Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31320 bookmarks
Custom sorting
Businesses average 21 AI projects in production
Businesses average 21 AI projects in production
Enterprises plan to expand their portfolios by the end of the year, according to a Rackspace Technology survey.
·cybersecuritydive.com·
Businesses average 21 AI projects in production
McLaren Health Care says data breach impacts 743,000 patients
McLaren Health Care says data breach impacts 743,000 patients
McLaren Health Care is warning 743,000 patients that the health system suffered a data breach caused by a July 2024 attack by the INC ransomware gang.
·bleepingcomputer.com·
McLaren Health Care says data breach impacts 743,000 patients
Primer on Model Context Protocol (MCP) Implementation | CSA
Primer on Model Context Protocol (MCP) Implementation | CSA
Walk through how to build a complete system using the Model Context Protocol (MCP), a framework designed to bridge the gap between LLMs and external tools.
·cloudsecurityalliance.org·
Primer on Model Context Protocol (MCP) Implementation | CSA
Steel giant Nucor confirms hackers stole data in recent breach
Steel giant Nucor confirms hackers stole data in recent breach
Nucor, North America's largest steel producer and recycler, has confirmed that attackers behind a recent cybersecurity incident have also stolen data from the company's network.
·bleepingcomputer.com·
Steel giant Nucor confirms hackers stole data in recent breach
Largest DDoS Attack to Date - Schneier on Security
Largest DDoS Attack to Date - Schneier on Security
It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It speeds up communications by not formally establishing a connection before data is transferred. Unlike the more common Transmission Control Protocol, UDP doesn’t wait for a connection between two computers to be established through a handshake and doesn’t check whether data is properly received by the other party. Instead, it immediately sends data from one machine to another...
·schneier.com·
Largest DDoS Attack to Date - Schneier on Security
Cloud Security: Who Owns the Responsibility? | CSA
Cloud Security: Who Owns the Responsibility? | CSA
Explore how cloud, DevOps, SOC teams share security roles, combat alert fatigue, and work with AI-powered purple teaming for effective threat response.
·cloudsecurityalliance.org·
Cloud Security: Who Owns the Responsibility? | CSA
La double authentification de Gmail n’arrête plus les hackers russes
La double authentification de Gmail n’arrête plus les hackers russes
Des hackers russes, soupçonnés d’appartenir au groupe APT29 (alias Cozy Bear), ont réussi à contourner la double authentification de Gmail sans exploiter de faille technique, mais en visant le maillon faible de la chaîne : l'humain. On fait le point sur cette opération de social engineering d’une rare sophistication
·numerama.com·
La double authentification de Gmail n’arrête plus les hackers russes
WordPress Motors theme flaw mass-exploited to hijack admin accounts
WordPress Motors theme flaw mass-exploited to hijack admin accounts
Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme "Motors" to hijack administrator accounts and gain complete control of a targeted site.
·bleepingcomputer.com·
WordPress Motors theme flaw mass-exploited to hijack admin accounts
Russian hackers bypass Gmail MFA using stolen app passwords
Russian hackers bypass Gmail MFA using stolen app passwords
Russian hackers bypass multi-factor authentication and access Gmail accounts by leveraging app-specific passwords in advanced social engineering attacks that impersonate U.S. Department of State officials.
·bleepingcomputer.com·
Russian hackers bypass Gmail MFA using stolen app passwords
CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup
CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup
CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors' crypto.
·bleepingcomputer.com·
CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup