Cybersecurity

No, the 16 billion credentials leak is not a new #DataBreach

https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/

#cybersecurity #privacy

"Public-interest journalism speaks truth to power, so protecting press freedom is part of protecting democracy. But what does it take to digitally secure journalists’ work in an environment where critics, hackers, oppressive regimes, and others seem to have the free press in their crosshairs?

That’s what Harlo Holmes focuses on as Freedom of the Press Foundation’s digital security director. Her team provides training, consulting, security audits, and other support to newsrooms, independent journalists, freelancers, documentary filmmakers – anyone who is making independent journalism in the public interest – so that they can do their jobs more safely and securely. Holmes joins EFF’s Cindy Cohn and Jason Kelley to discuss the tools and techniques that help journalists protect themselves and their sources while keeping the world informed.

In this episode you’ll learn about:

• The importance of protecting online anonymity on an ever-increasingly “data-greedy” internet
• How digital security nihilism in the United States compares with regions of the world where oppressive and repressive governance are more common
• Why compartmentalization can be a simple, easy approach to digital security
• The need for middleware to provide encryption and other protections that shield sources’ anonymity and journalists’ work product when using corporate data platforms
• How podcasters, YouTubers, and TikTokers fit into the broad sweep of media history, and need digital protections as well

H. Holmes is the chief information security officer and director of digital security at Freedom of the Press Foundation. She strives to help individual journalists in various media organizations become confident and effective in securing their communications within their newsrooms, with their sources, and with the public at large. She is a media scholar, software programmer, and activist."

https://www.eff.org/deeplinks/2025/06/podcast-episode-securing-journalism-data-greedy-internet
#DigitalRights #CyberSecurity #DataProtection #Journalism #PressFreedom #Privacy

Hackers Are Turning Tech Support Into a Threat

https://it.slashdot.org/story/25/06/19/1619248/hackers-are-turning-tech-support-into-a-threat

#cybersecurity

#Microsoft unveils new security defaults for #Windows365 Cloud PCs

https://www.bleepingcomputer.com/news/security/microsoft-unveils-new-security-defaults-for-windows-365-cloud-pcs/

#cybersecurity

#DuckDuckGo beefs up #scam defense to block fake stores, #crypto sites

https://www.bleepingcomputer.com/news/security/duckduckgo-beefs-up-scam-defense-to-block-fake-stores-crypto-sites/

#cybersecurity

#KrispyKreme says November #DataBreach impacts over 160,000 people

https://www.bleepingcomputer.com/news/security/krispy-kreme-says-november-data-breach-impacts-over-160-000-people/

#cybersecurity #privacy #FastFood

#Ryuk #ransomware’s initial access expert extradited to the U.S.

https://www.bleepingcomputer.com/news/security/ryuk-ransomwares-initial-access-expert-extradited-to-the-us/

#cybercrime #cybersecurity

Seems one lesson here is to use an Ad Blocker.

https://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number

#CyberSecurity #Malware

Scammers hijack websites of #BankOfAmerica, #Netflix, #Microsoft, and more to insert fake phone number

https://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number

#cybersecurity

🔐Cybersecurity is now core to every technical role. DevOps. AppDev. SRE. Architects. Watch "Cybersecurity Skills: A Framework That Works" -- an on-demand webinar -- to learn how to close key security skill gaps for you and your teams.

🎥 Watch now: https://training.linuxfoundation.org/resources/webinars/cybersecurity-skills-framework-webinar/

#CyberSecurity #DevSecOps #SREs #CTO #CISO #SysAdmins #Developers

North Korean hackers #deepfake execs in #Zoom call to spread #Mac #malware

https://www.bleepingcomputer.com/news/security/north-korean-hackers-deepfake-execs-in-zoom-call-to-spread-mac-malware/

#NorthKorea #cybersecurity #privacy

New #Linux #udisks flaw lets attackers get root on major Linux distros

https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attackers-get-root-on-major-linux-distros/

#cybersecurity #FOSS

#BeyondTrust warns of pre-auth RCE in Remote Support software

https://www.bleepingcomputer.com/news/security/beyondtrust-warns-of-pre-auth-rce-in-remote-support-software/

#cybersecurity

#CISA warns of attackers exploiting #Linux flaw with PoC exploit

https://www.bleepingcomputer.com/news/security/cisa-warns-of-attackers-exploiting-linux-flaw-with-poc-exploit/

#cybersecurity #FOSS

#Microsoft365 to block file access via legacy auth protocols by default

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-to-block-file-access-via-legacy-auth-protocols-by-default/

#cybersecurity #Microsoft

#Israel-Tied #PredatorySparrow Hackers Are Waging #Cyberwar on #Iran’s Financial System

https://www.wired.com/story/israels-predatory-sparrow-hackers-are-waging-cyberwar-on-irans-financial-system/

#cybersecurity #politics #banking #finance #crypto

"The report, titled “Are AI Bots Knocking Cultural Heritage Offline?” was written by Weinberg of the GLAM-E Lab, a joint initiative between the Centre for Science, Culture and the Law at the University of Exeter and the Engelberg Center on Innovation Law & Policy at NYU Law, which works with smaller cultural institutions and community organizations to build open access capacity and expertise. GLAM is an acronym for galleries, libraries, archives, and museums. The report is based on a survey of 43 institutions with open online resources and collections in Europe, North America, and Oceania. Respondents also shared data and analytics, and some followed up with individual interviews. The data is anonymized so institutions could share information more freely, and to prevent AI bot operators from undermining their countermeasures.

Of the 43 respondents, 39 said they had experienced a recent increase in traffic. Twenty-seven of those 39 attributed the increase in traffic to AI training data bots, with an additional seven saying the AI bots could be contributing to the increase.

“Multiple respondents compared the behavior of the swarming bots to more traditional online behavior such as Distributed Denial of Service (DDoS) attacks designed to maliciously drive unsustainable levels of traffic to a server, effectively taking it offline,” the report said. “Like a DDoS incident, the swarms quickly overwhelm the collections, knocking servers offline and forcing administrators to scramble to implement countermeasures. As one respondent noted, ‘If they wanted us dead, we’d be dead.’”"

https://www.404media.co/ai-scraping-bots-are-breaking-open-libraries-archives-and-museums/

#AI #GenerativeAI #CulturalHeritage #AIBots #WebScraping #CyberSecurity #DDoS

#Iran is going offline to prevent purported Israeli cyberattacks

https://www.theverge.com/politics/688875/iran-cutting-off-internet-israel-war

#cybersecurity #politics #Israel

Pro-#Israel #hacktivist group claims responsibility for alleged Iranian #bank hack

https://techcrunch.com/2025/06/17/pro-israel-hacktivist-group-claims-responsibility-for-alleged-iranian-bank-hack/

#cybersecurity #Iran #politics

The timeline in the "SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem" advisory is mind blowing:

https://seclists.org/fulldisclosure/2025/Jun/17

#CVE_2025_26412 #infosec #cybersecurity #vulnerability

Think Twice Before You Click ‘Unsubscribe’

https://www.msn.com/en-us/public-safety-and-emergencies/health-and-safety-alerts/think-twice-before-you-click-unsubscribe/ar-AA1GoBBj

#cybersecurity

New #Veeam RCE flaw lets domain users hack backup servers

https://www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/

#cybersecurity

#KaliLinux 2025.2 released with 13 new tools, car hacking updates

https://www.bleepingcomputer.com/news/security/kali-linux-20252-released-with-13-new-tools-car-hacking-updates/

#cybersecurity #FOSS #Kali #Linux

A 100-year-old German company has reportedly filed for insolvency after a ransomware attack. An employee who arrived at the company in the morning even found extortion notes on the printers.

Fasana, which makes paper table napkins and employs around 240 people, was hit by hackers last month.

You know who we need to put out of business? Ransomware gangs.

#cybersecurity #ransomware

#Sitecore #CMS exploit chain starts with hardcoded 'b' password

https://www.bleepingcomputer.com/news/security/sitecore-cms-exploit-chain-starts-with-hardcoded-b-password/

#cybersecurity