Cybersecurity
23andMe is in turmoil following last year’s data breach, waning consumer interest and the company’s continual financial decline. TechCrunch looks into where this leaves millions of people’s genetic data and more: <https://flip.it/JkHiFU> #Tech #Technology #23AndMe #Data #CyberSecurity #DataBreach
Brrr… chilly morning here in Norway. But guess who is performing on stage at the Oslo opera? Thanks to the team at Promon for asking me to keynote at #Shieldcon2024 #keynotespeaker #cybersecurity ![Graham cluley presenting](https://lemm.ee/api/v3/image_proxy?url=https%3A%2F%2Ffiles.mastodon.green%2Fmedia_attachments%2Ffiles%2F113%2F316%2F367%2F320%2F707%2F986%2Foriginal%2Fcfb064c0f7551adf.jpeg)
Wir haben im Rahmen des Projektes "Codeanalyse von Open Source Software" (CAOS 3.0) die Passwort-Manager Keepass und Vaultwarden auf ihre Sicherheitseigenschaften überprüft. Dabei wurden bei Vaultwarden zwei Sicherheitslücken mit der Einstufung "hoch" identifiziert. Die Entwickler wurden über kritische Sicherheitslücken informiert, sie haben die Probleme bereits analysiert und reagiert. Mehr Infos dazu 👉 <https://www.bsi.bund.de/dok/1123832> #CAOS #BSI #Cybersecurity #IT-Sicherheit #OpenSource
Security vendors join forces to make #passkeys more portable for everyone <https://bitwarden.com/blog/security-vendors-join-forces-to-make-passkeys-more-portable-for-everyone/> #cybersecurity #FOSS
Are passwords on the way out? Researchers are announcing two projects that will make passkeys easier for organizations to offer — and easier for everyone to use. Read more at @WIRED. #Passwords #Authentication #Cybersecurity #Passkeys #Tech #Technology <https://flip.it/l-yryY>
Ransomware attack leaks social security numbers of over 230,000 Comcast customers. Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/en-us/blog/hotforsecurity/ransomware-attack-leaks-social-security-numbers-of-over-230-000-comcast-customers/> #cybersecurity #databreach #ransomware
Cyberkriminelle nutzen viele Wege, um euch auf dem falschen Fuß zu erwischen. Unsere 10 Basistipps zur Cybersicherheit zeigen, wie ihr eure Daten effektiv schützt und sicher im Netz unterwegs seid. Schaut euch die Tipps an und bleibt immer einen Schritt voraus: <https://www.bsi.bund.de/dok/131398> #ITSecurity #CyberSecurity #Datenschutz #SicherImNetz
My current hardware MFA key is no longer receiving security patches, so I'm in the market for a new one. Here's a list of features I'd like my new hardware MFA key to have, in order of priority: 1. USB-A 2. NFC 3. USB-C 4. Biometric 5. Bluetooth My current MFA key has features 1-3 and 5. Is there a Holy Grail MFA key somewhere out there with all 5 features? I'm already pretty familiar with YubiCo's product lineup, and while I love their security rating and build quality, none of them have more than 2 of the features listed above, so that kinda bums me out. Anyway, let's hear your hardware MFA key recommendations! #MFA #2FA #fido #fido2 #fido3 #NFC #USB #USBc #USBa #Biometric #Fingerprint #YubiCo #YubiKey #Bluetooth #CyberSecurity #InfoSec
Sellafield nuclear site hit with £332,500 fine after 'significant cybersecurity shortfalls' Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/sellafield-nuclear-site-332500-fine-cybersecurity-shortfalls/> #cybersecurity #nuclear
Cyberangriffe sind Realität – welche Notfallkonzepte wir brauchen, erklärt Dr. Dirk Häger auf der #itsa2024 in seinem Vortrag am 23. Oktober in der Speakers' Corner des BSI. 👉 Mehr Infos: <https://www.bsi.bund.de/dok/it-sa> #CyberSecurity #ITSecurity #TeamBSI #itsa
Two Harvard students took Meta’s commercially available Ray Ban smart glasses and built facial recognition software that automatically looks up someone’s face and identifies them, including personal information. Read it at @404mediaco@mastodon.social (Registration may be required). #Meta #SmartGlasses #Cybersecurity #Tech #Technology <https://flip.it/WDXr7Z>
The UN General Assembly recently approved the Pact For the Future, a declaration pledging concrete actions toward a safer, more peaceful, sustainable, and inclusive future. The Pact includes a worldwide commitment to ensure that digital technologies contribute to sustainable development and human rights, while addressing risks like digital divides, #cybersecurity, and misuse of technology. How do you think this will impact you in the next 5-10 years? <https://www.un.org/global-digital-compact/en> #OpenSource #OSS
The FCC announced a $31.5 million settlement with T-Mobile over multiple data breaches that compromised the personal information of millions of U.S. consumers from 2021-2023. More from @BleepingComputer@infosec.exchange. #FCC #TMobile #Cybersecurity #Tech <https://flip.it/MGWkCJ>
FBI warns of sophisticated Iranian hackers targeting personal accounts⤵️ #FBI #cybersecurity #Iran #infosec #hacking <https://cnews.link/iranian-hackers-targeting-personal-accounts/>
Disclosing details of a #vulnerability I discovered 1 year ago: N-able Ecosystem Agent Improper Certificate Validation #CVE_2024_5445 vulnerability leads to #RCE as SYSTEM user. Vulnerability details: <https://sintonen.fi/advisories/n-able-ecosystem-agent-improper-certificate-validation.txt> N-able has rated this vulnerability CVSS 3.8, but the practical impact of this vulnerability is grave as it allows attackers in privileged network position to fully compromise vulnerable systems. While arguing for such low score N-able presentative stated that: "The vulnerability reported does not constitute an RCE, the Ecosystem agent is designed to run installation packages in a privileged context and the agent is doing what it should do when it receives such packages to install over the APIs." I think this is somewhat disingenuous. #infosec #cybersecurity
Critical printing system bugs affect hundreds of thousands of Linux machines⤵️ #Linux #cybersecurity #technology #infosec <https://cnews.link/critical-printing-system-bugs-linux-affected/>
Deepfake Ukrainian diplomat targeted US senator on Zoom call. Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/deepfake-ukrainian-diplomat-targeted-us-senator-on-zoom-call/> #cybersecurity #deepfake
The Irish Data Protection Commission has fined Meta with a $101.5 million penalty after investigating a 2019 security breach in which the company mistakenly stored users' passwords in plain text. Via @Engadget. #Meta #Cybersecurity #Tech #Technology <https://flip.it/ZD45rD>
Security researchers have found a set of vulnerabilities that could allow bad actors to hack into Kia vehicles made after 2013. #Kia #hack #vulnerabilities #CyberSecurity #datasecurity #infosec <https://cnews.link/hackers-could-exploit-kia-vulnerabilities-3/>
Microsoft has discovered a new threat actor that previously operated as an affiliate for other ransomware-as-a-service gangs. #Microsoft #ransomware #CyberAttack #CyberSecurity #infosec <https://cnews.link/former-affiliate-upgrades-and-launches-its-own-attacks-1/>
Gemini, a powerful Google Workspace AI assistant, can be manipulated to produce misleading or malicious unintended responses. #Google #Gemini #AI #CyberSecurity #infosec <https://cnews.link/hidden-prompts-emails-docs-google-gemini-haywire-3/>
Losses from hacks and fraud in the crypto industry decreased significantly in the third quarter of this year compared to Q3 of 2023. #cyrpto #hack #fraud #CyberSecurity #infosec <https://cnews.link/fewer-losses-crypto-hacks-2/>
The US Treasury Department has announced sanctions against several Russian crypto companies. #US #Crypto #CyberSecurity #ransomware #infosec <https://cnews.link/us-sanctions-russian-crypto-exchanges-ransomware-2/>
A group of independent security researchers were able to scan virtually any internet-connected Kia vehicle’s license plate and within seconds gain the ability to track that car’s location, unlock the car, honk its horn, or start its ignition at will. More from @WIRED (Subscription may be required). #Kia #Hack #Tech #Technology #Cybersecurity <https://flip.it/2fswDC>
When UK rail stations' Wi-Fi was defaced by hackers the only casualty was the truth. Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/when-uk-rail-stations-wi-fi-was-defaced-by-hackers-the-only-casualty-was-the-truth/> #cybersecurity #hacking
Handala Hack leaked 60,000 thousand ‘secret emails’ allegedly belonging to Gabriel "Gabi" Ashkenazi and exposed Benny Gantz. #Israeli #dataleak #DataSecurity #CyberSecurity #infosec <https://cnews.link/pro-palestinian-hackers-claim-hacked-israeli-politicians-1/>
Run to the hills! Run to the hills! Pull the communication cord! Oh, hang on... it's just some kids who've defaced a hotspot login page... #cybersecurity #hype
CISA has warned that hackers continue to be capable of compromising industrial control systems using "unsophisticated methods" - suggesting that much more still needs to be done to secure them properly. Meanwhile, hackers claim to have changed chlorine levels at Lebanese water facilities... Read more in my article on the Tripwire blog: <https://www.tripwire.com/state-of-security/cisa-warns-hackers-targeting-industrial-systems-unsophisticated-methods> #cybersecurity #ics #ot #wws
Malicious attackers are trying to capitalize on public interest surrounding charges against the rap star Sean “Diddy” Combs. #hackers #SeanCombs #Malware #CyberSecurity #infosec <https://cnews.link/hackers-hiding-malware-in-fake-deleted-diddy-files-1/>
▪️ @cybernews@infosec.exchange research ▪️ A massive leak has exposed 95 million records belonging to French citizens. #cybersecurity #dataleak #datasecurity #infosec #France <https://cnews.link/french-records-exposed-mysterious-data-hoarder/>
The Donald Trump presidential campaign has been aware of a hack since mid-August. #Trump #hack #Iran #cybersecurity #infosec <https://cnews.link/trump-campaign-hack-iran-ongoing-3/>
MoneyGram is making some progress restoring operations after a full-blown cyberattack incapacitated its networks over the weekend. #MoneyGram #US #cyberattack #cybersecurity #infosec <https://cnews.link/moneygram-cyberattack-outage-unprocessed-payments-3/>
Cybersecurity executives say they are taking legal steps to protect themselves from “unprecedented” pressures of a shifting threat landscape. #AI #CyberSecurity #threats #infosec <https://cnews.link/ai-threats-pushing-cyber-pros-1/>
Cyber Pros need to turbocharge their skills with AI if they want to stay competitive. #AI #hackers #CyberSecurity #infosec <https://cnews.link/ai-makes-ethical-hackers-twice-as-productive-1/>
Two men arrested one month after $230 million of cryptocurrency stolen from a single victim. The men were allegedly less than careful hiding their behaviour - spending $500,000 a night in nightclubs, buying hundreds of bottles of champagne, gifting designer handbags (and even a pink Lamborgini) to random women they bumped into on a night out... Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/two-men-arrested-one-month-after-230-million-of-cryptocurrency-stolen-from-a-single-victim/> #cybersecurity #cryptocurrency
▪️@cybernews research▪️ Popular podcast platform leaks data of tens of millions of its customers⤵️ #dataleak #KukuFM #datasecurity #cybersecurity #infosec <https://cnews.link/kukufm-customer-data-leaked/>
🧪 NEW BETA RELEASES 🧪 📱 iOS 18.1 beta 5 (22B5054e) 📱 iPadOS 18.1 beta 5 (22B5054e) 💻 macOS 15.1 beta 5 (24B5055e) 📺 tvOS 18.1 beta 2(22J5552d) 🥽 visionOS 2.1 beta 2 (22N5553d) ⌚ watchOS 11.1 beta 2 (22R5554e) #apple #cybersecurity #infosec #security #ios
“My weapon of choice? Phishing.” #phishing #CyberAttack #CyberSecurity #datasecurity #infosec <https://cnews.link/combating-phishing-attacks-1/>
▪️ @cybernews@infosec.exchange research ▪️It was revealed that a massive data leak at MC2 Data, a background check firm, affects a staggering amount of US citizens. #US #dataleak #DataSecurity #CyberSecurity #infosec <https://cnews.link/us-mc2-background-check-data-leaked/>
Almost half of cyberattacks in the European Union are denial of service attacks (DDoS). #DDoS #EU #CyberAttack #CyberSecurity #infosec #ransomware <https://cnews.link/ddos-overtakes-ransomware-as-most-active-threat-1/>