@cyber-security ↑
zdroje:
#bleepingcomputer.com
#blog.google-TAG
#csirt.cz
#cyberscoop.com
#cybersecuritynews.com
#cybule.cz
#darkreading.com
#googleprojectzero.blogspot.com
#kratkespravy.sk
#krebsonsecurity.com
#linuxsecurity.com
#nakedsecurity.sophos.com
#nukib.cz
#scmagazine.com
#security.googleblog.com
#securityaffairs.co
#securityweek.com
#thehackernews.com
#therecord.media
#threatpost.com
#tripwire.com-state-of-security
bleepingcomputer.com
- Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
- Windows 11 KB5079473 & KB5078883 cumulative updates released
- HPE warns of critical AOS-CX flaw allowing admin password resets
- Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
- New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network
- The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
- CISA: Recently patched Ivanti EPM flaw now actively exploited
- Microsoft to enable Windows hotpatch security updates by default
- APT28 hackers deploy customized variant of Covenant open-source tool
- Microsoft Teams phishing targets employees with A0Backdoor malware
- Google: Cloud attacks exploit flaws more than weak credentials
- Dutch govt warns of Signal, WhatsApp account hijacking attacks
blog.google-TAG
- TAG Bulletin: Q4 2025
- TAG Bulletin: Q3 2025
- TAG Bulletin: Q2 2025
- TAG Bulletin: Q1 2025
- TAG Bulletin: Q4 2024
- TAG Bulletin: Q3 2024
- State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
- Iranian backed group steps up phishing campaigns against Israel, U.S.
- Google disrupted over 10,000 instances of DRAGONBRIDGE activity in Q1 2024
- TAG Bulletin: Q2 2024
- A review of zero-day in-the-wild exploits in 2023
- TAG Bulletin: Q1 2024
csirt.cz
- Postřehy z bezpečnosti: Starkiller – AitM reverzní proxy pro obcházení MFA
- Zranitelnost WebView umožňuje zneužití důvěry uživatelů v Gmail a Google Search
- Postřehy z bezpečnosti: obcházení dvoufaktoru telefonickým podvodem
- VZP na začátku roku varovala před věrohodným e-mailovým podvodem
- Phishing upozorňující na nutnost obnovit doménu cílí na údaje z platebních karet
- Postřehy z bezpečnosti: investice s rychlou návratností, ne však pro investory
- Rozšíření slibující ochranu soukromí prodává AI konverzace milionů uživatelů
- Aisuru nájemný botnet prolomil další "rekord". DDoS útok dosáhl 29,7 Tbps
- Postřehy z bezpečnosti: krabičky k televizorům nedávají slevu zadarmo
- Masivní únik dat z Knownsecu odhalil nástroje čínských státních aktérů
cyberscoop.com
- Critical defect in Java security engine poses serious downstream security risks
- No, it’s not ‘unnecessarily burdensome’ to control your own data
- Sean Cairncross lays out what’s coming next for Trump’s cyber strategy
- We’ve seen ransomware cost American lives. Here’s what it will actually take to stop it.
- The long-awaited Trump cyber strategy has arrived
- Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI
- DHS CISO, deputy CISO exit amid reported IT leadership overhaul
- Congress looks to revive critical cyber program for rural electric utilities
- FBI targeted with ‘suspicious’ activity on its networks
- HHS updates a free risk tool to help hospitals size up their cybersecurity exposure
cybersecuritynews.com
private- German ISP Aurologic GmbH has Become a Central Nexus for Hosting Malicious Infrastructure
- ClickFix Attacks Evolved With Weaponized Videos That Tricks Users via Self-infection Process
- Herodotus Android Banking Malware Takes Full Control Of Device Evading Antivirus
- Hackers Can Attack Active Directory Sites to Escalate Privileges and Compromise the Domain
- New Analysis Uncovers LockBit 5.0 Key Capabilities and Two-Stage Execution Model
- New Android Malware ‘Fantasy Hub’ Intercepts SMS Messages, Contacts and Call Logs
- Microsoft Teams’ New “Chat with Anyone” Feature Exposes Users to Phishing and Malware Attacks
- 15+ Weaponized npm Packages Attacking Windows Systems to Deliver Vidar Malware
- New Phising Attack Targeting Travellers from Hotel’s Compromised Booking.com Account
- Chinese Hackers Organization Influence U.S. Government Policy on International Issues
darkreading.com
- 'BlackSanta' EDR Killer Targets HR Workflows
- White House Cyber Strategy Prioritizes Offense
- 'InstallFix' Attacks Spread Fake Claude Code Sites
- Are We Ready for Auto Remediation With Agentic AI?
- Chinese Cyber Threat Lurks In Critical Asian Sectors for Years
- Cylake Offers AI-Native Security Without Relying on Cloud Services
- North Korean APTs Use AI to Enhance IT Worker Scams
- EU Auto Rules Shift Gears on Cybersecurity Standards
- Iran's Cyber-Kinetic War Doctrine Takes Shape
- Cyberattack on Mexico's Gov't Agencies Highlight AI Threat
- Nation-State Actor Embraces AI Malware Assembly Line
- Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
googleprojectzero.blogspot.com
-
[atom channel]
kratkespravy.sk
- Zo sveta IT bezpečnosti, 2/2026
- Zo sveta IT bezpečnosti, 1/2026
- Zo sveta IT bezpečnosti, 12/2025
- Zo sveta IT bezpečnosti, 11/2025
- Zo sveta IT bezpečnosti, 10/2025
- Zo sveta IT bezpečnosti, 9/2025
- Zo sveta IT bezpečnosti, 8/2025
- Zo sveta IT bezpečnosti, 7/2025
- Zo sveta IT bezpečnosti, 6/2025
- Zo sveta IT bezpečnosti, 5/2025
krebsonsecurity.com
- How AI Assistants are Moving the Security Goalposts
- Who is the Kimwolf Botmaster “Dort”?
- ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
- Kimwolf Botnet Swamps Anonymity Network I2P
- Patch Tuesday, February 2026 Edition
- Please Don’t Feed the Scattered Lapsus ShinyHunters
- Who Operates the Badbox 2.0 Botnet?
- Kimwolf Botnet Lurking in Corporate, Govt. Networks
- Patch Tuesday, January 2026 Edition
- Who Benefited from the Aisuru and Kimwolf Botnets?
linuxsecurity.com
- Port Scanning Explained: Tools, Techniques, and Best Open-Source Port Scanners for Linux
- Understanding the Snort NIDS: What It Changes in Your Monitoring and Risk Model
- Linux Security Strategies for Cloud and IoT Environments
- Fedora 42 Chromium Update FEDORA-2026-06657d1811 Integer Overflow
- OpenSUSE Leap 16.3 gcc-compiler Major Memory Leak Patch 2027-fb92dc34b0
- Fedora 42 perl-Net-CIDR Critical Leading Zeros Issue 2026-baf8782c7a
- Fedora 43 Chromium Integer Overflow Issues DevTools 2026-f62db6b372
- Fedora 43 polkit Security Advisory FEDORA-2026-0e9ef494fc
- Fedora 43 rust-pythonize Critical Update DoS Threat FEDORA-2026-151bfcc2af
nakedsecurity.sophos.com
- Sophos Workspace Protection Enables Secure SaaS App Control
- The OpenClaw experiment is a warning shot for enterprise AI security
- February’s Patch Tuesday assumes battle stations
- Sophos Firewall Configuration Viewer
- Sophos AI Agents: Accelerating MDR and Powering the Agentic SOC
- Threat Intelligence Executive Report – Volume 2025, Number 6
- From Security Operations to Security Leadership: Sophos CISO Advantage
- Sophos Workspace Protection Enables Safe GenAI Adoption
- Malicious use of virtual machine infrastructure
nukib.cz
- Vydali jsme přehled kybernetických incidentů za únor 2026
- Nový evropský projekt QARC zajistí kvantově odolnou bezpečnost dat
- EU představila nový nástroj pro posílení bezpečnosti dodavatelských řetězců v ICT - ICT Supply Chain Security Toolbox. Základy položilo české předsedn[...]
- Ohlášení podle nového zákona o kybernetické bezpečnosti provedlo přes 4800 organizací
- Vydali jsme přehled kybernetických incidentů za leden 2026
- Upozorňujeme na metodu „harvest now, decrypt later“
- Upozornění na možnou zvýšenou aktivitu kyberútočníků v souvislosti s EXPO 2025
- Upozornění na podvodné telefonáty
- NÚKIB aktualizoval Minimální požadavky pro kryptografické algoritmy
- NÚKIB doporučuje obezřetnost v používání náhle populárních aplikací
- Upozorňujeme na zneužívání identit Amazon, Microsoft a státních institucí
- Upozornění na zvýšené riziko DDoS útoků během voleb do Evropského parlamentu
scmagazine.com
-
[atom channel]
security.googleblog.com
-
[atom channel]
securityaffairs.co
- APT28 conducts long-term espionage on Ukrainian forces using custom malware
- Threat actors use custom AuraInspector to harvest data from Salesforce systems
- U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog
- Ericsson US confirms breach after third-party provider attack
- Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform
- FBI alert: scammers target zoning permit applicants
- Russia-linked hackers target Signal, WhatsApp of officials globally
- Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients
- Anthropic Claude Opus AI model discovers 22 Firefox bugs
- Critical Nginx UI flaw CVE-2026-27944 exposes server backups
securityweek.com
- Virtue AI Attracts $30M Investment to Address Critical AI Deployment Risks
- Industry Moves for the week of April 14, 2025 - SecurityWeek
- Insurance Firm Lemonade Says API Glitch Exposed Some Driver’s License Numbers
- Kidney Dialysis Services Provider DaVita Hit by Ransomware
- Conduent Says Names, Social Security Numbers Stolen in Cyberattack
- 2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches
- China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games
- Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats
- NetRise Raises $10 Million to Grow Software Supply Chain Security Platform
- Hertz Discloses Data Breach Linked to Cleo Hack
- CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security Officer at Adobe
thehackernews.com
- How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
- FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
- KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
- New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
- The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
- APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
- Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
- CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
- Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
- UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
- Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
- Can the Security Platform Finally Deliver for the Mid-Market?
therecord.media
- Rudd confirmed to head NSA, Cyber Command after near year-long vacancy
- Finnish intelligence warns of persistent cyber espionage from Russia, China
- CISA shortens patch deadline for critical Ivanti, SolarWinds bugs
- Cybercriminals impersonating city officials to steal permit payments, FBI says
- UK plans to shift fraud fight onto telecoms, tech companies
threatpost.com
- Student Loan Breach Exposes 2.5M Records
- Watering Hole Attacks Push ScanBox Keylogger
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
- Ransomware Attacks are on the Rise
- Cybercriminals Are Selling Access to Chinese Surveillance Cameras
- Twitter Whistleblower Complaint: The TL;DR Version
- Firewall Bug Under Active Attack Triggers CISA Warning
- Fake Reservation Links Prey on Weary Travelers
- iPhone Users Urged to Update to Patch 2 Zero-Days
- Google Patches Chrome’s Fifth Zero-Day of the Year
tripwire.com-state-of-security
- The Bullseye on Banks: Why Financial Services Remain a Prime Target for Cyberattacks
- SaaS Security in 2025: Why Visibility, Integrity, and Configuration Control Matter More Than Ever
- Why Agentic Security Doesn’t Mean Letting Go of Control
- Out-of-Band Update: Tripwire Enterprise 9.3.1
- Does Your Organization Need Deepfake Defenses?
- Securing Against Phishing Beyond Email
- Why Financial Websites Should Treat Web Application Firewalls Like Insurance
- Aligning Software Security Practices with the EU CRA Requirements
- OT Security in Ports: Lessons from the Coast Guard's Latest Warning
- 5 Critical Security Risks Facing COBOL Mainframes