Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31279 bookmarks
Custom sorting
CRITICAL INSIGHT Q&A: The high-stakes push to safeguard ‘FirstNet’ broadband spectrum
CRITICAL INSIGHT Q&A: The high-stakes push to safeguard ‘FirstNet’ broadband spectrum
First responders have long depended on calling for backup and clearing the airwaves. Since its launch in 2018, FirstNet—America’s public safety broadband network—has become indispensable. Related: The FirstNet petition With over 7.5 million connections, support for more than 30,000 agencies, and an estimated $8 billion economic impact in 2023, FirstNet has proven its value not
·lastwatchdog.com·
CRITICAL INSIGHT Q&A: The high-stakes push to safeguard ‘FirstNet’ broadband spectrum
Eavesdropping on Phone Conversations Through Vibrations - Schneier on Security
Eavesdropping on Phone Conversations Through Vibrations - Schneier on Security
Researchers have managed to eavesdrop on cell phone voice conversations by using radar to detect vibrations. It’s more a proof of concept than anything else. The radar detector is only ten feet away, the setup is stylized, and accuracy is poor. But it’s a start.
·schneier.com·
Eavesdropping on Phone Conversations Through Vibrations - Schneier on Security
Wazuh for Regulatory Compliance
Wazuh for Regulatory Compliance
Wazuh unifies SIEM/XDR to streamline PCI DSS, GDPR, HIPAA, and NIST compliance, reducing risks and fines.
·thehackernews.com·
Wazuh for Regulatory Compliance
Here’s what could happen if CISA 2015 expires next month | CyberScoop
Here’s what could happen if CISA 2015 expires next month | CyberScoop
Expiration of a 2015 law could dramatically reduce cyber threat information sharing within industry, as well as between companies and the federal government, almost to the point of eliminating it.
·cyberscoop.com·
Here’s what could happen if CISA 2015 expires next month | CyberScoop
By gutting its cyber staff, State Department ignores congressional directives | CyberScoop
By gutting its cyber staff, State Department ignores congressional directives | CyberScoop
The State Department’s recent restructuring has undermined U.S. cyber diplomacy by dissolving the Bureau of Cyberspace and Digital Policy, dispersing expertise, and weakening America’s ability to respond to global cyber threats.
·cyberscoop.com·
By gutting its cyber staff, State Department ignores congressional directives | CyberScoop
DoJ seizes $2.8M linked to Zeppelin Ransomware
DoJ seizes $2.8M linked to Zeppelin Ransomware
DoJ seized $2.8M in crypto from Ianis Antropenko, indicted in Texas and tied to the defunct Zeppelin ransomware.
·securityaffairs.com·
DoJ seizes $2.8M linked to Zeppelin Ransomware
Human resources firm Workday disclosed a data breach
Human resources firm Workday disclosed a data breach
Human resources firm Workday disclosed a data breach after attackers accessed a third-party CRM platform via social engineering.
·securityaffairs.com·
Human resources firm Workday disclosed a data breach
Workday Reveals CRM Breach
Workday Reveals CRM Breach
Workday has revealed a breach of its third-party CRM systems in what could be the latest ShinyHunters attack
·infosecurity-magazine.com·
Workday Reveals CRM Breach
OpenAI releases warmer GPT-5 personality, but only for non thinking model
OpenAI releases warmer GPT-5 personality, but only for non thinking model
OpenAI has confirmed it has begun rolling out a new warmer personality for GPT-5, but remember that it won't be as warm as GPT-4o, which is still available for use under legacy models.
·bleepingcomputer.com·
OpenAI releases warmer GPT-5 personality, but only for non thinking model
HR giant Workday discloses data breach amid Salesforce attacks
HR giant Workday discloses data breach amid Salesforce attacks
Human resources giant Workday has disclosed a data breach after attackers gained access to a third-party customer relationship management (CRM) platform in a recent social engineering attack.
·bleepingcomputer.com·
HR giant Workday discloses data breach amid Salesforce attacks
Xerox fixed path traversal and XXE bugs in FreeFlow Core
Xerox fixed path traversal and XXE bugs in FreeFlow Core
Xerox patched two serious flaws in FreeFlow Core, path traversal and XXE injection, that allowed unauthenticated remote code execution.
·securityaffairs.com·
Xerox fixed path traversal and XXE bugs in FreeFlow Core
Anthropic: Claude can now end conversations to prevent harmful uses
Anthropic: Claude can now end conversations to prevent harmful uses
OpenAI rival Anthropic says Claude has been updated with a rare new feature that allows the AI model to end conversations when it feels it poses harm or is being abused.
·bleepingcomputer.com·
Anthropic: Claude can now end conversations to prevent harmful uses
NordVPN casse le prix de ses abonnements et offre des cartes Amazon en prime
NordVPN casse le prix de ses abonnements et offre des cartes Amazon en prime
NordVPN propose des promotions sur l'ensemble de ses abonnements jusqu’à 73 % de réduction et trois mois offerts avec en bonus des cartes Amazon. Les VPN permettent de naviguer sereinement sur vos appareils connectés. Parmi les fournisseurs disponibles, NordVPN reste encore aujourd'hui l'un des plus utilisés. Le
·numerama.com·
NordVPN casse le prix de ses abonnements et offre des cartes Amazon en prime
security-affairs-malware-newsletter-round-58
security-affairs-malware-newsletter-round-58
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
·securityaffairs.com·
security-affairs-malware-newsletter-round-58
Researcher to release exploit for full auth bypass on FortiWeb
Researcher to release exploit for full auth bypass on FortiWeb
A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication.
·bleepingcomputer.com·
Researcher to release exploit for full auth bypass on FortiWeb
OpenAI is improving ChatGPT voice mode
OpenAI is improving ChatGPT voice mode
ChatGPT's Voice mode is already pretty good, but OpenAI is working on a new feature that will allow you to control how Voice mode actually works.
·bleepingcomputer.com·
OpenAI is improving ChatGPT voice mode
Microsoft Project Ire Automates Malware Classification
Microsoft Project Ire Automates Malware Classification
Microsoft empowers Project Ire with specialized reverse engineering tools, multi-level reasoning for automated threat classification.
·latesthackingnews.com·
Microsoft Project Ire Automates Malware Classification
PXA Python Malware Targets Thousands Of Victims Globally
PXA Python Malware Targets Thousands Of Victims Globally
PXA malware is a potent infostealer that has targeted users across 62 countries to sell stolen data on Telegram-based marketplaces.
·latesthackingnews.com·
PXA Python Malware Targets Thousands Of Victims Globally
Friday Squid Blogging: Squid-Shaped UFO Spotted Over Texas - Schneier on Security
Friday Squid Blogging: Squid-Shaped UFO Spotted Over Texas - Schneier on Security
Here’s the story. The commenters on X (formerly Twitter) are unimpressed. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
·schneier.com·
Friday Squid Blogging: Squid-Shaped UFO Spotted Over Texas - Schneier on Security