Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31320 bookmarks
Custom sorting
Paragon Spyware used to Spy on European Journalists - Schneier on Security
Paragon Spyware used to Spy on European Journalists - Schneier on Security
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of their product. Citizen Lab caught them spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists that consented for the technical analysis of their cases. The key findings from our forensic analysis of their devices are summarized below: Our analysis finds forensic evidence confirming with high confidence that both a prominent European journalist (who requests anonymity), and Italian journalist Ciro Pellegrino, were targeted with Paragon’s Graphite mercenary spyware. ...
·schneier.com·
Paragon Spyware used to Spy on European Journalists - Schneier on Security
DanaBleed : l’erreur fatale qui a fait tomber les maîtres du hacking
DanaBleed : l’erreur fatale qui a fait tomber les maîtres du hacking
Pendant près de trois ans, des chercheurs ont pu collecter des milliers de données confidentielles sur Danabot, un des réseaux cybercriminels les plus recherchés au monde. La faute à une faille dans leur infrastructure, baptisée DanaBleed. Nous sommes en mai 2025, et le botnet DanaBot, l’un des réseaux de
·numerama.com·
DanaBleed : l’erreur fatale qui a fait tomber les maîtres du hacking
June Patch Tuesday digs into 67 bugs
June Patch Tuesday digs into 67 bugs
An extremely Windows-heavy month, with a surprise cameo by… Sophos?!
·news.sophos.com·
June Patch Tuesday digs into 67 bugs
CIS Benchmarks June 2025 Update
CIS Benchmarks June 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for June 2025.
·cisecurity.org·
CIS Benchmarks June 2025 Update
Know thyself, know thy environment
Know thyself, know thy environment
In this week's edition, Bill explores the importance of self-awareness and building repeatable processes to better secure your environment.
·blog.talosintelligence.com·
Know thyself, know thy environment
Trend Micro fixes critical vulnerabilities in multiple products
Trend Micro fixes critical vulnerabilities in multiple products
Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products.
·bleepingcomputer.com·
Trend Micro fixes critical vulnerabilities in multiple products
Graphite spyware used in Apple iOS zero-click attacks on journalists
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon's Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe.
·bleepingcomputer.com·
Graphite spyware used in Apple iOS zero-click attacks on journalists
Cyber resilience begins before the crisis
Cyber resilience begins before the crisis
Microsoft’s Deputy CISO for Customer Security, Ann Johnson, talks about the need for having a proactive cyber resilience plan.
·microsoft.com·
Cyber resilience begins before the crisis
Airlines Secretly Selling Passenger Data to the Government - Schneier on Security
Airlines Secretly Selling Passenger Data to the Government - Schneier on Security
This is news: A data broker owned by the country’s major airlines, including Delta, American Airlines, and United, collected U.S. travellers’ domestic flight records, sold access to them to Customs and Border Protection (CBP), and then as part of the contract told CBP to not reveal where the data came from, according to internal CBP documents obtained by 404 Media. The data includes passenger names, their full flight itineraries, and financial details. Another article.
·schneier.com·
Airlines Secretly Selling Passenger Data to the Government - Schneier on Security
Belarusian hackers taunt Kaspersky over report detailing their attacks
Belarusian hackers taunt Kaspersky over report detailing their attacks
A recent Kaspersky report offers a rare glimpse into the alleged arsenal of politically motivated hackers waging a digital war against authoritarian regimes in Russia and Belarus.
·therecord.media·
Belarusian hackers taunt Kaspersky over report detailing their attacks
The $200,000 Zoom call
The $200,000 Zoom call
A crypto CEO shared his screen. What happened next unraveled his digital life.
·therecord.media·
The $200,000 Zoom call
Financement des start-up cyber : Moins de levées et des tickets plus gros
Financement des start-up cyber : Moins de levées et des tickets plus gros
Alors que les start-up françaises spécialisées dans la sécurité informatique lèvent davantage de fonds, le nombre d'opérations chute nettement...-CybersĂ©curitĂ©
·usine-digitale.fr·
Financement des start-up cyber : Moins de levées et des tickets plus gros
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide.
·bleepingcomputer.com·
Password-spraying attacks target 80,000 Microsoft Entra ID accounts