Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30533 bookmarks
Custom sorting
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as “pig butchering." In January 2025, KrebsOnSecurity detailed…
¡krebsonsecurity.com¡
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
Microsoft Authenticator now warns to export passwords before July cutoff
Microsoft Authenticator now warns to export passwords before July cutoff
The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated in July, suggesting users move to Microsoft Edge instead.
¡bleepingcomputer.com¡
Microsoft Authenticator now warns to export passwords before July cutoff
Outage disrupts some SentinelOne services
Outage disrupts some SentinelOne services
Company executives said there was no indication the incident was the result of a security issue.
¡cybersecuritydive.com¡
Outage disrupts some SentinelOne services
Offensive OSINT s05e09 - Open Source Surveillance - Anomaly detection
Offensive OSINT s05e09 - Open Source Surveillance - Anomaly detection
The one and only situational awareness platform OS-Surveillance is evolving faster than ever, integrating powerful new data sources and innovative features designed to make real-time geospatial intelligence gathering super intuitive. In today’s episode, I will walk you through the latest enhancements to the platform and share insights into the world of live geospatial OSINT. We will explore why geospatial context is crucial for situational awareness, how to harness real-time data feeds effecti
¡offensiveosint.io¡
Offensive OSINT s05e09 - Open Source Surveillance - Anomaly detection
Parties behind 2024 Biden AI robocall reach deal in lawsuit | CyberScoop
Parties behind 2024 Biden AI robocall reach deal in lawsuit | CyberScoop
The defendants will increase reporting on spoofing, create a compliance team or AI and conduct regular training for staff on how to identify deceptive messages and the dangers of misinformation in U.S. elections.
¡cyberscoop.com¡
Parties behind 2024 Biden AI robocall reach deal in lawsuit | CyberScoop
ConnectWise breached in cyberattack linked to nation-state hackers
ConnectWise breached in cyberattack linked to nation-state hackers
IT management software firm ConnectWise says a suspected state-sponsored cyberattack breached its environment and impacted a limited number of ScreenConnect customers.
¡bleepingcomputer.com¡
ConnectWise breached in cyberattack linked to nation-state hackers
ConnectWise says nation-state attack targeted multiple ScreenConnect customers
ConnectWise says nation-state attack targeted multiple ScreenConnect customers
The company said it “recently learned of suspicious activity” within its environment that it believes “was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers.”
¡therecord.media¡
ConnectWise says nation-state attack targeted multiple ScreenConnect customers
How to deploy AI safely
How to deploy AI safely
Microsoft Deputy CISO Yonatan Zunger shares tips and guidance for safely and efficiently implementing AI in your organization.
¡microsoft.com¡
How to deploy AI safely
Defending against evolving identity attack techniques
Defending against evolving identity attack techniques
Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. Despite advancements in protections like multifactor authentication (MFA) and passwordless solutions, social engineering remains a key aspect of phishing attacks. Implementing phishing-resistant solutions, like passkeys, can improve security against these evolving threats.
¡microsoft.com¡
Defending against evolving identity attack techniques
A new author has appeared
A new author has appeared
Talos Content Manager Amy introduces themself, shares her unconventional journey into cybersecurity and reports on threats masquerading as AI installers.
¡blog.talosintelligence.com¡
A new author has appeared
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors are abusing the trusted Google platform 'Google Apps Script' to host phishing pages, making them appear legitimate and eliminating the risk of them getting flagged by security tools.
¡bleepingcomputer.com¡
Threat actors abuse Google Apps Script in evasive phishing attacks
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
A weakness in Apple's Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users.
¡bleepingcomputer.com¡
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
US sanctions firm linked to cyber scams behind $200 million in losses
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans.
¡bleepingcomputer.com¡
US sanctions firm linked to cyber scams behind $200 million in losses
Cybercriminals exploit AI hype to spread ransomware, malware
Cybercriminals exploit AI hype to spread ransomware, malware
Threat actors linked to lesser-known ransomware and malware projects now use AI tools as lures to infect unsuspecting victims with malicious payloads.
¡bleepingcomputer.com¡
Cybercriminals exploit AI hype to spread ransomware, malware
Attackers are mapping your attack surface—are you?
Attackers are mapping your attack surface—are you?
Attackers are mapping your infrastructure before you even realize what's exposed. Sprocket ASM flips the script — giving you the same recon capabilities they use, plus change detection and actionable insights to close gaps fast. See your attack surface the way hackers do and beat them to it.
¡bleepingcomputer.com¡
Attackers are mapping your attack surface—are you?
The True Costs of Legacy Privileged Access Management | CSA
The True Costs of Legacy Privileged Access Management | CSA
Legacy Privileged Access Management (PAM) quietly drains resources, stalls innovation, & introduces security risks. It’s time to consider a modern alternative.
¡cloudsecurityalliance.org¡
The True Costs of Legacy Privileged Access Management | CSA