⚠️ VULNERABILITY DISCLOSURE 3[−]
23 NovNearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi NetworksRecent research has revealed that a Russian advanced persistent threat (APT) group, tracked as “GruesomeLarch” (also known as APT28, Fancy Bear, or Forest Blizzard), has unveiled a novel attack technique dubbed the “Nearest Neighbor Attack.” Leveraging com…GBHACKERS.COM
23 NovPhishmas Alert: Tackling Holiday Season Cyber Threats: Cyber Security Today Weekend November 23, 2024Phishmas Alert: Tackling Holiday Season Cyber Threats In this episode of Cybersecurity Today, the weekend show, the host is joined by guest David Shipley to discuss the rise in phishing activities during the holiday season, humorously dubbed 'Phishmas.' They delve into the psycho…CYBERSECURITYTODAY.LIBSYN.COM
23 NovUnpatched VPNs: The Hidden Danger Nobody Talks About!Think your VPN has you covered? Hackers are targeting unpatched VPN appliances, exploiting old vulnerabilities that organizations fail to fix. 😱 Learn why keeping your VPN updated is critical to your security and how attackers are finding ways to break in! Don’t let outdated safe…YOUTUBE.COM
📢 SECURITY ADVISORIES 1[−]
23 NovThe Technology the Trump Administration Could Use to Hack Your Phonesubmitted by jaromil to cybersecurity 2 points | 1 comments https://www.newyorker.com/news/news-desk/the-technology-the-trump-administration-could-use-to-hack-your-phone cross-posted from: fed.dyne.org/post/315914SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 3[−]
23 NovAndrew Tate's The Real World breached.submitted by Joker to cybersecurity 0 points | 0 comments https://ddosecrets.com/article/andrew-tate-s-the-real-worldINFOSEC.PUB
23 NovGoogle Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News SitesGovernment agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Ind…THEHACKERNEWS.COM
23 NovEmail & Internet: The Cybersecurity Risks You’re Ignoring!Did you know that email and internet access are two of the biggest security risks in any workplace? No matter how advanced our tools get, human error remains the weakest link in cybersecurity. Watch to learn why regular training is crucial to protect against cyber threats and how…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 5[−]
23 NovChina Wiretaps Americans in 'Worst Hack in Our Nation's History'submitted by floofloof to cybersecurity 1 points | 0 comments https://gizmodo.com/china-wiretaps-americans-in-worst-hack-in-our-nations-history-2000528424 cross-posted from: lemmy.zip/post/26768429 America’s aging infrastructure seems to be the culprit.SH.ITJUST.WORKS
23 NovNorth Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedInThe North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat …THEHACKERNEWS.COM
23 NovBSides Munich 2024 - 8-Bit Editionsubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/6271b17a-c306-458f-a33f-16da6ac9b479.png BSidesMunich is the premiere, independently organized computer security event in the Munich, Germany area, bringing together both local and internati…INFOSEC.PUB
23 NovWireshark 4.4.2 Released, (Sat, Nov 23rd)Wireshark release 4.4.2 fixes 2 vulnerabilities and 33 bugs.
ISC.SANS.EDU
23 NovDecrypting a PDF With a User Password, (Sat, Nov 23rd)In diary entry " Analyzing an Encrypted Phishing PDF ", I decrypted a phishing PDF document. Because the PDF was encrypted for DRM (owner password), I didn&#;x26;#;39;t have to provide a password.
ISC.SANS.EDU
🌐 CYBER THREAT LANDSCAPE 1[−]
23 NovHackers abuse Avast anti-rootkit driver to disable defensesA new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 6[−]
23 NovMeet three incoming EU lawmakers in charge of key tech policy areasThe European Union looks to have clinched political agreement on the team of 26 commissioners who will be implementing President Ursula von der Leyen’s policy plan for the next five years. A final vote is still pending next week, but on Thursday, Politico’s Brussels P…TECHCRUNCH.COM
23 NovThe rise and fall of the ‘Scattered Spider’ hackersThe prolific hacking group broke into Caesars Entertainment, Coinbase, DoorDash, Mailchimp, Riot Games, Twilio (twice), and dozens more. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
23 NovMicrosoft's Update: Install It—Wait, Nevermind! 🤔Microsoft told everyone to install the November 2024 Exchange Server patch immediately—then paused it hours later! 😱 The patch was meant to secure on-premises and hybrid email servers, but it caused major issues, including stopping data loss protection rules. What does this mean …YOUTUBE.COM
23 NovCybersecurity Explained for Non-Techies - With a Twist!Ever felt lost when someone talks about cybersecurity? 😅 We’ve all been there! In this short, we break down complex cyber concepts using a fun analogy anyone can understand – a restaurant! 🍽️ It's all about making security relatable, whether you’re running a startup, a small busi…YOUTUBE.COM
23 NovWindows 11 24H2 update blocked on PCs with Assassin's Creed, Star Wars OutlawsMicrosoft is blocking the Windows 11 24H2 update on computers with some Ubisoft games, like Assassin's Creed, Star Wars Outlaws, and Avatar: Frontiers of Pandora, after changes in the operating system cause the games to crash, freeze, or have audio issues. [...]BLEEPINGCOMPUTER.COM
23 NovMicrosoft testing Windows 11 support for third-party passkeysMicrosoft is now testing WebAuthn API updates that add support for support for using third-party passkey providers for Windows 11 passwordless authentication. [...]BLEEPINGCOMPUTER.COM