Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31320 bookmarks
Custom sorting
US nuclear weapons agency hacked in Microsoft SharePoint attacks
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain.
·bleepingcomputer.com·
US nuclear weapons agency hacked in Microsoft SharePoint attacks
« Vous voudriez savoir si c’était vous ? », il se fait pirater son mot de passe et provoque la faillite de son entreprise
« Vous voudriez savoir si c’était vous ? », il se fait pirater son mot de passe et provoque la faillite de son entreprise
En Grande-Bretagne, la saga de la sociĂ©té de transport KNP restera dans les annales comme l’un des plus retentissants effondrements industriels causĂ©s par une cyberattaque. Victime d’un ransomware en 2023, cette entreprise historique, fondĂ©e il y a 158 ans, a étĂ© prĂ©cipitĂ©e dans la faillite à cause d’un mot de passe
·numerama.com·
« Vous voudriez savoir si c’était vous ? », il se fait pirater son mot de passe et provoque la faillite de son entreprise
US nuclear weapons agency reportedly hacked in SharePoint attacks
US nuclear weapons agency reportedly hacked in SharePoint attacks
Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain.
·bleepingcomputer.com·
US nuclear weapons agency reportedly hacked in SharePoint attacks
How to harden your Active Directory against Kerberoasting
How to harden your Active Directory against Kerberoasting
Kerberoasting gives attackers offline paths to crack service account password, without triggering alerts. Learn from Specops Software how to protect your Active Directory with stronger SPN password policies and reduced attack surfaces.
·bleepingcomputer.com·
How to harden your Active Directory against Kerberoasting
CISA warns of hackers exploiting SysAid vulnerabilities in attacks
CISA warns of hackers exploiting SysAid vulnerabilities in attacks
CISA has warned that attackers are actively exploiting two security vulnerabilities in the SysAid IT service management (ITSM) software to hijack administrator accounts.
·bleepingcomputer.com·
CISA warns of hackers exploiting SysAid vulnerabilities in attacks
Ukraine arrests suspected admin of XSS Russian hacking forum
Ukraine arrests suspected admin of XSS Russian hacking forum
The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by the Ukrainian authorities yesterday at the request of the Paris public prosecutor's office.
·bleepingcomputer.com·
Ukraine arrests suspected admin of XSS Russian hacking forum
OpenAI prepares Sora 2 to take on Google's Veo 3
OpenAI prepares Sora 2 to take on Google's Veo 3
OpenAI has had enough of Google's Veo 3 dominating generative AI videos and is now working on Sora 2, the successor to Sora.
·bleepingcomputer.com·
OpenAI prepares Sora 2 to take on Google's Veo 3
What to Expect in the ISO 42001 Certification Process | CSA
What to Expect in the ISO 42001 Certification Process | CSA
Learn what ISO 42001 is, what to expect from the certification process, and practical insights to help you lay a strong foundation for compliance.
·cloudsecurityalliance.org·
What to Expect in the ISO 42001 Certification Process | CSA
« Les donnĂ©es de 340 000 demandeurs d’emploi ont Ă©tĂ© consultĂ©es », ĂȘtes-vous concernĂ© par le nouveau piratage de France Travail ?
« Les donnĂ©es de 340 000 demandeurs d’emploi ont Ă©tĂ© consultĂ©es », ĂȘtes-vous concernĂ© par le nouveau piratage de France Travail ?
Depuis quelques jours, de nombreux inscrits Ă  France Travail ont reçu un courriel inquiĂ©tant : des personnes non autorisĂ©es ont accĂ©dĂ© Ă  leurs donnĂ©es personnelles hĂ©bergĂ©es sur la plateforme. Que s'est-il rĂ©ellement passĂ© ? Qui est concernĂ© ? France Travail a dĂ©roulĂ© la chronologie des faits pour Numerama. L’alerte
·numerama.com·
« Les donnĂ©es de 340 000 demandeurs d’emploi ont Ă©tĂ© consultĂ©es », ĂȘtes-vous concernĂ© par le nouveau piratage de France Travail ?
npm 'accidentally' removes Stylus package, breaks builds and pipelines
npm 'accidentally' removes Stylus package, breaks builds and pipelines
npm has taken down all versions of the Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the package.
·bleepingcomputer.com·
npm 'accidentally' removes Stylus package, breaks builds and pipelines
Suspected XSS Forum Admin Arrested in Ukraine
Suspected XSS Forum Admin Arrested in Ukraine
The individual is accused of numerous illicit cybercrime and ransomware activities that have generated at least $7m in profit
·infosecurity-magazine.com·
Suspected XSS Forum Admin Arrested in Ukraine
STRATEGIC REEL: From guesswork to ground truth — stopping threats before they spread
STRATEGIC REEL: From guesswork to ground truth — stopping threats before they spread
In today’s post-signature world, attackers don’t just break in — they blend in. In this second installment of the Last Watchdog Strategic LinkedIn Reel (LW SLR) series, Corelight CEO Brian Dye delivers a clear-eyed take on how defenders can regain the upper hand with network-derived ground truth. This high-impact reel distills key insights from our
·lastwatchdog.com·
STRATEGIC REEL: From guesswork to ground truth — stopping threats before they spread
Le Escobar Phone était une arnaque : son créateur risque 120 ans de prison
Le Escobar Phone était une arnaque : son créateur risque 120 ans de prison
DĂ©voilĂ© en 2020, le Escobar Fold 2 se prĂ©sentait comme un concurrent du Samsung Galaxy Fold aux couleurs du trafiquant Pablo Escobar. AprĂšs plusieurs polĂ©miques, une extraction et une enquĂȘte internationale, son crĂ©ateur a finalement reconnu avoir conçu une vaste arnaque. Un tĂ©lĂ©phone pliant en hommage Ă  un
·numerama.com·
Le Escobar Phone était une arnaque : son créateur risque 120 ans de prison