well...
news
latest news about cyber-security
news
>
@cyber-security
↑
HOT:
@ukraine
,
@russia
,
@israel
,
@iran
,
@palestine
zdroje:
#bleepingcomputer.com
#blog.google-TAG
#csirt.cz
#cyberscoop.com
#cybersecuritynews.com
#darkreading.com
#googleprojectzero.blogspot.com
#kratkespravy.sk
#krebsonsecurity.com
#linuxsecurity.com
#nakedsecurity.sophos.com
#nukib.cz
#scmagazine.com
#security.googleblog.com
#securityaffairs.co
#securityweek.com
#thehackernews.com
#therecord.media
#threatpost.com
#tripwire.com-state-of-security
bleepingcomputer.com
BitoPro exchange links Lazarus hackers to $11 million crypto heist
Microsoft investigates OneDrive bug that breaks file search
Cloudflare blocks record 7.3 Tbps DDoS attack against hosting provider
Aflac discloses breach amidst Scattered Spider insurance attacks
Can users reset their own passwords without sacrificing security?
Microsoft to remove legacy drivers from Windows Update for security boost
No, the 16 billion credentials leak is not a new data breach
Godfather Android malware now uses virtualization to hijack banking apps
Webinar: Stolen credentials are the new front door to your network
OpenAI’s Sam Altman discusses GPT-5 release date
US recovers $225 million of crypto stolen in investment scams
Special Webinar: Key Insights from Verizon’s 2025 DBIR
blog.google-TAG
TAG Bulletin: Q1 2025
TAG Bulletin: Q4 2024
TAG Bulletin: Q3 2024
State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
Iranian backed group steps up phishing campaigns against Israel, U.S.
Google disrupted over 10,000 instances of DRAGONBRIDGE activity in Q1 2024
TAG Bulletin: Q2 2024
A review of zero-day in-the-wild exploits in 2023
TAG Bulletin: Q1 2024
Tool of First Resort: Israel-Hamas War in Cyber
Buying Spying: How the commercial surveillance industry works and what can be done about it
TAG Bulletin: Q4 2023
csirt.cz
Bezpečnostní analytik CSIRT.CZ objasnil principy phishingu v České televizi
Postřehy z bezpečnosti: nařízení vlády k novému ZKB jsou v připomínkovém řízení
Veškeré konverzace uživatelů s ChatGPT budou uchovávány. Včetně těch smazaných.
Pozor na nový phishing cílící na uživatele Microsoft Planneru
Závažná zranitelnost v Google Chrome
Výzkumníci odhalili tisíce zneužitelných zařízení jsou mezi nimi i České
Postřehy z bezpečnosti: rootkit Curing ukazuje slabiny detekce
Zranitelnosti v protokolu AirPlay umožňují vzdálené spuštění kódu přes Wi-Fi
Nová verze ransomwaru WormLocker
Distribuovaný FTP bruteforcer
cyberscoop.com
Financial deepfake scams targeted in bipartisan Senate bill
Aflac duped by social-engineering attack, marking another hit on insurance industry
Iran’s financial sector takes another hit as largest crypto exchange is targeted
Unusually patient suspected Russian hackers pose as State Department in ‘sophisticated’ attacks on researchers
Researchers say AI hacking tools sold online were powered by Grok, Mixtral
Iran’s Bank Sepah disrupted by cyberattack claimed by pro-Israel hacktivist group
Cyber experts call for supercharging volunteer network to protect community organizations
Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends
Scattered Spider, fresh off retail sector attack spree, pivots to insurance industry
SEC withdraws cyber rules for investment companies, advisers
cybersecuritynews.com
private
Critical OpenVPN Driver Vulnerability Allows Attackers to Crash Windows Systems
DuckDuckGo Rolls Out New Scam Blocker to Protect Users from Online Threats
How Smart Timesheet Software Is Changing the Way of Work
Microsoft Warns of OneDrive Bug that Causes Searches to Appear Blank
Microsoft Announces New Security Defaults for Windows 365 Cloud PCs
Prometei Botnet Attacking Linux Servers to Mine Cryptocurrency
Beware of Weaponized MSI Installer Mimic as WhatsApp Delivers Modified XWorm RAT
Record Breaking 7.3 Tbps DDoS Attack Blasting 37.4 Terabytes in Just 45 Seconds
CodeSign Secure v3.02: Future of Code Signing with PQC
Mocha Manakin Using Paste and Run Technique to Trick Users Into Downloading Malicious Payloads
darkreading.com
AWS Enhances Cloud Security With Better Visibility Features
Hackers Post Dozens of Malicious Copycat Repos to GitHub
Telecom Giant Viasat Is Latest Salt Typhoon Victim
How Cyber Warfare Changes the Face of Geopolitical Conflict
How to Lock Down the No-Code Supply Chain Attack Surface
Security Evolution: From Pothole Repair to Road Building
Scammers Spread False Support Info Using Legitimate Websites
Paragon Commercial Spyware Infects Prominent Journalists
Iran-Israel War Triggers a Maelstrom in Cyberspace
OpenAI Awarded $200M Contract to Work With DoD
The Triple Threat of Burnout: Overworked, Unsatisfied, Trapped
GodFather Banking Trojan Debuts Virtualization Tactic
googleprojectzero.blogspot.com
The Windows Registry Adventure #8: Practical exploitation of hive memory corruption
The Windows Registry Adventure #7: Attack surface analysis
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
The Windows Registry Adventure #6: Kernel-mode objects
Blasting Past Webp
Windows Bug Class: Accessing Trapped COM Objects with IDispatch
Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)
The Windows Registry Adventure #5: The regf file format
kratkespravy.sk
Zo sveta IT bezpečnosti, 5/2025
Zo sveta IT bezpečnosti, 4/2025
Zo sveta IT bezpečnosti, 3/2025
Zo sveta IT bezpečnosti, 2/2025
Zo sveta IT bezpečnosti, 1/2025
Zo sveta IT bezpečnosti, 12/2024
Zo sveta IT bezpečnosti, 11/2024
Zo sveta IT bezpečnosti, 10/2024
Zo sveta IT bezpečnosti, 9/2024
Oslo: Návod na použitie
krebsonsecurity.com
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
Patch Tuesday, June 2025 Edition
Proxy Services Feast on Ukraine’s IP Address Exodus
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
Pakistan Arrests 21 in ‘Heartsender’ Malware Service
Oops: DanaBot Malware Devs Infected Their Own PCs
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
Breachforums Boss to Pay $700k in Healthcare Breach
Patch Tuesday, May 2025 Edition
Pakistani Firm Shipped Fentanyl Analogs, Scams to US
linuxsecurity.com
Secure RHEL Clones Chart Diverging Paths
Optimizing Linux Security in 2025: Key Strategies & Best Practices
How to Secure Linux Servers in SaaS: Essential Security Guide for 2025
Critical GitHub Actions Vulnerabilities Expose Open-Source Risks
Oracle9: ELSA-2025-9114: apache-commons-beanutils Important
Oracle8: ELSA-2025-9188: idm:DL1 Important
Oracle8: ELSA-2025-9165: gimp:2.8 Important
Oracle8: ELSA-2025-9142: container-tools:ol8 Moderate
Oracle8: ELSA-2025-8696: perl-FCGI:0.78 Important
Oracle7: ELSA-2025-3978: postgresql Important
nakedsecurity.sophos.com
[kanál neteče]
nukib.cz
Návrh nového zákona o kybernetické bezpečnosti je v cílové rovince
NÚKIB a Microsoft stvrdily spolupráci v oblasti kybernetické bezpečnosti podpisem memoranda
NÚKIB a Senát ČR podepsaly Memorandum o spolupráci v oblasti kybernetické a informační bezpečnosti
NÚKIB představuje nové profesní kvalifikace v oblasti kybernetické bezpečnosti
Vydali jsme přehled kybernetických incidentů za květen 2025
Upozorňujeme na metodu „harvest now, decrypt later“
Upozornění na možnou zvýšenou aktivitu kyberútočníků v souvislosti s EXPO 2025
Upozorňujeme na zneužívání identit Amazon, Microsoft a státních institucí
Upozornění na zvýšené riziko DDoS útoků během voleb do Evropského parlamentu
Upozornění na kompromitaci routerů Ubiquity Edge OS aktérem sponzorovaným ruským státem
Doporučení v oblasti kryptografických prostředků verze 3.0
NÚKIB a Ministerstvo vnitra vydaly bezpečnostní doporučení pro vývoj otevřeného softwaru
scmagazine.com
[kanál neteče]
security.googleblog.com
[kanál neteče]
securityaffairs.co
Iran confirmed it shut down internet to protect the country against cyberattacks
Godfather Android trojan uses virtualization to hijack banking and crypto apps
Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider
Linux flaws chain allows Root access across major distributions
A ransomware attack pushed the German napkin firm Fasana into insolvency
Researchers discovered the largest data breach ever, exposing 16 billion login credentials
China-linked group Salt Typhoon breached satellite firm Viasat
Iran experienced a near-total national internet blackout
Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers
Healthcare services company Episource data breach impacts 5.4 Million people
securityweek.com
Virtue AI Attracts $30M Investment to Address Critical AI Deployment Risks
Industry Moves for the week of April 14, 2025 - SecurityWeek
Insurance Firm Lemonade Says API Glitch Exposed Some Driver’s License Numbers
Kidney Dialysis Services Provider DaVita Hit by Ransomware
Conduent Says Names, Social Security Numbers Stolen in Cyberattack
2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches
China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games
Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats
NetRise Raises $10 Million to Grow Software Supply Chain Security Platform
Hertz Discloses Data Breach Linked to Cleo Hack
CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security Officer at Adobe
thehackernews.com
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
Qilin Ransomware Adds "Call Lawyer" Feature to Pressure Victims for Larger Ransoms
Iran's State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
6 Steps to 24/7 In-House SOC Success
Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with macOS Backdoor Malware
Secure Vibe Coding: The Complete New Guide
Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session
Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign
Meta Adds Passkey Login Support to Facebook for Android and iOS Users
therecord.media
Judge overturns Biden-era HHS rule on HIPAA protections for those seeking reproductive care
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
Krispy Kreme: Over 160,000 people had data stolen during November 2024 cyberattack
Russian dairy supply disrupted by cyberattack on animal certification system
Aflac says it stopped attack launched by ‘sophisticated cybercrime group’
threatpost.com
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
tripwire.com-state-of-security
Interlock ransomware: what you need to know
NIST’s Responsibilities Under the January 2025 Executive Order
Proposed HIPAA Update Makes Yearly Pen Testing Mandatory
The Unique Cybersecurity Risks in the Manufacturing Sector
What the UK’s New Cyber Resilience Bill Means for Businesses—and How to Stay Ahead
3AM Ransomware Attackers Pose as IT Support to Compromise Networks
Health-ISAC 2025 Report: Ransomware Still Reigns as #1 Threat to Healthcare
Key Takeaways from the IBM X-Force 2025 Threat Intelligence Index
Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack
How IoT Security Cameras Are Susceptible to Cyber Attacks