Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30533 bookmarks
Custom sorting
Senate Democrats urge DHS to reconstitute CSRB
Senate Democrats urge DHS to reconstitute CSRB
The lawmakers said the Cyber Safety Review Board’s work has made government agencies and private businesses more secure.
·cybersecuritydive.com·
Senate Democrats urge DHS to reconstitute CSRB
Police takes down AVCheck site used by cybercriminals to scan malware
Police takes down AVCheck site used by cybercriminals to scan malware
An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild.
·bleepingcomputer.com·
Police takes down AVCheck site used by cybercriminals to scan malware
Comment des hackers chinois ont transformé Google Calendar en centre de pilotage de cyberattaques
Comment des hackers chinois ont transformé Google Calendar en centre de pilotage de cyberattaques
Google Threat Intelligence dévoile une campagne de cyberattaques inédite orchestrée par le groupe chinois APT41. Leur arme secrète ? Google Calendar, détourné pour servir de centre de commande et de contrôle à distance. Explications. C'est un rapport publié le 28 mai par Google Threat Intelligence qui alerte une
·numerama.com·
Comment des hackers chinois ont transformé Google Calendar en centre de pilotage de cyberattaques
Getting Exposure Management Right: Insights from 500 CISOs
Getting Exposure Management Right: Insights from 500 CISOs
Pentesting isn't just about finding flaws — it's about knowing which ones matter. Pentera's 2025 State of Pentesting report uncovers which assets attackers target most, where security teams are making progress, and which exposures still fly under the radar. Focus on reducing breach impact, not just breach count.
·bleepingcomputer.com·
Getting Exposure Management Right: Insights from 500 CISOs
Germany doxxes Conti ransomware and TrickBot ring leader
Germany doxxes Conti ransomware and TrickBot ring leader
The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich Kovalev.
·bleepingcomputer.com·
Germany doxxes Conti ransomware and TrickBot ring leader
IA générative : Comment Zalando a sécurisé son assistant mode
IA générative : Comment Zalando a sécurisé son assistant mode
En octobre 2024, Zalando a déployé un assistant dopé à l'IA générative sur ses 25 marchés, offrant des conseils mode personnalisés. Florence...-Cybersécurité
·usine-digitale.fr·
IA générative : Comment Zalando a sécurisé son assistant mode
Huawei aurait pour objectif de graver des puces 3 nm dès 2026 : un exploit pour la Chine
Huawei aurait pour objectif de graver des puces 3 nm dès 2026 : un exploit pour la Chine
Huawei chercherait à graver des puces en 3 nm dès l'année prochaine, grâce à une nouvelle technologie de gravure. L'objectif : arrêter de dépendre du bon vouloir des États-Unis qui peuvent bloquer les entreprises chinoises. Cela sera-t-il suffisant pour rattraper des entreprises américaines ? Le retour de Trump au
·numerama.com·
Huawei aurait pour objectif de graver des puces 3 nm dès 2026 : un exploit pour la Chine
Les États-Unis craignent un usage militaire des puces américaines en Chine
Les États-Unis craignent un usage militaire des puces américaines en Chine
Washington frappe un nouveau coup dans la guerre des semi-conducteurs : les États-Unis imposent depuis fin mai des restrictions inédites sur l’exportation des logiciels de conception de puces électroniques vers la Chine. Un geste qui vise à préserver la suprématie technologique occidentale et à empêcher Pékin
·numerama.com·
Les États-Unis craignent un usage militaire des puces américaines en Chine
US Banks Urge SEC to Repeal Cyber Disclosure Rule
US Banks Urge SEC to Repeal Cyber Disclosure Rule
Five major banking associations in the US claim the new SEC cyber incident disclosure rule puts a strain on their resources
·infosecurity-magazine.com·
US Banks Urge SEC to Repeal Cyber Disclosure Rule
Implementing CCM: Identity & Access Management | CSA
Implementing CCM: Identity & Access Management | CSA
Identity & Access Management (IAM) is all about managing identities and access in the cloud. Key principles include least privilege and segregation of duties.
·cloudsecurityalliance.org·
Implementing CCM: Identity & Access Management | CSA
Exploits and vulnerabilities in Q1 2025
Exploits and vulnerabilities in Q1 2025
This report contains statistics on vulnerabilities and published exploits, along with an analysis of the most noteworthy vulnerabilities we observed in the first quarter of 2025.
·securelist.com·
Exploits and vulnerabilities in Q1 2025
Why Take9 Won't Improve Cybersecurity - Schneier on Security
Why Take9 Won't Improve Cybersecurity - Schneier on Security
There’s a new cybersecurity awareness campaign: Take9. The idea is that people—you, me, everyone—should just pause for nine seconds and think more about the link they are planning to click on, the file they are planning to download, or whatever it is they are planning to share. There’s a website—of course—and a video, well-produced and scary. But the campaign won’t do much to improve cybersecurity. The advice isn’t reasonable, it won’t make either individuals or nations appreciably safer, and it deflects blame from the real causes of our cyberspace insecurities...
·schneier.com·
Why Take9 Won't Improve Cybersecurity - Schneier on Security
AI Compliance Challenges for CISOs in 2025 | CSA
AI Compliance Challenges for CISOs in 2025 | CSA
As AI regulations expand globally, CISOs must balance innovation with compliance—adopting frameworks like GDPR, CCPA, and NIST AI RMF to stay secure.
·cloudsecurityalliance.org·
AI Compliance Challenges for CISOs in 2025 | CSA
RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible
RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible
Non-human service accounts have quietly become one of the biggest liabilities in enterprise security. Related: Why identity is the cornerstone of cyber defense These machine credentials — used to automate connections between systems — now outnumber humans by 30 to 1. That gap is likely even wider in cloud-intensive environments. Yet despite their scale, service
·lastwatchdog.com·
RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible
UK MoD Launches New Cyber Warfare Command
UK MoD Launches New Cyber Warfare Command
The UK MoD has unveiled a new Cyber and Electromagnetic Command, which will focus on offensive cyber operations and “electromagnetic warfare” capabilities
·infosecurity-magazine.com·
UK MoD Launches New Cyber Warfare Command