Latest CyberSec News by @thecyberpicker

The Federal Trade Commission (FTC) shuttered its case against MGM Resorts International centered on the company’s handling of personal data stolen during a 2023 ransomware attack.

Microsoft has published guidance for users of Microsoft Publisher as it will no longer be supported after October 2026 and removed from Microsoft 365.

​Later this week, the Federal Trade Commission (FTC) will start distributing over $25.5 million in refunds to those misled by tech support companies Restoro and Reimage's scare tactics.

Researchers at phishing defense company Cofense say hackers are spreading a malicious remote access tool through a fake Binance page that offers access to the TRUMP coin.

SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data

Un échange entre Elon Musk et Radosław Sikorski, ministre polonais des Affaires étrangères, a reposé la question de la dépendance de l'Ukraine au réseau Internet satellitaire Starlink. Sur fond de crainte d'une interruption de service, démentie par Elon Musk, l'Europe travaille sur ses alternatives. L'Ukraine

Un groupe d'hacktivistes russes, des hackers militants, a mis en panne les sites de plusieurs départements français. Ces cyberattaques provoquent peu de dégâts réels et visent avant tout à alimenter l’anxiété collective. Plusieurs régions et départements français ont été ciblés ce 10 mars 2025 par un groupe bien

This week on the Lock and Code podcast, we speak with Tim Shott about his attempt to find his location data following a major data breach.

Hackers use polymorphic browser extensions to mimic real add-ons, steal credentials, and hijack accounts. Affects Chrome, Edge, Brave, and more.

Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company's Vulnerability Reward Program (VRP) in 2024.

Telemetry data shows spikes in exploits of CVE-2024-4577 across several countries in recent months.

Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery.

A deep technical dive into the intricacies of instruction emulation within Microsoft's Time Travel Debugging (TTD) framework.

A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems

Ma boîte mail est-elle réellement sécurisée ? Puis-je faire confiance à mon client mail pour protéger mes données et mes intérêts ? Des questions légitimes que tout le monde, surtout les professionnels, devraient se poser. Si les applications de messagerie mobile comme WhatsApp, Telegram ou Facebook Messenger restent

Quantum computing threatens to break traditional encryption, putting sensitive data at risk. Learn more from Specops Software about the risks of quantum computing and how to prepare for them.

The CEK domain of the Cloud Controls Matrix helps protect data through cryptography & key management techniques, ensuring compliance with encryption standards.

A new AsyncRAT malware variant has infected 900 victims in MENA via Facebook ads and Telegram links.

Microsoft has removed a compatibility hold that prevented some AutoCAD users from installing the Windows 11 2024 Update due to launch and crash issues.

The Alan Turing institute urged government and academia to address systemic cultural and structural security barriers in UK AI research

This week in cybersecurity from the editors at Cybercrime Magazine

Google Workspace security demands a unified approach—eliminate blind spots, automate remediation, and stop threats before they strike.

Microsoft researchers reported that North Korea-linked APT tracked as Moonstone Sleet has employed the Qilin ransomware in limited attacks.

Starting April 2025, Swiss critical infrastructure organizations will have to report cyber-attacks to the country’s authorities within 24 hours of discovery

Compare tcpdump vs Wireshark, two powerful network analysis tools, in our in-depth guide. Discover their key features, strengths, and differences.

NTT Com, filiale de l'opérateur japonais dédiée aux entreprises, a été victime d'une fuite de données depuis son système de distribution...-Cybersécurité

UEBA leverages AI and machine learning to detect insider threats, compromised accounts, and privilege abuse by analyzing behavioral anomalies in real time.

The malware includes four separate backdoors: Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users. The four backdoors: The functions of the four backdoors are explained below: Backdoor 1, which uploads and installs a fake plugin named “Ultra SEO Processor,” which is then used to execute attacker-issued commands ...

Software developer Davis Lu cost his employer hundreds of thousands after deploying malware that caused crashes and failed logins