πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.7K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ–‹οΈ Apple Removes VPN Apps from Russian App Store Amid Government Pressure πŸ–‹οΈ

Apple removed a number of virtual private network VPN apps in Russia from its App Store on July 4, 2024, following a request by Russia's state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It's worth noting that NordVPN previously shut.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” New APT CloudSorcerer Malware Hits Russian Targets πŸ“”

The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Mekotio Trojan Targets Latin American Banking Credentials πŸ“”

Trend Micro said the trojan has been observed masquerading as communications from tax agencies.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Cisco Warns regreSSHion Vulnerability Impacts Multiple Products πŸ“”

Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Russia Blocks VPN Services in Information Crackdown πŸ“”

The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Crypto Thefts Double to $1.4 Billion, TRM Labs Finds πŸ“”

Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” 10 Billion Passwords Leaked on Hacking Forum πŸ“”

A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Cyber-Insurance Prices Plummet as Market Competition Grows πŸ•΅οΈβ€β™‚οΈ

Now may be a good time to find good deals on insurance coverage for ransomware and security incidents.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Identity Orchestration Is Gaining Traction πŸ•΅οΈβ€β™‚οΈ

Identity orchestration products are increasingly projected to be introduced to the market in the next couple of years. Market trends and benefits of identity orchestration are explored.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ 10B Passwords Pop Up on Dark Web 'RockYou2024' Release πŸ•΅οΈβ€β™‚οΈ

The passwords, dumped on a cyberunderground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ 'CloudSorcerer' Leverages Cloud Services in Cyber-Espionage Campaign πŸ•΅οΈβ€β™‚οΈ

The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which it is running.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 OpenAI Secrets Stolen in 2023 After Internal Forum Was Hacked 🦿

Last year, hackers breached an online forum used by OpenAI employees and stole confidential information about the firms AI systems.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation πŸ–‹οΈ

Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a Chinalinked cyber espionage group called APT40, warning about its ability to coopt exploits for newly disclosed security flaws within hours or days of public release. "APT40 has previously targeted organizations in various countries, including.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories πŸ–‹οΈ

Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a "complex and persistent" supply chain attack. "This attack stands out due to the high variability across packages," Phylum said in an analysis published last week. "The attacker has cleverly hidden the malware in the seldomused 'end' function of.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection πŸ“”

Study confirms most manufacturers with DMARC dont have it configured to most secure policy.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak πŸ“”

Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ¦… Regional Transport Office themed phishing campaign targets Android users in India πŸ¦…

Key Takeaways  Cyble Research Intelligence Labs has observed a recent surge in phishing campaigns targeting banking users in India.  Cybercriminals have shifted their focus from SMS to WhatsApp for distributing phishing messages, expanding themes from credit card rewards and KYC updates to utility bills and government schemes.  The admin panel hosted on the Command and Control server mentioned the APK support via WhatsApp, suggesting the use of MalwareasaServiceMaaS.  Recent malware strains lack launcher activities, making them stealthier as the app icon does not appear on the app drawer.  In this analysis, were investigating a new campaign impersonating the Regional Transport Office RTO. This campaign uses fake APKs to lure victims into installing malware and focu...

πŸ“– Read more.

πŸ”— Via "CYBLE"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Peloton faces lawsuit amid claims it allowed marketing firm to train AI on user chat data πŸ“’

Peloton is accused of allowing marketing firm Drift to read and process data without user consent.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Develop Valuable Security and Risk Management Skills for Just $30 Through 7/21 🦿

With cyberthreats and cyberattacks always on the rise, developing security and risk management skills could be one of the best moves for your business or career.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Nearly 10 Billion Passwords Leaked in Biggest Compilation of All Time 🦿

Nearly 10 billion passwords have been leaked on a popular hacking forum, according to Cybernews.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 The 6 Best Governance, Risk & Compliance (GRC) Tools for 2024 🦿

Compare the best governance, risk and compliance tools 2024 has to offer. Discover the best GRC solution for your business's needs.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity