Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

31277 bookmarks
Custom sorting
Quand un avion agricole ukrainien devient un chasseur de drones russes
Quand un avion agricole ukrainien devient un chasseur de drones russes
Pour contrer le déploiement massif de drones envoyés par la Russie, les forces armées ukrainiennes rivalisent d’ingéniosité face à cet ennemi à la fois peu coûteux et redoutable. Début août 2025, un avion agricole modifié a été aperçu dans le ciel ukrainien. Sa nouvelle mission : intercepter les drones ennemis à
·numerama.com·
Quand un avion agricole ukrainien devient un chasseur de drones russes
Scam hunter scammed by tax office impersonators
Scam hunter scammed by tax office impersonators
Scam hunter Julie-Anne Kearns, who helps scam victims online, opened up about a tax scam she fell for herself.
·malwarebytes.com·
Scam hunter scammed by tax office impersonators
29,000 Servers Remain Unpatched Against Microsoft Exchange Flaw
29,000 Servers Remain Unpatched Against Microsoft Exchange Flaw
Over 29,000 Microsoft Exchange servers remain unpatched against a vulnerability that could allow attackers to seize control of entire domains in hybrid cloud environments
·infosecurity-magazine.com·
29,000 Servers Remain Unpatched Against Microsoft Exchange Flaw
Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug
Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug
Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released.
·bleepingcomputer.com·
Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug
Curly COMrades cyberspies hit govt orgs with custom malware
Curly COMrades cyberspies hit govt orgs with custom malware
A new cyber-espionage threat group has been using a new backdoor malware that provides persistent access through a seemingly inactive scheduled task.
·bleepingcomputer.com·
Curly COMrades cyberspies hit govt orgs with custom malware
« C'est une attaque vraiment massive », pourquoi le Muséum national d'histoire naturelle de Paris est-il la cible de cybercriminels ? - Numerama
« C'est une attaque vraiment massive », pourquoi le Muséum national d'histoire naturelle de Paris est-il la cible de cybercriminels ? - Numerama
Depuis la fin juillet 2025, le Muséum national d’Histoire naturelle (MNHN) de Paris, l’une des institutions majeures en recherche et patrimoine naturel dans le monde, est la cible d’une cyberattaque d’une ampleur inédite. L'organisation ne parvient plus à accéder à de nombreuses bases de données destinées à la
·numerama.com·
« C'est une attaque vraiment massive », pourquoi le Muséum national d'histoire naturelle de Paris est-il la cible de cybercriminels ? - Numerama
275M patient records breached—How to meet HIPAA password manager requirements
275M patient records breached—How to meet HIPAA password manager requirements
Healthcare led all industries in 2024 breaches—over 275M patient records exposed, mostly via weak or stolen passwords. See how the self-hosted password manager by Passwork helps providers meet HIPAA requirements, protect ePHI, and keep care running. Try it free for 1 month.
·bleepingcomputer.com·
275M patient records breached—How to meet HIPAA password manager requirements
Home Office Phishing Scam Targets UK Immigration Sponsors
Home Office Phishing Scam Targets UK Immigration Sponsors
The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes
·infosecurity-magazine.com·
Home Office Phishing Scam Targets UK Immigration Sponsors
Cybercriminals Exploit Low-Cost Initial Access Broker Market
Cybercriminals Exploit Low-Cost Initial Access Broker Market
Rapid7 found that threat actors are able to purchase low-cost initial access broker services, with many packages offering a variety of options
·infosecurity-magazine.com·
Cybercriminals Exploit Low-Cost Initial Access Broker Market
Visibility ≠ Security: SaaS Illusions Put You at Risk | CSA
Visibility ≠ Security: SaaS Illusions Put You at Risk | CSA
With real-time insight, defined ownership, & tools that uncover more than surface-level, teams can turn SaaS from a visibility gap into a business accelerator.
·cloudsecurityalliance.org·
Visibility ≠ Security: SaaS Illusions Put You at Risk | CSA
Manpower discloses data breach affecting nearly 145,000 people
Manpower discloses data breach affecting nearly 145,000 people
Manpower, one of the world's largest staffing companies, is notifying nearly 145,000 individuals that their information was stolen by attackers who breached the company's systems in December 2024.
·bleepingcomputer.com·
Manpower discloses data breach affecting nearly 145,000 people
SHARED INTEL Q&A: From Code Red to the ‘new control plane’ — Marc Maiffret on identity
SHARED INTEL Q&A: From Code Red to the ‘new control plane’ — Marc Maiffret on identity
The identity security market got its moment of validation. Related: Inside Palo Alto Networks acquisition of CyberArk Palo Alto Networks’ blockbuster $25 billion acquisition of CyberArk — its largest to date — underscores a strategic inflection point: identity has become the new control plane of modern cybersecurity. The move marks Palo Alto’s aggressive entry into
·lastwatchdog.com·
SHARED INTEL Q&A: From Code Red to the ‘new control plane’ — Marc Maiffret on identity
The "Incriminating Video" Scam - Schneier on Security
The "Incriminating Video" Scam - Schneier on Security
A few years ago, scammers invented a new phishing email. They would claim to have hacked your computer, turned your webcam on, and videoed you watching porn or having sex. BuzzFeed has an article talking about a “shockingly realistic” variant, which includes photos of you and your house—more specific information. The article contains “steps you can take to figure out if it’s a scam,” but omits the first and most fundamental piece of advice: If the hacker had incriminating video about you, they would show you a clip. Just a taste, not the worst bits so you had to worry about how bad it could be, but something. If the hacker doesn’t show you any video, they don’t have any video. Everything else is window dressing...
·schneier.com·
The "Incriminating Video" Scam - Schneier on Security
Saint Paul cyberattack linked to Interlock ransomware gang
Saint Paul cyberattack linked to Interlock ransomware gang
The mayor of Saint Paul, Minnesota's capital city, has confirmed that the Interlock ransomware gang is responsible for a cyberattack that disrupted many of the city's systems and services in July.
·bleepingcomputer.com·
Saint Paul cyberattack linked to Interlock ransomware gang
Voici comment un vrai mail Paypal peut dissimuler une arnaque sournoise
Voici comment un vrai mail Paypal peut dissimuler une arnaque sournoise
Les escrocs en ligne ont mis au point une nouvelle technique pour tromper les utilisateurs de PayPal. En exploitant une option dédiée aux comptes business, les cybercriminels parviennent à tromper leurs victimes en envoyant des messages qui passent par les canaux de communication officiels de PayPal. Et si le
·numerama.com·
Voici comment un vrai mail Paypal peut dissimuler une arnaque sournoise
News alert: INE named among top providers of practical, career-ready cybersecurity training in 2025
News alert: INE named among top providers of practical, career-ready cybersecurity training in 2025
Cary, NC, Aug. 11, 2025, CyberNewswire—INE has been selected for Training Industry's 2025 Top 20 Online Learning Library Companies list, recognizing the company's leadership in cybersecurity training, cybersecurity certifications, and IT training that emphasizes hands-on, practical learning experiences. Training Industry evaluated companies based on course quality and scope, market presence and innovation, client relationships, and
·lastwatchdog.com·
News alert: INE named among top providers of practical, career-ready cybersecurity training in 2025
News alert: New Heimdal study reveals tool overload is driving fatigue, missed threats in MSPs
News alert: New Heimdal study reveals tool overload is driving fatigue, missed threats in MSPs
London, Aug. 11, 2025, CyberNewswire—A survey of 80 North American MSPs shows fragmented security stacks drive fatigue, missed threats, and business inefficiency Security tools meant to protect managed service providers are instead overwhelming them. A new study from Heimdal and FutureSafe reveals that 89% of MSPs struggle with tool integration while 56% experience alert fatigue
·lastwatchdog.com·
News alert: New Heimdal study reveals tool overload is driving fatigue, missed threats in MSPs