Scott Vintinner

YouTube video by dj.scottv Basskick Higher | Bass Heavy Breakbeat House | Live DJ Mix | dj.scottv

My latest mix from August 3rd is out now:

www.youtube.com/watch?v=D9w-...
soundcloud.com/djscottv/bas...
www.mixcloud.com/djscottv/bas...

Federal court filing system hit in sweeping hack The identities of confidential court informants are feared compromised in a series of breaches across multiple U.S. states.

Pacer court system that handles filings for federal district courts has been hacked. Their systems have long been underfunded. Hopefully this will encourage some change.

why is no one capable of basic appsec these days?

Clorox lawsuit says help-desk contractors handed over passwords in 2023 cyberattack Help desk workers from the IT services company Cognizant were directly responsible for an August 2023 cyberattack that disrupted operations at the Clorox Company, the cleaning products giant alleges i...

Clorox is claiming in a lawsuit that a Cognizant help desk worker reset Okta and Microsoft passwords three different times for a cybercriminal without verifying who was asking

Clorox says it lost $380 million from the August 2023 hack

therecord.media/clorox-cyber...

Fire Ant: Hypervisor-Level Espionage Targeting VMware ESXi & vCenter | Sygnia Discover Sygnia’s investigation into Fire Ant, an advanced cyber-espionage campaign breaching VMware ESXi, vCenter, and network appliances. Learn how the attackers bypassed traditional defenses with h...

If you run VMware vSphere/vCenter/ESXi at your company, take some time to read this breakdown of an attack.

Attackers showing a very high level of sophistication and persistence even after discovery. This is the stuff of nightmares.

From the cybersecurity community on Reddit Explore this post and more from the cybersecurity community

Good discussion on reddit's /cybersecurity:

Spain awards Huawei contracts to manage intelligence agency wiretaps Huawei will manage and store judicially authorized wiretaps in Spain, under a contract that bucks the trend of Western governments restricting use of the Chinese tech company's products and services.

Wow. Spain is putting salt typhoon out of business. They are just going to hand it all to them: Huawei contracted to manage their wiretaps….

therecord.media/spain-awards...

Summer Associate's Naughty Toddler Impression Gets Her Bounced From Biglaw - Above the Law She really sunk her teeth into Biglaw.

After their first year, law students generally work summers at various law firms. It's a cross between an internship and job interview. "Above the Law" reports here on one of these summer associates that was let go because she was biting her coworkers.

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update Google releases an update for Chrome’s CVE-2025-6554, a critical zero-day flaw, to prevent exploitation

New Google Chrome zero-day. Update your browser now.

thehackernews.com/2025/07/goog...

Screenshot of malware page where attacker asks victim to press CTRL-S to save the page and rename with .HTA extension.

New variation of the "FileFix" attack works by convincing end users to save a malware web page to disk and rename the extension.

www.bleepingcomputer.com/news/securit...

Senator Chides FBI for Weak Advice on Mobile Security Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the...

This is hilarious. Senators under cyberattack by nation states and the FBI's advice is to avoid clicking on untrusted links.

From the cybersecurity community on Reddit Explore this post and more from the cybersecurity community

Two good security discussions on Reddit:

www.reddit.com/r/cybersecur...

www.reddit.com/r/cybersecur...

Remove Default Microsoft Store packages from the system

If you enable this policy, the selected Microsoft Store apps in the provided list will be uninstalled from the system. You can make adjustments to the default settings.

Windows 11 25H2 build 26200.5670

MOVEit Systems Face Fresh Attack Risk Following Scanning Activity GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks

Increase in recon scanning for MOVEit (file transfer) systems implies new attack forthcoming.

These systems are highly desirable because rather than just being a beachhead to launch other attacks, attackers get instant access to the confidential data.

The 2025 Bootid meteor shower peaks June 27: Here's what to expect You'll need luck on your side to spot these shooting stars.

People in the southeast US reporting seeing fireballs in the sky during the day today. This is the Bootid Meteor Shower that is expected to peak tomorrow.

www.space.com/stargazing/t...

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access Cisco fixes CVE-2025-20281 and CVE-2025-20282 in ISE, ISE-PIC to prevent remote code execution.

New Cisco ISE 10.0 vulnerability. ISE is a high value target for attackers, equal or close to a Domain Controller compromise.

It is unfortunate that Cisco ISE patches and upgrades have such a high risk and failure rate (in our experience).

PACER electronic filing system under attack by hackers, federal judge warns lawmakers The judge overseeing efforts to modernize the courts' electronic case filing technology told a congressional committee that the platform is under constant attack by increasingly sophisticated threat a...

Any IT person that has had to deal with court IT services knows that they are often woefully underfunded and terribly outdated. We often had to implement special controls because their sites required risky Java or ActiveX years after browsers had dropped support.

Ransomware attack contributed to patient’s death, says Britain’s NHS A cybercrime group's attack against a London-based pathology service last year was one of the "contributing factors" in the death of a patient, U.K. officials said.

A quick search shows that this isn't even the first time this has happened. Estimates of 50-100 people have died as a direct result of ransomware.

WinRAR patches bug letting malware launch from extracted archives WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive.

New WinRAR vulnerability allows an attacker to trigger an execution when extracting an archive. Patch released yesterday.

www.bleepingcomputer.com/news/securit...

CitrixBleed 2: Electric Boogaloo — CVE-2025–5777 Remember CitrixBleed, the vulnerability where a simple HTTP request would dump memory, revealing session tokens? It’s back.

nobody reverse this patch 🤪

doublepulsar.com/citrixbleed-...

Malware on Google Play, Apple App Store stole your photos—and crypto A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices.

Attackers uploaded malware apps to the Google and Apple app stores that try to steal photos and screenshots of crypto wallet recovery keys.

Introducing FileFix – A New Alternative to ClickFix Attacks A new browser attack vectors just dropped, and it’s called FileFix — an alternative to the well-known ClickFix attack. This method, discovered and shared by mrd0x, shows how attackers can to execute c...

New variation on the ClickFix attacks tries to convince the victim to paste a malicious command into a Windows File Explorer window (launched by the browser).

YouTube video by dj.scottv Falling Down Vertigo | Chill Electronica Progressive House | Live DJ Mix | dj.scottv

Latest DJ mix of chill downtempo electronica and progressive house for your 6 AM ride home after the club.
🎧🎶🎧🎶

Tenable announces multiple privilege escalation vulnerabilities in their Tenable Agent software.

Note that while most agents should be self-updating, they had issues in recent months that broke the self-update for some agents. If your systems are properly updating, they should be on 10.9.0 now.

ASUS Armoury Crate bug lets attackers get Windows admin privileges A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines.

Microsoft's failure to provide an API for light and fan controls continues to lead to problems as vendors must write kernel mode drivers to be able to do this themselves... As a result, otherwise minor security failures become complete system compromises.

Freedman HealthCare targeted by cyber extortionists : The group has previously threatened to SWAT cancer patients and leaked pre-op plastic surgery photos

Article discusses recent attack on Freedman Healthcare. Worth noting is how the attackers have moved from ransomware to straight data theft and extortion.

www.theregister.com/2025/06/16/e...

Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks House Republican Brian Fitzpatrick and others are pushing for legislation to allow CISA and the Department of Health and Human Services to do more in response to cyberthreats against healthcare provid...

Congress actually trying to do something useful for once.

One more time, here is EFF/Freedom of the Press' guide for journalists securing their devices to cross the US border.

Stories like Alistair's help us understand the real threats on the ground and allow us to threat model more accurately.

freedom.press/digisec/blog...

-suspected APT
-targeted MSFT accounts
-targeted natsec and economic policy reporters
-breach discovered Thursday
-staff notified today

Palantir Is Going on Defense Palantir threatened to call police on a WIRED reporter and kicked out other journalists from a recent conference following reports of the data analytics firm's work with the Trump administration.

NEW: Palantir threatened to call police on @wired.com reporter @carolinehaskins.bsky.social and kicked out other journalists from a recent conference following reports of the data analytics firm's work with the Trump administration. @carolinehaskins.bsky.social reports www.wired.com/story/palant...