📢 CISA breached a federal agency as part of its red team program — and nobody noticed for five months 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
A red team assessment performed by CISA on an unnamed federal agency found a series of critical security weaknesses.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
CISA breached a federal agency as part of its red team program — and nobody noticed for five months
A red team assessment performed by CISA on an unnamed federal agency found a series of critical security weaknesses
🕵️♂️ Kaspersky Is an Unacceptable Risk Threatening the Nation's Cyber Defense 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
As geopolitical tensions rise, foreign software presents a grave supply chain risk and an ideal attack vector for nationstate adversaries.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Kaspersky Is an Unacceptable Risk Threatening the US's Cyber Defense
As geopolitical tensions rise, foreign software presents a grave supply chain risk and an ideal attack vector for nation state adversaries.
🕵️♂️ Chinese Forced-Labor Ring Sponsors Football Clubs, Hides Behind Stealth Tech 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
An illegal gambling empire fueled by modernday slavery is being propped up by highprofile sponsorships and defended with sophisticated antidetection software.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Chinese Crime Ring Hides Behind Stealth Tech and Soccer
An illegal gambling empire fueled by modern-day slavery is being propped up by high-profile sponsorships — and defended with sophisticated anti-detection software.
🕵️♂️ Fallout From Faulty Friday CrowdStrike Update Persists 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Historic IT outage expected to spur regulatory scrutiny, soulsearching over "monoculture" of IT infrastructure and cyberattack threats.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Fallout From Faulty Friday CrowdStrike Update Persists
Historic IT outage expected to spur regulatory scrutiny, soul-searching over "monoculture" of IT infrastructure - and cyberattack threats.
🕵️♂️ Under-Resourced Maintainers Pose Risk to Africa's Open Source Push 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Many nations see open source software as a great equalizer, giving the Global South the tools necessary for sustainable development. But recent supply chain attacks highlight the need for security.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Under-Resourced Maintainers Pose Risk to Africa's Open Source Push
Many nations see open source software as a great equalizer, giving the Global South the tools necessary for sustainable development. But recent supply chain attacks highlight the need for security.
🦿 CrowdStrike Outage Disrupts Microsoft Systems Worldwide 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death. CrowdStrike said the error has been fixed.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
CrowdStrike: Buggy Validator Started Massive Outage
A bug in the Content Validator, part of CrowdStrike's deployment process, allowed an error through, the security company revealed on July 24.
🦿 Get a Lifetime Subscription of FastestVPN for just $40 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
In the market for a new VPN? The toprated FastestVPN has been reduced to just 39.99 for a lifetime subscription at TechRepublic Academy.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Price Drop: Get a Lifetime Subscription of FastestVPN for just $25
In the market for a new VPN? The top-rated FastestVPN has been reduced to just $24.97 for a lifetime subscription at TechRepublic Academy.
🦿 Surfshark vs CyberGhost (2024): Which VPN Is Better? 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Which VPN is better, Surfshark or CyberGhost? Compare these VPNs with our guide and find out which one is best for you.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Surfshark vs CyberGhost (2024): Which VPN Is Better?
Which VPN is better, Surfshark or CyberGhost? Compare these VPNs with our guide and find out which one is best for you.
🛠 I2P 2.6.0 🛠
📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
I2P is an anonymizing network, offering a simple layer that identitysensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🛠 Logwatch 7.11 🛠
📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🖋️ Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that runs the whole cybercrime supply chain spectrum to spearhead its operations. Infoblox is tracking the proprietor.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A Latin America LATAMbased financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. "Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use," Google.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ How to Set up an Automated SMS Analysis Service with AI in Tines 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organizations security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have already.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, Your First 100 Days as a vCISO 5 Steps to Success, which covers all the phases entailed in launching a successful vCISO engagement, along with recommended.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ SocGholish Malware Exploits BOINC Project for Covert Cyberattacks 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The JavaScript downloader malware known as SocGholish aka FakeUpdates is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate opensource project called BOINC. BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an opensource "volunteer computing" platform maintained by the University of California with an aim to carry out "largescale.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ New Linux Variant of Play Ransomware Targeting VMware ESXi Systems 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play aka Balloonfly and PlayCrypt that's designed to target VMware ESXi environments. "This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations," Trend Micro researchers said in a.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🚀 How adware exposed victims to kernel-level threats – Week in Security with Tony Anscombe 🚀
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
A purported ad blocker marketed as a security solution hides kernellevel malware that inadvertently exposes victims to even more dangerous threats.📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Welivesecurity
How a legitimate and signed driver left the doors open to threats – Week in Security with Tony Anscombe
The HotPage adware discovered by ESET Research makes a case for how certificate abuse can lead to privileged threat access.
📔 Play Ransomware Expands to Target VMWare ESXi Environments 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Trend Micro also revealed a connection between the Play ransomware group and the threat actor Prolific Puma.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Play Ransomware Expands to Target VMWare ESXi Environments
Trend Micro also revealed a connection between the Play ransomware group and the threat actor Prolific Puma
📔 Ransomware Groups Fragment Amid Rising Cybercrime Threats 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Europol also said that multilayered extortion tactics in ransomware are becoming more common.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Groups Fragment Amid Rising Cybercrime Threats
Europol also said that multi-layered extortion tactics in ransomware are becoming more common
📔 Cybercriminals Exploit CrowdStrike Outage Chaos 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Cybercriminals have launched phishing campaigns purporting to support organizations impacted by the global IT outage, caused by a CrowdStrike Falcon issue.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Cybercriminals Exploit CrowdStrike Outage Chaos
Cybercriminals have launched phishing campaigns purporting to support organizations impacted by the global IT outage, caused by a CrowdStrike Falcon issue
📔 Two Russians Convicted for Role in LockBit Attacks 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Two Russian nationals have pleaded guilty to charges relating to their participation in the LockBit ransomware gang.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Two Russians Convicted for Role in LockBit Attacks
Two Russian nationals have pleaded guilty to charges relating to their participation in the LockBit ransomware gang