π΅οΈββοΈ Q&A: How Israeli Cybersecurity Companies Endure Through the Conflict π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As Israeli employees get called up for reserve military duty, the impact on their day jobs and employers is still being calculated.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Q&A: How Israeli Cybersecurity Companies Endure Through the Conflict
As Israeli employees get called up for reserve military duty, the impact on their day jobs and employers is still being calculated.
π Falco 0.37.0 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
Falco 0.37.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π1
π΅οΈββοΈ Solving the Cybersecurity Skills Gap With Racial Inclusivity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Addressing the growing demand for cybersecurity professionals is also an opportunity to create a more racially inclusive workforce.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Solving the Cybersecurity Skills Gap With Racial Inclusivity
Addressing the growing demand for cybersecurity professionals is also an opportunity to create a more racially inclusive workforce.
π Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
After analyzing the 12 Rust payloads exploiting Ivanti ConnectSecure vulnerabilities, Synacktiv found they all enabled a sophisticated postexploitation toolkit.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit
After analyzing the Rust payloads exploiting Ivanti ConnectSecure vulnerabilities, Synacktiv found they all enabled a post-exploitation toolkit
π΅οΈββοΈ UAE Government Cyber Chief: We Face 50K Cyberattacks Daily π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Emirates see phishing emails, DDoS attacks, and ransomware, as well as port scans, regularly.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
UAE Government Cyber Chief: We Face 50K Cyberattacks Daily
The Emirates face phishing emails, DDoS attacks, and ransomware, as well as port scans, on a regular basis.
π Alpha Ransomware Group Launches Data Leak Site on the Dark Web π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Netenrich analized the ransom note pattern saying the group is refining their messages to victims.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Alpha Ransomware Group Launches Data Leak Site on the Dark Web
Netenrich analyzed the ransom note pattern saying the group is refining their messages to victims
π How to Protect Sensitive Data While Using ChatGPT and Other Generative AI Tools π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Generative AI platforms like ChatGPT have emerged as a new frontier of data breaches, especially in the rise of hybrid work. Equipped with the function to generate various content and troubleshoot software bugs, these applications can leak training data and violate privacy. In their research, Work From Anywhere, Fortinet found that about 62 of organizations The post How to Protect Sensitive Data While Using ChatGPT and Other Generative AI Tools appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Your Guide to Protecting Sensitive Data While Using ChatGPT
Discover how to keep your sensitive data safe while using ChatGPT. This guide covers best practices, privacy tips, and security measures to protect your information.
ποΈ URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
GitLab once again released fixes to address a critical security flaw in its Community Edition CE and Enterprise Edition EE that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE20240402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10. "An issue has been discovered in GitLab CEEE affecting all versions from 16.0 prior to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π Orange EspaΓ±a Breach: Dark Web Flooded With Operator Credentials π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Resecurity discovered over 1572 compromised customers from RIPE, APNIC, AFRINIC and LACNIC.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Orange EspaΓ±a Breach: Dark Web Flooded With Operator Credentials
Resecurity discovered over 1572 compromised customers from RIPE, APNIC, AFRINIC and LACNIC
ποΈ Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of So Paulo, Santa Catarina, Par, Gois, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Schneider Electric Confirms Data Accessed in Ransomware Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Energy firm Schneider Electric said a ransomware incident, reportedly perpetrated by the Cactus group, has led to data being accessed from its Sustainability Business division.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Schneider Electric Confirms Data Accessed in Ransomware Attack
Energy firm Schneider Electric said a ransomware incident, reportedly perpetrated by the Cactus group, has led to data being accessed from its Sustainability Business division
π» Apple accuses UK gov't of βunprecedented overreachβ on privacy π»
π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
In the name of security, the UK government may well have put a cybersecurity target on the nations back, with Apple once again warning that proposed changes to the Investigatory Powers Act 2016 are a serious and direct threat to data security and information privacy.We are deeply concerned about the amendments to the Investigatory Powers Bill currently before Parliament, which will put the privacy and security of users at risk," Apple said in a statement. This is an unprecedented overreach by the government and, if implemented, the UK new user protections could be secretly vetoed globally, preventing us from ever delivering them to customers.To read this article in full, please click here.π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
Computerworld
Apple accuses UK gov't of βunprecedented overreachβ on privacy
Apple warns that proposed UK laws are a βserious and direct threat to data security and information privacy.β
βοΈ Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
On Jan. 9, 2024, U.S. authorities arrested a 19yearold Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIMswapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider
On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accusedβ¦
𧨠Was the Fake Joe Biden Robocall Created with AI? π§¨
π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
As voters in the recent New Hampshire primary have found, a fake robocall of President Joe Biden has been making... The post Was the Fake Joe Biden Robocall Created with AI? appeared first on McAfee Blog.π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
McAfee Blog
Was the Fake Joe Biden Robocall Created with AI? | McAfee Blog
As voters in the recent New Hampshire primary have found, a fake robocall of President Joe Biden has been making the rounds. Using AI voice-cloning
π΅οΈββοΈ Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Chinalinked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure
The China-linked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.
π΅οΈββοΈ Forcepoint Federal Rebrands As Everfox to Reflect New Era of Defense-Grade Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Forcepoint Federal Rebrands As Everfox to Reflect New Era of Defense-Grade Cybersecurity
π΅οΈββοΈ Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats
The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.
π΅οΈββοΈ 'Cactus' Ransomware Strikes Schneider Electric π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Schneider's Sustainability division, which provides software and consulting services to enterprises, was felled by cybercriminals in midJanuary.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Cactus' Ransomware Strikes Schneider Electric
Schneider's Sustainability division, which provides software and consulting services to enterprises, was felled by cybercriminals in mid-January.
π1
π΅οΈββοΈ Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The RCEauth bypass bugs in Connect Secure VPNs have gone unpatched for 20 days as statesponsored groups continue to backdoor Ivanti gear.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount
The RCE/auth bypass bugs in Connect Secure VPNs have gone unpatched for 20 days as state-sponsored groups continue to backdoor Ivanti gear.
π1
π’ From complexity to clarity: The channel opportunity in streamlining cyber security π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Upcoming legislation and a rapidly evolving threat landscape means organizations can't afford to lose track of security transformation plans and the channel can play a key role in bolstering defenses.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
From complexity to clarity: The channel opportunity in streamlining cyber security
Upcoming legislation and a rapidly evolving threat landscape means organizations can't afford to lose track of security transformation plans - and the channel can play a key role in bolstering defenses
ποΈ New Glibc Flaw Grants Attackers Root Access on Major Linux Distros ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library aka glibc. Tracked as CVE20236246, the heapbased buffer overflow vulnerability is rooted in glibc's vsysloginternal function, which is used by syslog and vsyslog for system logging purposes. It's said to have been accidentally.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity