πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.7K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ“” Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability πŸ“”

For trusted senders, the flaw is zeroclick, but requires oneclick interactions for untrusted ones.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
β™ŸοΈ The Stark Truth Behind the Resurgence of Russia’s Fin7 β™ŸοΈ

The Russiabased cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated 3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 setting up thousands of websites mimicking a range of media and technology companies with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.

πŸ“– Read more.

πŸ”— Via "Krebs on Security"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Smishing Triad Targets India with Fraud Surge πŸ“”

Smishing Triad's MO involves registering fraudulent domain names that mimic legitimate organizations.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Microsoft's Partnership With Middle East AI Firm Under Scrutiny πŸ•΅οΈβ€β™‚οΈ

The US government worries that Group 42 Holdings, an AI firm based in the United Arab Emirates, could become a backdoor for technology leaks to China.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Fujitsu Suffers Worm-Like Attack From Something That Wasn't Ransomware πŸ•΅οΈβ€β™‚οΈ

The CE giant released its investigative findings regarding a March cyberattack that resulted in data exfiltration affecting its Japanese operations.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Peloton Takes a Spin Through Court, Thanks to AI Privacy Lawsuit πŸ•΅οΈβ€β™‚οΈ

The case alleges a thirdparty marketer for the exercise giant improperly used customer chat data to train its AI models.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months πŸ•΅οΈβ€β™‚οΈ

Likely two separate threat actors are using the justpatched CVE202438112 in targeted, concurrent infostealer campaigns.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Feds Uncover Sprawling, GenAI-Enabled Russian Troll Farm πŸ•΅οΈβ€β™‚οΈ

The bot farm was created using AIenhanced software that was able to create a host of different false personas to spread disinformation in convincing and unsettling ways.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ₯°1
🦿 Cisco Talos: Top Ransomware TTPs Exposed 🦿

Read about the new Cisco Talos report on the top ransomware groups techniques and learn how to mitigate this cybersecurity risk. Cisco Talos observed the TTPs used by 14 of the most prevalent ransomware groups based on their volume of attack, impact to customers and atypical behavior.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 AWS Summit New York 2024: Guardrails for Amazon Bedrock Gains Claude 3 Haiku and Contextual Grounding 🦿

Responsible AI Lead Diya Wynn spoke to TechRepublic about AI hallucinations and upskilling.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks πŸ–‹οΈ

Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denialofservice DDoS botnets. The vulnerability in question is CVE20244577 CVSS score 9.8, which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. It.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs πŸ–‹οΈ

GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE20246385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An issue was discovered in GitLab CEEE affecting versions 15.8 prior to 16.11.6, 17.0 prior to.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸš€ Understanding IoT security risks and how to mitigate them | Cybersecurity podcast πŸš€

As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Huione Guarantee Marketplace Exposed as Front for Cybercrime πŸ“”

Researchers at Elliptic claim multibillion dollar Huione Guarantee platform is enabler of scams and money laundering.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Train for Entry-Level or Advanced IT Positions for Just $50 🦿

Train at your own pace for valuable IT certifications to start or further your IT career with courses for absolute novices to advanced cybersecurity modules.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🌊 Customer Success Manager 🌊

The post Customer Success Manager appeared first on UnderDefense.

πŸ“– Read more.

πŸ”— Via "UnderDefense"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Cardiff-based cybersecurity firm eyes SMB market gains with latest funding boost πŸ“’

Investors said PureCyber is "flying the flag" for the burgeoning Welsh cybersecurity sector.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Streamlined Security Solutions: PAM for Small to Medium-sized Businesses πŸ–‹οΈ

Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign πŸ–‹οΈ

Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan RAT called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on antianalysis,.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Ransomware Surges Annually Despite Law Enforcement Takedowns πŸ“”

Symantec figures suggest a 9 annual increase claimed ransomware attacks.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
🌊 Sales Executive 🌊

The post Sales Executive appeared first on UnderDefense.

πŸ“– Read more.

πŸ”— Via "UnderDefense"

----------
πŸ‘οΈ Seen on @cibsecurity