Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31294 bookmarks
Custom sorting
WinRAR Fixed A Zero-Day Flaw Exploited By RomCom
WinRAR Fixed A Zero-Day Flaw Exploited By RomCom
RomCom hackers group exploited the WinRAR zero-day in spearphishing attacks to deliver backdoors. WinRAR fixed the flaw with v.7.13.
·latesthackingnews.com·
WinRAR Fixed A Zero-Day Flaw Exploited By RomCom
Microsoft asks users to ignore certificate enrollment errors
Microsoft asks users to ignore certificate enrollment errors
Microsoft has asked customers this week to disregard incorrect CertificateServicesClient (CertEnroll) errors that appear after installing the July 2025 preview update and subsequent Windows 11 24H2 updates.
·bleepingcomputer.com·
Microsoft asks users to ignore certificate enrollment errors
Black Hat Fireside Chat: Automation takes center stage as TLS lifespans grow ever shorter
Black Hat Fireside Chat: Automation takes center stage as TLS lifespans grow ever shorter
The countdown is on for security teams still managing digital certificates with spreadsheets and manual workarounds. Related: Preparing for the quantum future Starting in 2026, TLS certificate lifespans will begin dropping sharply — from 398 days to just 47 by 2029. That shift isn’t just a technical nuance. It’s a foundational disruption to how enterprises
·lastwatchdog.com·
Black Hat Fireside Chat: Automation takes center stage as TLS lifespans grow ever shorter
What Is CCNP Security and Why Take It? The Definitive Guide
What Is CCNP Security and Why Take It? The Definitive Guide
What is the CCNP Security certification? Why should you consider taking it to level up in your cyber security career? Read this article to learn more.
·stationx.net·
What Is CCNP Security and Why Take It? The Definitive Guide
How to Secure and Manage Virtualized IT Environments | CSA
How to Secure and Manage Virtualized IT Environments | CSA
The flexibility and scalability of virtualization comes with significant risks if security and management practices are not modernized accordingly.
·cloudsecurityalliance.org·
How to Secure and Manage Virtualized IT Environments | CSA
St. Paul’s Mayor Confirms Interlock Data Leak
St. Paul’s Mayor Confirms Interlock Data Leak
Mayor of St. Paul, Minnesota, Melvin Carter, confirmed that employee data was published online by the Interlock ransomware gang
·infosecurity-magazine.com·
St. Paul’s Mayor Confirms Interlock Data Leak
SIGINT During World War II - Schneier on Security
SIGINT During World War II - Schneier on Security
The NSA and GCHQ have jointly published a history of World War II SIGINT: “Secret Messengers: Disseminating SIGINT in the Second World War.” This is the story of the British SLUs (Special Liaison Units) and the American SSOs (Special Security Officers).
·schneier.com·
SIGINT During World War II - Schneier on Security
Cloudflare Blames Perplexity Of Stealth Data Scraping
Cloudflare Blames Perplexity Of Stealth Data Scraping
Cloudflare found Perplexity using undeclared crawlers and generic browsers for scraping data, even when websites disallow crawlers.
·latesthackingnews.com·
Cloudflare Blames Perplexity Of Stealth Data Scraping
US Authorities Seize $1m from BlackSuit Ransomware Group
US Authorities Seize $1m from BlackSuit Ransomware Group
The US Department of Justice has announced the seizure of domains, servers and $1m in proceeds from the BlackSuit ransomware group
·infosecurity-magazine.com·
US Authorities Seize $1m from BlackSuit Ransomware Group
Hackers leak Allianz Life data stolen in Salesforce attacks
Hackers leak Allianz Life data stolen in Salesforce attacks
Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks.
·bleepingcomputer.com·
Hackers leak Allianz Life data stolen in Salesforce attacks
Claude gets 1M tokens support via API to take on Gemini 2.5 Pro
Claude gets 1M tokens support via API to take on Gemini 2.5 Pro
Claude Sonnet 4 has been upgraded, and it can now remember up to 1 million tokens of context, but only when it's used via API. This could change in the future.
·bleepingcomputer.com·
Claude gets 1M tokens support via API to take on Gemini 2.5 Pro
Microsoft Patch Tuesday, August 2025 Edition
Microsoft Patch Tuesday, August 2025 Edition
Microsoft today released updates to fix more than 100 security flaws in its Windows operating systems and other software. At least 13 of the bugs received Microsoft's most-dire "critical" rating, meaning they could be abused by malware or malcontents to…
·krebsonsecurity.com·
Microsoft Patch Tuesday, August 2025 Edition
OpenAI rolls out Gmail, Calendar, and Contacts integration in ChatGPT
OpenAI rolls out Gmail, Calendar, and Contacts integration in ChatGPT
OpenAI wants ChatGPT to know more about you, including your emails, calendar events in Google Calendar and even your Google contacts to reference everything in a conversation.
·bleepingcomputer.com·
OpenAI rolls out Gmail, Calendar, and Contacts integration in ChatGPT
Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as “critical”.   In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the wild. Out of 13 "critical" entries, 9 are remote code execution (RCE) vulnerabilities in Microsoft Windows services and applications including the Windows kernel, Microsoft Message Queuing (MSMQ), Win
·blog.talosintelligence.com·
Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C#, which we are referring to as “PS1Bot.”
·blog.talosintelligence.com·
Malvertising campaign leads to PS1Bot, a multi-stage malware framework