Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30531 bookmarks
Custom sorting
Dozens of fake wallet add-ons flood Firefox store to drain crypto
Dozens of fake wallet add-ons flood Firefox store to drain crypto
More than 40 fake extensions in Firefox's official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data.
·bleepingcomputer.com·
Dozens of fake wallet add-ons flood Firefox store to drain crypto
PDFs: Portable documents, or perfect deliveries for phish?
PDFs: Portable documents, or perfect deliveries for phish?
A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks.
·blog.talosintelligence.com·
PDFs: Portable documents, or perfect deliveries for phish?
MFA Made Easy: 8 Best Practices for Authentication | CSA
MFA Made Easy: 8 Best Practices for Authentication | CSA
Multi-Factor Authentication (MFA) is a core part of Zero Trust strategies. Yet, MFA adoption lags due to the poor user experience, leaving companies vulnerable.
·cloudsecurityalliance.org·
MFA Made Easy: 8 Best Practices for Authentication | CSA
Ubuntu Disables Spectre/Meltdown Protections - Schneier on Security
Ubuntu Disables Spectre/Meltdown Protections - Schneier on Security
A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant performance drops. Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost. After discussion between Intel and Canonical’s security teams, we are in agreement that Spectre no longer needs to be mitigated for the GPU at the Compute Runtime level. At this point, Spectre has been mitigated in the kernel, and a clear warning from the Compute Runtime build serves as a notification for those running modified kernels without those patches. For these reasons, we feel that Spectre mitigations in Compute Runtime no longer offer enough security impact to justify the current performance tradeoff...
·schneier.com·
Ubuntu Disables Spectre/Meltdown Protections - Schneier on Security
Laptop Farms : l’incroyable rĂ©seau de tĂ©lĂ©travailleurs nord-corĂ©en dĂ©mantelĂ© par les États-Unis
Laptop Farms : l’incroyable rĂ©seau de tĂ©lĂ©travailleurs nord-corĂ©en dĂ©mantelĂ© par les États-Unis
Fin juin 2025, la justice amĂ©ricaine a dĂ©voilĂ© l’opĂ©ration DPRK RevGen, une initiative des principales agences de sĂ©curitĂ© du pays (NSA, FBI, contre-espionnage) visant Ă  dĂ©manteler un vaste rĂ©seau de travailleurs informatiques nord-corĂ©ens. Ils auraient infiltrĂ© plus de 100 entreprises amĂ©ricaines, dont plusieurs du
·numerama.com·
Laptop Farms : l’incroyable rĂ©seau de tĂ©lĂ©travailleurs nord-corĂ©en dĂ©mantelĂ© par les États-Unis
Dozens of Corporates Caught in Kelly Benefits Data Breach
Dozens of Corporates Caught in Kelly Benefits Data Breach
Benefits admin specialist Kelly Benefits has revealed a breach impacting over 500,000 individuals across 45 client organizations
·infosecurity-magazine.com·
Dozens of Corporates Caught in Kelly Benefits Data Breach
gogs 0.13.0 - Remote Code Execution (RCE)
gogs 0.13.0 - Remote Code Execution (RCE)
gogs 0.13.0 - Remote Code Execution (RCE). CVE-2024-39930 . remote exploit for Multiple platform
·exploit-db.com·
gogs 0.13.0 - Remote Code Execution (RCE)
Qantas discloses cyberattack amid Scattered Spider aviation breaches
Qantas discloses cyberattack amid Scattered Spider aviation breaches
Australian airline Qantas disclosed that it detected a cyberattack on Monday after threat actors gained access to a third-party platform containing customer data.
·bleepingcomputer.com·
Qantas discloses cyberattack amid Scattered Spider aviation breaches
A new test
A new test
·lastwatchdog.com·
A new test
AT&T rolls out "Wireless Lock" feature to block SIM swap attacks
AT&T rolls out "Wireless Lock" feature to block SIM swap attacks
AT&T has launched a new security feature called "Wireless Lock" that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled.
·bleepingcomputer.com·
AT&T rolls out "Wireless Lock" feature to block SIM swap attacks