well...
news
latest news about cyber-security
news
>
@cyber-security
..
HOT:
@ukraine
,
@russia
,
@israel
,
@palestine
zdroje:
#bleepingcomputer.com
#blog.google-TAG
#csirt.cz
#cyberscoop.com
#cybersecuritynews.com
#darkreading.com
#googleprojectzero.blogspot.com
#kratkespravy.sk
#krebsonsecurity.com
#linuxsecurity.com
#nakedsecurity.sophos.com
#nukib.cz
#scmagazine.com
#security.googleblog.com
#securityaffairs.co
#securityweek.com
#thehackernews.com
#therecord.media
#threatpost.com
#tripwire.com-state-of-security
bleepingcomputer.com
Microsoft ends development of Windows Server Update Services (WSUS)
Windows Server 2025 previews security updates without restarts
Disney ditching Slack after massive July data breach
Ukraine bans Telegram on military, govt devices over security risks
Dell investigates data breach claims after hacker leaks employee info
macOS Sequoia change breaks networking for VPN, antivirus software
Clickbaity or genius? 'BF cheated on you' QR codes pop up across UK
Suspects behind $230 million cryptocurrency theft arrested in Miami
CISA warns of actively exploited Apache HugeGraph-Server bug
Microsoft Edge will flag extensions causing performance issues
Tor says it’s "still safe" amid reports of police deanonymizing users
Ivanti warns of another critical CSA flaw exploited in attacks
blog.google-TAG
TAG Bulletin: Q3 2024
State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
Iranian backed group steps up phishing campaigns against Israel, U.S.
Google disrupted over 10,000 instances of DRAGONBRIDGE activity in Q1 2024
TAG Bulletin: Q2 2024
A review of zero-day in-the-wild exploits in 2023
TAG Bulletin: Q1 2024
Tool of First Resort: Israel-Hamas War in Cyber
Buying Spying: How the commercial surveillance industry works and what can be done about it
TAG Bulletin: Q4 2023
Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware
Zimbra 0-day used to target international government organizations
csirt.cz
Nový malware zneužívá režim kiosku pro krádež Google přihlašovacích údajů
Podvodné SMS cílí na oběti povodní
Postřehy z bezpečnosti: krádež dat pomocí „mluvících pixelů“
Posílení bezpečnosti internetu a řešení zranitelností BGP
Phishingové útoky na identitu občana
Postřehy z bezpečnosti: chybný OAuth rizikem pro téměř milion webů
Masivní výpadek systémů Windows způsobila chyba aktualizace bezpečnostního softwaru společnosti Crowdstrike
CSIRT.CZ upozorňuje na nový cíl útočníků
Postřehy z bezpečnosti: Proběhlo Cyber Europe 2024, Kaspersky v USA končí
Postřehy z bezpečnosti: odhalena totožnost vývojáře LockBitu
cyberscoop.com
OIG audit calls for more clarity from CISA, DHS on disinformation mission
Here’s what corporate boards are asking Kevin Mandia about
European, Latin American authorities arrest 17 in crackdown on phishing network with 483,000 victims
Krebs: Iranian outreach to Biden campaign was ‘late breaking’ news to U.S. gov
UnitedHealth Group CISO: We had to ‘start over’ after Change Healthcare attack
FTC details how streaming services, social media have become ‘mass surveillance’ machines
What more can be done to stop ransomware attacks?
Despite challenges, Minnesota’s top election official is ‘an optimist’ heading into November
U.S. agencies say Iranian hackers tried to pass ‘non-public’ Trump campaign docs to Biden’s campaign
Newmark initiative will bring online a network of civil defense hackers
cybersecuritynews.com
private
Star Health Data Leak: 31 Million Customers’ Data Exposed via Telegram
CISA Releases Six New Advisories For Industrial Control Systems
New MacOS Malware Let Attackers Control The Device Remotely
GitLab Urges Organizations To Patch For Authentication Bypass Vulnerability
Google Password Manager PIN Feature Let Users Sync Passkeys Across Devices
UNC1860 Hackers Use Specialized Tools & Backdoors To Penetrate Victims’ Networks
TeamTNT Hackers Attacking VPS Servers Running CentOS
Operation Kaerb, Masterminds Behind iserver Phishing-As-A-Service Platform Arrested
Ivanti Warns of CSA Vulnerability Actively Exploited in Attacks
Why Cynet’s All-in-One Platform Is a Game-Changer for MSPs
darkreading.com
Ivanti's Cloud Service Appliance Attacked via Second Vuln
Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware
Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover
LinkedIn Addresses User Data Collection for AI Training
GenAI in Cybersecurity: Insights Beyond the Verizon DBIR
North Korean APT Bypasses DMARC Email Policies in Cyber-Espionage Attacks
Mastercard's Recorded Future Deal Furthers Its AI Security Goals
CrowdStrike Expands Cybersecurity Startup Accelerator With AWS and NVIDIA
Abstract Security Expands Multi-Cloud Security Operations
GitLab Warns of Max Severity Authentication Bypass Bug
c/side Lands $6M to Combat Rising Browser Supply Chain Attacks
Vice Society Pivots to Inc Ransomware in Healthcare Attack
googleprojectzero.blogspot.com
The Windows Registry Adventure #3: Learning resources
Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models
Driving forward in Android drivers
The Windows Registry Adventure #2: A brief history of the feature
The Windows Registry Adventure #1: Introduction and research results
First handset with MTE on the market
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit
Analyzing a Modern In-the-wild Android Exploit
MTE As Implemented, Part 1: Implementation Testing
MTE As Implemented, Part 3: The Kernel
MTE As Implemented, Part 2: Mitigation Case Studies
Summary: MTE As Implemented
kratkespravy.sk
Oslo: Návod na použitie
Zo sveta IT bezpečnosti, 8/2024
Zo sveta IT bezpečnosti, 7/2024
Zo sveta IT bezpečnosti, 6/2024
Zo sveta IT bezpečnosti, 5/2024
Zo sveta IT bezpečnosti, 4/2024
Zo sveta IT bezpečnosti, 3/2024
Zo sveta IT bezpečnosti, 2/2024
Zo sveta IT bezpečnosti, 1/2024
Zo sveta IT bezpečnosti, 12/2023
krebsonsecurity.com
This Windows PowerShell Phish Has Scary Potential
Scam ‘Funeral Streaming’ Groups Thrive on Facebook
The Dark Nexus Between Harm Groups and ‘The Com’
Bug Left Some Windows PCs Dangerously Unpatched
Sextortion Scams Now Include Photos of Your Home
Owners of 1-Time Passcode Theft Service Plead Guilty
When Get-Out-The-Vote Efforts Look Like Phishing
New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
Local Networks Go Global When Domain Names Collide
National Public Data Published Its Own Passwords
linuxsecurity.com
How Static Residential Proxies Support Ethical Web Scraping Practices
Cybersecurity Regulations and Compliance for Linux Users
Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
Debian: DSA-5774-1: ruby-saml Security Advisory Updates
SUSE: 2024:3354-1 important: wpa_supplicant Security Advisory Updates
SUSE: 2024:3355-1 moderate: libpcap Security Advisory Updates
SUSE: 2024:3357-1 important: python310 Security Advisory Updates
SUSE: 2024:3358-1 important: ffmpeg-4 Security Advisory Updates
SUSE: 2024:3351-1 moderate: python3 Security Advisory Updates
nakedsecurity.sophos.com
[kanál neteče]
nukib.cz
Dopis vyjadřující podporu dokumentu Position Paper on Quantum Key Distribution
Vyprodaný CyberCon ukazuje mnoho tváří kyberbezpečnosti – už podesáté
České, americké a další partnerské bezpečnostní instituce upozorňují na škodlivé aktivity ruského státního aktéra útočícího na kritickou infrastruktur[...]
Přechod webu nis2.nukib.gov.cz na Portál NÚKIB
Portál NÚKIB nově podporuje kvantově odolnou kryptografii
Upozornění na zvýšené riziko DDoS útoků během voleb do Evropského parlamentu
Upozornění na kompromitaci routerů Ubiquity Edge OS aktérem sponzorovaným ruským státem
Upozorňujeme na dvě kritické zranitelnosti v operačním systému FortiOS
Upozorňujeme na hrozbu Terrapin útoku mířícího na SSH protokol
NÚKIB upozorňuje na hrozbu spojenou s aplikací WeChat společnosti Tencent
Doporučení v oblasti kryptografických prostředků verze 3.0
Doporučení k používání protokolu TLP ke sdílení chráněných informací
scmagazine.com
[kanál neteče]
security.googleblog.com
[kanál neteče]
securityaffairs.co
Tor Project responded to claims that law enforcement can de-anonymize Tor users
UNC1860 provides Iran-linked APTs with access to Middle Eastern networks
US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency
The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector
U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog
Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw
International law enforcement operation dismantled criminal communication platform Ghost
U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Explo[...]
SIEM for Small and Medium-Sized Enterprises: What you need to know
Antivirus firm Dr.Web disconnected all servers following a cyberattack
securityweek.com
Ukraine Bans Telegram Messenger App on State-Issued Devices Because of Russian Security Threat
Industry Moves for the week of September 16, 2024 - SecurityWeek
Google Now Syncing Passkeys Across Desktop, Android Devices
UN Experts Urge United Nations to Lay Foundations for Global Governance of Artificial Intelligence
In Other News: Disney Ditches Slack, Binance Malware Warning, Defense Conference Targeted
Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China
Kubernetes Container Isolation Startup Edera Raises $5 Million
Law Enforcement Dismantles Phishing Platform Used for Unlocking Stolen Phones
Tor Responds to Reports of German Police Deanonymizing Users
Ivanti Warns of Second CSA Vulnerability Exploited in Attacks
Watch on Demand: 2024 Attack Surface Management Summit – All Sessions Available
thehackernews.com
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Passwordless AND Keyless: The Future of (Privileged) Access Management
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Wherever There's Ransomware, There's Service Account Compromise. Are You Protected?
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
therecord.media
More than $44 million in cryptocurrency stolen from Singaporean platform BingX
UK regulator stops LinkedIn from training AI models with British users’ content
Airline exec settles hack-for-hire case against law firm, pledging to ‘vigorously’ prosecute other alleged conspirators
Republicans demand FBI hearing on Iran theft of Trump documents
Ukraine bans Telegram on state and military devices
threatpost.com
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
tripwire.com-state-of-security
Solar Cybersecurity And The Nuances Of Renewable Energy Integration
NESA Standard Ensures Security of UAE’s Cyberspace
The Role of Zero Trust Architecture in Enhancing SSO Security
What’s Changed in CIS Critical Security Controls v8.1?
England and Wales Report a Spike in Computer Misuse
Mitigating Alert Fatigue in SecOps Teams
Navigating the Cloud Chaos: 2024's Top Threats Revealed
WordPress Plugin and Theme Developers Told They Must Use 2FA
Common Phishing Attacks and How to Protect Against Them
This Senate Bill Could Improve Voting Machine Security