PLUS: China’s Great Firewall springs a leak; FBI issues rare ‘Flash Alert’ of Salesforce attacks; $10m bounty for alleged Russian hacker; and more Infosec In Brief  15 ransomware gangs, including Scattered Spider and Lapsus$, have announced that they are going dark, and say no more attacks will be carried out in their name.… READ MORE HERE…

Although it hasn’t been seen in the wild yet A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows systems, making it the fourth publicly known bootkit capable of punching through the feature and hijacking a PC before the operating system loads.… READ MORE HERE…

A similar vuln on Apple devices was used against ‘specific targeted users’ Samsung has fixed a critical flaw that affects its Android devices – but not before attackers found and exploited the bug, which could allow remote code execution on affected devices.… READ MORE HERE…

Get ready for a fight over who steers the global standard for vulnerability identification The Cybersecurity and Infrastructure Security Agency (CISA) nearly let the Common Vulnerabilities and Exposures (CVE) program lapse earlier this year, but a new “vision” document it released this week signals that it now wants more control over the global standard for vulnerability identification.… READ MORE HERE…

Dorm management refuses to cover costs after payment system borked More than a thousand university students in the Netherlands must continue to travel to wash their clothes after their building management company failed to bring its borked smart laundry machines back online.… READ MORE HERE…