Redhotcyber<p>Aggiornamento Critico per Google Chrome: Patch per varie Vulnerabilità</p><p>📌 Link all'articolo : <a href="https://www.redhotcyber.com/post/aggiornamento-critico-per-google-chrome-patch-per-6-vulnerabilita/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/post/aggiornam</span><span class="invisible">ento-critico-per-google-chrome-patch-per-6-vulnerabilita/</span></a></p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/cti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cti</span></a> <a href="https://mastodon.bida.im/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://mastodon.bida.im/tags/online" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>online</span></a> <a href="https://mastodon.bida.im/tags/it" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>it</span></a> <a href="https://mastodon.bida.im/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://mastodon.bida.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.bida.im/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a> <a href="https://mastodon.bida.im/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a> <a href="https://mastodon.bida.im/tags/cyberthreatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberthreatintelligence</span></a> <a href="https://mastodon.bida.im/tags/innovation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>innovation</span></a> <a href="https://mastodon.bida.im/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
205active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#cybersecurity
335 posts · 179 participants · 22 posts today
BeyondMachines :verified:<p>The critical Erlang/OTP SSH flaw actively exploited targeting operational technology networks</p><p>A critical vulnerability (CVE-2025-32433) in Erlang/OTP's SSH implementation allows unauthenticated remote code execution and is being actively exploited against internet-exposed systems, with Palo Alto Networks detecting 275 vulnerable hosts and noting that 70% of exploitation attempts target operational technology networks. Despite patches being available, widespread exploitation continues as organizations struggle to update critical infrastructure systems.</p><p>**If you are running Erlang based SSH service, time to update NOW. Especially in OT networks. Naturally, make sure the OT systems are not exposed to the internet. Then start patching.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/attack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>attack</span></a> <a href="https://infosec.exchange/tags/activeexploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activeexploit</span></a><br><a href="https://beyondmachines.net/event_details/the-critical-erlang-otp-ssh-flaw-actively-exploited-targeting-operational-technology-networks-u-v-1-j-q/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/the-critical-erlang-otp-ssh-flaw-actively-exploited-targeting-operational-technology-networks-u-v-1-j-q/gD2P6Ple2L</span></a></p>
Christoffer S.<p>Hmm... wouldn't it be kind of fun to use RSS + RPCJSON as a C2-channel?</p><p>Given how often RSS-feeds contain descriptions of C2, why not use it as a C2?</p><p><a href="https://swecyb.com/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> <a href="https://swecyb.com/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://swecyb.com/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <br><span class="h-card" translate="no"><a href="https://a.gup.pe/u/cybersecurity" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cybersecurity</span></a></span> <span class="h-card" translate="no"><a href="https://a.gup.pe/u/threatintel" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>threatintel</span></a></span></p>
Redhotcyber<p>Verso un ferragosto col botto! 36 RCE per il Microsoft Patch Tuesday di Agosto</p><p>📌 Link all'articolo : <a href="https://www.redhotcyber.com/post/verso-un-ferragosto-col-botto-36-rce-per-il-microsoft-patch-tuesday-di-agosto/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/post/verso-un-</span><span class="invisible">ferragosto-col-botto-36-rce-per-il-microsoft-patch-tuesday-di-agosto/</span></a></p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/cti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cti</span></a> <a href="https://mastodon.bida.im/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://mastodon.bida.im/tags/online" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>online</span></a> <a href="https://mastodon.bida.im/tags/it" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>it</span></a> <a href="https://mastodon.bida.im/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://mastodon.bida.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.bida.im/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a> <a href="https://mastodon.bida.im/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a> <a href="https://mastodon.bida.im/tags/cyberthreatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberthreatintelligence</span></a> <a href="https://mastodon.bida.im/tags/innovation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>innovation</span></a> <a href="https://mastodon.bida.im/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
Alexandre Dulaunoy<p>Beyond CVEs: Mastering the Landscape with Vulnerability-Lookup is finally online.</p><p>The talk was given at <span class="h-card" translate="no"><a href="https://infosec.exchange/@firstdotorg" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>firstdotorg</span></a></span> conference.</p><p><a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p>📹 Video <a href="https://youtu.be/PS6NuisVxBU?si=KbPbnHWgKM0wxmMR" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">youtu.be/PS6NuisVxBU?si=KbPbnH</span><span class="invisible">WgKM0wxmMR</span></a></p><p>🔗 Online instance <a href="https://vulnerability.circl.lu/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vulnerability.circl.lu/</span><span class="invisible"></span></a></p><p>🔗 Open source project <a href="https://www.vulnerability-lookup.org/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">vulnerability-lookup.org/</span><span class="invisible"></span></a></p>
Redhotcyber<p>Vulnerabilità RCE critica in Microsoft Teams: aggiornamento urgente necessario</p><p>📌 Link all'articolo : <a href="https://www.redhotcyber.com/post/vulnerabilita-rce-critica-in-microsoft-teams-aggiornamento-urgente-necessario/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/post/vulnerabi</span><span class="invisible">lita-rce-critica-in-microsoft-teams-aggiornamento-urgente-necessario/</span></a></p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/cti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cti</span></a> <a href="https://mastodon.bida.im/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://mastodon.bida.im/tags/online" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>online</span></a> <a href="https://mastodon.bida.im/tags/it" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>it</span></a> <a href="https://mastodon.bida.im/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://mastodon.bida.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.bida.im/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a> <a href="https://mastodon.bida.im/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a> <a href="https://mastodon.bida.im/tags/cyberthreatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberthreatintelligence</span></a> <a href="https://mastodon.bida.im/tags/innovation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>innovation</span></a></p>
Redhotcyber<p>29.000 server Exchange a rischio. L’exploit per il CVE-2025-53786 è sotto sfruttamento</p><p>📌 Link all'articolo : <a href="https://www.redhotcyber.com/post/29-000-server-exchange-a-rischio-lexploit-per-il-cve-2025-53786-e-sotto-sfruttamento/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/post/29-000-se</span><span class="invisible">rver-exchange-a-rischio-lexploit-per-il-cve-2025-53786-e-sotto-sfruttamento/</span></a></p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/cti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cti</span></a> <a href="https://mastodon.bida.im/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://mastodon.bida.im/tags/online" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>online</span></a> <a href="https://mastodon.bida.im/tags/it" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>it</span></a> <a href="https://mastodon.bida.im/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://mastodon.bida.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.bida.im/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a> <a href="https://mastodon.bida.im/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a> <a href="https://mastodon.bida.im/tags/cyberthreatintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberthreatintelligence</span></a> <a href="https://mastodon.bida.im/tags/innovation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>innovation</span></a> <a href="https://mastodon.bida.im/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
ANY.RUN<p>🚨 How <a href="https://infosec.exchange/tags/Rhadamanthys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rhadamanthys</span></a> Stealer Slips Past Defenses using ClickFix<br>⚠️ Rhadamanthys is now delivered via ClickFix, combining technical methods and social engineering to bypass automated security solutions, making detection and response especially challenging.<br>👾 While earlier ClickFix campaigns mainly deployed <a href="https://infosec.exchange/tags/NetSupport" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetSupport</span></a> RAT or <a href="https://infosec.exchange/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AsyncRAT</span></a>, this C++ infostealer ranks in the upper tier for advanced evasion techniques and extensive data theft capabilities.</p><p><a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANYRUN</span></a> Sandbox lets SOC teams observe and execute complex chains, revealing evasive behavior and providing intelligence that can be directly applied to detection rules, playbooks, and proactive hunting.</p><p>🔗 Execution Chain:<br>ClickFix ➡️ msiexec ➡️ exe-file ➡️ infected system file ➡️ PNG-stego payload</p><p>In a recent campaign, the phishing domain initiates a ClickFix flow (<a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MITRE</span></a> T1566), prompting the user to execute a malicious MSI payload hosted on a remote server. </p><p>🥷 The installer is silently executed in memory (<a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MITRE</span></a> T1218.007), deploying a stealer component into a disguised software directory under the user profile.</p><p>The dropped binary performs anti-VM checks (T1497.001) to avoid analysis. </p><p>In later stages, a compromised system file is used to initiate a TLS connection directly to an IP address, bypassing DNS monitoring.</p><p>📌 For encryption, attackers use self-signed TLS certificates with mismatched fields (e.g., Issuer or Subject), creating distinctive indicators for threat hunting and expanding an organization’s visibility into its threat landscape.</p><p>🖼️ The C2 delivers an obfuscated PNG containing additional payloads via steganography (T1027.003), extending dwell time and complicating detection.</p><p>🎯 See execution on a live system and download actionable report: <a href="https://app.any.run/tasks/a101654d-70f9-40a5-af56-1a8361b4ceb0/?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_term=120825&utm_content=linktoservice" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">app.any.run/tasks/a101654d-70f</span><span class="invisible">9-40a5-af56-1a8361b4ceb0/?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_term=120825&utm_content=linktoservice</span></a></p><p>🔍 Use these <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANYRUN</span></a> TI Lookup search queries to track similar campaigns and enrich <a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IOCs</span></a> with live attack data from threat investigations across 15K SOCs:<br><a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522clickfix%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">intelligence.any.run/analysis/</span><span class="invisible">lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522clickfix%255C%2522%2522,%2522dateRange%2522:180%7D</span></a><br><a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522rhadamanthys%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">intelligence.any.run/analysis/</span><span class="invisible">lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522rhadamanthys%255C%2522%2522,%2522dateRange%2522:180%7D</span></a><br><a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522netsupport%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">intelligence.any.run/analysis/</span><span class="invisible">lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522netsupport%255C%2522%2522,%2522dateRange%2522:180%7D</span></a><br><a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522asyncrat%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">intelligence.any.run/analysis/</span><span class="invisible">lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522asyncrat%255C%2522%2522,%2522dateRange%2522:180%7D</span></a></p><p>👾 IOCs:<br>84.200[.]80.8<br>179.43[.]141.35<br>194.87[.]29.253<br>flaxergaurds[.]com<br>temopix[.]com<br>zerontwoposh[.]live<br>loanauto[.]cloud<br>wetotal[.]net<br>Find more indicators in the comments 💬</p><p>Protect critical assets with faster, deeper visibility into complex threats using <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANYRUN</span></a> 🚀</p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Matthias Schulze<p>Hackers using fake summonses in attacks on Ukraine's defense sector <a href="https://therecord.media/hackers-using-fake-summonses-ukraine" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/hackers-using-</span><span class="invisible">fake-summonses-ukraine</span></a> <a href="https://ioc.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://ioc.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Dumb Password Rules<p>This dumb password rule is from Williams-Sonoma.</p><p>25 maximum characters and disallowing some specials.</p><p><a href="https://dumbpasswordrules.com/sites/williams-sonoma/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dumbpasswordrules.com/sites/wi</span><span class="invisible">lliams-sonoma/</span></a></p><p><a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> <a href="https://infosec.exchange/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/dumbpasswordrules" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dumbpasswordrules</span></a></p>
Meshtastic<p>At <a href="https://mastodon.social/tags/DEFCON33" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DEFCON33</span></a>, <a href="https://mastodon.social/tags/Meshtastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Meshtastic</span></a> ran its biggest mesh yet—2K+ nodes, thousands of msgs & an unexpected live vulnerability demo. Lessons learned ✅ Big plans for security, identity & UX.</p><p>Full recap 👉 <a href="https://meshtastic.org/blog/that-one-time-at-defcon/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">meshtastic.org/blog/that-one-t</span><span class="invisible">ime-at-defcon/</span></a></p><p><a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></p>
Matthias Schulze<p>Durch Datenlecks verursachte Kosten sind gefallen <a href="https://www.csoonline.com/article/4032835/durch-datenlecks-verursachte-kosten-sind-gefallen.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">csoonline.com/article/4032835/</span><span class="invisible">durch-datenlecks-verursachte-kosten-sind-gefallen.html</span></a> <a href="https://ioc.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://ioc.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Violet Blue<p>From this morning: <a href="https://mastodon.social/tags/DEFCON" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DEFCON</span></a> tidbits, US Pacer hack outs sealed arrests and witnesses, hackers infiltrate Google’s Gemini AI smart home functions via calendar invite, Reddit blocked Internet Archive, Meta surveilled period-tracker app users, and more:</p><p><a href="https://www.patreon.com/posts/cybersecurity-12-136290025" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">patreon.com/posts/cybersecurit</span><span class="invisible">y-12-136290025</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a></p>
Tanya Janca | SheHacksPurple :verified: :verified:<p>🎥 Missed one of my past conference talks? Let’s fix that.</p><p>I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.</p><p>“Cloud Native Security; Explained”<br>📽️ <a href="https://twp.ai/4ipSVP" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">twp.ai/4ipSVP</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/SecurityAwareness" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAwareness</span></a> <a href="https://infosec.exchange/tags/cloudsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsec</span></a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloud</span></a> <a href="https://infosec.exchange/tags/cloudnative" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudnative</span></a></p>
Tekno Fix - IT Solutions<p>Earlier today, Google India’s main YouTube account abruptly went offline after what looks like a textbook channel hijacking.</p><p><a href="https://mstdn.social/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://mstdn.social/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mstdn.social/tags/CybersecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CybersecurityNews</span></a> <a href="https://mstdn.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mstdn.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> <a href="https://mstdn.social/tags/Mobile" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mobile</span></a> <a href="https://mstdn.social/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://mstdn.social/tags/YouTube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YouTube</span></a> <a href="https://mstdn.social/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://mstdn.social/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://mstdn.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechNews</span></a> <a href="https://mstdn.social/tags/Business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Business</span></a> <a href="https://mstdn.social/tags/Travel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Travel</span></a> <a href="https://mstdn.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialMedia</span></a> <a href="https://mstdn.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mastodon</span></a> <a href="https://mstdn.social/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a></p>
Tekno Fix - IT Solutions<p>Sixty malicious Ruby gems containing credential-stealing code have been downloaded over 275,000 times since March 2023, targeting developer accounts.</p><p><a href="https://mstdn.social/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://mstdn.social/tags/PC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PC</span></a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mstdn.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mstdn.social/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://mstdn.social/tags/Coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Coding</span></a> <a href="https://mstdn.social/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Programming</span></a> <a href="https://mstdn.social/tags/Ruby" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ruby</span></a> <a href="https://mstdn.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mstdn.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mstdn.social/tags/Github" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Github</span></a> <a href="https://mstdn.social/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://mstdn.social/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://mstdn.social/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://mstdn.social/tags/Computing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Computing</span></a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/Business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Business</span></a> <a href="https://mstdn.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechNews</span></a> <a href="https://mstdn.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mstdn.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialMedia</span></a> <a href="https://mstdn.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mastodon</span></a> <a href="https://mstdn.social/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a></p>
Tekno Fix - IT Solutions<p>Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers.</p><p><a href="https://mstdn.social/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://mstdn.social/tags/PC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PC</span></a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mstdn.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mstdn.social/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://mstdn.social/tags/Marketing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Marketing</span></a> <a href="https://mstdn.social/tags/Advertising" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Advertising</span></a> <a href="https://mstdn.social/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://mstdn.social/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://mstdn.social/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://mstdn.social/tags/Computing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Computing</span></a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/Business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Business</span></a> <a href="https://mstdn.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechNews</span></a> <a href="https://mstdn.social/tags/Finance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Finance</span></a> <a href="https://mstdn.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mstdn.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialMedia</span></a> <a href="https://mstdn.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mastodon</span></a> <a href="https://mstdn.social/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a></p>
Tekno Fix - IT Solutions<p>Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks.</p><p><a href="https://mstdn.social/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://mstdn.social/tags/PC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PC</span></a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mstdn.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mstdn.social/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://mstdn.social/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://mstdn.social/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://mstdn.social/tags/Computing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Computing</span></a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/Business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Business</span></a> <a href="https://mstdn.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechNews</span></a> <a href="https://mstdn.social/tags/Finance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Finance</span></a> <a href="https://mstdn.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mstdn.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SocialMedia</span></a> <a href="https://mstdn.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mastodon</span></a> <a href="https://mstdn.social/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a></p>
Matthias Schulze<p>Verfassungsgericht: Staatstrojaner sind bei "Alltagskriminalität" tabu <a href="https://www.heise.de/news/Verfassungsgericht-Staatstrojaner-sind-bei-Alltagskriminalitaet-tabu-10512707.html?wt_mc=rss.red.ho.top-news.atom.beitrag.beitrag" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Verfassungsgeric</span><span class="invisible">ht-Staatstrojaner-sind-bei-Alltagskriminalitaet-tabu-10512707.html?wt_mc=rss.red.ho.top-news.atom.beitrag.beitrag</span></a> <a href="https://ioc.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://ioc.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Dissent Doe :cupofcoffee:<p>So yesterday, I emailed a state court system that appears to be linked to the exposed data I mentioned recently and that the host notified on or about July 28. </p><p>No reply was received.</p><p>Today, I sent a contact form message to the lawyer for a juvenile whose records were sealed. Sealed, except 11 of them were exposed to anyone who can access the data. I told him what was going on and suggested he contact the court and tell them to get the data secured. </p><p>No reply was received.</p><p>Today, I sent an email to the judge who ordered the juvenile's records sealed and I cc:d the district attorney. I gave them the juvenile's name, case number and that I could see all the sealed records. I urged them to have their IT or vendor call me and I could give them the IP address over the phone, etc. </p><p>No reply was received.</p><p>Dear Russia, China, and North Korea:</p><p>You do not need to hack our courts. They are leaking like sieves and do not respond when we try to tell them they need to secure the data.</p><p>Yours in total frustration,</p><p>/Dissent</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/incident_response" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident_response</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/WAKETHEFUCKUP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WAKETHEFUCKUP</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload