πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.8K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸš€ Small but mighty: Top 5 pocket-sized gadgets to boost your ethical hacking skills πŸš€

These five formidable bits of kit that can assist cyberdefenders in spotting chinks in corporate armors and help hobbyist hackers deepen their understanding of cybersecurity.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Qilin Ransomware’s Sophisticated Tactics Unveiled By Experts πŸ“”

Qilins attack on Synnovis severely impacted key NHS hospitals in London earlier this month.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” ICO Reprimands London Council for Mass Data Breach πŸ“”

The ICO said a lack of security controls led to a largescale data breach at the London Borough of Hackney Council.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Understanding NullBulge, the New AI-Fighting 'Hacktivist' Group πŸ“”

The threat actor who claimed the recent Disney hack previously targeted AIcentric games and applications with commodity malware and ransomware.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Paris 2024 Olympics Face Escalating Cyber-Threats πŸ“”

Fortinet observed an 8090 increase in darknet activity targeting the Olympics between 2023 and 2024.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Sensitive Data Sharing Risks Heightened as GenAI Surges πŸ“”

Netskope found that 96 of organizations use generative AI applications, with sensitive data frequently shared with these tools.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Global Police Swoop on Black Axe Cybercrime Syndicate πŸ“”

Interpol claims hundreds of arrests were made as police disrupted the West African Black Axe cybercrime gang.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” CISA: Patch Critical GeoServer GeoTools Bug Now πŸ“”

CISA has told federal agencies to patch a critical GeoServer GeoTools vulnerability under active exploitation.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” MHTML Exploited By APT Group Void Banshee πŸ“”

Void Banshee targeted North American, European and Southeast Asian regions with the Atlantida stealer.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ“” Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor πŸ“”

The Iranian APT group has shifted away from using legitimate remote monitoring tools to compromise its victims.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Hacktivists Claim Leak Over 1 Terabyte of Disney Data πŸ“”

Disney unreleased projects and internal data are part of a data leak claimed by hacktivist group NullBulge.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Hacktivist Groups Target Romania Amid Geopolitical Tensions πŸ“”

CyberDragon and Cyber Army of Russia, among others, have claimed responsibility for the attacks.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Half of SMEs Unprepared for Cyber-Threats πŸ“”

JumpCloud found that half of SME IT teams believe they lack the resources and staffing to defend their organization against cyberthreats.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
🌊 Digital Operational Resilience Testing (part of DORA) – What to Expect? 🌊

A crucial infrastructure company overseeing gas storage and distribution faces a serious cybersecurity threat. So, they involve a penetration test team to assess the companys security posture. They uncovered a critical remote code execution RCE vulnerability in the companys main website connected to their Active Directory system. This vulnerability can provide attackers with unauthorized access The post Digital Operational Resilience Testing part of DORA What to Expect? appeared first on UnderDefense.

πŸ“– Read more.

πŸ”— Via "UnderDefense"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ¦… New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users πŸ¦…

Key Takeaways  Cyble Research and Intelligence Labs CRIL has uncovered a multistage cyberattack campaign with a Zip file containing a malicious shortcut .lnk file.   When the shortcut is executed, it downloads a PowerShell script, initiating a chain of events that ultimately allows the Threat Actor TA to gain Remote Desktop Protocol RDP access to the victim's system.  The infection involves various components, including PowerShell scripts, batch files, Gobased binaries, and a vulnerable driver.   Notably, the TA appears to be planning a Windows BYOVD Bring Your Own Vulnerable Driver attack, using a driver known as Terminator Spyboy.   A key aspect of this campaign is using RDPWrapper to facilitate RDP connections and Tailscale to connect to the TA's private network,...

πŸ“– Read more.

πŸ”— Via "CYBLE"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Iranian Cyber Threat Group Drops New Backdoor, 'BugSleep' πŸ•΅οΈβ€β™‚οΈ

The group which has targeted Israel, Saudi Arabia, and other nations often uses spear phishing and legitimate remote management tools but is developing a brandnew homegrown toolset.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager πŸ–‹οΈ

Cisco has released patches to address a maximumseverity security flaw impacting Smart Software Manager OnPrem Cisco SSM OnPrem that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE202420419, carries a CVSS score of 10.0. "This vulnerability is due to improper.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Meta Halts AI Use in Brazil Following Data Protection Authority's Ban πŸ–‹οΈ

Meta has suspended the use of generative artificial intelligence GenAI in Brazil after the country's data protection authority issued a preliminary ban objecting to its new privacy policy. The development was first reported by news agency Reuters. The company said it has decided to suspend the tools while it is in talks with Brazil's National Data Protection Authority ANPD to address the.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ“” UK Government Set to Introduce New Cyber Security and Resilience Bill πŸ“”

A new UK Cyber Security and Resilience Bill will update the NIS Regulations.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸͺ– Protecting Trained Models in Privacy-Preserving Federated Learning πŸͺ–

This post is part of a series on privacypreserving federated learning. The series is a collaboration between NIST and the UK governments Responsible Technology Adoption Unit RTA, previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NISTs Privacy Engineering Collaboration Space or RTAs blog . The last two posts in our series covered techniques for input privacy in privacypreserving federated learning in the context of horizontally and vertically partitioned data. To build a complete privacypreserving federated learning.

πŸ“– Read more.

πŸ”— Via "NIST"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” US Data Breach Victim Numbers Surge 1170% Annually πŸ“”

New figures reveal a massive 1170 increase in people impacted by data breaches in Q2 2024 versus a year ago.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity