Security insights & analysis.
Practical cybersecurity and privacy coverage — the latest threats, breaches, and defenses, explained by the GetKhojo team.
Eset Uncovers 11 Vulnerable Uefi Shims
ESET discovered 11 vulnerable UEFI shim bootloaders that could allow attackers to bypass Secure Boot, undermining device security.
Cybersecurity Job Market Shifts
Despite high demand, cybersecurity professionals face challenges in the job market. Practical steps can improve job search outcomes.
Microsoft Secure Boot Broken
Microsoft's Secure Boot has been bypassable for 13 years, with old 'shims' making it trivial to exploit. This affects Windows and Linux devices.
Nightmare Eclipse Drops Exploit Promise
A highly anticipated exploit release may be imminent, with potential implications for Microsoft's security. Users are advised to stay vigilant and monitor for updates.
CISSP Study Struggles
Many individuals face challenges studying for certifications after college, citing decreased attention span and discipline. GetKhojo explores ways to overcome these hurdles.
Microsoft Patches Defender 0-Day
A Microsoft patch for a Windows Defender 0-day vulnerability may cause Windows machines to fill up hard drives, potentially leading to system disruptions. This highlights the importance of attack-surface awareness and privacy hygiene.
Januscape Exploits Linux Kernel
A 16-year-old Linux kernel vulnerability allows attackers to escape virtual machines. This affects Intel and AMD devices.
Meccha Chameleon Game Vulnerability
A 2-click remote code execution flaw was found in Meccha Chameleon, a Steam game with 7 million downloads.
Cisa Shares Cyber Incident Lessons
CISA's recent cyber incident highlights the importance of prompt patching and incident preparedness. Organizations can learn from CISA's experience to strengthen their defenses.
BlackCat Ransomware Insider Sentenced
A former ransomware negotiator was sentenced to 70 months for conspiring with BlackCat actors. This case highlights the importance of trust and verification in cybersecurity.
Microsoft Windows 11 Tracker
Microsoft admits Windows 11 has a tracker with no off switch, raising concerns over user privacy. The tracker was used to catch a hacker despite VPN use.
Cybersecurity Veterans Face Burnout
Long-time infosec professionals struggle with burnout due to difficult stakeholders, affecting their passion for technology. Practical steps can help mitigate this issue.
SecOps Teams Burn Out
Security teams face burnout from AI adoption and manual work. Learn how to manage AI pressures and prioritize data privacy.
France Ditches Palantir
France ends contract with Palantir, citing strategic autonomy. French firm ChapsVision to replace US giant.
Reddit Moderators Face AI-Generated Content Challenges
AI-generated content sparks debate on Reddit, raising concerns about authenticity and community guidelines. Moderators must navigate these issues to maintain community trust.
US Army Websites Defaced
US Army websites were defaced with pro-Kurdish sentiments and insults to Trump. The incident highlights vulnerabilities in government websites.
Burnham To End Palantir's NHS Deal
Andy Burnham is set to ditch Palantir from the NHS, citing concerns over the company's work with foreign governments. This move marks a significant shift in the UK's approach to data privacy and security.
AtlantHarden v2.0 Released
A free Windows hardening app with 599 settings, offering a smarter approach to security. Get enhanced protection without unnecessary friction.
Google Pays $250K For KVM Guest-Escape Bug
A 16-year-old Linux KVM flaw allows guest VMs to escape and gain root access to host machines. Google paid $250K for its discovery.
