Cybersecurity

12 readers
14 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

founded 2 years ago
MODERATORS
[email protected]
[email protected]
listing: all - local
26
1
The timeline in the "SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem" advisory is mind blowing: (infosec.exchange)
submitted 2 days ago by [email protected] to c/[email protected]
1 comments fedilink
 
 

The timeline in the "SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem" advisory is mind blowing:

https://seclists.org/fulldisclosure/2025/Jun/17

#CVE_2025_26412 #infosec #cybersecurity #vulnerability

27
4
A 100-year-old German company has reportedly filed for insolvency after a ransomware attack. An employee who arrived at the company in the morning even found extortion notes on the printers. (mastodon.green)
submitted 3 days ago by [email protected] to c/[email protected]
2 comments fedilink
 
 

A 100-year-old German company has reportedly filed for insolvency after a ransomware attack. An employee who arrived at the company in the morning even found extortion notes on the printers.

Fasana, which makes paper table napkins and employs around 240 people, was hit by hackers last month.

You know who we need to put out of business? Ransomware gangs.

#cybersecurity #ransomware

News report about ransomware-hit company

28
10
According to a new report, there are 13 China-owned VPN apps in the Apple App Store. None of them clearly disclose their links to China, and some use shell companies to hide their origin. (fedia.io)
submitted 4 days ago by [email protected] to c/[email protected]
2 comments fedilink
 
 

According to a new report, there are 13 China-owned VPN apps in the Apple App Store. None of them clearly disclose their links to China, and some use shell companies to hide their origin.

There are similar problems in Android's Google Play store.

Would you trust your internet traffic to a company that can be compelled to share its user data with the Chinese government?

Don't you think Apple and Google should be protecting their users better?

#cybersecurity #vpn #privacy

29
1
New #Veeam RCE flaw lets domain users hack backup servers (mastodon.thenewoil.org)
submitted 3 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

New #Veeam RCE flaw lets domain users hack backup servers

https://www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/

#cybersecurity

30
2
Hackers switch to targeting U.S. #insurance companies (mastodon.thenewoil.org)
submitted 3 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Hackers switch to targeting U.S. #insurance companies

https://www.bleepingcomputer.com/news/security/google-warns-scattered-spider-hackers-now-target-us-insurance-companies/

#cybersecurity

31
1
#Sitecore #CMS exploit chain starts with hardcoded 'b' password (mastodon.thenewoil.org)
submitted 3 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#Sitecore #CMS exploit chain starts with hardcoded 'b' password

https://www.bleepingcomputer.com/news/security/sitecore-cms-exploit-chain-starts-with-hardcoded-b-password/

#cybersecurity

32
2
#WindowsHello face unlock no longer works in the dark, and #Microsoft says it's not a bug (mastodon.thenewoil.org)
submitted 3 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#WindowsHello face unlock no longer works in the dark, and #Microsoft says it's not a bug

https://www.windowscentral.com/software-apps/windows-11/windows-hello-face-unlock-no-longer-works-in-the-dark-and-microsoft-says-its-not-a-bug

#biometrics #cybersecurity

33
3
Over 46,000 #Grafana instances exposed to account takeover bug (mastodon.thenewoil.org)
submitted 4 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Over 46,000 #Grafana instances exposed to account takeover bug

https://www.bleepingcomputer.com/news/security/over-46-000-grafana-instances-exposed-to-account-takeover-bug/

#cybersecurity

34
2
#Zoomcar discloses security breach impacting 8.4 million users (mastodon.thenewoil.org)
submitted 4 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#Zoomcar discloses security breach impacting 8.4 million users

https://www.bleepingcomputer.com/news/security/zoomcar-discloses-security-breach-impacting-84-million-users/

#cybersecurity #DataBreach #privacy

35
2
#WestJet investigates #cyberattack disrupting internal systems (mastodon.thenewoil.org)
submitted 4 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#WestJet investigates #cyberattack disrupting internal systems

https://www.bleepingcomputer.com/news/security/westjet-investigates-cyberattack-disrupting-internal-systems/

#cybersecurity #travel #Canada

36
1
📢 European #cybersecurity is evolving! Explore how the #CRA & #NIS2 will affect small to medium #opensource vendors at the #openSUSE Conference. (fosstodon.org)
submitted 3 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

📢 European #cybersecurity is evolving! Explore how the #CRA & #NIS2 will affect small to medium #opensource vendors at the #openSUSE Conference.
✅ Legal alignment
✅ Risk response
✅ Community readiness
🗓️ June 26 | Nuremberg
#opensource #compliance #EU #regulations https://events.opensuse.org/

37
1
Researchers Create World's First Completely Verifiable Random Number Generator (mastodon.thenewoil.org)
submitted 3 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Researchers Create World's First Completely Verifiable Random Number Generator

https://science.slashdot.org/story/25/06/16/1656252/researchers-create-worlds-first-completely-verifiable-random-number-generator

#cybersecurity #randomness

38
20
#Signalgate 2.0 proves it - there’s no such thing as a “Backdoor for the Good Guys Only” (mastodon.thenewoil.org)
submitted 6 days ago by [email protected] to c/[email protected]
3 comments fedilink
 
 

#Signalgate 2.0 proves it - there’s no such thing as a “Backdoor for the Good Guys Only”

https://tuta.com/blog/opinion-signalgate

#cybersecurity #encryption

39
14
Genetic testing company 23andMe has sold itself to a nonprofit led by the company’s former CEO Anne Wojcicki. @Techcrunch reports: (flipboard.social)
submitted 6 days ago by [email protected] to c/[email protected]
2 comments fedilink
 
 

Genetic testing company 23andMe has sold itself to a nonprofit led by the company’s former CEO Anne Wojcicki. @Techcrunch reports:

https://flip.it/bhw2IJ

#Tech #23AndMe #BioTech #Health #CyberSecurity

40
1
As #grocery shortages persist, #UNFI says it’s recovering from #cyberattack (mastodon.thenewoil.org)
submitted 3 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

As #grocery shortages persist, #UNFI says it’s recovering from #cyberattack

https://techcrunch.com/2025/06/16/food-distributor-unfi-says-its-recovering-from-cyberattack-as-grocery-shortages-persist/

#cybersecurity

41
1
#Anubis #ransomware adds wiper to destroy files beyond recovery (mastodon.thenewoil.org)
submitted 4 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#Anubis #ransomware adds wiper to destroy files beyond recovery

https://www.bleepingcomputer.com/news/security/anubis-ransomware-adds-wiper-to-destroy-files-beyond-recovery/

#cybersecurity

42
6
"- A company owned by a Russian network engineer named Vladimir Vedeneev controls thousands of Telegram IP addresses and maintains its servers. (tldr.nettime.org)
submitted 6 days ago by [email protected] to c/[email protected]
1 comments fedilink
 
 

"- A company owned by a Russian network engineer named Vladimir Vedeneev controls thousands of Telegram IP addresses and maintains its servers.

  • Vedeneev’s other companies have a history of collaborating with Russia’s defense sector, the FSB security service, and other highly sensitive agencies.

  • Because of the way Telegram’s encryption protocols work, even users who use its “end-to-end” encryption features are vulnerable to being tracked by anyone who can monitor its network traffic."

https://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle

#CyberSecurity #Privacy #Telegram #Russia #Encryption #FSB

43
4
Help Us Shape the New #Filen Hub – We Want Your Feedback! (mastodon.thenewoil.org)
submitted 6 days ago by [email protected] to c/[email protected]
1 comments fedilink
 
 

Help Us Shape the New #Filen Hub – We Want Your Feedback!

https://blog.filen.io/help-us-shape-the-new-filen-hub-we-want-your-feedback/

#FOSS #cybersecurity

44
3
#VictoriasSecret restores critical systems after #cyberattack (mastodon.thenewoil.org)
submitted 6 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#VictoriasSecret restores critical systems after #cyberattack

https://www.bleepingcomputer.com/news/security/victorias-secret-restores-critical-systems-after-cyberattack/

#cybersecurity

45
3
#Cloudflare: Outage not caused by security incident, data is safe (mastodon.thenewoil.org)
submitted 6 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#Cloudflare: Outage not caused by security incident, data is safe

https://www.bleepingcomputer.com/news/security/cloudflare-outage-not-caused-by-security-incident-data-is-safe/

#cybersecurity

46
1
Introducing premium accounts to fund the matrix(dot)org homeserver (mastodon.thenewoil.org)
submitted 6 days ago by [email protected] to c/[email protected]
2 comments fedilink
 
 

Introducing premium accounts to fund the matrix(dot)org homeserver

https://matrix.org/blog/2025/06/funding-homeserver-premium/

#FOSS #Matrix #cybersecurity #privacy

47
1
#Microsoft confirms auth issues affecting #Microsoft365 users (mastodon.thenewoil.org)
submitted 6 days ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#Microsoft confirms auth issues affecting #Microsoft365 users

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-auth-issues-affecting-microsoft-365-users/

#cybersecurity

48
1
"As AI agents powered by Large Language Models (LLMs) become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among (tldr.nettime.org)
submitted 6 days ago by [email protected] to c/[email protected]
1 comments fedilink
 
 

"As AI agents powered by Large Language Models (LLMs) become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among the most pressing threats are prompt injection attacks, which exploit the agent’s resilience on natural language inputs — an especially dangerous threat when agents are granted tool access or handle sensitive information. In this work, we propose a set of principled design patterns for building AI agents with provable resistance to prompt injection. We systematically analyze these patterns, discuss their trade-offs in terms of utility and security, and illustrate their real-world applicability through a series of case studies."

https://arxiv.org/html/2506.08837v2

#AI #GenerativeAI #LLMs #PromptInjection #AIAgents #AgenticAI #CyberSecurity

49
2
Coming to #Apple OSes: A seamless, secure way to import and export #passkeys (mastodon.thenewoil.org)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Coming to #Apple OSes: A seamless, secure way to import and export #passkeys

https://arstechnica.com/security/2025/06/apple-previews-new-import-export-feature-to-make-passkeys-more-interoperable/

#cybersecurity

50
1
#TrendMicro fixes critical vulnerabilities in multiple products (mastodon.thenewoil.org)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

#TrendMicro fixes critical vulnerabilities in multiple products

https://www.bleepingcomputer.com/news/security/trend-micro-fixes-six-critical-flaws-on-apex-central-endpoint-encryption-policyserver/

#cybersecurity

view more: ‹ prev next ›