πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.7K subscribers
89.7K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
🦿 Get Advanced Ad Blocking and Superior Data Privacy Tools for Just $11 Until 7/21 🦿

Block popups, banners and video ads while also protecting yourself from activity trackers, phishing attempts, fraudulent websites and other types of malware with AdGuard.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Webinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity Attacks πŸ–‹οΈ

Identity theft isn't just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials. The stakes are high ransomware attacks, lateral movement, and devastating data breaches. Don't be caught off guard. Join us for a groundbreaking webinar that will change the way you approach cybersecurity.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers πŸ–‹οΈ

French cloud computing firm OVHcloud said it mitigated a recordbreaking distributed denialofservice DDoS attack in April 2024 that reached a packet rate of 840 million packets per second Mpps. This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020. The 840 Mpps DDoS attack is said to have been a combination of a TCP.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Blueprint for Success: Implementing a CTEM Operation πŸ–‹οΈ

The attack surface isnt what it once was and its becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If youve clicked on this article, theres a good chance youre looking for solutions to manage this risk. In 2022, a new framework was coined by Gartner.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks πŸ–‹οΈ

The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. "Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason said in an analysis published last week. "While some of the particulars of GootLoader payloads have.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies πŸ–‹οΈ

The supply chain attack targeting widelyused Polyfill.io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "httpscdn.polyfill.io" or "httpscdn.polyfill.com" in their HTTP responses, the attack.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks πŸ–‹οΈ

Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denialofservice DDoS attacks. Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the commandandcontrol C2 servers "ootheca.pw" and "ootheca.top". "Functionally, Zergeca is not just a typical DDoS botnet besides supporting six.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸš€ Social media and teen mental health – Week in security with Tony Anscombe πŸš€

Social media sites are designed to make their users come back for more. Do laws restricting children's exposure to addictive social media feeds have teeth or are they a political gimmick?.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Vinted Fined €2.3m Over Data Protection Failure πŸ“”

The Lithuanian data protection authority has imposed a fine of almost 2.5m on secondhand specialist Vinted for breaching GDPR.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” EU Opens Applications for Cybersecurity and Digital Skills Funding πŸ“”

The EUs Digital Europe Programme DEP will provide over 210m in funding for cybersecurity and digital skills projects.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ¦… Increase in the exploitation of Microsoft SmartScreen vulnerability CVE-2024-21412 πŸ¦…

Key Takeaways  Cyble Research and Intelligence Labs CRIL recently came across an active campaign exploiting the Microsoft SmartScreen vulnerability CVE202421412.   The ongoing campaign targets multiple regions, including Spain, the US, and Australia.  It employs lures related to healthcare insurance schemes, transportation notices, and taxrelated communications to deceive individuals and organizations into downloading malicious payloads onto their machines.  The infection starts with a spam email containing a link that redirects users to a WebDAV share using a search protocol, deceiving them into executing a malicious internet shortcut file, exploiting CVE202421412.  The threat actors TAs conducted a multistage attack utilizing legitimate tools such as forfiles.exe,...

πŸ“– Read more.

πŸ”— Via "CYBLE"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Euro Vishing Fraudsters Add Physical Intimidation to Arsenal πŸ•΅οΈβ€β™‚οΈ

The persistent threat of social engineering tactics sees cybercriminals blending technology with human manipulation to exploit individuals.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Hackers stole OpenAI product secrets in 2023 data breach – reports πŸ“’

While OpenAI hasn't confirmed the breach, there are concerns that its systems could be vulnerable to nationstate hackers.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘4πŸ”₯1
🦿 10 Security Tips for Business Travellers This Summer 🦿

Travelling for work can open employees up to a new host of security threats, including insecure WiFi networks, infected public charging ports and Bluetooth attacks.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Microsoft warns 'Skeleton Key' can crack popular AI models for dangerous outputs πŸ“’

Microsoft says threat actors can bypass guardrails built into some of the most popular LLMs using this simple technique.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ The hackers behind the Indonesian data center attack just handed over a decryption key for free – and they even apologized πŸ“’

The threat actors behind a ransomware attack that crippled public services across Indonesia has handed over the decryption key for free.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ β€œA treasure trove for adversaries”: 10 billion stolen passwords have been shared online in the biggest data leak of all time πŸ“’

A new recordbreaking password leak saw over 10 billion credentials posted to an underground hacking forum last week.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ•΅οΈβ€β™‚οΈ 5 Ways to Run Security as a Meritocracy πŸ•΅οΈβ€β™‚οΈ

Actions speak louder than words. Here are five tips for encouraging a security culture based on achievements.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ•΅οΈβ€β™‚οΈ Deconstructing Security Assumptions to Ensure Future Resilience πŸ•΅οΈβ€β™‚οΈ

By breaking down fundamental assumptions, we can proactively plan for, and begin to achieve, future resilience.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Industrial Cyber Security Basics Can Help Protect APAC Operational Technology Operators: Dragos 🦿

Operational technology users face challenges including communication between process engineering and cyber security teams, a growth in malware and ransomware, and insiders making basic technology mistakes.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Cybersecurity Glossary Pack 🦿

Save 17 and enhance your cybersecurity knowledge. The combined value of the four PDFs is 56, but this pack is priced at 39. It doesnt matter whether your organization is a huge multinational business enterprise or a oneperson operation, cybersecurity will be an important issue. With this TechRepublic Premium pack, readers can get four cybersecurity ...

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity