azorius.net

ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (www.theregister.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 16 Apr 15:45
comments (0)

Researchers claim breakthrough in fight against AI’s frustrating security hole (arstechnica.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 16 Apr 15:30
comments (0)

Renewed Russian Phishing Campaign Against European Diplomats (research.checkpoint.com)
in cybersecurity@infosec.pub from Tea@programming.dev on 16 Apr 14:36
comments (0)

Renewed Russian Phishing Campaign Against European Diplomats (research.checkpoint.com)
in cybersecurity@sh.itjust.works from Tea@programming.dev on 16 Apr 14:36
comments (1)

UK Software Firm Exposed 1.1TB of Healthcare Worker Records (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Apr 12:21
comments (0)

Windows 11 Escalation Vulnerability Let Attackers Gain Admin Access Within 300 Milliseconds (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Apr 12:20
comments (5)

Oracle Security Update - Patch for 378 Vulnerabilities Including Remote Exploits (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Apr 12:20
comments (1)

Cybersecurity World On Edge As CVE Program Prepares To Go Dark (flip.it)
in cybersecurity@sh.itjust.works from floofloof@lemmy.ca on 16 Apr 06:28
comments (4)

Notorious internet messageboard 4chan has been hacked, posts claim (www.reuters.com)
in cybersecurity@sh.itjust.works from Jiggle_Physics@sh.itjust.works on 16 Apr 04:08
comments (3)

What are You Working on Wednesday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 16 Apr 04:08
comments (0)

The CVE program for tracking security flaws is about to lose federal funding (www.theverge.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 16 Apr 02:54
comments (6)

US abruptly turns off funding for CVE program (www.theregister.com)
in cybersecurity@sh.itjust.works from floofloof@lemmy.ca on 16 Apr 02:29
comments (21)

MITRE funding for the Common Vulnerabilities and Exposures (CVE) program will expire on April 16th (infosec.exchange)
in cybersecurity@infosec.pub from CyberSeeker@discuss.tchncs.de on 15 Apr 22:50
comments (1)

Landmark Admin now says info on 1.6M people stolen from it (www.theregister.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 15 Apr 22:12
comments (0)

The CVE program for tracking security flaws is about to lose federal funding (www.theverge.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 15 Apr 20:49
comments (6)

Threat actors misuse Node.js to deliver malware and other malicious payloads (www.microsoft.com)
in cybersecurity@infosec.pub from Tea@programming.dev on 15 Apr 20:45
comments (1)

Threat actors misuse Node.js to deliver malware and other malicious payloads (www.microsoft.com)
in cybersecurity@sh.itjust.works from Tea@programming.dev on 15 Apr 20:45
comments (0)

Renewed APT29 Phishing Campaign Against European Diplomats - Check Point Research (research.checkpoint.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 19:41
comments (0)

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 19:14
comments (2)

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 19:13
comments (0)

4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War (www.404media.co)
in cybersecurity@infosec.pub from Deebster@infosec.pub on 15 Apr 17:50
comments (10)

Google adds Android auto-reboot to block forensic data extractions (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:30
comments (0)

Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:28
comments (0)

Possible Russian Hackers Targeted UK Ministry of Defense (www.bankinfosecurity.in)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:28
comments (0)

Hackers Leveraging Teams Messages to Execute Malware on Windows Systems (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:25
comments (1)

New Stealthy Malware 'Waiting Thread Hijacking' Technique Bypasses Modern Defenses (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:25
comments (0)

Over 100,000 WordPress Plugin VUlnerability Exploited Just 4 Hours After Disclosure (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:25
comments (0)

Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:23
comments (0)

Hertz data breach: Customers in US, EU, UK, Australia and Canada affected - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 15 Apr 17:22
comments (0)

4Chan hacked (www.the-sun.com)
in cybersecurity@sh.itjust.works from Picasso@sh.itjust.works on 15 Apr 13:04
comments (5)

Mentorship Monday - Discussions for career and learning!
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 14 Apr 12:38
comments (0)

South African telecom provider Cell C disclosed a data breach (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 12:22
comments (0)

SSL Certificate Validity Reduced to 47 Days After Apple Proposal (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 12:21
comments (10)

Chrome 136 fixes 20-year browser history privacy risk (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 12:21
comments (2)

Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 12:20
comments (0)

China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report (www.securityweek.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 11:47
comments (0)

TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign (sublime.security)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 11:47
comments (0)

GoPhish Infrastructure Targets Polish Energy and Government (hunt.io)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 11:46
comments (0)

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 11:44
comments (0)

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 11:44
comments (0)

Wolters Kluwer allegedly hit by data breach, threatening Fortune 500 firms (cybernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 14 Apr 11:44
comments (0)

In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks (www.wsj.com)
in cybersecurity@infosec.pub from PhilipTheBucket@ponder.cat on 14 Apr 04:25
comments (0)

Hacktivism is back – but don't be fooled, it's often state-backed goons in masks (go.theregister.com)
in cybersecurity@infosec.pub from PhilipTheBucket@ponder.cat on 13 Apr 21:29
comments (0)

AI-hallucinated code dependencies become new supply chain risk (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from neme@lemm.ee on 12 Apr 21:55
comments (3)

Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from neme@lemm.ee on 12 Apr 21:50
comments (22)

Microsoft Defender will isolate undiscovered endpoints to block attacks (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from neme@lemm.ee on 12 Apr 21:48
comments (0)

Initial Access Brokers Shift Tactics, Selling More for Less (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:33
comments (0)

CVE-2025-29824 Vulnerability: Exploitation of a Windows CLFS Zero-Day Could Trigger Ransomware Attacks - SOC Prime (socprime.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:32
comments (0)

U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:32
comments (4)

Sensata Technologies Breached: Ransomware Attack Key Systems (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:30
comments (0)

Jenkins Docker Images Vulnerable to SSH Host Key Reuse (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:30
comments (0)

Ransomware attack cost IKEA operator in Eastern Europe $23 million (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:28
comments (0)

Ransomware groups push negotiations to new levels of uncertainty - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:28
comments (0)

Ransomware groups push negotiations to new levels of uncertainty - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:27
comments (0)

Hackers exploit WordPress plugin auth bypass hours after disclosure (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:27
comments (0)

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:27
comments (0)

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks (www.trendmicro.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:25
comments (0)

Newly Registered Domains Distributing SpyNote Malware - DomainTools Investigations | DTI (dti.domaintools.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:25
comments (0)

Resecurity | Cybercriminals Attacked National Social Security Fund of Morocco - Millions of Digital Identities at Risk of Data Breach (www.resecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:25
comments (0)

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale (www.sentinelone.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:23
comments (0)

Phishing kits now vet victims in real-time before stealing credentials (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 13:23
comments (1)

Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Apr 12:37
comments (0)

AMD confirms security vulnerability in every Zen 1 to Zen 5 processor (www.tweaktown.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 11 Apr 06:12
comments (10)

Off-Topic Friday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 11 Apr 04:12
comments (0)

China-based SMS Phishing Triad Pivots to Banks (krebsonsecurity.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 11 Apr 02:21
comments (0)

Oracle Appears to Admit Breach of 2 'Obsolete' Servers (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Apr 11:55
comments (0)

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Apr 11:54
comments (0)

Google fixes two actively exploited zero-day vulnerabilities in Android (www.malwarebytes.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Apr 11:48
comments (1)

CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Apr 11:47
comments (0)

Hackers Claim Magento Breach via Third-Party, Leak CRM Data of 700K Users (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Apr 11:46
comments (0)

Hacker Claims WooCommerce Data Breach, Selling 4m User Records (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Apr 11:46
comments (0)

17,000,000 GrubHub passwords and other data exposed, hackers claim (cybernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Apr 11:46
comments (8)

Ransomware Attacks Hit All-Time High as Payoffs Dwindle (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 20:38
comments (0)

Microsoft April 2025 Patch Tuesday - SANS Internet Storm Center (isc.sans.edu)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:47
comments (0)

WhatsApp flaw can let attackers run malicious code on Windows PCs (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:47
comments (0)

Fastly DDoS Attack Insights helps reveal and explain the unfolding of a DDoS attack - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:46
comments (0)

Hackers lurked in Treasury OCC’s systems since June 2023 breach (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:38
comments (0)

300K vehicles and millions of trips exposed in fleet manager’s data leak (cybernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:38
comments (0)

CISA, experts warn of Crush file transfer attacks as ransomware gang makes threats (therecord.media)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:37
comments (0)

New Mirai botnet behind surge in TVT DVR exploitation (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:37
comments (0)

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Apr 11:36
comments (0)

What are You Working on Wednesday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 09 Apr 04:01
comments (4)

Pharmacist accused of spying on women using work, home cams (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 09 Apr 03:23
comments (3)

Google fixes two Android zero-day bugs actively exploited by hackers (techcrunch.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 09 Apr 02:53
comments (0)

Food giant WK Kellogg discloses data breach linked to Clop ransomware (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 08 Apr 11:53
comments (0)

ToddyCat APT Targets ESET Bug to Load Silent Malware (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 08 Apr 11:52
comments (0)

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 08 Apr 11:50
comments (0)

Google fixes Android zero-days exploited in attacks, 60 other flaws (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 08 Apr 11:47
comments (1)

Everest ransomware's dark web leak site defaced, now offline (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 08 Apr 11:47
comments (0)

CISA braces for more cuts, threat-intel efforts are doomed (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 08 Apr 02:12
comments (0)

Oracle tells customers its public cloud was compromised (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 08 Apr 01:21
comments (3)

Malicious VSCode extensions infect Windows with cryptominers (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from drspod@lemmy.ml on 07 Apr 17:56
comments (2)

How curl developers write safe(r) code in C (www.youtube.com)
in cybersecurity@sh.itjust.works from boredsquirrel@slrpnk.net on 07 Apr 16:12
comments (0)

E-ZPass toll payment texts return in massive phishing wave (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 07 Apr 14:30
comments (2)

Python JSON Logger Vulnerability Enables Remote Code Execution - PoC Released (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 07 Apr 14:29
comments (0)

New Evasive Campaign Uses Fake CAPTCHAs to Deliver LegionLoader (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 07 Apr 14:29
comments (1)

How ToddyCat tried to hide behind AV software. (securelist.com)
in cybersecurity@sh.itjust.works from Tea@programming.dev on 07 Apr 14:25
comments (0)

How ToddyCat tried to hide behind AV software. (securelist.com)
in cybersecurity@infosec.pub from Tea@programming.dev on 07 Apr 14:25
comments (0)

Mentorship Monday - Discussions for career and learning!
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 07 Apr 13:27
comments (0)

WinRAR security flaw ignores Windows Mark of the Web security warnings (www.tomshardware.com)
in cybersecurity@sh.itjust.works from Alphane_Moon@lemmy.world on 07 Apr 05:21
comments (20)

Why OAuth MUST share access token with 3rd party?!?
in cybersecurity@infosec.pub from maltfield@lemmy.ca on 06 Apr 01:43
comments (2)

Why OAuth MUST share access token with 3rd party?!?
in cybersecurity@sh.itjust.works from maltfield@monero.town on 06 Apr 00:56
comments (16)

Cyberattacks by AI agents are coming (www.technologyreview.com)
in cybersecurity@sh.itjust.works from neme@lemm.ee on 05 Apr 16:35
comments (9)

Port of Seattle says ransomware breach impacts 90,000 people (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 04 Apr 18:49
comments (0)

PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation (www.silentpush.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 04 Apr 18:48
comments (0)

Malicious VPN Extensions on Chrome Web Store Infect 139,000 Users (cyberinsider.com)
in cybersecurity@sh.itjust.works from neme@lemm.ee on 04 Apr 18:40
comments (0)

Off-Topic Friday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 04 Apr 13:16
comments (2)

RolandSkimmer: Silent Credit Card Thief Uncovered | FortiGuard Labs (www.fortinet.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 04 Apr 11:44
comments (0)

Hackers strike Australia's largest pension funds in coordinated attacks (www.reuters.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 04 Apr 11:43
comments (0)

Simplifying JWT Validation for Developers
in cybersecurity@infosec.pub from andyssojet@sh.itjust.works on 04 Apr 09:53
comments (1)

Simplifying JWT Validation for Developers
in cybersecurity@sh.itjust.works from andyssojet@sh.itjust.works on 04 Apr 09:31
comments (1)

New approach.
in cybersecurity@sh.itjust.works from opalfrost@friendica.world on 03 Apr 15:40
comments (0)

Apple chips can be hacked to leak secrets from Gmail, iCloud, and more (28 Jan 2025) (arstechnica.com)
in cybersecurity@sh.itjust.works from onlinepersona@programming.dev on 04 Apr 07:10
comments (1)

Suspected Chinese snoops hijacking buggy Ivanti gear — again (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 03 Apr 20:02
comments (0)

Hacker Claims Twilio's SendGrid Data Breach, Selling 848,000 Records (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 19:18
comments (2)

Recent GitHub supply chain attack traced to leaked SpotBugs token (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 19:16
comments (0)

China’s FamousSparrow APT Hits Americas with SparrowDoor Malware (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 19:14
comments (0)

Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 19:14
comments (0)

Threat actors leverage tax season to deploy tax-themed phishing campaigns. (www.microsoft.com)
in cybersecurity@sh.itjust.works from Tea@programming.dev on 03 Apr 19:12
comments (0)

Threat actors leverage tax season to deploy tax-themed phishing campaigns. (www.microsoft.com)
in cybersecurity@infosec.pub from Tea@programming.dev on 03 Apr 19:11
comments (1)

Unknown scanners probing Juniper and Palo Alto products (www.theregister.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 03 Apr 17:40
comments (0)

Royal Mail investigates data leak claims, no impact on operations (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 17:10
comments (0)

Open-source malware doubles, data exfiltration attacks dominate - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 17:10
comments (6)

NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat | CISA (www.cisa.gov)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 14:36
comments (1)

Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 13:25
comments (1)

Sec Funds open to protect Fedi
in cybersecurity@sh.itjust.works from opalfrost@friendica.world on 03 Apr 12:00
comments (0)

Hacking the Call Records of Millions of Americans (evanconnelly.github.io)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 11:59
comments (6)

Report: Oracle Staff Tell Some Clients Hacker Stole Login Credentials | PYMNTS.com (www.pymnts.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 11:44
comments (0)

Over 500 Phishing Domains Emerge Following Bybit Heist (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 11:41
comments (0)

Hackers Exploit Cloudflare for Advanced Phishing Attacks (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 11:40
comments (0)

Sophisticated QR Code Phishing Attack Targeting Microsoft 365 Users to Steal Logins (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 11:40
comments (0)

iPhones Aren’t Breach-Proof: Debunking the Myth of iOS Security (solcyber.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 03 Apr 11:40
comments (5)

Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks (cybersecuritynews.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 02 Apr 20:39
comments (0)

"Nudify" deepfakes stored unprotected online (www.malwarebytes.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 19:31
comments (0)

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 19:30
comments (1)

North Korean IT worker army expands operations in Europe (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 19:30
comments (0)

Malaysian Airport's Cyber Disruption a Warning for Asia (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 16:47
comments (0)

Only 1% of malicious emails that reach inboxes deliver malware - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 16:45
comments (8)

What are You Working on Wednesday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 02 Apr 13:42
comments (0)

Nearly 24,000 IPs behind wave of Palo Alto Global Protect scans (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 12:25
comments (0)

New Phishing Attack Combines Vishing and DLL Sideloading Techniques (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 12:25
comments (0)

65% of the 100 largest US hospitals and health systems have had a recent data breach (cybernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 02 Apr 12:24
comments (14)

Massive data leak: Ukrainian IDs, other documents exposed by years of cyber negligence (kyivindependent.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 01 Apr 19:26
comments (0)

Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:50
comments (0)

China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:50
comments (0)

Check Point Acknowledges Data Breach, Claims Information is 'Old (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:49
comments (0)

CVE-2025-22398: Dell Unity Hit by 9.8 CVSS Root-Level Command Injection Flaw (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:49
comments (0)

Sam’s Club Investigates Alleged Cl0p Ransomware Breach (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:49
comments (0)

Canada launches breach risk self-assessment online tool - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:43
comments (0)

Hackers abuse WordPress MU-Plugins to hide malicious code (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:41
comments (0)

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe (www.securityweek.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:40
comments (0)

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:40
comments (0)

Hacker Leaks Samsung Customer Data (www.securityweek.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 01 Apr 11:40
comments (0)

Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service (doublepulsar.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 31 Mar 15:43
comments (1)

Mentorship Monday - Discussions for career and learning!
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 31 Mar 12:54
comments (1)

GPU-Powered Evasion: Unpacking the Sophisticated CoffeeLoader Malware (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 31 Mar 12:10
comments (1)

Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit Ransomware Blast (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 31 Mar 12:07
comments (0)

Analysis of Konni RAT: Stealth, Persistence, and Anti-Analysis Techniques - CYFIRMA (www.cyfirma.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 31 Mar 12:06
comments (0)

Was Check Point hacked? Security firm calls ransom demands old news (cybernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 31 Mar 12:05
comments (0)

Oracle Still Denies Breach as Researchers Persist (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 31 Mar 12:04
comments (0)

PhaaS actor uses DoH and DNS MX to dynamically distribute phishing (blogs.infoblox.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 31 Mar 12:03
comments (0)

StealC V2 – A Major Update to a Popular Infostealer (cryptolek.info)
in cybersecurity@infosec.pub from CryptoLek@infosec.pub on 31 Mar 07:42
comments (0)

Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job (hackread.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 30 Mar 22:31
comments (0)

