Scott Vintinner

Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023 Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to co...

Cisco SD-WAN 10.0 critical zero day discovered that has been exploited since 2023. Allows remote attackers to compromise controllers and add new rogue nodes (remote attacker gets internal LAN access).

This is an example of the kind of thing that keeps network security admins awake at night.

Great discussion on Hacker News about the Citrini Research prediction about Ai usage by 2028 displacing many established companies and systems.

It's funny how we're all so pessimistic about the future now.

news.ycombinator.com/item?id=4711...

Expert says UMMC could face ‘weeks to months’ of recovery after cyberattack University of Mississippi Medical Center clinics across the state will remain closed and elective procedures are canceled through Wednesday as officials respond to a cyberattack that targeted the state’s only academic medical center.

Expert says UMMC could face ‘weeks to months’ of recovery after cyberattack

University of Mississippi Medical Center clinics across the state will remain closed and elective procedures are canceled through Wednesday as officials respond to a cyberattack that targeted the state’s only academic…

Google patches first Chrome zero-day exploited in attacks this year Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the first such security flaw patched since the start of the year.

Google patches first zero-day of the year in Chrome. Update your systems now.

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

New ClickFix attack uses DNS to deliver a PowerShell script. Just an example of how DNS logging has become more important than ever.

YouTube video by dj.scottv Holdin' On Weightless | Melodic House | Live DJ Mix | dj.scottv

Latest DJ Mix:

ClickFix attack uses fake Windows BSOD screens to push malware A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death (BSOD) screens to trick users into manually compiling and executing malware on their systems.

ClickFix attack uses fake Windows BSOD screens to push malware #cybersecurity #hacking #news #infosec #security #technology #privacy

A Cyberattack Was Part of the US Assault on Venezuela

We don't have many details: President Donald Trump suggested Saturday that the U.S. used cyberattacks or other technical capabilities to cut power off in Caracas during strikes on the Venezuelan capital that led to the capture of Venezuelan…

YouTube video by dj.scottv What's Up Let Me In | Melodic House & Dance | Live DJ Mix | dj.scottv

My new live DJ mix from Nov 16th, "What's Up Let Me In" is out now on YouTube, Soundcloud and Mixcloud. Some really great music in this one.

🎶🎼🎧🎧🎧🎵

www.youtube.com/watch?v=aAfe...

"This raises an important question: if AI models can be misused for cyberattacks at this scale, why continue to develop and release them?"

And of course the answer is that we all need to buy more AI.

Disrupting the first reported AI-orchestrated cyber espionage campaign A report describing an a highly sophisticated AI-led cyberattack

Chinese attackers used AI jailbreaks to get Anthropic's agentic Claude AI to actually perform successful attacks on 30 different high-profile companies.

"Less experienced and resourced groups can now potentially perform large-scale attacks of this nature."

KnownSec breach: What we know so far. After the initial buzz around the data leak from Chinese cybersecurity firm KnownSec, a few more details have since emerged. Here is our take.

KnownSec breach details: compromise of a state-sponsored group performing offensive cyber operations reveals details about tools and objectives.

Copy-paste now exceeds file transfer as top corporate data exfiltration vector Nearly a third of copy-pastes from corporate to non-corporate accounts are to AI tools.

From SCWorld: Copy-paste now exceeds file transfer as top data exfiltration vector.

"This shift is largely due to generative AI (genAI), with 77% of employees pasting data into AI prompts, and 32% of all copy-pastes from corporate accounts to non-corporate accounts occurring within genAI tools."

YouTube video by dj.scottv I Just Can't Stop Where You Are | Indie Dance | Live DJ Mix | dj.scottv

My latest mix is out now. Mostly new stuff from the last few months.

🎧🎶🎧🎶

Ransomware profits drop as victims stop paying hackers The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers' demands.

Some good news for once. Only 23% of ransomware victims are paying out, versus 85% back in 2019.

YouTube video by dj.scottv After You Daydream | Melodic House and Techno | Live DJ Mix | dj.scottv

My new mix is out now:
🎧🎶🎧🎶

Check out crystallized at 1:28:30. What a song.

Redis warns of critical flaw impacting thousands of instances The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances.

Redis critical vulnerability allows authenticated user to take over the server.

Phishers target 1Password users with convincing fake breach alert Attackers are using realistic-looking 1Password emails to trick users into handing over their vault logins.

Phishers target 1Password users with convincing fake breach alert for Malwarebytes Labs www.malwarebytes.com/blog/news/20...

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day GreyNoise detects 500% spike in Palo Alto login scans, linking it to recent Cisco ASA exploit trends.

Increased scanning of Palo Alto Networks login portals.

GreyNoise noted...that surges in malicious scanning, brute-forcing, or exploit attempts are often followed by the disclosure of a new CVE affecting the same technology within six weeks.

Microsoft: Critical GoAnywhere bug exploited in ransomware attacks A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month.

Fortra GoAnywhere (secure file transfer system) vulnerability being exploited by Storm-1175.

"While Fortra patched the vulnerability on September 18 without mentioning active exploitation, security researchers at WatchTowr Labs tagged it as exploited... as a zero-day since September 10."

Red Hat data breach escalates as ShinyHunters joins extortion Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports (CERs) leaked on their data leak site.

More details emerge about Red Hat data breach from last week.

Attackers compromised a Red Hat Gitlab instance used for consulting engagements (possible customer data) and have set a ransom deadline for 10/10.

Unauthenticated Blind Server Side Request Forgery (SSRF) in Splunk Enterprise In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119, and 9.2.2406.122, an unauthenticated attacker could trigger a ...

Splunk reports high-severity vulnerability that allows "an unauthenticated attacker could trigger a blind server-side request forgery (SSRF), potentially letting an attacker perform REST API calls on behalf of an authenticated high-privileged user."

advisory.splunk.com/advisories/S...

Crazy that this shows up on my cybersecurity feed.

From the cybersecurity community on Reddit Explore this post and more from the cybersecurity community

Good conversation on reddit today:

Want to Foil an AI Deepfake? Tell It to Draw a Smiley Face Cyber experts are discovering that low-tech ploys and the minutiae of human life can be some of the best weapons against the all-digital impostor.

Blade Runner replicant tests coming true right before our eyes.

Apple patches critical zero-day in ImageIO amid reports of targeted exploits With no workaround available, Apple advises all users to install iOS 16.7.12 and iPadOS 16.7.12 without delay.

Apple has rolled out two new updates to patch a zero-day vulnerability in the ImageIO framework that may have already been exploited. www.csoonline.com/article/4058...

Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials.

Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service #cybersecurity #hacking #news #infosec #security #technology #privacy

The Essential Toolkit: 25+ Cybersecurity Commands Every Professional Must Master Introduction: In the dynamic field of cybersecurity, proficiency with command-line tools is not just an advantage—it's a necessity. From penetration testing to system hardening, the ability to swiftly interrogate systems, networks, and applications forms the bedrock of effective security practices. This guide consolidates critical commands across major platforms to equip both trainees and seasoned professionals with a verified arsenal. Learning Objectives:

The Essential Toolkit: 25+ Cybersecurity Commands Every Professional Must Master

Introduction: In the dynamic field of cybersecurity, proficiency with command-line tools is not just an advantage—it's a necessity. From penetration testing to system hardening, the ability to swiftly interrogate…

YouTube video by dj.scottv With U By My Side | Melodic House and Techno | Live DJ Mix | dj.scottv

My latest mix from Sept 14, 2025.

Store passwords in a password manager that is refrigerated and airtight to keep them fresh until their expiration date.

Follow me for more infosec tips!