Type to search
Advanced channel search

SearcheeBot

Your guide in the world of telegram channels
img
ad

TGAlertsBot

Monitoring of keywords in channels and chats
img
ad

Telegram Analytics

Subscribe to stay informed about TGStat news.
img
ad

TGStat Bot

Bot to get channel statistics without leaving Telegram
img
ad

cRyPtHoN™ INFOSEC (EN)

@cRyPtHoN_INFOSEC_EN
Channel's geo and language: World, English

Latest news of INFOSEC (EN)
1. Latest Vulnerability.
2. Latest Patch.
3. Privacy Breach.
4. Security Breach.
5. InfoSec News.
German Version 🇩🇪
@cRyPtHoN_INFOSEC_DE
France Version 🇫🇷
@cRyPtHoN_INFOSEC_FR
Italian Version 🇮🇹
@cRyPtHoN_INFOSEC_IT

Related channels  |  Similar channels
Channel's geo and language
World, English
Category
Cryptocurrencies
Statistics
Is this your channel? Confirm Channel history
Posts filter

cRyPtHoN™ INFOSEC (EN)

22 Nov, 08:16

Open in Telegram Share Report
Forward from: cRyPtHoN™ INFOSEC (FR)
Bonjour,

notre canal cherche des rédacteurs pour renforcer l'équipe.

Si cela vous tente, écrivez au propriétaire du canal, présentez vous brièvement et dites ce que vous pouvez apporter au canal.

En anglais ou en allemand, svp.

Merci !
162 0 0 3
cRyPtHoN™ INFOSEC (EN)

22 Nov, 08:12

Open in Telegram Share Report
XSS is abbreviated as __________
Poll
  •   Extreme Secure Scripting
  •   Cross Site Security
  •   X Site Scripting
  •   Cross Site Scripting
4 votes
149 0 0 1 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 08:09

Open in Telegram Share Report
Gambling and lottery giant disrupted by cyberattack, working to bring systems back online

One of the largest gambling companies in the U.S. said a cyberattack last week caused massive disruptions to their operations, forcing them to take some systems offline.

International Game Technology (IGT) notified the U.S. Securities and Exchange Commission on Tuesday that it became aware of the cyberattack when it “experienced disruptions in portions of its internal information technology systems and applications” on Sunday.

https://therecord.media/gambling-lottery-giant-hit-with-disruptive-cyberattack

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
143 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 08:07

Open in Telegram Share Report
Active network of North Korean IT front companies exposed

An analysis of the websites belonging to companies that served as a front for getting North Korean IT workers remote jobs with businesses worldwide has revealed an active network of such companies originating in China.

https://www.helpnetsecurity.com/2024/11/21/north-korean-it-front-companies/

https://www.sentinelone.com/blog/pinnacleone-execbrief-north-korean-it-worker-threat/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
114 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 08:05

Open in Telegram Share Report
CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses, PoC Published

A newly discovered vulnerability in popular remote desktop software AnyDesk could allow attackers to uncover users’ IP addresses, posing significant privacy risks. Security researcher Ebrahim Shafiei identified the flaw (CVE-2024-52940) in AnyDesk’s “Allow Direct Connections” feature on Windows systems.

https://securityonline.info/cve-2024-52940-anydesk-vulnerability-exposes-user-ip-addresses-poc-published/

https://github.com/ebrasha/abdal-anydesk-remote-ip-detector

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
109 0 2 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 08:01

Open in Telegram Share Report
Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

New research has uncovered more than 145,000 internet-exposed Industrial Control Systems (ICS) across 175 countries, with the U.S. alone accounting for over one-third of the total exposures.

The analysis, which comes from attack surface management company Censys, found that 38% of the devices are located in North America, 35.4% in Europe, 22.9% in Asia, 1.7% in Oceania, 1.2% in South America, and 0.5% in Africa.

https://thehackernews.com/2024/11/over-145000-industrial-control-systems.html

https://censys.com/research-report-internet-connected-industrial-control-systems-part-one/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
90 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 08:00

Open in Telegram Share Report
NTLM Privilege Escalation: The Unpatched Microsoft Vulnerabilities No One is Talking About

NTLM is like that stubborn relic of the past that just won’t go away – a decades-old authentication protocol, seemingly deprecated but still lurking in the shadows of every Windows environment.

Despite years of efforts to replace it with more secure alternatives like Kerberos, NTLM remains a critical fallback mechanism that Microsoft cannot fully deprecate. Why?

https://blog.morphisec.com/5-ntlm-vulnerabilities-unpatched-privilege-escalation-threats-in-microsoft

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
94 0 1 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:58

Open in Telegram Share Report
Dozens of Central Asian targets hit in recent Russia-linked cyber-espionage campaign

Researchers have identified an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware.

The attacks have been attributed to a threat actor tracked as TAG-110. According to a report by Recorded Future’s Insikt Group, this actor is likely linked to the Russian cyber-espionage group BlueDelta, also known as APT28 or Fancy Bear. The Record is an editorially independent unit of Recorded Future.

https://therecord.media/central-asia-cyber-espionage-tag-110-russia

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
84 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:57

Open in Telegram Share Report
Massive B2B Database Leak Exposes 420,000 U.S. Companies

A significant data breach has exposed a database containing business-to-business (B2B) information on over 420,000 companies in the United States. The leaked records reportedly include sensitive corporate details such as company names, contact information, and other operational data. This incident raises serious concerns about the misuse of business information, potentially enabling phishing attacks, corporate fraud, or unauthorized marketing activities targeting the affected firms.

https://dailydarkweb.net/massive-b2b-database-leak-exposes-420000-u-s-companies/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
83 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:56

Open in Telegram Share Report
Thai Court Dismisses Activist’s Suit Against Israeli Spyware Producer Over Lack of Evidence

A Thai court dismissed a lawsuit brought by Jatupat Boonpattararaksa which alleged spyware made by NSO Group was used to hack his phone

A Thai court on Thursday threw out a lawsuit brought by a pro-democracy activist which alleged spyware produced by an Israeli tech firm had been used to hack his phone.

The Civil Court in Bangkok said Jatupat Boonpattararaksa had failed to show sufficient proof that his phone was infected with Pegasus spyware produced by NSO Group Technologies.

https://www.securityweek.com/thai-court-dismisses-activists-suit-against-israeli-spyware-producer-over-lack-of-evidence/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
86 0 0 3
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:25

Open in Telegram Share Report
Database Leak Exposes Information on 180,000 Chinese-American WeChat Users

A database containing sensitive information on 180,000 Chinese-American WeChat users has reportedly been leaked online. The compromised data may include personal details and potentially communication records, raising concerns about privacy violations and the risk of misuse for surveillance or fraudulent activities. Such leaks can lead to identity theft, targeted scams, or other forms of exploitation, highlighting the vulnerabilities in data handling practices on popular messaging platforms.

https://dailydarkweb.net/database-leak-exposes-information-on-180000-chinese-american-wechat-users/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
96 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:23

Open in Telegram Share Report
Windows 11 KB5046740 update released with 14 changes and fixes

Microsoft has released the November 2024 preview cumulative update for Windows 11 24H2, with 14 improvements and fixes for multiple issues, including some affecting File Explorer, the Clipboard history, and secondary displays.

The KB5046740 update is part of Microsoft's optional non-security preview updates schedule, pushed out on the fourth week of every month to help Windows admins test bug fixes, new features, and improvements that will roll out to all customers with next month's Patch Tuesday release.

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5046740-update-released-with-14-changes-and-fixes/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
95 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:21

Open in Telegram Share Report
Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine

ESET researchers analyzed previously unknown Linux backdoors that are connected to known Windows malware used by the China-aligned Gelsemium group, and to Project Wood

ESET researchers have identified multiple samples of Linux backdoor, which we have named WolfsBane, that we attribute with high confidence to the Gelsemium advanced persistent threat (APT) group. This China-aligned threat actor has a known history dating back to 2014 and until now, there have been no public reports of Gelsemium using Linux malware. Additionally, we discovered another Linux backdoor, which we named FireWood.

https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
97 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:18

Open in Telegram Share Report
Here's what happens if you don't layer network security – or remove unused web shells

TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated

The US Cybersecurity and Infrastructure Agency often breaks into critical organizations' networks – with their permission, of course – to simulate real-world cyber attacks and thereby help improve their security. In one of those recent exercises conducted at a critical infrastructure provider, the Agency exploited a web shell left behind from an earlier bug bounty program, scooped up a bunch of credentials and security keys, moved through the network and ultimately pwned the org's domain and several sensitive business system targets.

https://www.theregister.com/2024/11/22/cisa_red_team_exercise/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
102 0 2 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:16

Open in Telegram Share Report
A new ‘ultra-secure’ phone carrier says it can make you harder to track

A new cell phone carrier is launching with an interesting pitch: it says it will offer secure cell service that limits how much personal data users give up, as reported earlier by 404 Media. The service, called Cape, is geared toward “high-risk” individuals like politicians, journalists, activists, and others.

https://www.msn.com/en-us/money/other/a-new-ultra-secure-phone-carrier-says-it-can-make-you-harder-to-track/ar-AA1uvY1n

https://www.404media.co/i-dont-own-a-cellphone-can-this-privacy-focused-network-change-that/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
101 0 5 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:09

Open in Telegram Share Report
Hackers break into Andrew Tate’s online ‘university,’ steal user data and flood chats with emojis

Hackers have breached an online course founded by ostensible influencer and self-described misogynist Andrew Tate, leaking data on close to 800,000 users, including thousands of email addresses and private user chat logs.

https://techcrunch.com/2024/11/21/hackers-break-into-andrew-tates-online-university-steal-user-data-and-flood-chats-with-emojis/

https://www.dailydot.com/debug/andrew-tate-the-real-world-hack/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
173 0 1 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:07

Open in Telegram Share Report
This devious malware is targeting Facebook accounts to steal credit card data

Python NodeStealer upgraded with dangerous new features

Python NodeStealer, an infamous infostealer that targeted Facebook Business accounts, has been upgraded with new and dangerous features to make it capable of targeting Facebook Ads Manager accounts as well, steal more data, and thus open the gateway to more destructive malware campaigns.

https://www.techradar.com/pro/security/this-devious-malware-is-targeting-facebook-accounts-to-steal-credit-card-data

https://www.netskope.com/blog/python-nodestealer-targets-facebook-ads-manager-with-new-techniques

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
113 0 1 4
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:04

Open in Telegram Share Report
USDA’s FIDO Rollout: A Case Study in Phishing-Resistant MFA

Credential phishing remains a leading attack vector, with legacy MFA often failing to protect against bypass attempts.

Credential phishing remains a formidable threat to organizations worldwide, with malicious actors often relying on tricking individuals into voluntarily revealing sensitive login information. Recent years have seen a surge in Multi-Factor Authentication (MFA) bypass attacks, where threat actors exploit weaknesses in outdated MFA methods like SMS codes, authenticator apps, and push notifications. These methods, while better than no MFA, are increasingly vulnerable to modern threats.

https://thecyberexpress.com/phishing-resistant-mfa/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
108 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:02

Open in Telegram Share Report
Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns.

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office.

https://securityaffairs.com/171257/data-breach/mexico-suffers-ransomware-attack.html

https://apnews.com/article/mexico-president-hacking-attack-ransomhub-ransomware-a97fa044850ba05f574f71d2af3d67c8

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
110 0 0 2
cRyPtHoN™ INFOSEC (EN)

22 Nov, 07:00

Open in Telegram Share Report
Microsoft accused of Malware-like Bing Wallpaper app

Microsoft released the official Bing Wallpaper application on the Microsoft Store this week. The app was available as a standalone download previously only.

It is a basic app that changes the wallpaper of the Windows desktop to a new image each day and helps users find out more about the images. The store app, in fact, is a Win32 application.

Turns out, the app has a darker side.

https://www.ghacks.net/2024/11/21/microsoft-accused-of-malware-like-bing-wallpaper-app/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
124 0 1 3
20 last posts shown.