Archived version of the quoted The Atlantic article is here: https://archive.ph/2025.02.07-140733/https://www.theatlantic.com/technology/archive/2025/02/elon-musk-doge-security/681600/ Unrelated: If you believe there has been an intrusion in a US government system, you are encouraged to report it at

IRF Incident Reporting Start - IRF

Journa.host

Steve Herman (@w7voa@journa.host)

The Atlantic - Four government IT employees say Elon Musk's incursion into the US government may be worse than anyone realizes: “This is the larg...

So check it out. KEV data is now available on GitHub, in the proper cisagov organization. I know other people mirror KEV for their projects, but who can say if they're fiddling with it along the way? With

GitHub

GitHub - cisagov/kev-data: Mirror of cisa.gov/kev data files

Mirror of cisa.gov/kev data files. Contribute to cisagov/kev-data development by creating an account on GitHub.

, you can rest assured that it's the Real and True mirror of KEV.

Cybersecurity and Infrastructure Security Agency CISA

Known Exploited Vulnerabilities Catalog | CISA

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace w...

is still the actual authoritative source, but this GitHub mirror is a pretty close second. I posted about this on [LinkedIn](

GitHub · Change is constant. GitHub keeps you ahead. | Tod Beardsley | 11 comments

Hey so this is fun: We

) since that's what people do with work stuff, apparently.

98 KEVs to go until KEV #1337 Hopefully it'll be a good one.

Near as I can tell, the activity around the #Struts2 bug, CVE-2024-53677, is just ham-handed runs of some generalized PoC, and nobody's actually exploiting this yet (since exploitation would be very application/path specific). Most of the news last week was all "exploitation happening, patch and rewrite everything now!" but not seeing any reports of successful (or even possibly successful) this morning. Tell me I'm wrong! (The PoC identified by SANS at https://isc.sans.edu/diary/31520 isn't specific to some particular application -- it's on the user to define upload_endpoint and assumes no auth or session or anything.)

I’m not pirating movies, I’m just training my model.

Man. The archive.org outage is really chapping my hide. Good job, jerks. Hey @npub1wug9...ghe4 we should think about reviving the CVE reference archival effort again. It's almost as if someone predicted this exact circumstance. @npub1umd6...wfr7 , good luck.

So this is neat. 1) Some (all?) antispam/counterphishing email scanners are blind to #QRCode content. 2) You can draw working QRCodes with Unicode character sets, thus avoiding an image parser entirely, even if the scanner could process images in the first place. 3) By providing QRCode links, the attacker encourages the victim to use their personal device rather than the workstation, making defensive tracking more complicated. I think it’s hilarious that a format designed SPECIFICALLY for machine vision is being used to evade machine interpretation.

Infosec Exchange

Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits...