Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30551 bookmarks
Custom sorting
How attackers are still phishing "phishing-resistant" authentication
How attackers are still phishing "phishing-resistant" authentication
Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth tricks to sneak past modern MFA. See how Push Security shuts them down.
·bleepingcomputer.com·
How attackers are still phishing "phishing-resistant" authentication
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
FBI Dallas has seized almost 23 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked to cyberattacks and extortion payments from Texas companies.
·bleepingcomputer.com·
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
Homoglyph Attacks & Domain Squatting | CSA
Homoglyph Attacks & Domain Squatting | CSA
Learn how homoglyph attacks work, why they’re a growing concern for major brands, and how DNS Posture Management defends against these invisible threats.
·cloudsecurityalliance.org·
Homoglyph Attacks & Domain Squatting | CSA
Insights from Talos IR: Navigating NIS2 technical implementation
Insights from Talos IR: Navigating NIS2 technical implementation
ENISA’s 2025 NIS2 guidance makes compliance more complex, but Talos IR's services directly align with new requirements for reporting, logging and incident response.
·blog.talosintelligence.com·
Insights from Talos IR: Navigating NIS2 technical implementation
CompTIA A+ Cheat Sheet (Updated for Latest Exam)
CompTIA A+ Cheat Sheet (Updated for Latest Exam)
If you’re aiming for the best head start into the IT industry, use our comprehensive CompTIA A+ cheat sheet to ace your exam and launch your IT career.
·stationx.net·
CompTIA A+ Cheat Sheet (Updated for Latest Exam)
Windows XP, vétusté, mot de passe… la cyberattaque d’Aeroflot tourne à l’absurde
Windows XP, vétusté, mot de passe… la cyberattaque d’Aeroflot tourne à l’absurde
Depuis le 28 juillet, la compagnie aérienne russe Aeroflot connaît d'importantes perturbations. La faute à une cyberattaque revendiquée par des hackers ukrainiens et biélorusses. En attendant un retour à la normale, les pirates ne se privent pas de jubiler, en publiant des détails étonnants sur la manière dont ils
·numerama.com·
Windows XP, vétusté, mot de passe… la cyberattaque d’Aeroflot tourne à l’absurde
Gateway security guidance package: Gateway operations and management | Cyber.gov.au
Gateway security guidance package: Gateway operations and management | Cyber.gov.au
This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.
·cyber.gov.au·
Gateway security guidance package: Gateway operations and management | Cyber.gov.au
Gateway security guidance package: Gateway technology guides | Cyber.gov.au
Gateway security guidance package: Gateway technology guides | Cyber.gov.au
This guidance is one part of a package of documents that forms the gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.
·cyber.gov.au·
Gateway security guidance package: Gateway technology guides | Cyber.gov.au
Gateway security guidance package: Executive guidance | Cyber.gov.au
Gateway security guidance package: Executive guidance | Cyber.gov.au
The purpose of this guidance is to inform decision-makers at the executive level of their responsibilities, the appropriate considerations needed to make informed risk-based decisions, and to meet policy obligations when leading the design or consumption of their organisation’s gateway services.
·cyber.gov.au·
Gateway security guidance package: Executive guidance | Cyber.gov.au
Lovense sex toy app flaw leaks private user email addresses
Lovense sex toy app flaw leaks private user email addresses
The connected sex toy platform Lovense is vulnerable to a zero-day flaw that allows an attacker to get access to a member's email address simply by knowing their username, putting them at risk of doxxing and harassment.
·bleepingcomputer.com·
Lovense sex toy app flaw leaks private user email addresses
MY TAKE: The signal vs. the noise: email messaging in the era of my AI talking to your AI
MY TAKE: The signal vs. the noise: email messaging in the era of my AI talking to your AI
Not long ago, I found myself staring at a reply that could’ve come from a bot. Related: Microsoft purges 'knowledge workers' It was a polite follow-up from a PR rep reiterating a pitch I had already acknowledged — and responded to with a thoughtful, clearly outlined counter-offer. My reply wasn’t off-the-shelf. It was a handcrafted
·lastwatchdog.com·
MY TAKE: The signal vs. the noise: email messaging in the era of my AI talking to your AI
Tea app leak worsens with second database exposing user chats
Tea app leak worsens with second database exposing user chats
The Tea app data breach has grown into an even larger leak, with the stolen data now shared on hacking forums and a second database discovered that allegedly contains 1.1 million private messages exchanged between the app's members.
·bleepingcomputer.com·
Tea app leak worsens with second database exposing user chats