Know You Had

Apache Roller vulnerability allows hackers to abuse old sessions for persistent access despite password changes. Here's how updates fix it.
thenimblenerd.com?p=1042980

16.04.2025 11:46 — 👍 1    🔁 1    💬 0    📌 0

Comprehensive Guide to Configuring Advanced Auditing This post provides everything you need to ensure Advanced Auditing is fully configured and auditing everything we possibly can for both existing and new users. I recently shared guidance for this via social media (see below), and it felt like a perfect time to revisit my previous posts and combine everything into one comprehensive guide :) You likely aren't collecting all available events to the Unified Audit Log First, not all events are enabled or retained optimally. Consider creating this policy in the Purview portal (leave users and record types blank to collect everything). Retention is based on license... pic.twitter.com/IEKKfrkpI8

Most Microsoft tenants do not have Advanced Auditing configured correctly, and orgs only find out after it is too late :(

I tried really hard to make this as short and simple as possible. Please be nice to your IR folks and set this up, it's important ;)

nathanmcnulty.com/bl...

16.04.2025 05:13 — 👍 34    🔁 10    💬 2    📌 0

"CVE Foundation Launched to Secure the Future of the CVE Program"

Please note this is not an official CVE Board action, but the action of a rogue group within the CVE Board to try and save the CVE Program.

www.linkedin.com/in/...

bsky.app/profile/cve...

16.04.2025 08:00 — 👍 51    🔁 24    💬 7    📌 5

Cybersecurity World On Edge As CVE Program Prepares To Go Dark MITRE’s CVE program may shut down as DHS funding expires, threatening global cybersecurity coordination and exposing critical gaps in vulnerability tracking.

www.forbes.com/sites/tonybr...

16.04.2025 11:58 — 👍 25    🔁 6    💬 2    📌 2

BSLV logo with Alice in Wonderland theme

BSidesLV is extending to two and a half days this year!

The donor drive will open on Apr 20, but the room block is open now. Discounted rates are available from August 1 through August 11. Resort fee is waived.

Details here: bsideslv.org/venue

16.04.2025 12:00 — 👍 13    🔁 7    💬 0    📌 0