deddit.petersanchez.com

Security - [email protected] - https://lemmy.ml/c/security

About

Confidentiality Integrity Availability

89 million Steam account details just got leaked, so now's a good time to change your password (www.xda-developers.com)
in [email protected] from [email protected] on 14 May 12:35
comments (3)

Intel data-leaking Spectre defenses scared off once again (www.theregister.com)
in [email protected] from [email protected] on 13 May 22:43
comments (0)

RSS feed for CISA KEV vulnerabilities, powered by Vulnerability-Lookup (www.vulnerability-lookup.org)
in [email protected] from [email protected] on 13 May 20:53
comments (0)

Vulnerability-Lookup 2.9.0 - MITRE EMB3D, GCVE (www.vulnerability-lookup.org)
in [email protected] from [email protected] on 07 May 14:46
comments (0)

China's cybersecurity center discloses malicious foreign websites and IP addresses, mainly from US, Sweden and India (www.globaltimes.cn)
in [email protected] from [email protected] on 03 May 02:29
comments (5)

🚨 April 2025 Vulnerability Report is out! 🚨
in [email protected] from [email protected] on 01 May 09:13
comments (0)

A Python client for the Global CVE Allocation System. (github.com)
in [email protected] from [email protected] on 28 Apr 07:59
comments (0)

Vulnerabilities in the SS7 phone system can allow attackers to steal your calls and texts, track your location (www.youtube.com)
in [email protected] from [email protected] on 16 Apr 2025 19:43
comments (0)

GCVE: Global CVE Allocation System (gcve.eu)
in [email protected] from [email protected] on 16 Apr 2025 18:51
comments (1)

Homeland Security funding for CVE program expires (www.theregister.com)
in [email protected] from [email protected] on 16 Apr 2025 07:26
comments (0)

Google fixes two Android zero-day bugs actively exploited by hackers (techcrunch.com)
in [email protected] from [email protected] on 09 Apr 2025 02:18
comments (0)

Hacker hacked hackers (www.bleepingcomputer.com)
in [email protected] from [email protected] on 08 Apr 2025 10:23
comments (0)

Why OAuth MUST share access token with 3rd party?!?
in [email protected] from [email protected] on 06 Apr 2025 01:47
comments (7)

Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job (hackread.com)
in [email protected] from [email protected] on 30 Mar 2025 21:44
comments (0)

Messaging app Signal threatens to leave France over anti-encryption demands (brusselssignal.eu)
in [email protected] from [email protected] on 21 Mar 2025 04:08
comments (0)

This Windows PowerShell Phish Has Scary Potential (krebsonsecurity.com)
in [email protected] from [email protected] on 15 Mar 2025 14:13
comments (0)

Regularly updated Hugging Face datasets and models for software vulnerabilities (huggingface.co)
in [email protected] from [email protected] on 09 Mar 2025 20:22
comments (0)

LLMs + Vulnerability-Lookup: What We’re Testing and Where We’re Headed (www.vulnerability-lookup.org)
in [email protected] from [email protected] on 26 Feb 2025 22:24
comments (0)

two OpenSSH vulnerabilities fixed: one allowed MITM against clients which had enabled `VerifyHostKeyDNS`, the other allowed pre-auth DoS (blog.qualys.com)
in [email protected] from [email protected] on 21 Feb 2025 20:49
comments (0)

Vulnerability-Lookup 2.6.0 Released — Advanced monitoring tools for administrators of Vulnerability-Lookup instances (www.vulnerability-lookup.org)
in [email protected] from [email protected] on 14 Feb 2025 14:13
comments (0)

Exclusive: Spyware maker caught distributing malicious Android apps for years (techcrunch.com)
in [email protected] from [email protected] on 13 Feb 2025 15:15
comments (0)

New macOS vulnerability, Migraine, could bypass System Integrity Protection (www.microsoft.com)
in [email protected] from [email protected] on 03 Jun 2023 15:32
comments (1)

Invisible npm malware - evading security checks with crafted versions | JFrog (jfrog.com)
in [email protected] from [email protected] on 11 Dec 2022 17:29
comments (1)

Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices (arstechnica.com)
in [email protected] from [email protected] on 04 Dec 2022 03:42
comments (1)

EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer (www.securityweek.com)
in [email protected] from [email protected] on 30 Dec 2022 14:58
comments (1)

87% of Container Images in Production Have Critical or High-Severity Vulnerabilities (www.darkreading.com)
in [email protected] from [email protected] on 24 Feb 2023 23:10
comments (1)

There is no secure software supply-chain. (onengineering.substack.com)
in [email protected] from [email protected] on 30 Dec 2022 17:41
comments (1)

Massive New Twitter Leak Allegedly Exposes 400M+ Users (restoreprivacy.com)
in [email protected] from [email protected] on 26 Dec 2022 01:04
comments (1)

Mass exploitation of critical MOVEit flaw is ransacking orgs big and small (arstechnica.com)
in [email protected] from [email protected] on 06 Jun 2023 10:26
comments (1)

Google says hackers could silently own your phone until Samsung fixes its modems (www.theverge.com)
in [email protected] from [email protected] on 17 Mar 2023 15:33
comments (1)

Passkeys may not be for you, but they are safe and easy—here’s why (arstechnica.com)
in [email protected] from [email protected] on 12 May 2023 23:16
comments (1)

Moochacha, quantum-safe file encryption (analyzed by Frama-C) (codeberg.org)
in [email protected] from [email protected] on 24 Feb 2023 19:13
comments (1)

DEF CON 26 HARDWARE HACKING VILLAGE - Brian Milliron - Disabling Intel ME in Firmware (yewtu.be)
in [email protected] from [email protected] on 30 May 2023 17:31
comments (1)

What is your specialty in cybersecurity? What certifications are you trying for currently?
in [email protected] from [email protected] on 04 Jun 2023 20:22
comments (1)

Let's Encrypt now supports ACME-CAA: closing the DV loophole (www.devever.net)
in [email protected] from [email protected] on 18 Dec 2022 15:58
comments (1)

Why Zero Trust is a Misnomer: the Fallacy of Absolute Trust in Zero Trust Providers (invisv.com)
in [email protected] from [email protected] on 06 Dec 2022 12:06
comments (1)

Web browsers drop mysterious company with ties to U.S. military contractor (www.washingtonpost.com)
in [email protected] from [email protected] on 01 Dec 2022 05:03
comments (1)

LastPass Posts Notice of Recent Security Incident (blog.lastpass.com)
in [email protected] from [email protected] on 01 Dec 2022 05:08
comments (1)

Hacking myself to prove a point (www.macchaffee.com)
in [email protected] from [email protected] on 22 Jan 2023 10:41
comments (1)

NPM repository flooded with 15,000 phishing packages (www.scmagazine.com)
in [email protected] from [email protected] on 24 Feb 2023 19:24
comments (1)

CVE-2023-25136: OpenSSH Pre-Auth Double Free Writeup & PoC (bug introduced in 9.1) (jfrog.com)
in [email protected] from [email protected] on 08 Feb 2023 19:15
comments (1)

'Breakthrough’ in quest for perfectly secure digital communications (www.thenationalnews.com)
in [email protected] from [email protected] on 08 Mar 2023 00:33
comments (1)

Windows 11 also vulnerable to “aCropalypse” image data leakage (nakedsecurity.sophos.com)
in [email protected] from [email protected] on 23 Mar 2023 01:23
comments (1)

PyTorch, critical Machine Learning/AI library PyTorch breached, compromised with malicious software. If you run on the latest (unstable) versions, that requires immediate attention. (pytorch.org)
in [email protected] from [email protected] on 01 Jan 2023 22:51
comments (1)

What’s in a PR statement: LastPass breach explained (palant.info)
in [email protected] from [email protected] on 27 Dec 2022 15:06
comments (1)

235M records of Twitter users and their email addresses leaked (twitter.com)
in [email protected] from [email protected] on 05 Jan 2023 01:07
comments (1)

Git patches two critical remote code execution security flaws (www.bleepingcomputer.com)
in [email protected] from [email protected] on 18 Jan 2023 19:22
comments (1)

It’s All Bad News: An update on how the Lastpass breach affects Lastpass SSO (medium.com)
in [email protected] from [email protected] on 28 Feb 2023 22:19
comments (1)

"we discovered that GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository" 🤡 (github.blog)
in [email protected] from [email protected] on 27 Mar 2023 14:55
comments (1)

Fuzzing ping(8) … and finding a 24 year old bug - FreeBSD,OpenBSD (www.undeadly.org)
in [email protected] from [email protected] on 14 Dec 2022 11:34
comments (1)

BlackLotus is the first in-the-wild UEFI bootkit bypassing UEFI Secure Boot on fully updated systems (www.welivesecurity.com)
in [email protected] from [email protected] on 01 Mar 2023 19:08
comments (1)

what is the randomart image for? (bytes.zone)
in [email protected] from [email protected] on 21 Feb 2023 04:02
comments (1)

Google says Android runs better when covered in Rust (www.theregister.com)
in [email protected] from [email protected] on 18 Dec 2022 17:25
comments (1)

Treating Email More Like a Password Manager [Dmitry Frank] (dmitryfrank.com)
in [email protected] from [email protected] on 19 Dec 2022 18:45
comments (1)

How Intel backdoors every computer in the world | Intel Management Engine explained (yewtu.be)
in [email protected] from [email protected] on 16 May 2023 12:08
comments (1)

Massive brute force attack uses 2.8 million IPs to target VPN devices (www.bleepingcomputer.com)
in [email protected] from [email protected] on 10 Feb 2025 14:50
comments (1)

VSCode’s SSH Agent Is Bananas (fly.io)
in [email protected] from [email protected] on 08 Feb 2025 14:35
comments (0)

Violet Blue: America’s unfolding cybersecurity catastrophe (medium.com)
in [email protected] from [email protected] on 08 Feb 2025 03:27
comments (1)

Track vulnerabilities with product watch lists and email notifications (vulnerability.circl.lu)
in [email protected] from [email protected] on 07 Feb 2025 10:34
comments (0)

AMD Zen 1 through Zen 4 CPUs use an insecure hash function in the signature validation for microcode updates; researchers released a proof of concept update which makes the RDRAND instruction return 4 (github.com)
in [email protected] from [email protected] on 04 Feb 2025 01:55
comments (8)

WhatsApp says journalists and civil society members were targets of Israeli spyware (www.theguardian.com)
in [email protected] from [email protected] on 01 Feb 2025 00:35
comments (0)

Seized Cracked.io, Nulled.to hacking forums in Operation Talent (www.bleepingcomputer.com)
in [email protected] from [email protected] on 30 Jan 2025 11:46
comments (0)

Apple chips can be hacked to leak secrets from Gmail, iCloud, and more (arstechnica.com)
in [email protected] from [email protected] on 29 Jan 2025 01:28
comments (1)

Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel (samcurry.net)
in [email protected] from [email protected] on 23 Jan 2025 17:51
comments (1)

The Shadowserver Foundation Honeypot Feed is now integrated as a source of sightings in Vulnerability-Lookup (www.vulnerability-lookup.org)
in [email protected] from [email protected] on 22 Jan 2025 22:09
comments (0)

Hackers leak 500,000 VPN passwords (www.youtube.com)
in [email protected] from [email protected] on 21 Jan 2025 21:14
comments (3)

Vulnerability-Lookup 2.4.0 (www.vulnerability-lookup.org)
in [email protected] from [email protected] on 10 Jan 2025 10:34
comments (0)

Stealing passwords and PINs entered by Apple Vision Pro users (arxiv.org)
in [email protected] from [email protected] on 10 Jan 2025 02:02
comments (0)

Dive into Historical Insights on Vulnerability Observations with Vulnerability-Lookup (vulnerability.circl.lu)
in [email protected] from [email protected] on 01 Jan 2025 23:54
comments (0)

A client to gather vulnerability-related information from Bluesky (github.com)
in [email protected] from [email protected] on 25 Dec 2024 22:36
comments (0)

The Qualcomm DSP Driver - How Serbian authorities have deployed surveillance technology and digital repression tactics (vulnerability.circl.lu)
in [email protected] from [email protected] on 17 Dec 2024 22:08
comments (0)

Short-Lived Certificates Coming to Let’s Encrypt (letsencrypt.org)
in [email protected] from [email protected] on 16 Dec 2024 13:08
comments (2)

Lessons I learned using password managers
in [email protected] from [email protected] on 30 Jul 2021 02:13
comments (1)

Yearlong supply-chain attack targeting security pros steals 390K credentials (arstechnica.com)
in [email protected] from [email protected] on 13 Dec 2024 22:22
comments (1)

Does two-factor authentication with TOTP make sense in my case?
in [email protected] from [email protected] on 05 Dec 2024 16:16
comments (5)

Vulnerability-Lookup 2.2.0
in [email protected] from [email protected] on 29 Nov 2024 05:58
comments (0)

Spies hack Wi-Fi networks in far-off land to launch attack on target next door (arstechnica.com)
in [email protected] from [email protected] on 24 Nov 2024 14:17
comments (0)

Leaked Documents Show What Phones Secretive Tech ‘Graykey’ Can Unlock (www.404media.co)
in [email protected] from [email protected] on 20 Nov 2024 02:47
comments (0)

New Glove infostealer malware bypasses Chrome’s cookie encryption (www.bleepingcomputer.com)
in [email protected] from [email protected] on 14 Nov 2024 21:05
comments (0)

Looking for Lemmy accounts about software vulnerabilities, CVEs, etc.
in [email protected] from [email protected] on 01 Nov 2024 20:31
comments (2)

shopping issue
in [email protected] from [email protected] on 01 Nov 2024 15:01
comments (11)

Chinese researchers break RSA encryption with a quantum computer (www.csoonline.com)
in [email protected] from [email protected] on 15 Oct 2024 15:36
comments (2)

European govt air-gapped systems breached using custom malware (www.bleepingcomputer.com)
in [email protected] from [email protected] on 09 Oct 2024 20:39
comments (4)

Linux Kernel CVEs, What Has Caused So Many to Suddenly Show Up? - talk by Greg Kroah-Hartman (August 2024) (www.youtube.com)
in [email protected] from [email protected] on 20 Sep 2024 11:07
comments (0)

Vulnerability Lookup 1.5.0
in [email protected] from [email protected] on 03 Sep 2024 05:25
comments (0)

"we finally extracted Intel SGX Fuse Key0, AKA Root Provisioning Key. Together with FK1 or Root Sealing Key (also compromised), it represents Root of Trust for SGX" (xcancel.com)
in [email protected] from [email protected] on 27 Aug 2024 07:16
comments (0)

Wihkum - Emergency Response App for Schools in 2024 (wihkum.com)
in [email protected] from [email protected] on 26 Aug 2024 05:49
comments (1)

ONNX Bot Tool Hijacks Microsoft 365 accounts & Even Bypass 2FA (cybersecuritynews.com)
in [email protected] from [email protected] on 20 Aug 2024 02:43
comments (0)

iVerify found stock Google Pixel devices' app "showcase" With Excessive System Privileges, Including Remote Code Execution (iverify.io)
in [email protected] from [email protected] on 17 Aug 2024 14:10
comments (1)

Israeli contractor claims Israel is behind rigging elections and online bot farms.Not China, not russia, not iran.They claim Israel has rigged more than 30 elections (x.com)
in [email protected] from [email protected] on 14 Aug 2024 16:32
comments (0)

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices (thehackernews.com)
in [email protected] from [email protected] on 11 Aug 2024 12:55
comments (0)

Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption (www.microsoft.com)
in [email protected] from [email protected] on 30 Jul 2024 12:13
comments (0)

Signal downplays encryption key flaw, fixes it after X drama (www.bleepingcomputer.com)
in [email protected] from [email protected] on 21 Jul 2024 01:24
comments (0)

Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure. (github.com)
in [email protected] from [email protected] on 16 Jul 2024 12:19
comments (0)

CVE-2024-6409: OpenSSH: Possible remote code execution in privsep child (www.openwall.com)
in [email protected] from [email protected] on 09 Jul 2024 15:25
comments (0)

How to avoid phishing fraud scam
in [email protected] from [email protected] on 30 Jun 2024 06:01
comments (0)

