My Shared Links — Week 26/2022

Xavier «X» Santolaria
4 min readJul 4, 2022

Collection of the resources and links I have found insightful and shared during week #26 of 2022.

Photo by CHUTTERSNAP on Unsplash

Multi-Factor Authentication

Your periodic reminder to enable MFA, by Jen Easterly at CISA.

ZuoRAT Can Take Over Widely Used SOHO Routers

ZuoRAT, a novel multistage remote access trojan (RAT) that’s been active since April 2020 is exploiting known vulnerabilities to target popular SOHO (Small Offices Home Offices) routers from Cisco Systems, Netgear, Asus and others. Again, make sure you keep an eye on (and update) your home network. It’s an easy entry door for threat actors.

Jenkins discloses dozens of zero-day bugs in multiple plugins

On June 30, the Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins opensource automation server, 29 of the bugs being zero-days still waiting to be patched.

FBI: Crypto Scam on LinkedIn a ‘Significant Threat’ to Platform, Consumers

A group of fraudsters have been using LinkedIn to lure unsuspecting users into cryptocurrency schemes; and these fraudsters now pose a “significant threat” to the platform and consumers, according to the FBI