Ivanti

May 2025

May 2025


Vol. 8, Iss. 20
Robin’s Newsletter #361
Vol. 8, Iss. 20

M&S insurance claim may top £100M. Coinbase flips script on extortion attempt. OpenAI instructed to retain output log data.

April 2025

April 2025


Vol. 8, Iss. 15
Robin’s Newsletter #356
Vol. 8, Iss. 15

Black Basta ransomware group chat logs leaked. Attackers accessed 150,000 emails at US Treasury bureau. Yes, Oracle was breached.


Vol. 8, Iss. 14
Robin’s Newsletter #355
Vol. 8, Iss. 14

Oracle quietly starts admitting breach. Cred stuffing against Aussie superannuation funds. Will ransomware gangs put prices up with Trump's tariffs?

January 2025

January 2025


Vol. 8, Iss. 2
Robin’s Newsletter #343
Vol. 8, Iss. 2

Ivanti zero-day exploits. US Treasury breach targeted foreign investment committee. Minor changes needed to manipulate AI models for misinformation.

December 2024

December 2024


Vol. 7, Iss. 50
Robin’s Newsletter #339
Vol. 7, Iss. 50

File transfer systems attacked. FCC funding to replace Chiense telco equipment. Romania nnuls election results over suspected interference.

October 2024

October 2024


Vol. 7, Iss. 41
Robin’s Newsletter #330
Vol. 7, Iss. 41

Chinese actors compromised major US telcos. Marriott agrees to 20-year FTC settlement.

September 2024

September 2024


Vol. 7, Iss. 37
Robin’s Newsletter #327
Vol. 7, Iss. 37

US dismantles massive Chinese botnet. Confidence testing questions for CISOs. Bumper load of interesting reads.


Vol. 7, Iss. 37
Robin’s Newsletter #326
Vol. 7, Iss. 37

TfL admits customer data stolen, 17-year-old arrested. UK data centres classified as CNI. Cydea turns 5!

August 2024

August 2024


Vol. 7, Iss. 33
Robin’s Newsletter #322
Vol. 7, Iss. 33

Large data set published from US Data broker. Trump campaign blames Iran for leaked emails. Critical zero-click TCP/IP vulnerability in Windows.

April 2024

April 2024


Vol. 7, Iss. 16
Robin’s Newsletter #305
Vol. 7, Iss. 16

Significant breach at data analytics firm Sisense. UK trade unions targeted. Perfect 10 vulnerability in Palo's GlobalProtect VPN product.


Vol. 7, Iss. 14
Robin’s Newsletter #303
Vol. 7, Iss. 14

CSRB slams Microsoft over 'preventable' Storm-558 breach that 'should never have occured'.

March 2024

March 2024


Vol. 7, Iss. 12
Robin’s Newsletter #301
Vol. 7, Iss. 12

3 million hotel door locks vulnerable. Esports tournament suspended after compromise. New variant of AcidRain satellite malware discovered.


Vol. 7, Iss. 9
Robin’s Newsletter #298
Vol. 7, Iss. 9

Change Healthcare outage persists as ALPHV claims responsibility. Morris II GenAI worm. NIST CSF v2 launched.

February 2024

February 2024


Vol. 7, Iss. 6
Robin’s Newsletter #295
Vol. 7, Iss. 6

No, 3 million toothbrushes didn't DDoS anything. But... Deepfake video used in CFO scam to steal £20 million. TfL has been trialling AI surveillance.


Vol. 7, Iss. 5
Robin’s Newsletter #294
Vol. 7, Iss. 5

FBI disrupted Volt Typhoon activity. Moody's downgrades UK water sector due to cyber threat. Stolen FTX millions linked to US SIM swapping ring.

January 2024

January 2024


Vol. 7, Iss. 2
Robin’s Newsletter #291
Vol. 7, Iss. 2

SEC Twitter account compromised; used to swing Bitcoin price. Pro-Ukraine group launches retaliatory attack on Russian ISP.

December 2023

December 2023


Vol. 6, Iss. 52
Robin’s Newsletter #288
Vol. 6, Iss. 52

Predatory Sparrow disrupts 70% of Iran's petrol pumps. New SEC breach rules come into force. Authories seize APLHV dark web site.

August 2023

August 2023


Vol. 6, Iss. 35
Robin’s Newsletter #271
Vol. 6, Iss. 35

Lapsus$ group pair court verdict. Ransomware dwell times are down. Cloud providers looses all their customers data in ransomware incident.


Vol. 6, Iss. 34
Robin’s Newsletter #270
Vol. 6, Iss. 34

The importance of using representative test data. Another UK police breach. Critical vulnerabilities in Citrix, Ivanti and WinRAR products.


Vol. 6, Iss. 32
Robin’s Newsletter #268
Vol. 6, Iss. 32

Capita breach costs rise. Microsoft under pressure for opaque security practices. Side channel attack identifies keystrokes from audio over Zoom calls