Firmware flaw affects numerous generations of Intel CPUs — UEFI code execution vulnerability found for Intel CPUs from 14th Gen Raptor Lake to 6th Gen Skylake CPUs, and TPM will not save you (www.tomshardware.com)
in [email protected] from [email protected] on 23 Jun 2024 11:44
comments (2)

New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now (www.forbes.com)
in [email protected] from [email protected] on 15 Jun 2024 02:11
comments (1)

BusKill Warrant Canary for 2024 H2 🕵️ (www.buskill.in)
in [email protected] from [email protected] on 12 Jun 2024 17:57
comments (0)

The iPhone Setting Thieves Use to Lock You Out of Your Apple Account (www.wsj.com)
in [email protected] from [email protected] on 11 Jun 2024 13:14
comments (3)

Hacking Millions of Modems (and Investigating Who Hacked My Modem) (samcurry.net)
in [email protected] from [email protected] on 04 Jun 2024 16:45
comments (0)

Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. (doublepulsar.com)
in [email protected] from [email protected] on 31 May 2024 22:28
comments (3)

Federal agency warns critical Linux vulnerability being actively exploited (arstechnica.com)
in [email protected] from [email protected] on 31 May 2024 19:06
comments (0)

Securing a computer?
in [email protected] from [email protected] on 30 May 2024 17:11
comments (3)

This Undisclosed WhatsApp Vulnerability Lets Governments See Who You Message (theintercept.com)
in [email protected] from [email protected] on 23 May 2024 00:57
comments (2)

Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution (github.com)
in [email protected] from [email protected] on 21 May 2024 23:21
comments (2)

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks (thehackernews.com)
in [email protected] from [email protected] on 19 May 2024 02:29
comments (2)

How I upgraded my water heater and discovered how bad smart home security can be (arstechnica.com)
in [email protected] from [email protected] on 18 May 2024 22:28
comments (4)

BIMI and DMARC Can't Save You: The Overlooked DKIM Exploit (www.zone.eu)
in [email protected] from [email protected] on 18 May 2024 11:24
comments (4)

16 years of CVE-2008-0166 - Debian OpenSSL Bug (16years.secvuln.info)
in [email protected] from [email protected] on 12 May 2024 10:11
comments (0)

Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
in [email protected] from [email protected] on 07 May 2024 13:43
comments (23)

How well can an employer be certain of a remote employee's geographical location?
in [email protected] from [email protected] on 03 May 2024 04:15
comments (3)

Stealing your Telegram account in 10 seconds flat (lyra.horse)
in [email protected] from [email protected] on 02 May 2024 21:10
comments (0)

Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks (arstechnica.com)
in [email protected] from [email protected] on 29 Apr 2024 12:37
comments (1)

A doubt in encryption
in [email protected] from [email protected] on 28 Apr 2024 04:16
comments (28)

Computer scientists unveil novel attacks on cybersecurity (www.sciencedaily.com)
in [email protected] from [email protected] on 27 Apr 2024 07:43
comments (1)

Passkeys: A Shattered Dream (fy.blackhats.net.au)
in [email protected] from [email protected] on 26 Apr 2024 07:28
comments (5)

A dozen+ RCEs on popular LLM framework libraries like LangChain and LlamaIndex - used in lots of chat-assisted apps including GitHub (mastodon.social)
in [email protected] from [email protected] on 18 Apr 2024 14:32
comments (0)

After XZ Utils, More Open-Source Maintainers Under Attack (www.bankinfosecurity.com)
in [email protected] from [email protected] on 16 Apr 2024 22:07
comments (1)

PuTTY priority high vulnerability CVE-2024-31497 (hachyderm.io)
in [email protected] from [email protected] on 15 Apr 2024 20:02
comments (3)

Gmail And YouTube Hackers Bypass Google’s 2FA Account Security (www.forbes.com)
in [email protected] from [email protected] on 14 Apr 2024 00:48
comments (1)

New Technique Detected in an Open Source Supply Chain Attack (checkmarx.com)
in [email protected] from [email protected] on 12 Apr 2024 12:36
comments (1)

New Spectre v2 attack impacts Linux systems on Intel CPUs (www.bleepingcomputer.com)
in [email protected] from [email protected] on 10 Apr 2024 21:59
comments (0)

Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them (www.flux.utah.edu)
in [email protected] from [email protected] on 10 Apr 2024 18:09
comments (0)

Running the “Reflections on Trusting Trust” Compiler (research.swtch.com)
in [email protected] from [email protected] on 10 Apr 2024 13:15
comments (0)

The Bootstrapping Exam: Escaping from “Trusting Trust” (www.devever.net)
in [email protected] from [email protected] on 10 Apr 2024 12:18
comments (1)

GParted Live Is Now Patched Against the XZ Backdoor, Powered by Linux Kernel 6.7 (9to5linux.com)
in [email protected] from [email protected] on 10 Apr 2024 09:28
comments (0)

Thoughts on the xz backdoor: an lzma-rs perspective | Blog (gendignoux.com)
in [email protected] from [email protected] on 10 Apr 2024 09:27
comments (2)

Security advisory for the standard library (CVE-2024-24576) (blog.rust-lang.org)
in [email protected] from [email protected] on 10 Apr 2024 09:27
comments (0)

Critical Rust flaw enables Windows command injection attacks (www.bleepingcomputer.com)
in [email protected] from [email protected] on 10 Apr 2024 09:26
comments (0)

XZ Utils backdoor - Wikipedia (en.wikipedia.org)
in [email protected] from [email protected] on 08 Apr 2024 18:21
comments (0)

Today marks the 10th anniversary of the Heartbleed vulnerability in OpenSSL, which had the same ultimate root cause as recent XZUtils backdoor incident (medium.com)
in [email protected] from [email protected] on 07 Apr 2024 18:56
comments (1)

Amazon storing classified US government documents improperly
in [email protected] from [email protected] on 07 Apr 2024 16:10
comments (80)

backdoor in upstream xz/liblzma leading to ssh server compromise (www.openwall.com)
in [email protected] from [email protected] on 29 Mar 2024 16:35
comments (0)

High Court orders temporary suspension of Telegram's services in Spain (www.reuters.com)
in [email protected] from [email protected] on 24 Mar 2024 06:00
comments (1)

SIM swappers hijacking phone numbers in eSIM attacks (www.bleepingcomputer.com)
in [email protected] from [email protected] on 15 Mar 2024 16:47
comments (0)

Debunking the Myth of “Anonymous” Data (www.eff.org)
in [email protected] from [email protected] on 03 Mar 2024 06:49
comments (4)

Researchers create AI worms that can spread from one system to another (arstechnica.com)
in [email protected] from [email protected] on 02 Mar 2024 13:57
comments (0)

How the Pentagon Learned to Use Targeted Ads to Find Its Targets—and Vladimir Putin (www.wired.com)
in [email protected] from [email protected] on 29 Feb 2024 08:34
comments (7)

NIST Releases Version 2.0 of Landmark Cybersecurity Framework (www.nist.gov)
in [email protected] from [email protected] on 28 Feb 2024 13:26
comments (0)

Vehicle thefts - Insecure vehicles should be banned, not security tools like the Flipper Zero (saveflipper.ca)
in [email protected] from [email protected] on 27 Feb 2024 16:46
comments (11)

Security List (security-list.js.org)
in [email protected] from [email protected] on 26 Feb 2024 10:17
comments (2)

Things that have been happening to me too often lately
in [email protected] from [email protected] on 23 Feb 2024 20:04
comments (7)

If the Internet where to be redesigned, what would you change to improve security?
in [email protected] from [email protected] on 18 Feb 2024 18:50
comments (5)

Why Bloat Is Still Software’s Biggest Vulnerability (spectrum.ieee.org)
in [email protected] from [email protected] on 15 Feb 2024 14:47
comments (0)

This iOS Trojan Is Harvesting Facial-Recognition Data (www.pcmag.com)
in [email protected] from [email protected] on 15 Feb 2024 12:41
comments (3)

Critical Outlook RCE with CVSS3.1 (badness) score of 9.8 (infosec.exchange)
in [email protected] from [email protected] on 15 Feb 2024 03:06
comments (0)

Twilio Authy Desktop app, new death date
in [email protected] from [email protected] on 13 Feb 2024 19:21
comments (3)

Nearly half the French population have data nabbed in massive breach (www.theregister.com)
in [email protected] from [email protected] on 12 Feb 2024 09:24
comments (4)

Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade (thehackernews.com)
in [email protected] from [email protected] on 08 Feb 2024 13:55
comments (1)

Linux Foundation Launches Initiative to Advance Post-Quantum Cryptography | L... (linuxsecurity.com)
in [email protected] from [email protected] on 08 Feb 2024 00:00
comments (1)

GitHub - MISP/MISP: MISP (core software) - Open Source Threat Intelligence and Sharing Platform (github.com)
in [email protected] from [email protected] on 07 Feb 2024 15:32
comments (0)

GitHub - arkime/arkime: Arkime is an open source, large scale, full packet capturing, indexing, and database system. (github.com)
in [email protected] from [email protected] on 07 Feb 2024 15:29
comments (0)

Critical vulnerability affecting most Linux distros allows for bootkits (arstechnica.com)
in [email protected] from [email protected] on 07 Feb 2024 15:04
comments (0)

Netherlands reveals Chinese spies attacked its defense dept (www.theregister.com)
in [email protected] from [email protected] on 06 Feb 2024 20:01
comments (3)

Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data (thehackernews.com)
in [email protected] from [email protected] on 06 Feb 2024 19:56
comments (1)

AnyDesk revokes certs, passwords after IT security breach (www.theregister.com)
in [email protected] from [email protected] on 05 Feb 2024 22:12
comments (2)

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware (thehackernews.com)
in [email protected] from [email protected] on 05 Feb 2024 22:05
comments (0)

Leaky Vessels flaws allow hackers to escape Docker, runc containers (www.bleepingcomputer.com)
in [email protected] from [email protected] on 05 Feb 2024 22:01
comments (5)

Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan (thehackernews.com)
in [email protected] from [email protected] on 05 Feb 2024 11:04
comments (1)

XOrg Server and Xwayland Patched Against Multiple Security Vulnerabilities | ... (linuxsecurity.com)
in [email protected] from [email protected] on 05 Feb 2024 11:03
comments (0)

Breaking Bitlocker - Bypassing the Windows Disk Encryption (www.youtube.com)
in [email protected] from [email protected] on 04 Feb 2024 23:11
comments (0)

Tools from EFF's Tech Team (www.eff.org)
in [email protected] from [email protected] on 03 Feb 2024 08:00
comments (0)

Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign (thehackernews.com)
in [email protected] from [email protected] on 02 Feb 2024 00:33
comments (1)

Gitleaks review (repository search for secrets and keys) (linuxsecurity.expert)
in [email protected] from [email protected] on 02 Feb 2024 00:24
comments (2)

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware (thehackernews.com)
in [email protected] from [email protected] on 01 Feb 2024 17:22
comments (0)

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover (github.com)
in [email protected] from [email protected] on 01 Feb 2024 16:28
comments (0)

At least 30 journalists, lawyers and activists hacked with Pegasus in Jordan, forensic probe finds (apnews.com)
in [email protected] from [email protected] on 01 Feb 2024 11:55
comments (1)

Defending against the Attack of the Clone[d website]s! (blog.thinkst.com)
in [email protected] from [email protected] on 31 Jan 2024 18:48
comments (1)

Ntopng review (linuxsecurity.expert)
in [email protected] from [email protected] on 31 Jan 2024 13:26
comments (0)

Root access vulnerability in glibc library impacts many Linux distros (securityaffairs.com)
in [email protected] from [email protected] on 31 Jan 2024 11:17
comments (3)

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite (thehackernews.com)
in [email protected] from [email protected] on 30 Jan 2024 17:01
comments (0)

Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats (thehackernews.com)
in [email protected] from [email protected] on 29 Jan 2024 18:30
comments (0)

Cve-search review (local CVE and CPE database) (linuxsecurity.expert)
in [email protected] from [email protected] on 29 Jan 2024 18:12
comments (0)

Perfecting the Defense-in-Depth Strategy with Automation (thehackernews.com)
in [email protected] from [email protected] on 28 Jan 2024 19:37
comments (0)

Linux Kernel 6.7 Released with Various Security Improvements | LinuxSecurity.com (linuxsecurity.com)
in [email protected] from [email protected] on 27 Jan 2024 20:27
comments (0)

