Russian Ghosts in the Matrix

Things to note

Microsoft still has Russian hackers in its systems. This blog is really poorly written, I say deliberately so. It obfuscates the situation, and others agree. For example “is using information […] to gain, or attempt to gain, unauthorized access”. Well, which is it? Are the attempts successful or not? If they are successful, which systems? It's nowhere near good enough and customers should be hammering Microsoft to come clean on security issues like this.

VMware has some critical vulnerabilities that you need to patch on ESXi, Workstation, and Fusion. There's a bug in the USB driver which allows for privilege escalation, but it can be paired with a sandbox escape from the VMX sandbox to you can get at the host from a VM, even on ESXi.

A BlackCat ransomware gang might be doing a rugpull/exit scam on its partners. The site is showing a notice that it's been taken down by law enforcement, but at least one agency (the UK's National Crime Agency) denies it has anything to do with it. UnitedHealth reportedly paid a $22 million ransom so it looks like the gang wants to take the money and run. Honour, thieves, etc.