Medusa ransomware claims American Golf Corporation hack
Infiltration of American Golf's systems has purportedly enabled the exfiltration of members' information, user IDs, passwords, and secret keys, as well as emails, licenses, passports, reports, and financial details.
Squarespace-registered DeFi platforms subjected to DNS hijacking
Several decentralized finance platforms, including Compound Finance, Celer Network, and Pendle, had domains registered with Squarespace impacted by DNS hijacking attacks on Thursday.
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-36401 OSGeo GeoServer GeoTools Eval Injection Vulnerability These types of vulnerabilities are frequent attack...
I was asked a question about the protection of an .xlsm spreadsheet. I've written before on the protection of .xls spreadsheets, for example in diary entries " Unprotecting Malicious Documents For Inspection" and " 16-bit Hash Collisions in...
16-bit Hash Collisions in .xls Spreadsheets, (Sat, Jul 13th)
A couple years ago, in diary entry " Unprotecting Malicious Documents For Inspection" I explain how .xls spreadsheets are password protected (but not encrypted). And in follow-up diary entry " Maldocs: Protection Passwords", I talk about an update to...