Privacy disaster as LGBTQ+ and BDSM dating apps leak private photos. (cybernews.com)
in cybersecurity@sh.itjust.works from cyrano@lemmy.dbzer0.com on 30 Mar 10:55
comments (0)

New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials (thehackernews.com)
in cybersecurity@sh.itjust.works from AmbiguousProps@lemmy.today on 30 Mar 09:33
comments (0)

Malware is harder to find when written in obscure languages (www.theregister.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 30 Mar 02:51
comments (11)

'Evilginx' Tool (Still) Bypasses MFA (www.darkreading.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 30 Mar 02:49
comments (0)

MAC Address Randomization in Mobile Devices and When it Fails (arxiv.org)
in cybersecurity@sh.itjust.works from higgsboson@dubvee.org on 29 Mar 22:30
comments (0)

Twitter (X) Hit by Data Leak of 2.8 Billion Users; Allegedly an Insider Job (hackread.com)
in cybersecurity@sh.itjust.works from cyrano@lemmy.dbzer0.com on 29 Mar 18:20
comments (5)

China’s FamousSparrow flies back into action, breaches US org after years off the radar (www.theregister.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 28 Mar 20:40
comments (0)

Off-Topic Friday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 28 Mar 12:48
comments (0)

Blasting Past WebP - An analysis of the NSO BLASTPASS iMessage exploit (googleprojectzero.blogspot.com)
in cybersecurity@sh.itjust.works from cantankerous_cashew@lemmy.world on 28 Mar 00:04
comments (1)

Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish (www.theregister.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 27 Mar 22:02
comments (1)

Hackers Abuse COM Objects for Fileless Malware Lateral Movements (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 17:18
comments (0)

'Lucid' Phishing-as-a-Service Exploits Faults in iMessage, Android RCS (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 17:18
comments (2)

CrushFTP CEO flames VulnCheck for assigning critical CVE (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 27 Mar 15:05
comments (0)

New Windows zero-day leaks NTLM hashes, gets unofficial patch (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:47
comments (0)

Inside Kimsuky’s Latest Cyberattack: Analyzing Malicious Scripts and Payloads (labs.k7computing.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:46
comments (0)

Browser-in-the-Browser attacks target CS2 players' Steam accounts (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:44
comments (0)

RedCurl cyberspies create ransomware to encrypt Hyper-V servers (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:44
comments (0)

China-linked FamousSparrow APT group resurfaces with enhanced capabilities - Help Net Security (www.helpnetsecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:43
comments (0)

Oracle customers confirm data stolen in alleged cloud breach is valid (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:11
comments (0)

UK fines software provider £3.07 million for 2022 ransomware breach (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:11
comments (0)

New Atlantis AIO platform automates credential stuffing on 140 services (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:09
comments (0)

Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:09
comments (0)

FacePass security lapse exposes users' identification data (cybernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:09
comments (0)

New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest (www.securityweek.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 27 Mar 13:08
comments (0)

US defense contractor Morse settles infosec whistleblower suit for $4.6M (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 26 Mar 20:19
comments (0)

What are You Working on Wednesday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 26 Mar 13:36
comments (3)

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain. (securelist.com)
in cybersecurity@infosec.pub from Tea@programming.dev on 25 Mar 22:08
comments (0)

Experts doubt Oracle's breach denial as inside data emerges (www.theregister.com)
in cybersecurity@infosec.pub from cm0002@lemmy.world on 25 Mar 21:43
comments (0)

Chinese Weaver Ant hackers spied on telco network for 4 years (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from cyrano@lemmy.dbzer0.com on 25 Mar 17:10
comments (1)

A Sneaky Phish Just Grabbed my Mailchimp Mailing List (www.troyhunt.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 25 Mar 09:10
comments (2)

Public-facing Kubernetes clusters at risk of total takeover (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 25 Mar 03:50
comments (7)

New Phishing Campaign Targets macOS Users with Fake Security Alerts (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 24 Mar 19:36
comments (3)

Linux kernel Rust module for rootkit detection (blog.thalium.re)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 24 Mar 19:24
comments (0)

Cyberattack takes down Ukrainian state railway’s online services (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 24 Mar 19:19
comments (1)

FBI warnings are true—fake file converters do push malware (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from neme@lemm.ee on 24 Mar 17:48
comments (5)

New SvcStealer Malware Attacking Users To Steal Sensitive Data From Browsers & Apps (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 24 Mar 17:02
comments (0)

New VanHelsingRaaS Attacking Linux, BSD, ARM, and ESXi Systems (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 24 Mar 17:02
comments (0)