Type to search
Advanced channel search

Telegram Analytics

Subscribe to stay informed about TGStat news.
img
ad

TGAlertsBot

Monitoring of keywords in channels and chats
img
ad

SearcheeBot

Your guide in the world of telegram channels
img
ad

TGStat Bot

Bot to get channel statistics without leaving Telegram
img
ad

cRyPtHoN™ INFOSEC (EN)

@cRyPtHoN_INFOSEC_EN
Channel's geo and language: World, English

Latest news of INFOSEC (EN)
1. Latest Vulnerability.
2. Latest Patch.
3. Privacy Breach.
4. Security Breach.
5. InfoSec News.
German Version 🇩🇪
@cRyPtHoN_INFOSEC_DE
France Version 🇫🇷
@cRyPtHoN_INFOSEC_FR
Italian Version 🇮🇹
@cRyPtHoN_INFOSEC_IT

Related channels  |  Similar channels
Channel's geo and language
World, English
Category
Cryptocurrencies
Statistics
Is this your channel? Confirm Channel history
Posts filter

cRyPtHoN™ INFOSEC (EN)

25 Nov, 07:53

Open in Telegram Share Report
Compromising a user’s session for exploiting the user’s data and do malicious activities or misuse user’s credentials is called ___________
Poll
  •   Session Hijacking
  •   Session Fixation
  •   Cookie stuffing
  •   Session Spying
64 votes
224 0 1 1
cRyPtHoN™ INFOSEC (EN)

25 Nov, 07:50

Open in Telegram Share Report
Seeing Through a GLASSBRIDGE: Understanding the Digital Marketing Ecosystem Spreading Pro-PRC Influence Operations

This blog post details GLASSBRIDGE—an umbrella group of four different companies that operate networks of inauthentic news sites and newswire services tracked by the Google Threat Intelligence Group (consisting of Google’s Threat Analysis Group (TAG) and Mandiant). Collectively these firms bulk-create and operate hundreds of domains that pose as independent news websites from dozens of countries, but are in fact publishing thematically similar, inauthentic content that emphasizes narratives aligned to the political interests of the People’s Republic of China (PRC).

https://cloud.google.com/blog/topics/threat-intelligence/glassbridge-pro-prc-influence-operations

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
227 0 0 2
cRyPtHoN™ INFOSEC (EN)

25 Nov, 07:47

Open in Telegram Share Report
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware

The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asyncshell.

The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis published today.

https://thehackernews.com/2024/11/apt-k-47-uses-hajj-themed-lures-to.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
191 0 0 2
cRyPtHoN™ INFOSEC (EN)

25 Nov, 07:26

Open in Telegram Share Report
Bangkok busts SMS Blaster sending 1 million scam texts from a van

The Thailand police located a van and arrested its driver for using an SMS blaster device to spam over 100,000 SMS phishing texts an hour to people living in Bangkok.

The device, which reportedly had a range of approximately three kilometers (10,000 feet), could send out messages at a rate of 100,000 every hour.

Over three days, the scammers sent almost one million SMS text messages to mobile devices in range that stated, "Your 9,268 points are about to expire! Hurry up and redeem your gift now."

https://www.bleepingcomputer.com/news/security/bangkok-busts-sms-blaster-sending-1-million-scam-texts-from-a-van/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
177 0 2 1 3
cRyPtHoN™ INFOSEC (EN)

25 Nov, 07:15

Open in Telegram Share Report
Volunteer DEF CON hackers dive into America's leaky water infrastructure

Six sites targeted for security clean-up, just 49,994 to go

A plan for hackers to help secure America's critical infrastructure has kicked off with six US water companies signing up to let coders kick the tires of their computer systems and fix any vulnerabilities.

https://www.theregister.com/2024/11/24/water_defcon_hacker/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
162 0 0 4
cRyPtHoN™ INFOSEC (EN)

25 Nov, 07:13

Open in Telegram Share Report
These alternatives to popular apps can help reclaim your online life from billionaires and surveillance

There is immense power in being in control of your own data. As ownership and governance of apps and online services consolidate, it’s understandable if you want to consider your options when it comes to where you store your private data and records of your everyday activities.

https://techcrunch.com/2024/11/24/these-alternatives-to-popular-apps-can-help-reclaim-your-online-life-from-billionaires-and-surveillance/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
166 0 9 2
cRyPtHoN™ INFOSEC (EN)

25 Nov, 07:07

Open in Telegram Share Report
A cyberattack on gambling giant IGT disrupted portions of its IT systems

A cyberattack on gambling giant IGT disrupted its systems, forcing the company to take certain services offline.

International Game Technology (IGT) detected a cyberattack on November 17, the company promptly started its incident response procedures.

https://securityaffairs.com/171311/hacking/cyberattack-on-gambling-giant-igt.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
177 0 0 3
cRyPtHoN™ INFOSEC (EN)

24 Nov, 17:05

Open in Telegram Share Report
When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
Poll
  •   Database crash attack
  •   DoS (Denial of Service) attack
  •   Data overflow Attack
  •   Buffer Overflow attack
70 votes
227 0 2 1 3
cRyPtHoN™ INFOSEC (EN)

24 Nov, 16:53

Open in Telegram Share Report
Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more!

The Proxmox Virtual Environment 8.3 enterprise virtualization solution features management tools and a user-friendly web interface, allowing you to deploy open-source solutions in clustered, highly available setups.

https://www.helpnetsecurity.com/2024/11/22/open-source-proxmox-virtual-environment-8-3-released/

https://www.proxmox.com/en/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
227 0 5 2
cRyPtHoN™ INFOSEC (EN)

24 Nov, 16:36

Open in Telegram Share Report
China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign

A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection.

"The attackers embedded malicious JavaScript in these sites, which spoofed a TLS certificate error to trick visitors into downloading a disguised security certificate," Recorded Future's Insikt Group said.

https://thehackernews.com/2024/11/china-linked-tag-112-targets-tibetan.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
223 0 1 3
cRyPtHoN™ INFOSEC (EN)

24 Nov, 16:34

Open in Telegram Share Report
Financial Software Firm Finastra Investigating Data Breach

Finastra is investigating a data breach after a hacker claimed the theft of information from an internal file-transfer application.

UK fintech giant Finastra is investigating a data breach after a hacker offered for sale on an underground forum data allegedly stolen from the company.

Roughly two weeks ago, the financial software firm notified its customers of suspicious activity on an internal file-transfer application used to exchange data with certain customers.

https://www.securityweek.com/financial-software-firm-finastra-investigating-data-breach/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
178 0 1 2
cRyPtHoN™ INFOSEC (EN)

24 Nov, 16:32

Open in Telegram Share Report
Hackers abuse Avast anti-rootkit driver to disable defenses

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components.

The malware that drops the driver is a variant of an AV Killer of no particular family. It comes with a hardcoded list of 142 names for security processes from various vendors.

Since the driver can operate at kernel level, it provides access to critical parts of the operating system and allows the malware to terminate processes.

https://www.bleepingcomputer.com/news/security/hackers-abuse-avast-anti-rootkit-driver-to-disable-defenses/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
164 0 2 2
cRyPtHoN™ INFOSEC (EN)

24 Nov, 16:10

Open in Telegram Share Report
‘Wolfs’ sequel canceled because director ‘no longer trusted’ Apple

It may be hard to remember, but George Clooney and Brad Pitt co-starred in a movie, “Wolfs,” that Apple released just two months ago.

On Friday, the film’s writer and director Jon Watts said Friday that a sequel is no longer happening; in a follow-up interview with Deadline, he explained that he “no longer trusted [Apple] as a creative partner.”

https://techcrunch.com/2024/11/23/wolfs-sequel-canceled-because-director-no-longer-trusted-apple/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
166 0 0 4
cRyPtHoN™ INFOSEC (EN)

24 Nov, 16:08

Open in Telegram Share Report
Attackers retain old scamming tricks with new twists — and consumers must stay informed to protect themselves

Gen uncovers evolving cyber threat landscape packed with AI scams and ransomware

Cybercriminals are increasingly leveraging AI technologies to enhance their attacks, experts have warned.

A report from Gen has underlined a growing need for vigilance as scammers integrate voices, images, and videos using AI.

https://www.techradar.com/pro/gen-uncovers-the-evolving-cyber-threat-landscape-with-AI-scams-and-ransomware

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
167 0 0 2
cRyPtHoN™ INFOSEC (EN)

24 Nov, 15:55

Open in Telegram Share Report
DoJ seized credit card marketplace PopeyeTools and charges its administrators

The U.S. seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime.

The US Department of Justice announced the seizure of PopeyeTools, an illegal carding platform, and charges against three administrators (Abdul Ghaffar (25), of Pakistan; Abdul Sami (35) of Pakistan; and Javed Mirza (37), of Afghanistan).

https://securityaffairs.com/171319/cyber-crime/doj-seized-credit-card-marketplace-popeyetools.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
195 0 2 2
cRyPtHoN™ INFOSEC (EN)

23 Nov, 16:51

Open in Telegram Share Report
This attack can be deployed by infusing a malicious code in a website’s comment section. What is “this” attack referred to here?
Poll
  •   SQL injection
  •   HTML Injection
  •   Cross Site Scripting (XSS)
  •   Cross Site Request Forgery (XSRF)
74 votes
252 0 2 1 3
cRyPtHoN™ INFOSEC (EN)

23 Nov, 16:49

Open in Telegram Share Report
DeliveryHero subsidiary fined $5.2 million for tracking drivers’ geolocation

Italy’s data privacy regulator on Friday announced that it has levied a €5 million ($5.2 million) fine against an Italian GPS-based food delivery service for tracking the geolocation of its drivers, including outside of working hours.

The Milan-based firm, Foodinho S.r.l., is owned by the global food service company DeliveryHero. It is accused of illegally processing the personal data of more than 35,000 drivers through its digital platform, according to a press release from the regulator, Garante per la Protezione Dei Dati Personali (GPDP).

https://therecord.media/deliveryhero-subsidiary-fined-5-million-geolocation-data

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
245 0 0 3
cRyPtHoN™ INFOSEC (EN)

23 Nov, 16:47

Open in Telegram Share Report
Cybercriminals turn to pen testers to test ransomware efficiency

Threat actors are recruiting pen testers to test and improve the reliability of their ransomware for affiliate programs, according to Cato Networks.

Any good developer knows that software needs to be tested before deploying in production environments. This is also true for ransomware gangs. They want to ensure that their ransomware can be deployed successfully against organizations.

https://www.helpnetsecurity.com/2024/11/22/pen-testers-ransomware-recruiting/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
212 0 1 2
cRyPtHoN™ INFOSEC (EN)

23 Nov, 16:40

Open in Telegram Share Report
Faux ChatGPT, Claude API Packages Deliver JarkaStealer

Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.

Two Python packages claiming to integrate with popular chatbots actually transmit an infostealer to potentially thousands of victims.

https://www.darkreading.com/application-security/faux-chatgpt-claude-api-packages-jarkastealer

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
217 0 2 2
cRyPtHoN™ INFOSEC (EN)

23 Nov, 16:38

Open in Telegram Share Report
Uruguay’s Partido Nacional Website Faces HTML Injection Vulnerability

A critical HTML injection vulnerability has been discovered on Uruguay’s Partido Nacional website, raising concerns about the security of government websites. This flaw allows attackers to inject malicious HTML code, potentially altering the website’s content, redirecting users to harmful sites, or compromising sensitive user data. The vulnerability highlights the need for more stringent input validation and enhanced security measures on government platforms to prevent exploitation by malicious actors.

https://dailydarkweb.net/uruguays-partido-nacional-website-faces-html-injection-vulnerability/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
175 0 2 2
20 last posts shown.