@cyber-security ↑
zdroje:
#bleepingcomputer.com
#blog.google-TAG
#csirt.cz
#cyberscoop.com
#cybersecuritynews.com
#darkreading.com
#googleprojectzero.blogspot.com
#kratkespravy.sk
#krebsonsecurity.com
#linuxsecurity.com
#nakedsecurity.sophos.com
#nukib.cz
#scmagazine.com
#security.googleblog.com
#securityaffairs.co
#securityweek.com
#thehackernews.com
#therecord.media
#threatpost.com
#tripwire.com-state-of-security
bleepingcomputer.com
- AT&T rolls out "Wireless Lock" feature to block SIM swap attacks
- Microsoft open-sources VS Code Copilot Chat extension on GitHub
- Kelly Benefits says 2024 data breach impacts 550,000 customers
- Aeza Group sanctioned for hosting ransomware, infostealer servers
- New FileFix attack runs JScript while bypassing Windows MoTW alerts
- International Criminal Court hit by new 'sophisticated' cyberattack
- US disrupts North Korean IT worker "laptop farm" scheme in 16 states
- Esse Health says recent data breach affects over 263,000 patients
- Johnson Controls starts notifying people affected by 2023 breach
- Google fixes fourth actively exploited Chrome zero-day of 2025
- U.S. warns of Iranian cyber threats on critical infrastructure
- Germany asks Google, Apple to remove DeepSeek AI from app stores
blog.google-TAG
- TAG Bulletin: Q1 2025
- TAG Bulletin: Q4 2024
- TAG Bulletin: Q3 2024
- State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
- Iranian backed group steps up phishing campaigns against Israel, U.S.
- Google disrupted over 10,000 instances of DRAGONBRIDGE activity in Q1 2024
- TAG Bulletin: Q2 2024
- A review of zero-day in-the-wild exploits in 2023
- TAG Bulletin: Q1 2024
- Tool of First Resort: Israel-Hamas War in Cyber
- Buying Spying: How the commercial surveillance industry works and what can be done about it
- TAG Bulletin: Q4 2023
csirt.cz
- Závažné zranitelnosti v tiskárnách umožňují útočníkům obejít zabezpečení a převzít správu zařízení
- Dvě nové zranitelnosti v Linuxu umožňují snadné získání root přístupu
- Bezpečnostní analytik CSIRT.CZ objasnil principy phishingu v České televizi
- Postřehy z bezpečnosti: nařízení vlády k novému ZKB jsou v připomínkovém řízení
- Veškeré konverzace uživatelů s ChatGPT budou uchovávány. Včetně těch smazaných.
- Pozor na nový phishing cílící na uživatele Microsoft Planneru
- Závažná zranitelnost v Google Chrome
- Výzkumníci odhalili tisíce zneužitelných zařízení jsou mezi nimi i České
- Postřehy z bezpečnosti: rootkit Curing ukazuje slabiny detekce
- Zranitelnosti v protokolu AirPlay umožňují vzdálené spuštění kódu přes Wi-Fi
cyberscoop.com
- Cloudflare rolls out ‘pay-per-crawl’ feature to constrain AI’s limitless hunger for data
- US sanctions bulletproof hosting provider for supporting ransomware, infostealer operations
- AT&T deploys new account lock feature to counter SIM swapping
- Scammers have a new tactic: impersonating DOGE
- Arrest, seizures in latest U.S. operation against North Korean IT workers
- Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
- Slavery, torture, human trafficking discovered at 53 Cambodian online scamming compounds
- Microsoft security updates address CrowdStrike crash, kill ‘Blue Screen of Death’
- Scattered Spider strikes again? Aviation industry appears to be next target for criminal group
- Notorious cybercriminal ‘IntelBroker’ arrested in France, awaits extradition to US
cybersecuritynews.com
private- Hacktivist Group Claimed Attacks Across 20+ Critical Sectors Following Iran–Israel Conflict
- Snake Keyloggers Abuse Java Utilities to Evade Security Tools
- Cyber Threat Intelligence: 3 Key Benefits For SOCs And MSSPs
- Google Chrome May Soon Turn Webpages Into Podcasts With AI Audio Overviews
- Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor
- Pakistani Actors Built 300+ Cracking Websites Used to Deliver Info-Stealer Malware
- Linux 6.16-rc4 Released With Fixes for Filesystem, Driver & Hardware Support
- Microsoft Teams to Let Users Add Agents and Bots in Current Conversations
- Europol Dismantles Fraud Crypto Investment Ring That Tricked 5000+ Victims Worldwide
- New C4 Bomb Attack Bypasses Chrome’s AppBound Cookie Encryption
darkreading.com
- Like SEO, LLMs May Soon Fall Prey to Phishing Scams
- LevelBlue Acquires Trustwave, Forms World's Largest Independent MSSP
- Scope, Scale of Spurious North Korean IT Workers Emerges
- Ransomware Reshaped How Cyber Insurers Perform Security Assessments
- We've All Been Wrong: Phishing Training Doesn't Work
- DoJ Disrupts North Korean IT Worker Scheme Across Multiple US States
- Chrome Zero-Day, 'FoxyWallet' Firefox Attacks Threaten Browsers
- How Businesses Can Align Cyber Defenses With Real Threats
- Scattered Spider Hacking Spree Continues With Airline Sector Attacks
- Hired Hacker Assists Drug Cartel in Finding, Killing FBI Sources
- Chinese Company Hikvision Banned By Canadian Government
- Rethinking Cyber-Risk as Traditional Models Fall Short
googleprojectzero.blogspot.com
- The Windows Registry Adventure #8: Practical exploitation of hive memory corruption
- The Windows Registry Adventure #7: Attack surface analysis
- Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
- The Windows Registry Adventure #6: Kernel-mode objects
- Blasting Past Webp
- Windows Bug Class: Accessing Trapped COM Objects with IDispatch
- Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)
- The Windows Registry Adventure #5: The regf file format
kratkespravy.sk
- Zo sveta IT bezpečnosti, 6/2025
- Zo sveta IT bezpečnosti, 5/2025
- Zo sveta IT bezpečnosti, 4/2025
- Zo sveta IT bezpečnosti, 3/2025
- Zo sveta IT bezpečnosti, 2/2025
- Zo sveta IT bezpečnosti, 1/2025
- Zo sveta IT bezpečnosti, 12/2024
- Zo sveta IT bezpečnosti, 11/2024
- Zo sveta IT bezpečnosti, 10/2024
- Zo sveta IT bezpečnosti, 9/2024
krebsonsecurity.com
- Senator Chides FBI for Weak Advice on Mobile Security
- Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
- Patch Tuesday, June 2025 Edition
- Proxy Services Feast on Ukraine’s IP Address Exodus
- U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
- Pakistan Arrests 21 in ‘Heartsender’ Malware Service
- Oops: DanaBot Malware Devs Infected Their Own PCs
- KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
- Breachforums Boss to Pay $700k in Healthcare Breach
- Patch Tuesday, May 2025 Edition
linuxsecurity.com
- The Rise of Rust-Based Malware: Memory Safetys Double-Edged Sword
- Optimizing Linux Security in 2025: Key Strategies & Best Practices
- Ubuntu 25.10 Brings Rust-Based Tools to Security-Conscious Admins
- Canonicals Big Move: Multipass VM Manager Goes Fully Open-Source
- Oracle Linux 10 ELSA-2025-8814 Important: .NET 8.0 Software Updates
- Oracle Linux 10 ELSA-2025-8196 important: thunderbird remote access
- Oracle Linux 10: ELSA-2025-8125 crucial Firefox updates for various issues
- Oracle Linux 10 ELSA-2025-7505 Important: libsoup3 Security Patch
- Oracle Linux 10 ELSA-2025-7493 Important thunderbird security update
- Oracle Linux 10: ELSA-2025-7491 Important: firefox security update
nakedsecurity.sophos.com
-
[kanál neteče]
nukib.cz
- Nový zákon o kybernetické bezpečnosti byl podepsán prezidentem
- NÚKIB uspořádal další jednání skupiny kyberbezpečnostního výzkumu a inovací CYRIS
- Návrh nového zákona o kybernetické bezpečnosti je v cílové rovince
- NÚKIB a Microsoft stvrdily spolupráci v oblasti kybernetické bezpečnosti podpisem memoranda
- NÚKIB a Senát ČR podepsaly Memorandum o spolupráci v oblasti kybernetické a informační bezpečnosti
- Upozorňujeme na metodu „harvest now, decrypt later“
- Upozornění na možnou zvýšenou aktivitu kyberútočníků v souvislosti s EXPO 2025
- Upozorňujeme na zneužívání identit Amazon, Microsoft a státních institucí
- Upozornění na zvýšené riziko DDoS útoků během voleb do Evropského parlamentu
- Upozornění na kompromitaci routerů Ubiquity Edge OS aktérem sponzorovaným ruským státem
- Doporučení v oblasti kryptografických prostředků verze 3.0
- NÚKIB a Ministerstvo vnitra vydaly bezpečnostní doporučení pro vývoj otevřeného softwaru
scmagazine.com
-
[kanál neteče]
security.googleblog.com
-
[kanál neteče]
securityaffairs.co
- A sophisticated cyberattack hit the International Criminal Court
- Esse Health data breach impacted 263,000 individuals
- GDPR violations prompt Germany to push Google and Apple to ban DeepSeek AI
- Europol dismantles €460M crypto scam targeting 5,000 victims worldwide
- CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure
- U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog
- Canada bans Hikvision over national security concerns
- Denmark moves to protect personal identity from deepfakes with new copyright law
- Ahold Delhaize data breach affected over 2.2 Million individuals
- Facebook wants access to your camera roll for AI photo edits
securityweek.com
- Virtue AI Attracts $30M Investment to Address Critical AI Deployment Risks
- Industry Moves for the week of April 14, 2025 - SecurityWeek
- Insurance Firm Lemonade Says API Glitch Exposed Some Driver’s License Numbers
- Kidney Dialysis Services Provider DaVita Hit by Ransomware
- Conduent Says Names, Social Security Numbers Stolen in Cyberattack
- 2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches
- China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games
- Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats
- NetRise Raises $10 Million to Grow Software Supply Chain Security Platform
- Hertz Discloses Data Breach Linked to Cleo Hack
- CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security Officer at Adobe
thehackernews.com
- Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits
- TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns
- New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status
- A New Maturity Model for Browser Security: Closing the Last-Mile Risk
- Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update
- U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms
- Microsoft Removes Password Management from Authenticator App Starting August 2025
- U.S. Agencies Warn of Rising Iranian Cyber Attacks on Defense, OT Networks, and Critical Infrastructure
- Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects
- Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks
- Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories
- Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more
therecord.media
- Russian bulletproof hosting service Aeza Group sanctioned by US for ransomware work
- Cyberattack on Russian independent media had links to US-sanctioned institute, researchers find
- Trump’s national cyber director nominee clears Senate committee
- Spanish police arrest five over $542 million crypto investment scheme
- International Criminal Court targeted by new ‘sophisticated’ attack
threatpost.com
- Student Loan Breach Exposes 2.5M Records
- Watering Hole Attacks Push ScanBox Keylogger
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
- Ransomware Attacks are on the Rise
- Cybercriminals Are Selling Access to Chinese Surveillance Cameras
- Twitter Whistleblower Complaint: The TL;DR Version
- Firewall Bug Under Active Attack Triggers CISA Warning
- Fake Reservation Links Prey on Weary Travelers
- iPhone Users Urged to Update to Patch 2 Zero-Days
- Google Patches Chrome’s Fifth Zero-Day of the Year
tripwire.com-state-of-security
- 5 Critical Security Risks Facing COBOL Mainframes
- Essential Features to Look for in a VM Solution
- Outdated Routers: The Hidden Threat to Network Security, FBI Warns
- Securing Our Water: Understanding the Water Cybersecurity Enhancement Act of 2025
- Revenge, Fame, and Fun: The Motives Behind Modern Cyberattacks
- Clean Up in the Cybersecurity Aisle: Cybercriminals and Groceries
- Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay
- Shifting Gears: India's Government Calls for Financial Cybersecurity Change
- Continuous Threat Exposure Management (CTEM): The Future of Vulnerability Assessment
- How Human Behavior Can Strengthen Healthcare Cybersecurity