Cybersecurity

8802 readers

56 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

WhatsApp, Signal, untraceable security risk (www.techradar.com)

submitted 25 minutes ago by Spot@startrek.website to c/cybersecurity@sh.itjust.works

0 comments fedilink

Three billion WhatsApp users are at risk - an expert has developed a tool that could spy on everyone, and you would never know about it

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack (gist.github.com)

submitted 1 hour ago* (last edited 1 hour ago) by BrikoX@lemmy.zip to c/cybersecurity@sh.itjust.works

1 comments fedilink

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

Zeroday Cloud hacking event awards $320,0000 for 11 zero days (www.bleepingcomputer.com)

submitted 14 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 15 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Cisco warns of unpatched AsyncOS zero-day exploited in attacks (www.bleepingcomputer.com)

submitted 13 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

BlueDelta’s Persistent Campaign Against UKR.NET (www.recordedfuture.com)

submitted 14 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Motors WordPress Vulnerability Exposes Sites to Takeover - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 15 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Auto Parts Giant LKQ Confirms Oracle EBS Breach (www.securityweek.com)

submitted 15 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

-8

ShadyPanda: The Silent Browser Takeover Threat and How Qualys TruRisk Eliminate Helps You Stop It | Qualys (blog.qualys.com)

submitted 14 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

1 comments fedilink

GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS (aws.amazon.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Does anyone think that a bunch of Computer Science/Software Engineering graduates unable to find jobs could result in increased cybercrime? (feddit.uk)

submitted 1 day ago by Flax_vert@feddit.uk to c/cybersecurity@sh.itjust.works

13 comments fedilink

I'm just thinking of cases where a country takes over and exiles the old army, and it's seen the rise of various terrorist groups as you've essentially left a bunch of military trained, often zealouse, young men without a career. Could a similar thing happen with Cyber?

Ink Dragon's Relay Network and Stealthy Offensive Operation (research.checkpoint.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

China's Ink Dragon hides out in European government networks (www.theregister.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Russian APT actor phishes the Baltics and the Balkans (strikeready.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

‘Featured’ Urban VPN caught stealing private AI chats | CSO Online (www.csoonline.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

1 comments fedilink

Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure | Amazon Web Services (aws.amazon.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

1 comments fedilink

GhostPairing Attacks: from phone number to full access in WhatsApp (www.gendigital.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

GhostPoster attacks hide malicious JavaScript in Firefox addon logos (www.bleepingcomputer.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Phishing Messages and Social Ads Flood Users Ahead of Christmas - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Venezuelan Oil Company Downplays Alleged US Cyberattack (www.darkreading.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

US Autoparts Maker LKQ Confirms Oracle EBS Breach - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Cellik Android malware builds malicious versions from Google Play apps (www.bleepingcomputer.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data (thehackernews.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

A tool for monitoring integrity of bootchain (lemmy.world)

submitted 1 day ago by nemesis1733@lemmy.world to c/cybersecurity@sh.itjust.works

0 comments fedilink

Description: TPMGuard verifies that a computer’s boot process hasn’t been tampered with. On first run, it creates a trusted “golden” set of PCRs and later compares current values to detect changes, logging any differences and highlighting affected boot components.

Source code and details: https://github.com/umutcamliyurt/TPMGuard

Hackers exploit newly patched Fortinet auth bypass flaws (www.bleepingcomputer.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink