πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.8K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ–‹οΈ Google Abandons Plan to Phase Out Third-Party Cookies in Chrome πŸ–‹οΈ

Google on Monday abandoned plans to phase out thirdparty tracking cookies in its Chrome web browser more than four years after it introduced the option as part of a larger set of a controversial proposal called the Privacy Sandbox. "Instead of deprecating thirdparty cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘2
πŸ•΅οΈβ€β™‚οΈ Novel ICS Malware Sabotaged Water-Heating Services in Ukraine πŸ•΅οΈβ€β™‚οΈ

Newly discovered "FrostyGoop" is the first ICS malware that can communicate directly with operational technology systems via the Modbus protocol.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ“” Prolific DDoS Marketplace Shut Down by UK Law Enforcement πŸ“”

The UKs National Crime Agency has infiltrated the DigitalStress marketplace, which offers DDoS capabilities.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ¦… Philips Discloses Multiple VUE PACS Vulnerabilities: Healthcare Sector Walking on Thin Ice πŸ¦…

Internet Exposed VUE PACS a Storm Brewing in Hindsight On July 18, 2024, Philips issued a security advisory addressing vulnerabilities within Philips Vue Picture Archiving and Communication System PACS versions prior to 12.2.8.410.   The Philips Vue PACS is a sophisticated medical imaging solution used to manage, store, and transmit digital medical images and reports. Primarily employed in hospitals, diagnostic imaging centers, and other healthcare facilities, this system facilitates the storage and retrieval of images from multiple modalities such as Xrays, MRI, CT scans, and ultrasound. The PACS integrates with Electronic Medical Records EMR and Radiology Information Systems RIS, allowing healthcare professionals to access and share patient images and reports seamlessly, improvi...

πŸ“– Read more.

πŸ”— Via "CYBLE"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Hackers are creating fake CrowdStrike recovery resources to trick businesses into loading malware onto their network πŸ“’

Businesses urged to exercise caution and look out for the file named result.txt in TMP that could indicate a Daolpu infection.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Hiring Kit: Security Architect 🦿

Developing and implementing both preventive security protocols and effective response plans is complicated and requires a security architect with a clear vision. This customizable hiring kit, written by Mark W. Kaelin for TechRepublic Premium, provides a framework you can use to find the best candidate for your organization. The kit includes salary details, a job ...

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ How to Securely Onboard New Employees Without Sharing Temporary Passwords πŸ–‹οΈ

The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice of sharing temporary firstday passwords, which can expose organizations to security risks. Traditionally, IT departments have been cornered into either sharing passwords in plain text via email or SMS, or arranging inperson meetings to verbally communicate these.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files πŸ–‹οΈ

Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information. The sneaky technique, observed by Sucuri on a Magento ecommerce site's checkout page, allowed the malware to survive multiple cleanup attempts, the company said. The skimmer is designed to capture all the data into the credit card form on the.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model πŸ–‹οΈ

Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising model or riskfacing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation CPC Network has notified the social media giant of the model adopted on Facebook and Instagram of potentially violating.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware πŸ–‹οΈ

The Computer Emergency Response Team of Ukraine CERTUA has alerted of a spearphishing campaign targeting a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY. The agency attributed the attack to a threat actor it tracks under the name UAC0063, which was previously observed targeting various government entities to gather sensitive information using.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ NCA takes down world’s most prolific DDoS-for-hire website πŸ“’

A joint operation led by the National Crime Agency to infiltrate the Digitalstress.su criminal marketplace and take control of its infrastructure and domains.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffs πŸ•΅οΈβ€β™‚οΈ

Here's a dose of reality from those on the frontlines and how they're coping.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Bitwarden vs Dashlane (2024): Which Password Manager Is Best? 🦿

Bitwardens affordability and extensive MFA options give it the slight edge over Dashlanes uberpolished password management experience. Read more below.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Price Drop: Get on CompTIA Certification Track With These $25 Study Guides 🦿

Kickstart a lucrative career in IT with this extensive bundle that includes 10 study guides on CompTIA and more of today's leading IT certifications.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ–‹οΈ Chinese Hackers Target Taiwan and US NGO with MgBot Malware πŸ–‹οΈ

Organizations in Taiwan and a U.S. nongovernmental organization NGO based in China have been targeted by a Beijingaffiliated statesponsored hacking group called Daggerfly using an upgraded set of malware tools. The campaign is a sign that the group "also engages in internal espionage," Symantec's Threat Hunter Team, part of Broadcom, said in a new report published today. "In the attack on.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Wanted: A SBOM Standard to Rule Them All πŸ•΅οΈβ€β™‚οΈ

A unified standard is essential for realizing the full potential of SBOMs in enhancing software supply chain security.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ›  tc Tor Chat Client July 2024 Release πŸ› 

tc is a lowtech free software to chat anonymously and ciphered over Tor circuits in PGP. Use it to protected your communication endtoend with RSADSA encryption and keep yourself anonymously reachable by anyone who only knows your .onion address and your public key. All this and more in 3278 lines of C code that compile and run on BSD and Linux systems with an IRC like GUI. As this is a rolling release and does not have an official build yet, the prior version on Packet Storm was replaced with this updated code base.

πŸ“– Read more.

πŸ”— Via "Packet Storm - Tools"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Chinese Hackers Target Taiwan and US NGO with MgBot Malware πŸ–‹οΈ

Organizations in Taiwan and a U.S. nongovernmental organization NGO based in China have been targeted by a Beijingaffiliated statesponsored hacking group called Daggerfly using an upgraded set of malware tools. The campaign is a sign that the group "also engages in internal espionage," Symantec's Threat Hunter Team, part of Broadcom, said in a new report published today. "In the attack on.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure πŸ–‹οΈ

Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems ICSfocused malware that has been used in a disruptive cyber attack targeting an energy company in the Ukrainian city of Lviv earlier this January. Industrial cybersecurity firm Dragos has dubbed the malware FrostyGoop, describing it as the first malware strain to directly use Modbus TCP.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Chinese Espionage Group Upgrades Malware Arsenal to Target All Major OS πŸ“”

Symantec said Chinese espionage group Daggerfly has updated its malware toolkit as it looks to target Windows, Linux, macOS and Android operating systems.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Russia Shifts Cyber Focus to Battlefield Intelligence in Ukraine πŸ“”

A new report published by RUSI highlighted how Russias intelligence services have adapted their cybersecurity strategy to the demands of a long war in Ukraine.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity