Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31297 bookmarks
Custom sorting
Adoption agency leaks over a million records
Adoption agency leaks over a million records
The database contained 1,115,061 records including the names of children, birth parents, adoptive parents, and other potentially sensitive information like case notes.
·malwarebytes.com·
Adoption agency leaks over a million records
Compliance is Falling Behind with Non-Human Identities | CSA
Compliance is Falling Behind with Non-Human Identities | CSA
Every major compliance framework, including PCI DSS, GDPR, and ISO 27001, requires strong access controls. Yet Non-Human Identities (NHIs) are often overlooked.
·cloudsecurityalliance.org·
Compliance is Falling Behind with Non-Human Identities | CSA
Security Vulnerabilities in ICEBlock - Schneier on Security
Security Vulnerabilities in ICEBlock - Schneier on Security
The ICEBlock tool has vulnerabilities: The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being “misguided” about the privacy offered by iOS, and of being an Apple fanboy. The issue isn’t what ICEBlock stores. It’s about what it could accidentally reveal through its tight integration with iOS...
·schneier.com·
Security Vulnerabilities in ICEBlock - Schneier on Security
Comment la Chine a infiltré la Garde Nationale américaine pendant 9 mois
Comment la Chine a infiltré la Garde Nationale américaine pendant 9 mois
Une unité de la Garde nationale américaine a été « massivement » compromise par le groupe de cyberespionnage chinois « Salt Typhoon ». Survenue entre mars et décembre 2024, l'opération aurait permis aux pirates d’accéder à des informations sensibles, compromettant potentiellement la sécurité de multiples
·numerama.com·
Comment la Chine a infiltré la Garde Nationale américaine pendant 9 mois
Microsoft Exposes Scattered Spider’s Latest Tactics
Microsoft Exposes Scattered Spider’s Latest Tactics
Microsoft has reported Scattered Spider continues to evolve tactics to compromise both on-premises infrastructure and cloud environments
·infosecurity-magazine.com·
Microsoft Exposes Scattered Spider’s Latest Tactics
Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.
·thehackernews.com·
Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
Most European Financial Firms Still Lagging on DORA Compliance
Most European Financial Firms Still Lagging on DORA Compliance
A Veeam survey found that 96% of financial services organizations believe their current levels of data resilience falls short of DORA compliance, citing major challenges
·infosecurity-magazine.com·
Most European Financial Firms Still Lagging on DORA Compliance
Co-op confirms data of 6.5 million members stolen in cyberattack
Co-op confirms data of 6.5 million members stolen in cyberattack
UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and caused food shortages in its grocery stores.
·bleepingcomputer.com·
Co-op confirms data of 6.5 million members stolen in cyberattack
Louis Vuitton says regional data breaches tied to same cyberattack
Louis Vuitton says regional data breaches tied to same cyberattack
Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident, which is believed to be linked to the ShinyHunters extortion group.
·bleepingcomputer.com·
Louis Vuitton says regional data breaches tied to same cyberattack