πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.7K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ“” Half of Employees Fear Punishment for Reporting Security Mistakes πŸ“”

A ThinkCyber survey conducted at Infosecurity Europe 2024 found that half of employees are afraid of reporting security mistakes.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Friend or Foe? AI's Complicated Role in Cybersecurity πŸ•΅οΈβ€β™‚οΈ

Staying informed about the latest AI security solutions and best practices is critical in remaining a step ahead of increasingly clever cyberattacks.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Intel CPUs Face Spectre-Like 'Indirector' Attack That Leaks Data πŸ•΅οΈβ€β™‚οΈ

"Indirector" targets a speculative execution component in silicon that previous research has largely overlooked.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Cyber Extortion Soars: SMBs Hit Four Times Harder πŸ“”

Orange Cyberdefenses latest CyXplorer report shows a 77 rise in cyber extortion, with SMBs impacted 4.2 times more often than large enterprises.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack 🦿

The vulnerabilities have since been patched, but had quietly persisted since the CocoaPods migration in 2014.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Microsoft Uncovers Major Flaws in Rockwell PanelView Plus πŸ“”

The vulnerabilities stem from manipulable custom classes in PanelView Plus.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ The impact of generative AI on business πŸ“’

Optimal and speedy GenAI computing performance.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Ransomware Extortion Demands Soar to $5.2M per Attack πŸ•΅οΈβ€β™‚οΈ

The highest ransom demanded by threat actors this year so far was nearly 20 times last year's average.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ This new ransomware group has been calling up victims to pressure them into paying – and it could be their downfall πŸ“’

A new ransomware group has ditched the traditional leak site in favor of calling up their victims to pressure them into paying, but this could give law enforcement the extra info they need.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Critical vulnerabilities left millions of Apple devices at the mercy of hackers – and nobody noticed for nearly a decade πŸ“’

Apple devices could've been susceptible to supply chain attacks after three critical vulnerabilities went unnoticed for nearly a decade.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Any IoT Device Can Be Hacked, Even Grills πŸ•΅οΈβ€β™‚οΈ

Researchers uncover a way to hack the summer cookout but firmware updates will stop that grilled meat or tofu from turning into an inedible mess.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Bay Area Credit Union Struggles to Recover After Ransomware Attack πŸ•΅οΈβ€β™‚οΈ

Tens of thousands of Patelco customers remain without access to their accounts, with no estimates for when systems will be restored.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Hacker Busted for 'Evil Twin' Wi-Fi That Steals Airline Passenger Data πŸ•΅οΈβ€β™‚οΈ

Australian cops arrest man found with a portable WiFi access device in his carryon luggage, allegedly used for standing up scam WiFi networks on flights.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Networking Without the Hangover πŸ•΅οΈβ€β™‚οΈ

How Sober in Cyber is redefining professional connections in the security industry.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Ransomware Eruption: Novel Locker Malware Flows From β€˜Volcano Demon' πŸ•΅οΈβ€β™‚οΈ

Attackers clear logs before exploitation and use "no caller ID" numbers to negotiate ransoms, complicating detection and forensics efforts.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
β™ŸοΈ The Not-So-Secret Network Access Broker x999xx β™ŸοΈ

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain oldschool Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is "x999xx," the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.

πŸ“– Read more.

πŸ”— Via "Krebs on Security"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike πŸ–‹οΈ

A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike.  The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690 IP addresses that were flagged to.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Twilio's Authy App Breach Exposes Millions of Phone Numbers πŸ–‹οΈ

Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named ShinyHunters.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸš€ No room for error: Don’t get stung by these common Booking.com scams πŸš€

From sending phishing emails to posting fake listings, heres how fraudsters hunt for victims while youre booking your wellearned vacation.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” WordPress Plugins at Risk From Polyfill Library Compromise πŸ“”

The attack exploits the polyfill.io domain, which was recently acquired by Funnull, a Chinabased entity.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Brazil Halts Meta's AI Data Processing Amid Privacy Concerns πŸ–‹οΈ

Brazil's data protection authority, Autoridade Nacional de Proteo de Dados ANPD, has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence AI algorithms. The ANPD said it found "evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity