From bleepingcomputer.com
Oracle privately confirms Cloud breach to customers
10 10
Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017.
#infosec #security #cybersecurite #cybersecurity #oracle
17h ago
From arstechnica.com
Google unveils end-to-end messages for Gmail. Only thing is: It’s not true E2EE.
9 9
Yes, encryption/decryption occurs on end-user devices, but there’s a catch.
#biz #opsec #privacy #enterprise #signalgate #chatcontrol #bookmarkshare #securitytheatre #security #e2ee
11h ago
From bleepingcomputer.com
LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks
9 9
Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.
#cysec #litespeed #wordpress #prattohome #cybersecurity #infosec #BleepingComputer #security
on Sep 5
From bleepingcomputer.com
Russian military hackers linked to critical infrastructure attacks
8 8
The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).
#cysec #infosec #StopPutin #sendthef16s #ArmUkraineNow #BleepingComputer #security
on Sep 5
From bleepingcomputer.com
Musician charged with $10M streaming royalties fraud using AI and bots
8 10
North Carolina musician Michael Smith was indicted for collecting over $10 million in royalty payments from Spotify, Amazon Music, Apple Music, and YouTube Music using AI-generated songs streamed by thousands of bots in a massive streaming fraud scheme.
#security #artificialintelligence
on Sep 5
From bleepingcomputer.com
Texas State Bar warns of data breach after INC ransomware claims attack
7 7
The State Bar of Texas is warning it suffered a data breach after the INC ransomware gang claimed to have breached the organization and began leaking samples of stolen data.
17h ago
From bleepingcomputer.com
New Windows 11 trick lets you bypass Microsoft Account requirement
7 12
A previously unknown trick lets you easily bypass using a Microsoft Account in Windows 11, just as Microsoft tries to make it harder to use local accounts.
#mac #linux #virus #ngated #malware #spyware #support #security #computers #techhumor
on Wed, 12AM
From bleepingcomputer.com
Microsoft removes revenge porn from Bing search using new tool
7 7
Microsoft announced today that it has partnered with StopNCII to proactively remove harmful intimate images and videos from Bing using digital hashes people create from their sensitive media.
#cysec #infosec #prattohome #security #Technology #BleepingComputer #artificialintelligence
on Sep 5
From bleepingcomputer.com
CISA warns of Fast Flux DNS evasion used by cybercrime gangs
6 6
CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs.
13h ago
From bleepingcomputer.com
Genetic data site openSNP to close and delete data over privacy concerns
6 10
The openSNP project, a platform for sharing genetic and phenotypic data, will shut down on April 30, 2025, and delete all user submissions over privacy concerns and the risk of misuse by authoritarian governments.
#news #genetic #opensnp #privacy #genomics #security
17h ago
From microsoft.com
Analyzing open-source bootloaders: Finding vulnerabilities faster with AI | Microsoft Security Blog
6 11
Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot. Through a series of prompts, we identified...
#ai #open #security #linuxboot #hackernews #cybersecurity #microsoft
on Mon, 8PM
From bleepingcomputer.com
Apache fixes critical OFBiz remote code execution vulnerability
6 6
Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
#cysec #infosec #BleepingComputer #security
on Sep 5
From heise.de
Bewaffnete Drohnen sollen in Texas Attentäter an Schulen bekämpfen
5 5
Bewaffnete Drohnen von Campus Guardian Angel sollen bei Anschlägen an US-Schulen Attentäter außer Gefecht setzen. Starten soll das System in Texas.
#news #texas #wissen #schulen #security #sicherheit #wirtschaft #campusguardianangel #drohnen
2h ago
From bleepingcomputer.com
Max severity RCE flaw discovered in widely used Apache Parquet
5 5
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.
11h ago
From techcrunch.com
A new security fund opens up to help protect the fediverse | TechCrunch
5 22
A new security fund aims to help apps in the fediverse — like Mastodon, Threads, and Pixelfed — to pay researchers for disclosing security bugs.
#foss #qlub #security #bugbounty #bugbounties #cybersecurity #mastodon #fediverse
on Wed, 3PM
From freedomnews.org.uk
"McLibel demonstrated the huge potential of coordinated grassroots action" - Freedom News
5 5
As the UK spycops inquiry continues, a prominent target of police overreach reflects on their internationalism—and ours ~ Dave Morris ~ Victories continue to stack up in the campaign to expose and challenge the Met Police’s spycops scandal. First their secret political policing unit was outed....
#Bot #Police #mclibel #spycops #military #security #activists #anarchism #governments #corporations
on Feb 16
From bleepingcomputer.com
Hunters International shifts from ransomware to pure data extortion
4 4
The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks.
11h ago
From bleepingcomputer.com
Ivanti patches Connect Secure zero-day exploited since mid-March
4 4
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025.
15h ago
From bleepingcomputer.com
Recent GitHub supply chain attack traced to leaked SpotBugs token
4 4
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects.
17h ago
From heise.de
"But her emails!": Trumps Sicherheitsberater benutzte Gmail für Amtsgeschäfte
4 12
Mitglieder der US-Regierung haben angeblich auch Amtsgeschäfte über Gmail erledigt. Sicherheitsberater Michael Waltz steht schon im Zentrum der Signal-Affäre.
#usa #news #heise #trump #security #michaelwaltz #verpasstodon #unsicherheitsberater
18h ago
From arstechnica.com
AI bots strain Wikimedia as bandwidth surges 50%
4 10
Automated AI bots seeking training data threaten Wikipedia project stability, foundation says.
#ai #news #tech #security #wikimedia #technology
on Wed, 5PM
From cnet.com
Not Ready for AI? The Easiest Ways to Opt Out of Apple Intelligence
4 4
Apple's AI tech is turned on automatically in the latest updates, but you can turn it off.
#Apple #security #intelligence
on Feb 16
From slashdot.org
Microsoft Tightens Digital Defenses with Sweeping Security Overhaul - Slashdot
4 4
Microsoft unveiled detailed security reforms Monday, five months after CEO Satya Nadella pledged to prioritize cybersecurity following major breaches. The 25-page Secure Future Initiative report [PDF] outlines technical and governance changes addressing criticisms in an April 2024 Cyber Safety Revie...
on Sep 24
From securityaffairs.com
Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests
3 3
An international law enforcement operation shuts down Kidflix, a child sexual abuse material (CSAM) streaming platform with 1.8M users.
#europol #hacking #kidflix #security #securityaffairs
1h ago
From cybersecurity-insiders.com
The Four Fundamentals of Cybersecurity to Build a Resilient SOC - Cybersecurity Insiders
3 3
Imagine the following scenario: The latest threat report comes out on a group that targets your vertical. The SOC quickly disseminates the report and starts to search for tactics, techniques and procedures (TTPs). Everything’s clear, no results are found. Two months later the same attacker...
#graylog #infosec #siem #security #cybersecurity
7h ago
From heise.de
Apache Tomcat: Angriffe auf kritische Sicherheitslücke laufen
3 3
Eine kritische Sicherheitslücke in Apache Tomcat ermöglicht das Einschleusen von Schadcode. Genau das machen Angreifer derzeit.
#it #ios #heise #apache #tomcat #exploit #security #billgates #verpasstodon #sicherheitslucken
on Thu, 9AM
From bleepingcomputer.com
Royal Mail investigates data leak claims, no impact on operations
3 6
Royal Mail is investigating claims of a security breach after a threat actor leaked over 144GB of data allegedly stolen from the company's systems.
#uk #infosec #privacy #security #royalmail #databreach #cybersecurity
on Wed, 5PM
From heise.de
Datenklau: 270.000 Datensätze von Samsung Deutschland im Darknet
3 7
Kriminelle konnten aus der Support-Datenbank von Samsung Deutschland 270.000 Datensätze abgreifen. Die stehen nun im Darknet zum Verkauf.
#leak #news #darknet #phishing #security #cybersecurity #cyberkriminelle #identitatsdiebstahl #samsung
on Tue, 8AM
From heise.de
Online-Investitionsrecherche: Daten von Millionen Zacks-Nutzern geleakt
3 3
In einem Untergrundforum stehen persönliche Daten von Millionen Zacks-Kunden zum Verkauf.
on Feb 16
From heise.de
Jetzt patchen! Angreifer kapern VPN-Verbindungen von Sonicwall-Firewalls
3 3
Derzeit finden Attacken auf Firewalls von Sonicwall statt. Sicherheitsupdates stehen zum Download bereit.
#vpn #dell #news #exploit #updates #Patchday #firewall #security #cyberangriff #sicherheitslucken
on Feb 16
From theatlantic.com
Elon Musk Has the ‘Off’ Switch
3 3
With both X and Starlink under his control, the world’s richest man wields unprecedented power.
#x #tech #power #press #elonmusk #internet #security #starlink #satellite #connectivity
on Sep 7
From heise.de
Apache OFBiz: Aktueller Sicherheitspatch repariert ältere Patches
3 3
Ein aktueller Patch für Apache OFBiz verhindert, dass Sicherheitsupdates für ältere Lücken umgangen werden können.
#News #exploit #updates #Patchday #security #sicherheitslucken
on Sep 6
From heise.de
iX-Workshop: NIS 2: Anforderungen und Vorgaben
3 3
Erhalten Sie praxisnahe Einblicke in die effektive Umsetzung von NIS2 und dem deutschen NIS2UmsuCG.
on Sep 6
From securityaffairs.com
New Triada Trojan comes preinstalled on Android devices
2 3
A new Triada trojan variant comes preinstalled on Android devices, stealing data on setup, warn researchers from Kaspersky.
#android #malware #security #cybersecurity
1h ago
From yahoo.com
Oracle Tells Clients of Second Recent Hack, Log-In Data Stolen
2 2
(Bloomberg) -- Oracle Corp. has told customers that a hacker broke into a computer system and stole old client log-in credentials, according to two people familiar with the matter. It’s the second cybersecurity breach that the software company has acknowledged to clients in the last month.Most...
#hack #oracle #privacy #security
5h ago
From healthcareinfosecurity.com
HSCC Urges White House to Shift Gears on Health Cyber Regs
2 2
The Health Sector Coordinating Council is urging the Trump administration to drop work on a proposed HIPAA security rule update and instead engage in a
#hscc #hipaa #cookies #doctors #doxxing #hacking #privacy #hospital #security #healthcare
11h ago
From jdsupra.com
Immigration Enforcement and Healthcare Facilities: Key Considerations for Providers | JD Supra
2 2
Recent changes in federal immigration enforcement practices have prompted renewed attention to how healthcare providers manage requests from law...
#baa #hipaa #doctors #privacy #hospital #security #healthcare #psychiatry #socialwork #telehealth
11h ago
From bleepingcomputer.com
Verizon Call Filter API flaw exposed customers' incoming call history
2 6
A vulnerability in Verizon's Call Filter feature allowed customers to access the incoming call logs for another Verizon Wireless number through an unsecured API request.
16h ago
From heise.de
Windows 11: Hotpatching ist angekommen
2 2
Microsoft hat nun Hotpatching für Windows 11-Clients freigegeben. Enterprise-Kunden kommen damit auf mehrere Monate Laufzeit ohne Neustart.
#it #heise #windows #security #microsoft #verpasstodon #news
20h ago
From healthcareinfosecurity.com
Medical Imaging Practice Notifying Patients of Recent Hack
2 4
An Arizona-based medical imaging practice with locations in 11 states is notifying patients that their data was compromised in a January cyberattack. Litigation
#hipaa #cookies #doctors #doxxing #hackers #hacking #privacy #hospital #security #radiology
20h ago
From heise.de
AMD Ryzen: Schwachstellen in AI-Software bedrohen Sicherheit
2 2
AMDs neuere Prozessoren haben KI-Coprozessoren, Ryzen AI. Die Software und Treiber dazu reißen Sicherheitslücken auf.
#it #amd #news #amdryzen #security #software #sicherheitslucken
22h ago
From mastodon.social
Mimikama Ⓜ (@mimikama@mastodon.social)
2 2
Attached: 1 image CDU fordert Messenger-Hintertüren – breiter Aufschrei als Antwort Ein sicherheitsstaatlicher Überwachungswunsch unter dem Deckmantel der Strafverfolgung. https://www.mimikama.org/cdu-messenger-hintertuer-entschluesselung/
#eu #it #cdu #csu #europa #security #democracy #messenger #demokratie #encryption
23h ago
From bbc.com
Five takeaways from the Munich Security Conference
2 2
The Munich conference exposed tensions between the US and Europe over Nato and Ukraine - the BBC's Frank Gardner explains why this was a watershed in relations.
on Feb 17
From heise.de
Patch Sonicwall now! Attackers bypass authentication of firewalls
2 2
Attacks are currently taking place on Sonicwall firewalls. Security updates are available for download.
#vpn #dell #news #exploit #updates #Patchday #firewall #security #cyberangriff #sicherheitslucken
on Feb 16
From globalnews.ca
Ukraine rejects U.S. minerals proposal, wants security guarantees - National | Globalnews.ca
2 2
The proposal did not offer any specific security guarantees in return, according to one current and one former senior Ukrainian official familiar with the talks.
#us #usnews #ukraine #minerals #politics #security
on Feb 16