The Parrot OS 6.0 Release: Empowering Ethical Hackers with Cutting-edge Tools... (linuxsecurity.com)
in [email protected] from [email protected] on 27 Jan 2024 20:26
comments (2)

The Linux Threat Landscape Report - Security News (www.trendmicro.com)
in [email protected] from [email protected] on 27 Jan 2024 17:52
comments (0)

In major gaffe, hacked Microsoft test account was assigned admin privileges (arstechnica.com)
in [email protected] from [email protected] on 27 Jan 2024 06:54
comments (3)

BusKill Warrant Canary #007 🕵️ (www.buskill.in)
in [email protected] from [email protected] on 21 Jan 2024 17:45
comments (0)

Apple iMessage Soundly Beaten As Powerful New Update Suddenly Leaks (www.forbes.com)
in [email protected] from [email protected] on 15 Jan 2024 20:57
comments (1)

Widespread Weak Keys in Network Devices - factorable.net (factorable.net)
in [email protected] from [email protected] on 14 Jan 2024 23:39
comments (0)

Organic maps which claims to be ad-free was marked by F-Droid as “Containing ads”
in [email protected] from [email protected] on 13 Jan 2024 21:33
comments (3)

Hackers can infect network-connected wrenches to install ransomware (arstechnica.com)
in [email protected] from [email protected] on 09 Jan 2024 15:08
comments (2)

BlockThreat Newsletter - 2023 Week 52 (youtube.com)
in [email protected] from [email protected] on 06 Jan 2024 12:40
comments (0)

Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords (blog.redteam-pentesting.de)
in [email protected] from [email protected] on 03 Jan 2024 15:07
comments (1)

Mobile reverse engineering to empower the gig economy workers and labor unions (media.ccc.de)
in [email protected] from [email protected] on 02 Jan 2024 13:54
comments (0)

It is possible to extract encryption keys by recording coil whine with a phone next to the computer (2013 paper) (web.archive.org)
in [email protected] from [email protected] on 01 Jan 2024 09:00
comments (7)

Comcast Xfinity data breach affects over 35 million people (www.theverge.com)
in [email protected] from [email protected] on 31 Dec 2023 14:47
comments (2)

Unicode tricks in pull requests: Do review tools warn us? (semanticdiff.com)
in [email protected] from [email protected] on 19 Dec 2023 13:14
comments (0)

How worried should we be about the “AutoSpill” credential leak in Android password managers? (arstechnica.com)
in [email protected] from [email protected] on 13 Dec 2023 15:33
comments (1)

Insecure Password allowed Administrative Access to Electric Vehicle Chargers (industrydecarbonization.com)
in [email protected] from [email protected] on 04 Dec 2023 18:16
comments (4)

How do you manage your different encrypted files/storages?
in [email protected] from [email protected] on 27 Nov 2023 08:52
comments (1)

Intel fixes high-severity CPU bug that causes “very strange behavior” (arstechnica.com)
in [email protected] from [email protected] on 14 Nov 2023 21:04
comments (1)

Q3'23 ThinkstScapes info sec research review (s3.eu-west-1.amazonaws.com)
in [email protected] from [email protected] on 14 Nov 2023 15:35
comments (0)

Warning: New Outlook sends passwords, mails and other data to Microsoft (mailbox.org)
in [email protected] from [email protected] on 10 Nov 2023 20:31
comments (0)

Flipper Zero gadget that DoSes iPhones takes once-esoteric attacks mainstream. No cure yet for a popular iPhone attack, except for turning off Bluetooth. (arstechnica.com)
in [email protected] from [email protected] on 02 Nov 2023 11:20
comments (1)

A HIDS written in Python (github.com)
in [email protected] from [email protected] on 31 Oct 2023 10:56
comments (0)

Microsoft Account's OAuth tokens leaking via open redirect in Harvest App" (eval.blog)
in [email protected] from [email protected] on 22 Oct 2023 14:01
comments (0)

"[31m"?! ANSI Terminal security in 2023 and finding 10 CVEs (dgl.cx)
in [email protected] from [email protected] on 21 Oct 2023 18:07
comments (0)