23174
🗞 The finest daily news on cybersecurity and privacy. 🔔 Daily releases. 💻 Is your online life secure? 📩 lalilolalo.dev@gmail.com
🛠 Zeek 6.0.7 🛠Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and openscience communities. This is the source code release.
📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
🦿 2024 Exposed: The Alarming State of Australian Data Breaches 🦿Implementing multifactor authentication, supplier riskmanagement frameworks, and staff security training could help to reduce data breaches.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ RomCom Malware Resurfaces With SnipBot Variant 🕵️♂️The latest version of the evolving threat is a multistage attack demonstrating a move away from ransomware to purely espionage activities, typically targeting Ukraine and its supporters.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 Keeper Security names James Edwards as senior director of engineering 📢Edwards will leverage his industry experience to help drive the firms privileged access management PAM offering.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📢 Customer Stories - south west London integrated care board security assessment. 📢The rise in attacks has prompted trusts to check the health of their cyber security infrastructure and practices.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Meet UNC1860: Iran's Low-Key Access Broker for State Hackers 🕵️♂️The group has used more than 30 custom tools to target highvalue government and telecommunications organizations on behalf of Iranian intelligence services, researchers say.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Kaspersky Rolls Back for US Customers, Makes Way for UltraAV 🕵️♂️Some users complain they had no idea the switch would be automatic on their devices, vowing to uninstall the unwanted antivirus software.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Mastercard's Bet on Recorded Future a Win for Cyber Threat Intel 🕵️♂️The 2.65B buy validates the growing importance of threat intelligence to enterprise security strategies.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Commerce Dept. Proposes Ban on Automotive Software & Hardware From China, Russia 🕵️♂️After launching an investigation in February into vehicles made by foreign adversaries, the Biden administration is finally making its move in the name of national security.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📔 Russian Cyber-Attacks Home in on Ukraine’s Military Infrastructure 📔An overall rise in cyber incidents coming from Russianaligned adversaries in 2024 was accompanied by a decrease in high and criticalseverity incidents.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls 🖋️Popular social messaging platform Discord has announced that it's rolling out a new custom endtoend encrypted E2EE protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discord's audio and video endtoend encryption "E2EE AV". As part of the change introduced last week, voice and video in DMs, Group DMs, voice channels, and Go Live streams are expected to.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Why 'Never Expire' Passwords Can Be a Risky Decision 🖋️Password resets can be frustrating for end users. Nobody likes being interrupted by the time to change your password notification and they like it even less when the new passwords they create are rejected by their organizations password policy. IT teams share the pain, with resetting passwords via service desk tickets and support calls being an everyday burden. Despite this, its commonly.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🛠 Faraday 5.7.0 🛠Faraday is a tool that introduces a new concept called IPE, or Integrated PenetrationTest Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to reuse the available tools in the community to take advantage of them in a multiuser way.
📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Data Security Posture Management: Accelerating Time to Value 🕵️♂️Data discovery and classification are foundational for data security, data governance, and data protection.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 UK, US, and Canadian defense agencies team up to drive cybersecurity research 📢The trio confirmed plans to collaborate on AI and cybersecurity technology development.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🦿 How to Create an Effective Cybersecurity Awareness Program 🦿Cybersecurity awareness training is educational content designed to teach employees how to recognize cyberattacks and prevent or mitigate them. Given that human elements play a role in almost threequarters 74 of all data breaches, teaching people how to stop a cyberattack instead of contributing to it through cybersecurity awareness training can reap major dividends for ...
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🦿 Microsoft Initiative the ‘Largest Cybersecurity Engineering Effort in History’ 🦿The Secure Future Initiative was created around the same time the U.S. Cyber Safety Review Board chided Redmond for having a poor security culture.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Managing Cyber-Risk Is No Different Than Managing Any Business Risk 🕵️♂️A sound cyberrisk management strategy analyzes all the business impacts that may stem from an attack and estimates the related costs of mitigation versus the costs of not taking action.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 Hackers claim fresh Dell data breach just days after the company confirms probe into employee info leak 📢In what could be the second Dell data breach in the space of a week, hackers claim to have accessed 3.5GB of company data.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📢 100 million Americans just had their personal information leaked in the massive MC2 Data breach 📢A security lapse at background check firm MC2 Data is a goldmine for cyber criminals, researchers warned.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Microsoft Trims Cloud Cyberattack Surface in Security Push 🕵️♂️The company has jettisoned hundreds of thousands of unused apps and millions of unused tenants as part of its Secure Future Initiative.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Target Practice: Honing Critical Skills on Cyber Ranges 🕵️♂️Cyber ranges are a great way for cyber professionals to keep up on emerging threats and new technologies while having a little fun.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📔 Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox 📔Kryptina, a free RansomwareasaService tool available on dark web forums, is now being used by Mallox ransomware affiliates.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🌊 Strong Middle Frontend Developer 🌊The post Strong Middle Frontend Developer appeared first on UnderDefense.
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
📔 Vulnerabilities Found in Popular Houzez Theme and Plugin 📔The flaws are dangerous as the Houzez theme and Login Register plugin could allow privilege escalation by unauthenticated users.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk 🖋️A critical security flaw has been disclosed in the Microchip Advanced Software Framework ASF that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE20247490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a stackbased overflow vulnerability in ASF's implementation of the tinydhcp server stemming from a lack of.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 16-22) 🖋️Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud configurations had its share of drama. Let's dive into the details and see what lessons we can glean.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 What Is Threat Hunting In Cybersecurity? 🦿Cyber threat hunting involves taking proactive measures to detect potential threats or malicious activities. Learn about threathunting techniques and how they work.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📢 Exploring modern data security and management: Multi-cloud data protection and recovery 📢Exploring modern data security and management Multicloud data protection and recovery.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📢 Best practices series: Implementing advanced threat detection 📢Best practices series Implementing advanced threat detection.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity