MOVEit

December 2024

December 2024


Vol. 7, Iss. 49
Robin’s Newsletter #338
Vol. 7, Iss. 49

More Salt Typhoon victims, as FCC proposes new telco cyber regulations.

August 2024

August 2024


Vol. 7, Iss. 32
Robin’s Newsletter #321
Vol. 7, Iss. 32

CrowdStrike's underwhelming root cause analysis. Progress escapes SEC action. Dutch DPA rules data scraping has no legal basis.

June 2024

June 2024


Vol. 7, Iss. 26
Robin’s Newsletter #315
Vol. 7, Iss. 26

TeamViewer says it was compromised by Cozy Bear. Thousands arrested in law enforcement crackdown on scammers. Two critical MOVEit vulnerabilities.

December 2023

December 2023


Vol. 6, Iss. 51
Robin’s Newsletter #287
Vol. 6, Iss. 51

Russian group claims responsibility for knocking out Ukraine's largest telco. National Grid removing Chinese tech from electricity network. PSNI breach expected to cost over £20M.

November 2023

November 2023


Vol. 6, Iss. 48
Robin’s Newsletter #284
Vol. 6, Iss. 48

Warning over Lazarus software supply-chain attacks. Australia cyber security strategy published.

October 2023

October 2023


Vol. 6, Iss. 42
Robin’s Newsletter #278
Vol. 6, Iss. 42

Hacktivism increases surrounding Israel-Gaza war. Rapid Reset leads to largest ever DDOS attacks. SEC opens probe into MOVEit software developer.


Vol. 6, Iss. 40
Robin’s Newsletter #276
Vol. 6, Iss. 40

Ukraine says Russia is going after war crimes data. US, Japan says China targeting routers for persistence. UK logistics firm goes under following ransomware attack.

August 2023

August 2023


Vol. 6, Iss. 34
Robin’s Newsletter #270
Vol. 6, Iss. 34

The importance of using representative test data. Another UK police breach. Critical vulnerabilities in Citrix, Ivanti and WinRAR products.


Vol. 6, Iss. 32
Robin’s Newsletter #268
Vol. 6, Iss. 32

Capita breach costs rise. Microsoft under pressure for opaque security practices. Side channel attack identifies keystrokes from audio over Zoom calls

July 2023

July 2023


Vol. 6, Iss. 31
Robin’s Newsletter #267
Vol. 6, Iss. 31

SEC approves breach disclosure rules. Weak ciphers on export-versions of TETRA radios. Over 500 victims of Progress Software's MOVEit vulnerability.


Vol. 6, Iss. 30
Robin’s Newsletter #266
Vol. 6, Iss. 30

Microsoft responds to pressure over pay-for security logs. UK Online Safety Bill progresses through the Lords. PwC client data stolen in MOVEit breach.


Vol. 6, Iss. 28
Robin’s Newsletter #264
Vol. 6, Iss. 28

Japan's busiest port halted by ransomware. Academics write open letter over Online Safety Bill concerns. JumpCloud resets API keys.


Vol. 6, Iss. 27
Robin’s Newsletter #263
Vol. 6, Iss. 27

SEC issues noticed to SolarWinds CFO, CISO. Apple opposed Online Safety Bill. US Supreme Court rejects cyberstalking case.

June 2023

June 2023


Vol. 6, Iss. 26
Robin’s Newsletter #262
Vol. 6, Iss. 26

More organisations caught up in MOVEit. Alphv/BlackCat has been all up in a lot of business. PlugWalkJoe gets 5-year sentence for Twitter crypto scam.


Vol. 6, Iss. 25
Robin’s Newsletter #261
Vol. 6, Iss. 25

More MOVEit victims and a $10 million bounty on Clop. Fortinet VPN vulnerability. A couple of cool side-channel techniques.


Vol. 6, Iss. 24
Robin’s Newsletter #260
Vol. 6, Iss. 24

Clop ransomware beaches MOVEit file transfer systems. Barracuda urges rip-and-replace of their email security gateways. Snowden leaks, ten years on.