πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.8K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ“’ Building an incident response strategy in 2024 πŸ“’

As the threat landscape changes, businesses must ensure their incident response strategy is up to the task and ready to meet the needs of regulators and stakeholders.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Identity Crime Reports Drop 16% Annually but Job Scams Surge πŸ“”

Identityrelated crimes declined 16 annually in 2023 with the majority related to compromised credentials.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Cyber Attackers Turn to Cloud Services to Deploy Malware πŸ“”

A growing number of malware operators have turned to cloudbased command and control servers to deploy malicious campaigns, Fortinet researchers found.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
🌊 Ransomware: Still a Threat in 2024? 🌊

In 2024, the threat of ransomware, a persistent and formidable force in the cybersecurity landscape, continues to loom large. Despite some positive strides, such as dismantling major ransomware groups, the danger remains substantial. Its of utmost importance for businesses and individuals to stay fully informed about the latest statistics and their implications. Lets investigate the The post Ransomware Still a Threat in 2024? appeared first on UnderDefense.

πŸ“– Read more.

πŸ”— Via "UnderDefense"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ 'Snowblind' Tampering Technique May Drive Android Users Adrift πŸ•΅οΈβ€β™‚οΈ

As cybersecurity's catandmouse game starts to look more like Tom and Jerry, attackers develop a method for undermining Android app security with no obvious fix.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
🧠 The dangers of anthropomorphizing AI: An infosec perspective 🧠

The generative AI revolution is showing no signs of slowing down. Chatbots and AI assistants have become an integral part of the business world, whether for training employees, answering customer queries or something else entirely. Weve even given them names and genders and, in some cases, distinctive personalities. There are two very significant trends happening The post The dangers of anthropomorphizing AI An infosec perspective appeared first on Security Intelligence.

πŸ“– Read more.

πŸ”— Via "Security Intelligence"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Fortinet vs Palo Alto (2024): Which NGFW Is Best for Your Team? 🦿

As two top NGFWs, Fortinet FortiGate seems to best fit small businesses, while Palo Alto works best for larger organizations. Find out in our comparison below.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
🦿 The 6 Best LastPass Alternatives for 2024 🦿

Looking for LastPass alternatives? Check out our list of the top password managers that offer secure and convenient options for managing your passwords.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Diverse Cybersecurity Workforce Act Offers More Than Diversity Benefits πŸ•΅οΈβ€β™‚οΈ

Our adversaries certainly have diversity so cybersecurity teams need it, too.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ New MOVEit Transfer Vulnerability Under Active Exploitation - Patch ASAP! πŸ–‹οΈ

A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE20245806 CVSS score 9.1, concerns an authentication bypass that impacts the following versions From 2023.0.0 before 2023.0.11 From 2023.1.0 before 2023.1.6, and.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ”₯1
πŸ“” Novel Banking Malware Targets Customers in Southeast Asia πŸ“”

A novel malware strain, Snowblind, bypasses security measures in banking apps on Android, leading to financial losses and fraud, according to Promon.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Getting value from generative AI πŸ“’

Become more productive and pursue innovation.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Progress Discloses Two New Vulnerabilities in MOVEit Products πŸ“”

Two authentication bypass vulnerabilities affect Progress Softwares MOVEit Transfer SFTP service in a default configuration and MOVEit Gateway.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Neiman Marcus Customers Impacted by Snowflake Data Breach πŸ•΅οΈβ€β™‚οΈ

The highend retailer is the latest company to confirm it was impacted by the wideranging Snowflake data breach, which impacted more than 165 organizations.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ”₯1
πŸ•΅οΈβ€β™‚οΈ Polyfill.io Supply Chain Attack Smacks Down 100K+ Websites πŸ•΅οΈβ€β™‚οΈ

The site is supplying malicious code that delivers dynamically generated payloads and can lead to other attacks, after a Chinese organization bought it earlier this year.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Apple AirPods Bug Allows Eavesdropping πŸ•΅οΈβ€β™‚οΈ

The vulnerability affects not only AirPods, but also AirPods Max, Powerbeats Pro, Beats Fit Pro, and all models of AirPods Pro.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Dangerous AI Workaround: 'Skeleton Key' Unlocks Malicious Content πŸ•΅οΈβ€β™‚οΈ

Microsoft, OpenAI, Google, Meta genAI models could be convinced to ditch their guardrails, opening the door to chatbots giving unfettered answers on building bombs, creating malware, and much more.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Small businesses face continued security threats as trojan attacks surge πŸ“’

Cyber attacks on small businesses are still growing at a steady pace.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸš€ Cyber insurance as part of the cyber threat mitigation strategy πŸš€

Why organizations of every size and industry should explore their cyber insurance options as a crucial component of their risk mitigation strategies.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application πŸ–‹οΈ

A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE20245276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow versions 5.1.6 Build 135 and earlier. It has been addressed in version 5.1.6 build 139. "An SQL injection vulnerability in.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Russian National Indicted for Cyber Attacks on Ukraine Before 2022 Invasion πŸ–‹οΈ

A 22yearold Russian national has been indicted in the U.S. for his alleged role in staging destructive cyber attacks against Ukraine and its allies in the days leading to Russia's fullblown military invasion of Ukraine in early 2022. Amin Timovich Stigal, the defendant in question, is assessed to be affiliated with the Main Directorate of the General Staff of the Armed Forces of the Russian.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity