FIDO is the passwordless authentication set of protocols of the future, however that doesn't mean it's perfect and as cyber defenders attack, so do attackers. This novel exploit isn't a flaw within FIDO exploit but does threaten improperly implemented versions of it.

Sources: https://pastebin.com/fmUZEBAM

With cars becoming just another type of computer, and having rather complicated implementations, vulnerabilities in one system are major. A recent series of vulnerabilities discovered in OpenSynergy's BlueSDK could prove dangerous.

Sources: https://pastebin.com/5JHAyuAV

Ransomware negotiators may be called in to save some financial burden on organizations suffering from one of the worst cyberattacks they can. However, they seem like the natural people for ransomware groups to corrupt, and allegedly one such group did corrupt one such person.

Sources: https://pastebin.com/fANnhtTj

Printers are the bane of many's existence, but they may have just gotten worse for security professionals. Rapid7 discovered 8 new vulnerabilities mostly impacting Brother branded printers, one of which cannot be patched by the vendor and leaks the admin password of the device.

Sources: https://pastebin.com/vNDbrwsU

News has hit the mainstream media that all your passwords have been leaked yet again, in a massive password leak including Google, Meta, and Apple. But how much of that sensationalized story is true?

Sources: https://pastebin.com/Xi1MPpFg

And it could happen to you too. On this week's episode of Bite Size Cyber Crime I detail an actual scam I fell for and emphasize that anyone can be a victim of a scam anywhere on the internet.

Malware is everywhere, even inside of other malware. One tool advertising itself as an advanced remote access trojan ended up being much more, a backdoor infecting novice hackers. This was not just a one off, however, and lead to the discovery of a massive backdoored malware campaign infecting other hackers and gaming cheaters.

Sources: https://pastebin.com/C4DG6LTw

Using an MSP can be handy for getting your IT set up or managing technical support without hiring a lot of full time staff, but there are risks that can come with outsourcing your IT to a third party. One MSP was compromised, leading to many customers having ransomware headaches.

Sources: https://pastebin.com/hLKSqRaS