BIND, Intel, and Brickerbot – Paul’s Security Weekly #545
In the news, Intel warns "Don’t install our patch!", what you need to know about hash length extension attacks, Meltdown and Spectre patching has been a total train wreck,and more on this episode of Paul's Security Weekly!
Versa Networks' centralized management and orchestration platform Versa Concerto has been impacted by a trio of serious vulnerabilities, which could be leveraged for authentication evasion and arbitrary code execution, according to BleepingComputer.
Chinese state-backed threat operation UNC5221 has launched attacks exploiting the recently addressed Ivanti Endpoint Manager Mobile flaws, tracked as CVE-2025-4427 and CVE-2025-4428, against telecommunications, healthcare, government, defense, finance, and aviation organizations in North America, Europe, and the Asia-Pacific since May 15, The Hacker News reports.