Quick Hits

The new open source tools are designed to help defense, identity and access management, and security operations center teams discover vulnerable network shares.

The latest startup to enter the space also has a free scanning service to audit the contents of any website.

Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.

Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity.

So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.

The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.

Now-convicted phone dealer reset locked and blocked phones on various mobile networks.

Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts.

A Justice Department official testifies to a House committee that the cyberattack is a "significant concern."

Customers across several European countries are urged to update credentials in the wake of the attack that affected a gas-pipeline operator and power company.

Attackers almost immediately leapt on a just-disclosed bug, CVE-2022-26138, affecting Atlassian Confluence, which allows remote, unauthenticated actors unfettered access to Confluence data.

Microsoft flagged the company's Subzero tool set as on offer to unscrupulous governments and shady business interests.