🛡 Cybersecurity & Privacy 🛡 - News

@cibsecurity

Kanal geosi va tili: Butun dunyo, Inglizcha

Toifa: Texnologiyalar

🗞 The finest daily news on cybersecurity and privacy.
🔔 Daily releases.
💻 Is your online life secure?
📩 lalilolalo.dev@gmail.com

Связанные каналы | Похожие каналы

Kanal geosi va tili

Butun dunyo, Inglizcha

Toifa

Texnologiyalar

Statistika

Saralanganlar

Postlar filtri

O‘chirilganlarni yashirish

Repostlarni yashirish

🛡 Cybersecurity & Privacy 🛡 - News

9 Nov, 23:00

♟️ FBI: Spike in Hacked Police Emails, Fake Subpoenas ♟️

The Federal Bureau of Investigation FBI is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.based technology companies.

📖 Read more.

🔗 Via "Krebs on Security"

----------
👁️ Seen on @cibsecurity

FBI: Spike in Hacked Police Emails, Fake Subpoenas

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer…

623 0 4 1

🛡 Cybersecurity & Privacy 🛡 - News

9 Nov, 10:15

🖋️ Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns 🖋️

Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PANOS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PANOS management interface," the company said. "At this time, we do not know the specifics of the.

📖 Read more.

🔗 Via "The Hacker News"

----------
👁️ Seen on @cibsecurity

755 0 1

🛡 Cybersecurity & Privacy 🛡 - News

9 Nov, 09:20

🖋️ Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering 🖋️

The 36yearold founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual RussianSwedish national, pleaded guilty to charges of money laundering and operating an unlicensed moneytransmitting business earlier this March. The U.S. Department of Justice DoJ.

📖 Read more.

🔗 Via "The Hacker News"

----------
👁️ Seen on @cibsecurity

672 0 1

🛡 Cybersecurity & Privacy 🛡 - News

9 Nov, 09:20

🦿 HackerOne: Nearly Half of Security Professionals Believe AI Is Risky 🦿

The HackerPowered Security Report showed mixed feelings toward AI in the security community, with many seeing leaked training data as a threat.

📖 Read more.

🔗 Via "Tech Republic"

----------
👁️ Seen on @cibsecurity

HackerOne: Nearly Half of Security Professionals Believe AI Is Risky

The Hacker-Powered Security Report indicted that security professionals and other employees harbor mixed feelings toward AI.

546 0 4

🛡 Cybersecurity & Privacy 🛡 - News

9 Nov, 09:20

🕵️‍♂️ Preparing for DORA Amid Technical Controls Ambiguity 🕵️‍♂️

The European Union's Digital Operational Resilience Act requires financial entities to focus on thirdparty risk, resilience, and testing.

📖 Read more.

🔗 Via "Dark Reading"

----------
👁️ Seen on @cibsecurity

Preparing for DORA Amidst Technical Controls Ambiguity

The European Union's Digital Operational Resilience Act requires financial entities to focus on third-party risk, resilience and testing.

383 0 2

🛡 Cybersecurity & Privacy 🛡 - News

9 Nov, 09:20

🕵️‍♂️ Mystery Hackers Target Texas Oilfield Supplier in Ransomware Attack 🕵️‍♂️

It remains unclear how the attackers gained access to Newpark Resources' system, or what they plan to do with any stolen data the strike may have spewed out.

📖 Read more.

🔗 Via "Dark Reading"

----------
👁️ Seen on @cibsecurity

Hackers Target Texas Oilfield Supplier With Ransomware

It remains unclear how the attackers gained access to Newpark Resources' system, or what they plan to do with any stolen data the strike may have spewed out.

351 0 2

🛡 Cybersecurity & Privacy 🛡 - News

9 Nov, 09:20

🕵️‍♂️ 6 Infotainment Bugs Allow Mazdas to Be Hacked With USBs 🕵️‍♂️

Direct cyberattacks on vehicles are all but unheard of. In theory though, the opportunity is there to cause real damage data extraction, full system compromise, even gaining access to safetycritical systems.

📖 Read more.

🔗 Via "Dark Reading"

----------
👁️ Seen on @cibsecurity

6 Infotainment Bugs Allow Mazdas to Be Hacked With USBs

Direct cyberattacks on vehicles are all but unheard of. In theory though, the opportunity is there to cause real damage — data extraction, full system compromise, even gaining access to safety-critical systems.

370 0 2

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 22:01

🦅 CISA Finds Palo Alto Networks’ CVE-2024-5910 Exploited in the Wild 🦅

Overview The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday alerted federal agencies regarding active exploitation of a critical missing authentication vulnerability in Palo Alto Networks Expedition, a tool widely used by administrators for firewall migration and configuration management. This flaw, designated CVE20245910, has been actively exploited by attackers since its patch release in July, underscoring the urgency for immediate remediation. Expedition is a popular migration tool designed to assist administrators in transitioning firewall configurations from vendors such as Check Point and Cisco to Palo Altos PANOS. However, due to a missing authentication mechanism, this tool now presents a significant risk for compromised credentials and potentia...

📖 Read more.

🔗 Via "CYBLE"

----------
👁️ Seen on @cibsecurity

CISA Finds Palo Alto Networks’ CVE-2024-5910 Exploited In The Wild

The flaw is a missing authentication vulnerability that allows an attacker with network access to takeover Palo Alto Expedition’s admin account and potentially access configuration secrets, credentials, and other data.

544 0 2

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 22:01

📔 Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War 📔

South Korea warned that proRussian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine.

📖 Read more.

🔗 Via "Infosecurity Magazine"

----------
👁️ Seen on @cibsecurity

Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War

South Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine

409 0 1 2

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 22:01

🖋️ Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective 🖋️

Lets face ittraditional security training can feel as thrilling as reading the fine print on a software update. Its routine, predictable, and, lets be honest, often forgotten the moment it's over. Now, imagine cybersecurity training thats as unforgettable as your favorite show. Remember how "Hamilton" made history come alive, or how "The Office" taught us CPR Staying Alive beat, anyone??.

📖 Read more.

🔗 Via "The Hacker News"

----------
👁️ Seen on @cibsecurity

359 0 0

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 19:01

🖋️ AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services 🖋️

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internetfacing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credentialstealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a.

📖 Read more.

🔗 Via "The Hacker News"

----------
👁️ Seen on @cibsecurity

405 0 1

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 19:01

🕵️‍♂️ How Developers Drive Security Professionals Crazy 🕵️‍♂️

The journey toward a successful DevSecOps implementation is complex, requiring a strategic approach to overcome the myriad challenges it presents.

📖 Read more.

🔗 Via "Dark Reading"

----------
👁️ Seen on @cibsecurity

How Developers Drive Security Professionals Crazy

The journey toward a successful DevSecOps implementation is complex, requiring a strategic approach to overcome the myriad challenges it presents.

391 0 0 1

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 17:15

🧠 SpyAgent malware targets crypto wallets by stealing screenshots 🧠

A new Android malware strain known as SpyAgent is making the rounds and stealing screenshots as it goes. Using optical character recognition OCR technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices. Heres how to dodge the bullet. Attackers shooting their screen shot Attacks start as always The post SpyAgent malware targets crypto wallets by stealing screenshots appeared first on Security Intelligence.

📖 Read more.

🔗 Via "Security Intelligence"

----------
👁️ Seen on @cibsecurity

SpyAgent malware targets crypto wallets by stealing screenshots

SpyAgent is a new Android malware that steals screenshots to target cryptocurrency recovery phrases. Discover how it spreads and learn protective measures to safeguard your sensitive information.

434 0 1

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 16:16

🦅 Weekly ICS Vulnerability Intelligence Report: Rockwell Automation, Delta Electronics, Solar-Log 🦅

Overview Cyble Research Intelligence Labs CRIL has investigated significant ICS vulnerabilities this week, providing essential insights derived from advisories issued by the Cybersecurity and Infrastructure Security Agency CISA. This weeks report highlights multiple vulnerabilities across critical ICS products, with specific focus on those from Rockwell Automation, Delta Electronics, and SolarLog. CISA released three security advisories addressing four ICS vulnerabilities across these products, underscoring the urgent need for mitigation. Among the most notable is a CrossSite Scripting XSS flaw in SolarLog Base 15, a widely used photovoltaic energy management product, which poses heightened risks due to internetfacing deployments identified by Cybles ODIN scanner. ICS Vulne...

📖 Read more.

🔗 Via "CYBLE"

----------
👁️ Seen on @cibsecurity

Weekly ICS Vulnerability Intelligence Report: Rockwell Automation, Delta Electronics, Solar-Log

The most notable is a Cross-Site Scripting (XSS) flaw in Solar-Log Base 15, a widely used photovoltaic energy management product, which poses heightened risks due to internet-facing deployments identified by Cyble’s ODIN scanner.

369 0 0

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 16:16

📔 North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms 📔

SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multistage malware campaign which utilizes a novel persistence mechanism.

📖 Read more.

🔗 Via "Infosecurity Magazine"

----------
👁️ Seen on @cibsecurity

North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms

SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism

303 0 0

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 16:16

📔 Major Oilfield Supplier Hit by Ransomware Attack 📔

International energy solution provider Newpark Resources has confirmed it was hit by a ransomware attack that disrupted critical systems.

📖 Read more.

🔗 Via "Infosecurity Magazine"

----------
👁️ Seen on @cibsecurity

Major Oilfield Supplier Hit by Ransomware Attack

International energy solution provider Newpark Resources has confirmed it was hit by a ransomware attack that disrupted critical systems

223 0 1

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 16:16

198 0 1

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 16:16

🖋️ Malicious NPM Packages Target Roblox Users with Data-Stealing Malware 🖋️

A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with opensource stealer malware such as Skuld and BlankGrabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available.

📖 Read more.

🔗 Via "The Hacker News"

----------
👁️ Seen on @cibsecurity

198 0 2

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 16:16

🖋️ The vCISO Academy: Transforming MSPs and MSSPs into Cybersecurity Powerhouses 🖋️

Weve all heard a million times growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and mediumsized businesses SMBs are increasingly targeted by cyberattacks but often lack the resources for fulltime Chief Information Security Officers CISOs. This gap is driving the rise of the virtual CISO vCISO model, offering a costeffective.

📖 Read more.

🔗 Via "The Hacker News"

----------
👁️ Seen on @cibsecurity

253 0 2

🛡 Cybersecurity & Privacy 🛡 - News

8 Nov, 16:16

🖋️ IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools 🖋️

Highprofile entities in India have become the target of malicious campaigns orchestrated by the Pakistanbased Transparent Tribe threat actor and a previously unknown Chinanexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point.

📖 Read more.

🔗 Via "The Hacker News"

----------
👁️ Seen on @cibsecurity

209 0 2

20 ta oxirgi post ko‘rsatilgan.