Введите текст для поиска
Расширенный поиск каналов

cRyPtHoN™ INFOSEC (EN)

@cRyPtHoN_INFOSEC_EN
Гео и язык канала: Весь мир, Английский
Категория: Криптовалюты

Latest news of INFOSEC (EN)
1. Latest Vulnerability.
2. Latest Patch.
3. Privacy Breach.
4. Security Breach.
5. InfoSec News.
German Version 🇩🇪
@cRyPtHoN_INFOSEC_DE
France Version 🇫🇷
@cRyPtHoN_INFOSEC_FR
Italian Version 🇮🇹
@cRyPtHoN_INFOSEC_IT

Связанные каналы  |  Похожие каналы
Гео и язык канала
Весь мир, Английский
Категория
Криптовалюты
Статистика
Это ваш канал? Подтвердить Канал в реестре блогеров РКН? Подтвердить История канала
Фильтр публикаций

cRyPtHoN™ INFOSEC (EN)

4 Jan, 15:08

Открыть в Telegram Поделиться Пожаловаться
DES stands for ________________
Опрос
  •   Data Encryption Security
  •   Data Encrypted Standard
  •   Device Encryption Standard
  •   Data Encryption Standard
56 голосов
146 0 0 1 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 15:03

Открыть в Telegram Поделиться Пожаловаться
SysBumps: Breaking Kernel Address Space Layout Randomization on macOS for Apple Silicon

In a recent study, researchers from Korea University have unveiled “SysBumps,” the first successful Kernel Address Space Layout Randomization (KASLR) break attack targeting macOS systems running on Apple Silicon processors. The findings, presented at CCS ’24, highlight vulnerabilities in speculative execution that expose critical kernel memory addresses, posing significant risks to macOS users.

https://securityonline.info/sysbumps-breaking-kernel-address-space-layout-randomization-on-macos-for-apple-silicon/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
144 0 0 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 15:01

Открыть в Telegram Поделиться Пожаловаться
Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability

Proof-of-concept (PoC) code was published for CVE-2024-49113, a denial-of-service (DoS) vulnerability in Windows LDAP.

SafeBreach has published proof-of-concept (PoC) exploit code targeting a recently resolved denial-of-service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP).

https://www.securityweek.com/exploit-code-published-for-potentially-dangerous-windows-ldap-vulnerability/

https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49113/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
117 0 0 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:59

Открыть в Telegram Поделиться Пожаловаться
Brooklyn Art Library Data Breach Raises Concerns Over User Privacy

A recent data breach involving the Brooklyn Art Library’s Sketchbook Project database has reportedly exposed sensitive information from approximately 2,000 records. This incident highlights significant concerns about data security and user privacy within the arts and cultural sector.

https://dailydarkweb.net/brooklyn-art-library-data-breach-raises-concerns-over-user-privacy/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
102 0 1 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:58

Открыть в Telegram Поделиться Пожаловаться
Bad Tenable plugin updates take down Nessus agents worldwide

Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates.

As the cybersecurity company acknowledged in an incident report issued after pausing plugin updates to prevent the issue from impacting even more systems, the agents went offline "for certain users on all sites."

https://www.bleepingcomputer.com/news/security/bad-tenable-plugin-updates-take-down-nessus-agents-worldwide/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
101 0 0 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:57

Открыть в Telegram Поделиться Пожаловаться
Honey co-founder's Pie Adblock called out for copying GPL'd uBlock Origin files

And, magically, a repo appears on GitHub with attribution

Closed-source browser extension Pie Adblock was this week accused of copying code and text from rival uBlock Origin in violation of the latter's software license – the GNU GPL version 3.

Since that claim was made and The Register inquired about the matter, Pie Adblock's maker published materials in the past few hours that are at the heart of the extension and clearly come from uBlock Origin as well as Adguard, another competitor.

https://www.theregister.com/2025/01/04/pie_adblock_ublock_origin_code/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
100 0 2 2
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:53

Открыть в Telegram Поделиться Пожаловаться
U.S. sanctions take aim at Chinese company said to aid hackers’ massive botnet

A joint takedown operation last year sought to disrupt Flax Typhoon’s compromise of hundreds of thousands of devices.

The U.S. government on Friday sanctioned a Chinese company that Western nations had connected to a Beijing-sponsored hacking group’s botnet, which had compromised hundreds of thousands of devices before a joint takedown operation last year.

https://cyberscoop.com/treasury-sanctions-chinese-company-flax-typhoon/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
101 0 0 2
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:52

Открыть в Telegram Поделиться Пожаловаться
Online gift card store exposed hundreds of thousands of people’s identity documents

A U.S. online gift card store has secured an online storage server that was publicly exposing hundreds of thousands of customer government-issued identity documents to the internet.

A security researcher, who goes by the online handle JayeLTee, found the publicly exposed storage server late last year containing driving licenses, passports, and other identity documents belonging to MyGiftCardSupply, a company that sells digital gift cards for customers to redeem at popular brands and online services.

https://techcrunch.com/2025/01/03/online-gift-card-store-exposed-hundreds-of-thousands-of-peoples-identity-documents/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
103 0 2 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:49

Открыть в Telegram Поделиться Пожаловаться
Richmond University Medical Center Reveals Massive Data Breach Affecting Hundreds of Thousands

Richmond University Medical Center (RUMC) in Staten Island, New York, has disclosed a significant data breach that potentially compromised the personal and sensitive information of 674,033 individuals. The cybersecurity incident occurred on May 6, 2023, and was discovered during an internal investigation completed on December 1, 2024.

https://thesecmaster.com/blog/richmond-university-medical-center-reveals-massive-data-breach-affecting-hundreds

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
106 0 0 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:47

Открыть в Telegram Поделиться Пожаловаться
Inside FireScam : An Information Stealer with Spyware Capabilities

Executive Summary

At CYFIRMA, we are dedicated to providing current insights into prevalent threats and the strategies employed by malicious entities targeting both organizations and individuals. This report explores the mechanics of FireScam, a sophisticated Android malware masquerading as a Telegram Premium app. Through in-depth analysis, we aim to shed light on its distribution methods, operational features, and the broader implications of its malicious activities. The findings highlight the malware’s capabilities and the critical need for robust security measures to counteract such threats.

https://www.cyfirma.com/research/inside-firescam-an-information-stealer-with-spyware-capabilities/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
113 0 1 1
cRyPtHoN™ INFOSEC (EN)

4 Jan, 14:45

Открыть в Telegram Поделиться Пожаловаться
India Releases Draft Data Protection Rules for Public Consultation

The Indian government seeks public input on draft rules poised to reshape data privacy and corporate accountability.

In a major development to strengthen digital privacy, India has released draft data protection rules under the Digital Personal Data Protection Act, 2023, for public consultation. Open until February 18, these rules aim to establish clear and enforceable guidelines for handling personal data by entities operating within the country.

https://thecyberexpress.com/india-releases-draft-data-protection-rules/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
124 0 0 1
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:50

Открыть в Telegram Поделиться Пожаловаться
Data Encryption Standard is implemented using the Feistel Cipher which employs 16 round of Feistel structure.
Опрос
  •   DES
  •   IDEA
  •   Caesar cipher
  •   Twofish
61 голосов
228 0 0 1 1
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:48

Открыть в Telegram Поделиться Пожаловаться
Hackers target dozens of VPN and AI extensions for Google Chrome to compromise data

Cybersecurity researchers have uncovered dozens of attacks that involve malicious updates for Chrome browser extensions, one week after a security firm was compromised in a similar incident.

As of Wednesday, a total of 36 Chrome extensions injected with data-stealing code have been detected, mostly related to artificial intelligence (AI) tools and virtual private networks (VPNs), according to a report by ExtensionTotal, a platform that analyzes extensions listed on various marketplaces and public registries.

https://therecord.media/hackers-target-vpn-ai-extensions-google-chrome-malicious-updates

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
240 0 1 1
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:47

Открыть в Telegram Поделиться Пожаловаться
Every minute, 4,080 records are compromised in data breaches

A recent Domo report shows that the world’s internet population has reached a record high of 5.52 billion people and uncovers signs that AI may be unseating digital juggernauts as it brings in new forms of engagement.

“The phenomenal acceleration of generative AI over the past two years has dominated the digital conversation, and this year’s Data Never Sleeps report shows how we’ve reached a new tipping point – AI is primed to dethrone competitive mainstays of the internet era,“ said Josh James, CEO of Domo.

https://www.helpnetsecurity.com/2025/01/03/digital-activity-2024/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
182 0 0 1
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:43

Открыть в Telegram Поделиться Пожаловаться
Apple to Pay $95 Million to Settle Lawsuit Accusing Siri of Snoopy Eavesdropping

Apple isn’t acknowledging any wrongdoing in the settlement, which must be approved by a Judge and represents a sliver of the $705 billion in profits that Apple has pocketed since September 2014.

Apple has agreed to pay $95 million to settle a lawsuit accusing the privacy-minded company of deploying its virtual assistant Siri to eavesdrop on people using its iPhone and other trendy devices.

https://www.securityweek.com/apple-to-pay-95-million-to-settle-lawsuit-accusing-siri-of-snoopy-eavesdropping/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
167 0 2 2
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:41

Открыть в Telegram Поделиться Пожаловаться
CIRCA Jewelry and Watch Platform Data Breach Raises Privacy Concerns

A reported data breach has allegedly compromised sensitive information from the CIRCA Jewelry and Watch platform, affecting 145,000 users. Among the leaked data are 11,000 Know Your Customer (KYC) documents, which include personal identification details. This exposure highlights significant vulnerabilities in the platform’s data security measures.

https://dailydarkweb.net/circa-jewelry-and-watch-platform-data-breach-raises-privacy-concerns/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
136 0 0 1
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:40

Открыть в Telegram Поделиться Пожаловаться
New DoubleClickjacking attack exploits double-clicks to hijack accounts

A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing existing protections against these types of attacks.

Clickjacking, also known as UI redressing, is when threat actors create malicious web pages that trick visitors into clicking on hidden or disguised webpage elements.

https://www.bleepingcomputer.com/news/security/new-doubleclickjacking-attack-exploits-double-clicks-to-hijack-accounts/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
142 0 2 1
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:36

Открыть в Telegram Поделиться Пожаловаться
Cloudflare’s VPN app among half-dozen pulled from Indian app stores

More than half-a-dozen VPN apps, including Cloudflare’s widely-used 1.1.1.1, have been pulled from India’s Apple App Store and Google Play Store following intervention from government authorities, TechCrunch has learned.

https://techcrunch.com/2025/01/02/cloudflares-vpn-app-among-half-dozen-pulled-from-indian-app-stores/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
212 0 2 2
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:33

Открыть в Telegram Поделиться Пожаловаться
An alleged 7-Zip zero-day is actually an AI hoax

Swift rebuttal from creator seems hard to contradict

As a New Years Day gift, a Twitter user had posted details of a zero-day exploit in popular file compression software 7-Zip - but its creator, Igor Pavlov, swiftly debunked it as an AI hoax.

“The common conclusion is that this fake exploit code from Twitter was generated by LLM (AI),” he began in comments on software repository Sourceforge.net (via Tom’s Hardware).

https://www.techradar.com/pro/security/an-alleged-7-zip-zero-day-is-actually-an-ai-hoax

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
149 0 0 3
cRyPtHoN™ INFOSEC (EN)

3 Jan, 13:09

Открыть в Telegram Поделиться Пожаловаться
Terraform Labs Co-Founder Kwon Faces U.S. Court Over $40 Billion Fraud Scheme

Do Hyeong Kwon, the co-founder and former CEO of Terraform Labs, was extradited from Montenegro and appeared in federal court in Manhattan, where he faced charges related to widespread fraud that led to the collapse of Terraform’s cryptocurrencies, resulting in billions in losses for investors. The cryptocurrency case, which has drawn international attention, centers around Kwon’s alleged manipulation of digital assets and his efforts to cover up the scale of his fraudulent activities.

https://thecyberexpress.com/do-kwon-extradited-for-cryptocurrency-fraud/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
190 0 0 2
Показано 20 последних публикаций.