Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31344 bookmarks
Custom sorting
RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers
RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers
Catastrophic outages don’t just crash systems — they expose assumptions. Related: Getting the most from cyber insurance At RSAC 2025, I met with ESET Chief Security Evangelist Tony Anscombe to trace a quiet but growing convergence: endpoint defense, cyber insurance, and monoculture risk are no longer separate concerns. They’re overlapping — and reshaping how security
·lastwatchdog.com·
RSAC Fireside Chat: Operationalizing diverse security to assure customers, partners–and insurers
catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities
catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three zero-day vulnerabilities in catdoc, as well as vulnerabilities in Parallel, NVIDIA and High-Logic FontCreator 15.
·blog.talosintelligence.com·
catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities
Ce groupe cybercriminel dupe les recruteurs sur LinkedIn
Ce groupe cybercriminel dupe les recruteurs sur LinkedIn
Un nouveau type d'arnaque vise actuellement les professionnels du recrutement sur LinkedIn et Indeed. Derrière des profils de candidats qui semblent tout à fait ordinaires se cache le groupe cybercriminel FIN6. Son but : gagner la confiance des recruteurs, infiltrer les systèmes informatiques des entreprises et
·numerama.com·
Ce groupe cybercriminel dupe les recruteurs sur LinkedIn
Dozens arrested across Asia in global infostealer malware crackdown
Dozens arrested across Asia in global infostealer malware crackdown
A global law enforcement crackdown on information-stealing malware led to the arrest of 32 suspects and the dismantling of more than 20,000 malicious IP addresses and domains linked to cybercrime.
·therecord.media·
Dozens arrested across Asia in global infostealer malware crackdown
UNFI’s operations remain hobbled following cyberattack
UNFI’s operations remain hobbled following cyberattack
The grocery company had to entirely shut down its network following the intrusion and is serving customers on only a “limited basis” as it works to recover, CEO Sandy Douglas said.
·cybersecuritydive.com·
UNFI’s operations remain hobbled following cyberattack
Microsoft creates separate Windows 11 24H2 update for incompatible PCs
Microsoft creates separate Windows 11 24H2 update for incompatible PCs
Microsoft confirmed on Tuesday that it's pushing a revised security update targeting some Windows 11 24H2 systems incompatible with the initial update released during this month's Patch Tuesday.
·bleepingcomputer.com·
Microsoft creates separate Windows 11 24H2 update for incompatible PCs
Hackers exploited Windows WebDav zero-day to drop malware
Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known as 'Stealth Falcon' exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen.
·bleepingcomputer.com·
Hackers exploited Windows WebDav zero-day to drop malware
Brute-force attacks target Apache Tomcat management panels
Brute-force attacks target Apache Tomcat management panels
A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online.
·bleepingcomputer.com·
Brute-force attacks target Apache Tomcat management panels
Operation Secure disrupts global infostealer malware operations
Operation Secure disrupts global infostealer malware operations
An international law enforcement action codenamed "Operation Secure" targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures, and server takedowns.
·bleepingcomputer.com·
Operation Secure disrupts global infostealer malware operations
Microsoft fixes unreachable Windows Server domain controllers
Microsoft fixes unreachable Windows Server domain controllers
Microsoft has resolved a known issue that caused some Windows Server 2025 domain controllers to become unreachable after a restart and triggered app or service failures.
·bleepingcomputer.com·
Microsoft fixes unreachable Windows Server domain controllers
Valid-AI-ted: A Step Towards Real-Time Cloud Assurance | CSA
Valid-AI-ted: A Step Towards Real-Time Cloud Assurance | CSA
The Cloud Security Alliance has launched Valid-AI-ted, an AI-assisted quality check for STAR assessments. CEO Jim Reavis shares the background of this new tool.
·cloudsecurityalliance.org·
Valid-AI-ted: A Step Towards Real-Time Cloud Assurance | CSA
Hands-On Skills Now Key to Landing Your First Cyber Role
Hands-On Skills Now Key to Landing Your First Cyber Role
An ISC2 study found that 90% of security hiring managers would consider entry-level candidates with only previous IT work experience
·infosecurity-magazine.com·
Hands-On Skills Now Key to Landing Your First Cyber Role