π The job hunterβs guide: Separating genuine offers from scams π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
90,000year, full home office, and 30 days of paid leave, and all for a job as a junior data analyst unbelievable, right? This and many other job offers are fake though made just to ensnare unsuspecting victims into giving up their data.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
The job hunterβs guide: Separating genuine offers from scams
$90,000/year, full home office, and 30 days of paid leave, and all for a job as a junior data analyst β unbelievable, right? This and many other job offers are fake though β made just to ensnare unsuspecting victims into giving up their data.
ποΈ Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. "The attackers used the cmd.catchattr docker image container that retrieves the payload from their own commandandcontrol CC infrastructure," Trend Micro researchers Sunil Bharti and Shubham.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Researchers issue warning over new ransomware variant targeting the education sector π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Researchers have published research on a new ransomware variant using compromised VPN credentials to target education organizations in the US.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Researchers issue warning over new ransomware variant targeting the education sector
Researchers have published research on a new ransomware variant using compromised VPN credentials to target education organizations in the US
ποΈ SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Computer Emergency Response Team of Ukraine CERTUA has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC0020, which is also called Vermin and is assessed to be associated with security agencies of the Luhansk.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Supply chain attacks are still plaguing enterprises β here's why π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A host of organizations have fallen prey to supply chain attacks over the last month, including Santander, Ticketmaster, and two major hospitals.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Supply chain attacks are still plaguing enterprises β here's why
A host of organizations have fallen prey to supply chain attacks over the last month, including Santander, Ticketmaster, and two major hospitals
ποΈ FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Federal Bureau of Investigation FBI has disclosed that it's in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. "We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov," FBI Cyber Division.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π #Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Experts advised that crisis management and recovery is as much about communications and testing as it is about technical defense measures.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
#Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis
Experts advised that crisis management and recovery is as much about communications and testing as it is about technical defense measures
π Security Flaws Found in Popular WooCommerce Plugin π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Despite reported attempts from Patchstack to contact the vendor, no response has been received.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Security Flaws Found in Popular WooCommerce Plugin
Despite reported attempts from Patchstack to contact the vendor, no response has been received
π #Infosec2024: Collaboration is Key to an Effective Security Culture π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Organizations need a culture that goes beyond reporting incidents, where the business wants to collaborate with the security team.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
#Infosec2024: Collaboration is Key to an Effective Security Culture
Organizations need a culture that goes beyond reporting incidents, where the business wants to collaborate with the security team
π1
ποΈ Cyber Landscape is Evolving - So Should Your SCA ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Traditional SCAs Are Broken Did You Know You Are Missing Critical Pieces? Application Security professionals face enormous challenges securing their software supply chains, racing against time to beat the attacker to the mark. Software Composition Analysis SCA tools have become a basic instrument in the application security arsenal in the last 7 years. Although essential, many platforms.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google is urging thirdparty Android app developers to incorporate generative artificial intelligence GenAI features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created through such tools. To that end, apps that generate content using AI must ensure they don't create.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ With hundreds of Snowflake credentials published on the dark web, itβs time for enterprises to get MFA in order π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The recent Snowflake debacle highlights the need for more stringent enterprise MFA practices.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
With hundreds of Snowflake credentials published on the dark web, itβs time for enterprises to get MFA in order
The recent Snowflake debacle highlights the need for more stringent enterprise MFA practices
π§ Open source, open risks: The growing dangers of unregulated generative AI π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
While mainstream generative AI models have builtin safety barriers, opensource alternatives have no such restrictions. Heres what that means for cyber crime. Theres little doubt that opensource is the future of software. According to the 2024 State of Open Source Report, over twothirds of businesses increased their use of opensource software in the last year. The post Open source, open risks The growing dangers of unregulated generative AI appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Open source, open risks: The growing dangers of unregulated generative AI
Generative AI has proved to be a game-changing tool for many organizations. But without regulation, generative AI could be the new cyber crime frontier.
π EmailGPT Exposed to Prompt Injection Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The flaw enables attackers to gain control over the AI service by submitting harmful prompts.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
EmailGPT Exposed to Prompt Injection Attacks
The flaw enables attackers to gain control over the AI service by submitting harmful prompts
π TOR Virtual Network Tunneling Tool 0.4.8.12 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with builtin privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers ISPs. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
TOR Virtual Network Tunneling Tool 0.4.8.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π jSQL Injection 0.98 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
jSQL Injection 0.98 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΅οΈββοΈ Developing a Plan to Respond to Critical CVEs in Open Source Software π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Establishing a clear process for developers to respond to critical CVEs is essential for having a rapid and coordinated response.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Developing a Plan to Respond to Critical CVEs in Open Source Software
Establishing a clear process for developers to respond to critical CVEs is essential for having a rapid and coordinated response.
π¦Ώ Get 2 Lifetime Password Manager Subscriptions for Only $50 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Save your business time and money with Sticky Password Premium and get this twoaccount bundle for 49.99 reg. 399 at TechRepublic Academy.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Get 2 Lifetime Password Manager Subscriptions for Only $50
Save your business time and money with Sticky Password Premium and get this two-account bundle for $49.99 at TechRepublic Academy.
π΅οΈββοΈ 'Sticky Werewolf' APT Stalks Aviation Sector π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The proUkranian group has upgraded its infection chain, with credentials, strategic info on commercial pilots, or billiondollar designs as the possible prizes.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Sticky Werewolf' APT Stalks Aviation Sector
The pro-Ukranian group has upgraded its infection chain, with credentials, strategic info on commercial pilots, or billion-dollar designs as the possible prizes.
ποΈ Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
2023 was a year of unprecedented cyberattacks. Ransomware crippled businesses, DDoS attacks disrupted critical services, and data breaches exposed millions of sensitive records. The cost of these attacks? Astronomical. The damage to reputations? Irreparable. But here's the shocking truth many of these attacks could have been prevented with basic cyber hygiene. Are you ready to transform your.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed that the LightSpy spyware allegedly targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant. The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the crossplatform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1