πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.7K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ•΅οΈβ€β™‚οΈ Networking Without the Hangover πŸ•΅οΈβ€β™‚οΈ

How Sober in Cyber is redefining professional connections in the security industry.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Ransomware Eruption: Novel Locker Malware Flows From β€˜Volcano Demon' πŸ•΅οΈβ€β™‚οΈ

Attackers clear logs before exploitation and use "no caller ID" numbers to negotiate ransoms, complicating detection and forensics efforts.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
β™ŸοΈ The Not-So-Secret Network Access Broker x999xx β™ŸοΈ

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain oldschool Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is "x999xx," the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.

πŸ“– Read more.

πŸ”— Via "Krebs on Security"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike πŸ–‹οΈ

A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike.  The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690 IP addresses that were flagged to.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Twilio's Authy App Breach Exposes Millions of Phone Numbers πŸ–‹οΈ

Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named ShinyHunters.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸš€ No room for error: Don’t get stung by these common Booking.com scams πŸš€

From sending phishing emails to posting fake listings, heres how fraudsters hunt for victims while youre booking your wellearned vacation.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” WordPress Plugins at Risk From Polyfill Library Compromise πŸ“”

The attack exploits the polyfill.io domain, which was recently acquired by Funnull, a Chinabased entity.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Brazil Halts Meta's AI Data Processing Amid Privacy Concerns πŸ–‹οΈ

Brazil's data protection authority, Autoridade Nacional de Proteo de Dados ANPD, has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence AI algorithms. The ANPD said it found "evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” UK’s NCA Leads Major Cobalt Strike Takedown πŸ“”

Global law enforcers have share intelligence leading to the takedown of hundreds of IP addresses hosting Cobalt Strike.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Twilio warns Authy users of imminent social engineering attacks after hackers got hold of phone numbers πŸ“’

Twilio warned Authy users to beware of social engineering attacks, after the ShinyHunters gang listed 33 million records for sale on the dark web.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ“” New Ransomware Group Phones Execs to Extort Payment πŸ“”

Researchers claim the Volcano Demon ransomware group personally phone victims to pressure them into paying.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus πŸ–‹οΈ

Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denialofservice DoS condition. "The remote code execution vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device," security researcher.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ NinjaOne unveils new channel program to drive partner growth πŸ“’

The new NinjaOne partner initiative aims to prioritize partner advancement through new incentives and resources.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Why enterprise data protection doesn't have to be a drag or drain πŸ“’

Advanced solutions can simplify and strengthen data protection as well as boosting operational efficiency for enterprises facing modern cybersecurity challenges.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Want cheaper cyber insurance? Security leaders say improving resilience has helped them save on coverage πŸ“’

Cyber insurance is becoming widespread, and many enterprises are making major investments to boost resilience in a bid to drive down their premiums.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Software Productivity Tools Hijacked to Deliver Infostealers πŸ•΅οΈβ€β™‚οΈ

Innocuous little Windows programs were carrying cheap malware for weeks, exposing customers of the Indiabased software vendor to data theft.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Cyber Insurance Premiums Are Declining Worldwide as Businesses Improve Security, Howden Insurance Broker Report Finds 🦿

Rates have declined by 15 since the market peak in 2022, according to Howden Insurance Brokers.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Europol Warns of Home Routing Challenges For Lawful Interception πŸ“”

Law Enforcement Agencies cant intercept communications without an agreement disabling PET in home routing.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Meta Faces Suspension of AI Data Training in Brazil πŸ“”

The action comes in response to concerns over the companys updated privacy policy.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ₯°1
πŸ“” Over $1bn in Cryptocurrency Lost to Web3 Cyber Incidents in 2024 πŸ“”

Certik observed the loss of 1.1bn worth of cryptocurrency across Web3 platforms in the first half of 2024, with phishing the most common vector.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Gamers' Data Exposed in RPG Platform Roll20 Breach πŸ“”

Roll20 confirmed its administrative website account was accessed by a bad actor, leaving its users personal information exposed.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity