πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.7K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ–‹οΈ Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data πŸ–‹οΈ

The North Korealinked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather email addresses, usernames,.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others πŸ–‹οΈ

GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment CICD pipelines as any user. The weaknesses, which affect GitLab Community Edition CE and Enterprise Edition EE, have been addressed in versions 17.1.1, 17.0.3, and 16.11.5. The most severe of the.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” TeamViewer Cyber-Attack Attributed to Russian APT Midnight Blizzard πŸ“”

Remote software provider TeamViewer has revealed it has been hit by a cyberattack that it attributes to Russian state actor Midnight Blizzard.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ TeamViewer Credits Network Segmentation for Rebuffing APT29 Attack πŸ•΅οΈβ€β™‚οΈ

Despite warnings from HealthISAC and the NCC Group, the remote access software maker says defenseindepth kept customers' data safe from Midnight Blizzard.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸš€ Key trends shaping the threat landscape in H1 2024 – Week in security with Tony Anscombe πŸš€

Learn about the categories of threats that 'topped the charts' and the kinds of techniques that bad actors leveraged most commonly in the first half of this year.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ–‹οΈ Google to Block Entrust Certificates in Chrome Starting November 2024 πŸ–‹οΈ

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
❀1πŸ‘1
πŸ–‹οΈ Juniper Networks Releases Critical Security Update for Routers πŸ–‹οΈ

Juniper Networks has released outofband security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE20242973, carries a CVSS score of 10.0, indicating maximum severity. An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Cyber attacks on healthcare organizations are surging – here's why πŸ“’

Healthcare organizations have been targeted with spiraling costs linked to a record number of cyber attacks in recent years.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Everything you need to know about the TeamViewer breach πŸ“’

TeamViewers corporate IT environment is believed to have been accessed by Russian statesponsored hacker collective, Midnight Blizzard.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ€”1
πŸ“’ Securing tomorrow πŸ“’

Maximising the value of technology in an evolving defence sector.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ A CISO's guide to safely unleashing the power of genAI πŸ“’

Safeguard against the threats of AI.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Apple CocoaPods Bugs Expose Millions of Apps to Code Injection πŸ•΅οΈβ€β™‚οΈ

Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Apple's AI Moves Will Impact Future Chip, Cloud Security Plans πŸ•΅οΈβ€β™‚οΈ

Analysts say Apple's blackbox approach provides a blueprint for rival chip makers and cloud providers.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Name That Edge Toon: Cyber Cloudburst πŸ•΅οΈβ€β™‚οΈ

Feeling creative? Submit your caption and our panel of experts will reward the winner with a 25 Amazon gift card.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Thinking About Security, Fast & Slow πŸ•΅οΈβ€β™‚οΈ

To be effective, managing risk demands both fast responses and strategic thinking.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 AVG Secure VPN vs Surfshark (2024): Which VPN Is Better? 🦿

Is Surfshark better than AVG? Is AVG Secure VPN worth it? Find out which VPN is better with our guide.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Get a Lifetime of 1TB Cloud Storage for Only $80 With FolderFort 🦿

Fast, affordable cloud storage isnt always easy to find for businesses, but now you can have a massive amount with maximum security.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 TechRepublic Premium Editorial Calendar: Policies, Checklists, Hiring Kits and Glossaries for Download 🦿

TechRepublic Premium content helps you solve your toughest IT issues and jumpstart your career or next project.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ›  OpenSSH 9.8p1 πŸ› 

This is a Linuxportable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patentencumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other cleanups.

πŸ“– Read more.

πŸ”— Via "Packet Storm - Tools"

----------
πŸ‘οΈ Seen on @cibsecurity
🧠 ChatGPT 4 can exploit 87% of one-day vulnerabilities 🧠

Since the widespread and growing use of ChatGPT and other large language models LLMs in recent years, cybersecurity has been a top concern. Among the many questions, cybersecurity professionals wondered how effective these tools were in launching an attack. Cybersecurity researchers Richard Fang, Rohan Bindu, Akul Gupta and Daniel Kang recently performed a study to The post ChatGPT 4 can exploit 87 of oneday vulnerabilities appeared first on Security Intelligence.

πŸ“– Read more.

πŸ”— Via "Security Intelligence"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ CapraRAT Spyware Disguised as Popular Apps Threatens Android Users πŸ–‹οΈ

The threat actor known as Transparent Tribe has continued to unleash malwarelaced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity