Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30531 bookmarks
Custom sorting
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox.
·bleepingcomputer.com·
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
Printer maker Procolored offered malware-laced drivers for months
Printer maker Procolored offered malware-laced drivers for months
For at least half a year, the official software supplied with Procolored printers included malware in the form of a remote access trojan and a cryptocurrency stealer.
·bleepingcomputer.com·
Printer maker Procolored offered malware-laced drivers for months
Vous regardez des matchs de foot sans payer avec un VPN ? Ça va changer
Vous regardez des matchs de foot sans payer avec un VPN ? Ça va changer
La justice commence Ă  pousser les fournisseurs de VPN Ă  agir pour empĂȘcher l'accĂšs des internautes Ă  des sites bloquĂ©s en France. Avec comme objectif de contrer la possibilitĂ© de regarder du sport (comme des matchs de foot) sur des sites proposant du streaming pirate. C'est l'extension du domaine de la lutte, mais
·numerama.com·
Vous regardez des matchs de foot sans payer avec un VPN ? Ça va changer
Implementing CCM: Human Resources Controls | CSA
Implementing CCM: Human Resources Controls | CSA
The Human Resources domain of the CCM helps organizations manage risks associated with insider threats by defining policies for the employee lifecycle.
·cloudsecurityalliance.org·
Implementing CCM: Human Resources Controls | CSA
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach to cyber defense.
·therecord.media·
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
Communications Backdoor in Chinese Power Inverters - Schneier on Security
Communications Backdoor in Chinese Power Inverters - Schneier on Security
This is a weird story: U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. [
] Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, one of them said. Reuters was unable to determine how many solar power inverters and batteries they have looked at...
·schneier.com·
Communications Backdoor in Chinese Power Inverters - Schneier on Security
SHARED INTEL Q&A: AI in the SOC isn’t all about speed — it’s more so about smoothing process
SHARED INTEL Q&A: AI in the SOC isn’t all about speed — it’s more so about smoothing process
The SOC has long been the enterprise’s first line of defense. But despite years of investment in threat feeds and automation platforms, the same question persists: why does intelligence still struggle to translate into timely action? Related: IBM makes the AI speed argument for SOCs The 2023 disclosure of Volt Typhoon was a case in
·lastwatchdog.com·
SHARED INTEL Q&A: AI in the SOC isn’t all about speed — it’s more so about smoothing process
Vous utilisiez des VPN pour voir des matchs de foot sans payer ? Ça va changer
Vous utilisiez des VPN pour voir des matchs de foot sans payer ? Ça va changer
La justice commence Ă  pousser les fournisseurs de VPN Ă  agir pour empĂȘcher l'accĂšs des internautes Ă  des sites bloquĂ©s en France. Avec comme objectif de contrer la possibilitĂ© de regarder du sport (comme des matchs de foot) sur des sites proposant du streaming pirate. C'est l'extension du domaine de la lutte, mais
·numerama.com·
Vous utilisiez des VPN pour voir des matchs de foot sans payer ? Ça va changer
Data broker protection rule quietly withdrawn by CFPB
Data broker protection rule quietly withdrawn by CFPB
The CFPB has decided to withdraw a 2024 rule that was aimed at limiting the sale of Americans’ personal information by data brokers.
·malwarebytes.com·
Data broker protection rule quietly withdrawn by CFPB
Meta sent cease and desist letter over AI training
Meta sent cease and desist letter over AI training
A privacy advocacy group has clapped back at Meta over its plans to start training its AI model on European users' data.
·malwarebytes.com·
Meta sent cease and desist letter over AI training
Applying NIST CSF 2.0 to Hypervisor Security | CSA
Applying NIST CSF 2.0 to Hypervisor Security | CSA
Explore how the NIST Cybersecurity Framework (CSF) 2.0 offers organizations a structured path to building cyber resilience in the modern cyber-scape.
·cloudsecurityalliance.org·
Applying NIST CSF 2.0 to Hypervisor Security | CSA
UK Cyber Vacancies Growing 12% Per Year
UK Cyber Vacancies Growing 12% Per Year
An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions
·infosecurity-magazine.com·
UK Cyber Vacancies Growing 12% Per Year
Top 10 Best Practices for Effective Data Protection
Top 10 Best Practices for Effective Data Protection
AI classification, zero trust, and centralized DLP drive stronger data protection and compliance in dynamic environments.
·thehackernews.com·
Top 10 Best Practices for Effective Data Protection
Russian Espionage Operation Targets Organizations Linked to Ukraine War
Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim's webmail page
·infosecurity-magazine.com·
Russian Espionage Operation Targets Organizations Linked to Ukraine War
Coinbase met 20 millions sur la tĂȘte des hackers qui tentent de le menacer
Coinbase met 20 millions sur la tĂȘte des hackers qui tentent de le menacer
Coinbase, l’une des plus grandes plateformes de cryptomonnaies au monde, a Ă©tĂ© victime d’un piratage sophistiquĂ©. Face Ă  une demande de rançon de 20 millions de dollars et une fuite de donnĂ©es sensibles, l’entreprise a dĂ©cidĂ© de retourner la menace contre ses auteurs : elle propose la mĂȘme somme Ă  quiconque permettra
·numerama.com·
Coinbase met 20 millions sur la tĂȘte des hackers qui tentent de le menacer
Piratage de Coinbase : Jusqu'Ă  400 millions de dollars de pertes
Piratage de Coinbase : Jusqu'Ă  400 millions de dollars de pertes
La plateforme d'échange de cryptomonnaies Coinbase a été victime d'une cyberattaque orchestrée par des agents de support corrompus, ayant...-CybersĂ©curitĂ©
·usine-digitale.fr·
Piratage de Coinbase : Jusqu'Ă  400 millions de dollars de pertes