Microsoft e CrowdStrike hanno trovato una soluzione per il naming dei Threat Actors.
By MEMENGINEER Francesco Rotorato
Siamo alla ricerca di nuovi #memengineer da inserire nella "meme4cyber Unit™". Per informazioni scrivi a meme4cyber@redhotcyber.com
Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says https://therecord.media/pro-ukraine-hacker-group-black-owl-major-threat-russia #cybersecurity #infosec
This dumb password rule is from Microsoft (work accounts).
What doesn't seem to be a problem for personal accounts, is for work
accounts from Microsoft (e.g. Office 365 etc.).
Maximum 16 characters. So forget about using your new fancy diceware
password here - or really any secure passwords in general.
Oh - and besides that, please don't use any "exoti...
https://dumbpasswordrules.com/sites/microsoft-work-accounts/
Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion https://thehackernews.com/2025/06/microsoft-and-crowdstrike-launch-shared.html #cybersecurity #infosec
Cybercriminals camouflaging threats as AI tool installers
Cybercriminals are exploiting the popularity of AI by distributing malware disguised as AI solution installers. Three threats have been identified: CyberLock ransomware, Lucky_Gh0$t ransomware, and a newly discovered destructive malware called Numero. CyberLock, developed using PowerShell, encrypts specific files and demands a $50,000 ransom in Monero. Lucky_Gh0$t is a variant of Yashma ransomware, masquerading as a ChatGPT installer. Numero, imitating an AI video creation tool, manipulates Windows GUI components, rendering systems unusable. These threats primarily target B2B sales, technology, and marketing sectors. The attackers use SEO manipulation and various distribution channels to deceive victims. Organizations are urged to exercise caution and verify sources when downloading AI tools.
Pulse ID: 6840ecf1d62aaa388847dbd7
Pulse Link: https://otx.alienvault.com/pulse/6840ecf1d62aaa388847dbd7
Pulse Author: AlienVault
Created: 2025-06-05 01:03:45
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
WhatsApp is end-to-end encrypted with Meta as the go between. If you think we cannot know or see what you share on WhatsApp, you're wrong.
If you want to argue this fact, do not bother, I've been working for Meta for 5 years, I know what I am talking about.
Whenever it is brought up by someone, those people don't last long in the company. And the general reasoning employees are given is lability, because legally Meta cannot claim ignorance in the United States.
#WhatsApp #InfoSec #Privacy
I need to get off gmail.
Looking for recommendations for privacy focussed email services .
If anyone has some positive thoughts, I would be interested to hear them.
Keep it simple please 
European email providers
https://european-alternatives.eu/alternative-to/gmail
An email provider provides its users with an e-mail address and the corresponding mailboxes. Most e-mail providers also provide a webmail interface in which the user can read and send e-mails in the browser.
This category contains services from companies based in a member state of the European Union (EU), the European Economic Area (EEA) and the European Free Trade Association (EFTA).
___
@ueeu
#privacy #email #Europe #eu #infosec #internet #cybersecurity #opensource #foss #international #technology
Germany says anti-Israel and pro-Russia hackers are its biggest cybercrime threats https://www.timesofisrael.com/germany-says-anti-israel-and-pro-russia-hackers-are-its-biggest-cybercrime-threats/ #cybersecurity #infosec
The UK Brings Cyberwarfare Out of the Closet https://www.securityweek.com/the-uk-brings-cyberwarfare-out-of-the-closet/ #cybersecurity #infosec
Cyber Attacks on Government Agencies: Detect and Investigate
This analysis examines cyber threats targeting government institutions worldwide, focusing on three case studies: a phishing email targeting the South Carolina Department of Employment and Workforce, a fraudulent domain mimicking the U.S. Social Security Administration, and a malicious PDF posing as a South African Judiciary notice. The study demonstrates how ANY.RUN's solutions, including Threat Intelligence Lookup, Interactive Sandbox, and YARA Search, can be utilized to detect, analyze, and mitigate these threats. Key findings include the use of FormBook stealer, remote access tools, and credential harvesting techniques. The analysis provides actionable insights for government cybersecurity teams to enhance their defensive strategies and response capabilities.
Pulse ID: 68409d6271a2178e01aa5e79
Pulse Link: https://otx.alienvault.com/pulse/68409d6271a2178e01aa5e79
Pulse Author: AlienVault
Created: 2025-06-04 19:24:18
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
New Open-Source Tool Spotlight 
Groundhog by @ghuntley explains AI coding agents like Cursor from first principles. Built in Rust, it teaches the inner workings of coding assistants—perfect for learning or building your own. #AI #RustLang
Project link on #GitHub 
https://github.com/ghuntley/groundhog
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— 
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 
Minutes from the CVE Board teleconference meeting on May 14 are now available
https://cve.mitre.org/community/board/meeting_summaries/14_May_2025.pdf
#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity
Exciting news! 
Be part of the action at #OWASP Global #AppSec USA in Washington, DC this November. Showcase your expertise and apply to speak at this fantastic event. Seize the opportunity to shine - submit your proposals here: https://sessionize.com/owasp-global-appsec-USA-2025-cfp2/ 
#infosec #AI #devsecops
Mandiant: Hello, Operator? A Technical Analysis of Vishing Threats https://cloud.google.com/blog/topics/threat-intelligence/technical-analysis-vishing-threats #cybersecurity #infosec #phishing
Polish engineer creates postage stamp-sized 1980s Atari computer https://arstechnica.com/gadgets/2025/06/polish-engineer-creates-postage-stamp-sized-1980s-atari-computer/ #cybersecurity #infosec
Cisco's on a roll. There's about nine vulnerabilities listed today.
Cisco Security Advisories: https://sec.cloudapps.cisco.com/security/center/publicationListing.x @TalosSecurity #cybersecurity #Infosec #Cisco
Be sure to print out paper tickets, keep the copies throughout your trip. Upon return to your home country, you have receipts, documentation and tickets showing where you traveled. Want to learn more? Class is soon. https://lockdownyourlife.as.me/travel
