Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

29738 bookmarks
Custom sorting
Phishing Tests: Key Questions to Ask | CSA
Phishing Tests: Key Questions to Ask | CSA
Maximize your phishing assessments by asking the right questions—ensure tailored, effective campaigns that go beyond just checking the compliance box.
·cloudsecurityalliance.org·
Phishing Tests: Key Questions to Ask | CSA
Understanding Zero Trust Security Models | CSA
Understanding Zero Trust Security Models | CSA
As cyber threats get smarter, companies are using Zero Trust Security Models to keep their data safe. This way of thinking means "never trust, always verify."
·cloudsecurityalliance.org·
Understanding Zero Trust Security Models | CSA
Linux 'io_uring' security blindspot allows stealthy rootkit attacks
Linux 'io_uring' security blindspot allows stealthy rootkit attacks
A significant security gap in Linux runtime security caused by the 'io_uring' interface allows rootkits to operate undetected on systems while bypassing advanced Enterprise security software.
·bleepingcomputer.com·
Linux 'io_uring' security blindspot allows stealthy rootkit attacks
Ransomware Attacks Fall Sharply in March
Ransomware Attacks Fall Sharply in March
NCC Group found that ransomware attacks fell by 32% in March compared to February, but described this finding as a “red herring”
·infosecurity-magazine.com·
Ransomware Attacks Fall Sharply in March
Operation SyncHole: Lazarus APT goes back to the well
Operation SyncHole: Lazarus APT goes back to the well
Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.
·securelist.com·
Operation SyncHole: Lazarus APT goes back to the well
forum.defcon.org
forum.defcon.org
A community for Hackers, Researchers, DEF CON Groups, and anyone looking to explore the world of security.
·forum.defcon.org·
forum.defcon.org
Attackers hit security device defects hard in 2024 | CyberScoop
Attackers hit security device defects hard in 2024 | CyberScoop
Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network edge devices.
·cyberscoop.com·
Attackers hit security device defects hard in 2024 | CyberScoop
DOGE Worker’s Code Supports NLRB Whistleblower
DOGE Worker’s Code Supports NLRB Whistleblower
A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk's Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency's sensitive case files in early March. The whistleblower said accounts created…
·krebsonsecurity.com·
DOGE Worker’s Code Supports NLRB Whistleblower