Deuxieme RE Banque News

Sign in Subscribe

Archive

A collection of 72 issues

Latest

InfoSec News 13FEB2026

General * [RU] Continuing from their block on Telegram, it appears that Roskomnadzor is now blocking WhatsApp as well. Other services may also have been included in the latest block, including other Meta products (Facebook, Instagram), YouTube, as well as news sites. Kremlin spokesperson Dmitry Peskov said the restrictions were imposed

InfoSec News 12FEB2026

General * Brian Krebs is continuing his series on the Kimwolf botnet. The botnet has now added I2P (The Invisible Internet Project) support, however it's overwhelming the I2P network. “I don’t think their goal is to take I2P down,” he said. “It’s more they’re looking for

InfoSec News 11FEB2026

General * Kudos to Microsoft - is planning to make Windows behave more like a mobile operating system, from a security perspective. With Windows Baseline Security Mode, Windows will move toward operating with runtime integrity safeguards enabled by default. These safeguards ensure that only properly signed apps, services and drivers are

InfoSec News 10FEB2026

General * How do you scale abuse of new-user-incentives, into a business? Steal thousands of identities. Prosecutors said the scheme targeted promotional bonuses offered by online gambling platforms to new users who made initial deposits or bets. When bets placed using promotional credits won, the defendants transferred their winnings to virtual

InfoSec News 09FEB2026

General * Google Chrome's changes to how plugins interact with the browser (the move from Manifest Version 2 (MV2), to Manifest Version 3(MV3)), turns out to not be devastating for ad-blocking, as first predicted. Our results reveal no statistically significant reduction in ad-blocking or anti-tracking effectiveness for MV3

InfoSec News 06FEB2026

General * It appears that Microsoft is pivoting away from its security commitments, back to 'security is a product-line'. The more technical-focused Charlie Bell is stepping down from the 'Executive Vice President, Security' role, in favour of Hayete Gallot. There are also rumours that "is essentially

InfoSec News 05FEB2026

General * A 24 year old Taiwanese national sentenced to 30 years prison for running Incognito Market. Clearly not the most prepared, when it came to Operational Security (OpSec). Prosecutors said Lin’s Incognito Market “was once one of the largest online narcotics marketplaces in the world.” Lin ran Incognito Market

InfoSec News 04FEB2026

General * Interesting work from Greynoise, looking at when the US Cybersecurity and Infrastructure Security Agency (CISA) modifies its Known Exploited Vulnerabilities (KEV) list 'knownRansomwareCampaignUse' from 'Unknown' to 'Known'. If being in KEV isn't enough to encourage patching, being Known to be used

InfoSec News 03FEB2026

General * After Notepad++ fixed its update code (checking what it was running, rather than just trusting whatever it downloaded), more information has come to light. It's alleged that a chinese-aligned threat actor has been exploiting the vulnerability, (selectively) redirecting traffic, and using it to install their own code.

InfoSec News 02FEB2026

General * Mandiant have released a report on the ShinyHunters vishing attacks. In incidents spanning early to mid-January 2026, UNC6661 pretended to be IT staff and called employees at targeted victim organizations claiming that the company was updating MFA settings. The threat actor directed the employees to victim-branded credential harvesting sites

InfoSec News 30JAN2026

General * Google is expanding theft protection for mobile devices, including default enabling in presumably high-risk countries (initially Brazil). Updates include changes to "Failed Authentication Lock, a feature that automatically locks the device's screen after excessive failed authentication attempts", "critical tools that utilize Biometric Prompt, like

InfoSec News 29JAN2026

General * Apparently, there are enough exposed LLM servers on the Internet, to make a viable business. Scan the Internet, find unsecured Ollama/vLLM/OpenAI-compatible endpoints, test, then re-sell access. * https://www.pillar.security/blog/operation-bizarre-bazaar-first-attributed-llmjacking-campaign-with-commercial-marketplace-monetization * https://www.bleepingcomputer.com/news/security/hackers-hijack-exposed-llm-endpoints-in-bizarre-bazaar-operation/ * Moltbot (formerly Clawdbot) has

InfoSec News 28JAN2026

General * More from Brian Krebs, pivoting from the Kimwolf botnet, to an earlier antecedent - Badbox 2.0. This earlier botnet was used to help bootstrap the Kimwolf botnet, providing access to vulnerable IoT devices on which Badbox was running, as well as other vulnerable systems within the adjacent network.

InfoSec News 27JAN2026

General * Pwn2Own Automotive wrapped up, where "$1,047,000 USD was awarded for 76 unique 0-day vulnerabilities". Kudos to Juurin Oy for installing Doom on an HYC50 Compact wall-mountable (vehicle) charger. * https://www.zerodayinitiative.com/blog/2026/1/23/pwn2own-automotive-2026-day-three-results-and-the-master-of-pwn * https://www.zerodayinitiative.com/blog/2026/1/22/

InfoSec News 23JAN2026

General * ZenDesk ticket systems are getting spammed en masse, generating large amounts of spam for some users (acknowledgement email for opening a ticket) and presumably the organisations. Attackers appear to be using email lists for valid emails when opening the tickets. The goal is currently unclear, as they are not

InfoSec News 22JAN2026

General * More Cisco Remote Code Execution (RCE) - in Cisco Unified Communications Manager. This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A

InfoSec News 21JAN2026

General * Brian Krebs has just dropped part three of his investigation into the Kimwolf botnet * https://krebsonsecurity.com/2026/01/kimwolf-botnet-lurking-in-corporate-govt-networks/ * Checkpoint researchers - who first revealed the VoidLink malware (15JAN2026 news) - are suggesting it may have been built with a large amount of LLM assistance. They've

InfoSec News 20JAN2026

General * Microsoft are doubling-down on their favoured strategy to make money - create a massive security (data-loss) issue, then sell controls to fix it. Using Purview, to control Recall - the 'feature' that captures frequent snapshots of the screen. * https://learn.microsoft.com/en-us/purview/dlp-recall-get-started Getting Techy

InfoSec News 19JAN2026

General * Quality Microsoft coding - secured Windows 11 23H2 Enterprise and IoT versions fail to shutdown with the latest cumulative update. After installing the January 13, 2026, Windows security update (KB5073455) for Windows 11, version 23H2, some PCs with Secure Launch are unable to shut down or enter hibernation. Instead,

InfoSec News 16JAN2026

General * Time to update your Bluetooth audio accessories, if they support Google Fast Pair. Turns out that a lot of them don't require the device to be in pairing mode, before allowing anyone to proceed through the Fast Pairing pathway. * https://www.esat.kuleuven.be/cosic/news/whisperpair-hijacking-bluetooth-accessories-using-google-fast-pair/