Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30551 bookmarks
Custom sorting
Elle aide Pyongyang à générer 17 millions de dollars depuis son salon et écope de 8 ans de prison
Elle aide Pyongyang à générer 17 millions de dollars depuis son salon et écope de 8 ans de prison
Accusée d’avoir sciemment aidé des agents nord-coréens à se faire recruter par de grandes entreprises américaines, Christina Chapman a été condamnée à plus de 8 ans de prison le 24 juillet par un tribunal fédéral. Blanchiment d'argent et usurpation d'identité : retour sur l'épilogue d'un fait divers cyber et
·numerama.com·
Elle aide Pyongyang à générer 17 millions de dollars depuis son salon et écope de 8 ans de prison
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Lenovo is warning about high-severity BIOS flaws that could allow attackers to potentially bypass Secure Boot in all-in-one desktop PC models that use customized Insyde UEFI (Unified Extensible Firmware Interface).
·bleepingcomputer.com·
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Hidden Backdoor Found in ATM Network via Raspberry Pi
Hidden Backdoor Found in ATM Network via Raspberry Pi
A covert ATM attack used a Raspberry Pi to breach bank systems, employing stealthy malware and anti-forensics techniques
·infosecurity-magazine.com·
Hidden Backdoor Found in ATM Network via Raspberry Pi
Palo Alto Networks to acquire CyberArk for $25 billion | CyberScoop
Palo Alto Networks to acquire CyberArk for $25 billion | CyberScoop
Palo Alto Networks has agreed to acquire identity security firm CyberArk for approximately $25 billion, marking the cybersecurity giant's largest acquisition and its formal entry into the identity security market.
·cyberscoop.com·
Palo Alto Networks to acquire CyberArk for $25 billion | CyberScoop
A Business Guide to Protecting PII on Social Media | CSA
A Business Guide to Protecting PII on Social Media | CSA
Steer clear of the dangers of oversharing on social media. This blog offers examples of what can go wrong and easy-to-follow steps on how to do things right.
·cloudsecurityalliance.org·
A Business Guide to Protecting PII on Social Media | CSA
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
AI is reshaping vCISO services—and SMBs are fueling the surge. Cynomi's 2025 report shows 3x adoption growth and major workload drops as MSPs and MSSPs scale cybersecurity like never before. Learn more in the 2025 State of the vCISO Report.
·bleepingcomputer.com·
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
Dropbox tue son gestionnaire de mots de passe, les internautes doivent migrer leurs codes
Dropbox tue son gestionnaire de mots de passe, les internautes doivent migrer leurs codes
Dropbox a pris la décision d'arrêter son aventure du gestionnaire de mots de passe, démarrée en 2020. L'outil sera progressivement coupé dans les mois à venir. Les internautes concernés doivent migrer sans tarder. C'était en 2020. En pleine période de pandémie de coronavirus, et de forte croissance dans le secteur du
·numerama.com·
Dropbox tue son gestionnaire de mots de passe, les internautes doivent migrer leurs codes
Cisco Talos at Black Hat 2025: Briefings, booth talks and what to expect
Cisco Talos at Black Hat 2025: Briefings, booth talks and what to expect
Cisco Talos is back at Black Hat with new research, threat detection overviews and opportunities to connect with our team. Whether you're interested in what we’re seeing in the threat landscape, detection engineering or real-world incident response, here's where and how to find us.
·blog.talosintelligence.com·
Cisco Talos at Black Hat 2025: Briefings, booth talks and what to expect
How to Spot and Stop E-Skimming | CSA
How to Spot and Stop E-Skimming | CSA
Learn what e‑skimming is, why it’s so dangerous, how PCI DSS v4.x addresses it, and some of the options available to help you.
·cloudsecurityalliance.org·
How to Spot and Stop E-Skimming | CSA
Data Breach Costs Fall for First Time in Five Years
Data Breach Costs Fall for First Time in Five Years
IBM found that the global average cost of a data breach has fallen by 9% compared to 2024, driven by improved detection and containment
·infosecurity-magazine.com·
Data Breach Costs Fall for First Time in Five Years
Measuring the Attack/Defense Balance - Schneier on Security
Measuring the Attack/Defense Balance - Schneier on Security
“Who’s winning on the internet, the attackers or the defenders?” I’m asked this all the time, and I can only ever give a qualitative hand-wavy answer. But Jason Healey and Tarang Jain’s latest Lawfare piece has amassed data. The essay provides the first framework for metrics about how we are all doing collectively—and not just how an individual network is doing. Healey wrote to me in email: The work rests on three key insights: (1) defenders need a framework (based in threat, vulnerability, and consequence) to categorize the flood of potentially relevant security metrics; (2) trends are what matter, not specifics; and (3) to start, we should avoid getting bogged down in collecting data and just use what’s already being reported by amazing teams at Verizon, Cyentia, Mandiant, IBM, FBI, and so many others...
·schneier.com·
Measuring the Attack/Defense Balance - Schneier on Security
Vos chèques vacances ANCV vont bientôt expirer ? Un mail d’arnaque à coup sûr
Vos chèques vacances ANCV vont bientôt expirer ? Un mail d’arnaque à coup sûr
Une campagne d’arnaque aux chèques-vacances ANCV circule dans les boîtes mail des Français, en ce mois de juillet 2025. Prétextant l’expiration imminente des titres, des cybercriminels essaient de piéger leurs victimes en les redirigeant vers un site frauduleux. Ah, l’été… le temps des verres en terrasse, des clubs
·numerama.com·
Vos chèques vacances ANCV vont bientôt expirer ? Un mail d’arnaque à coup sûr