Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.ie is one of the many independent Mastodon servers you can use to participate in the fediverse.
Irish Mastodon - run from Ireland, we welcome all who respect the community rules and members.

Administered by:

Server stats:

1.8K
active users

mastodon.ie: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#oracle

42 posts37 participants2 posts today
Public
Opalsec :verified:

Grab your beverage of choice ☕, because there's a LOT to recap from the last 24 hours. Check it out here 👉 opalsec.io/daily-news-update-f

There's a lot to digest, so if you're running between meetings or scoffing down a quick lunch before the next - here's the TL;DR on the key points:

🚨 Urgent Ivanti Patch Alert: A critical RCE zero-day is being actively exploited by suspected China-nexus group UNC5221, who are deploying new malware (TRAILBLAZE, BRUSHFIRE).

🌐 Fast Flux is Back in the Spotlight: Five Eyes agencies dropped a joint advisory on the increased use of this evasion technique by sophisticated actors (ransomware gangs, state-sponsored groups). It makes tracking C2s & phishing sites a real headache by rapidly changing IPs/nameservers.

🔗 GitHub Supply Chain Attack Deep Dive: Remember that complex attack targeting Coinbase via GitHub Actions? Unit 42 traced its origin back to a single leaked SpotBugs Personal Access Token from late 2024! A huge reminder about token hygiene, the risks of mutable tags, and those cascading dependency threats. Rotate secrets if you use SpotBugs, Reviewdog, or tj-actions!

🤔 Oracle's Cloud Breach Saga Continues...: Oracle reportedly admitted a breach to customers, framing it as a "legacy" (pre-2017) environment issue, yet, the actor leaked data allegedly from late 2024/2025. The focus on "Oracle Cloud Classic" vs. OCI feels like damage control over transparency. As I put it in the blog, their handling doesn't exactly inspire confidence – trust is earned, folks.

🔄 Rethinking Disaster Recovery in the Ransomware Era: DR is way more than just backups now. With hybrid environments sprawling and ransomware the top threat, recovery is Incident Response (detect, isolate, wipe, reinstall, restore). Homogeneity might simplify recovery, but beware of single points of failure (hello, CrowdStrike outage!).

📡 Mass Scanning Alert: Seeing increased probes against Juniper devices (looking for default 't128' creds - change 'em!) and Palo Alto GlobalProtect portals. Motives are unclear – could be recon, botnet building, or sniffing for vulnerabilities. Keep those edge devices patched and hardened!

🇺🇦 New Malware 'Wrecksteel' Hits Ukraine: CERT-UA warns of a new espionage malware targeting state agencies and critical infrastructure via phishing. Deployed by UAC-0219, Wrecksteel exfiltrates documents and takes screenshots.

⚖️ INC Ransomware Claims State Bar of Texas: The second-largest US bar association confirmed a data breach after INC ransomware listed them on their leak site.

Stay informed, stay vigilant, and let me know your thoughts in the comments! What's catching your eye this week?

Opalsec · Daily News Update: Friday, April 4, 2025 (Australia/Melbourne)Chinese group exploiting Ivanti RCE bug since mid-March to drop web shells; DNS Fast Flux increasingly used by cyber crims & nation-states; GitHub Supply Chain attack traced to leaked Access Token in a CI workflow; Oracle says breach is of legacy system - receipts show otherwise.
#CyberSecurity#InfoSec#ThreatIntel
Public
AAKL

Oracle is in bed with the US regime and is bidding for TikTok, which means it's on the good side of DT. It seems to be under the impression it can get away with this deceitful behavior because it's the Wild West again - and it's not alone. Apple, Meta and other tech companies are hiding behind DT to try and escape the consequences of their wrongdoing.

The Register: Oracle faces Texas-sized lawsuit over alleged cloud snafu and radio silence theregister.com/2025/04/02/ora @theregister #Oracle #cybersecurity #Infosec #databreach

The Register · Oracle faces Texas-sized lawsuit over alleged cloud snafu and radio silenceBy Connor Jones
Public
AAKL

This is going to come back and bite Oracle in the behind.

"Wayback Machine archive has been scrubbed."

"rose87168 left a text file on the Oracle Access Manager frontend as proof they were there."

"Oracle appears to have had that URL removed from the Wayback Machine on request."

Oracle continues to deny breach, tries to hide evidence computing.co.uk/news/2025/secu #Oracle #cybersecurity #Infosec #databreach

www.computing.co.ukOracle continues to deny breach, tries to hide evidenceCustomers and researchers have independently confirmed a breach of Oracle’s systems, but the company continues to downplay, deny and obfuscate
Public
Opalsec :verified:

👋 Ready for a fresh day of Cyber horrors? Me neither!

Oh well, here you go: opalsec.ghost.io/daily-news-up

Here's a few of the key items to be aware of:

🚨 Palo Alto GlobalProtect Scans: Observed a significant spike in scans targeting Palo Alto Network GlobalProtect login portals, possibly prior to new exploit releases. Time to audit those logs! 🧐

🇨🇳 China as Top Cyber Threat: Gen. Paul Nakasone (former NSA/Cyber Command Head) highlights China's unprecedented cyber activities, including malicious code in critical infrastructure and rapid exploitation of vulnerabilities. It's time to rethink our defense strategies! 🛡️

🇰🇵 North Korean IT Worker Expansion: North Korean "IT warriors" are infiltrating European companies, using fake identities to secure remote work and fund their regime. Stay vigilant and double-check those remote hires! 🕵️

🔑 Identity Flaws in Breaches: A new report indicates 60% of incidents involved an identity attack, with compromised valid accounts being a top initial access vector. Focus on robust MFA, least privilege, and AD security! 🔒

Read the full post for all the details and more actionable insights, and if you want all this straight to your inbox, you're in luck! 👉 opalsec.ghost.io/daily-news-up

Opalsec · Daily News Update: Wednesday, April 2, 2025 (Australia/Melbourne)Increased scans of Palo Alto GlobalProtect devices may indicate imminent attack. Nakasone names China the biggest Cyber threat to the US. DPRK expands prolific IT Worker campaigns to Europe. Talos finds Identity a key culprit in 69% of Ransomware incidents.
#Cybersecurity#InfoSec#ThreatIntel
ExploreLive feeds
About