Cybersecurity
My current hardware MFA key is no longer receiving security patches, so I'm in the market for a new one. Here's a list of features I'd like my new hardware MFA key to have, in order of priority: 1. USB-A 2. NFC 3. USB-C 4. Biometric 5. Bluetooth My current MFA key has features 1-3 and 5. Is there a Holy Grail MFA key somewhere out there with all 5 features? I'm already pretty familiar with YubiCo's product lineup, and while I love their security rating and build quality, none of them have more than 2 of the features listed above, so that kinda bums me out. Anyway, let's hear your hardware MFA key recommendations! #MFA #2FA #fido #fido2 #fido3 #NFC #USB #USBc #USBa #Biometric #Fingerprint #YubiCo #YubiKey #Bluetooth #CyberSecurity #InfoSec
Cyberangriffe sind Realität – welche Notfallkonzepte wir brauchen, erklärt Dr. Dirk Häger auf der #itsa2024 in seinem Vortrag am 23. Oktober in der Speakers' Corner des BSI. 👉 Mehr Infos: <https://www.bsi.bund.de/dok/it-sa> #CyberSecurity #ITSecurity #TeamBSI #itsa
Sellafield nuclear site hit with £332,500 fine after 'significant cybersecurity shortfalls' Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/sellafield-nuclear-site-332500-fine-cybersecurity-shortfalls/> #cybersecurity #nuclear
Two Harvard students took Meta’s commercially available Ray Ban smart glasses and built facial recognition software that automatically looks up someone’s face and identifies them, including personal information. Read it at @404mediaco@mastodon.social (Registration may be required). #Meta #SmartGlasses #Cybersecurity #Tech #Technology <https://flip.it/WDXr7Z>
The FCC announced a $31.5 million settlement with T-Mobile over multiple data breaches that compromised the personal information of millions of U.S. consumers from 2021-2023. More from @BleepingComputer@infosec.exchange. #FCC #TMobile #Cybersecurity #Tech <https://flip.it/MGWkCJ>
Disclosing details of a #vulnerability I discovered 1 year ago: N-able Ecosystem Agent Improper Certificate Validation #CVE_2024_5445 vulnerability leads to #RCE as SYSTEM user. Vulnerability details: <https://sintonen.fi/advisories/n-able-ecosystem-agent-improper-certificate-validation.txt> N-able has rated this vulnerability CVSS 3.8, but the practical impact of this vulnerability is grave as it allows attackers in privileged network position to fully compromise vulnerable systems. While arguing for such low score N-able presentative stated that: "The vulnerability reported does not constitute an RCE, the Ecosystem agent is designed to run installation packages in a privileged context and the agent is doing what it should do when it receives such packages to install over the APIs." I think this is somewhat disingenuous. #infosec #cybersecurity
Critical printing system bugs affect hundreds of thousands of Linux machines⤵️ #Linux #cybersecurity #technology #infosec <https://cnews.link/critical-printing-system-bugs-linux-affected/>
The UN General Assembly recently approved the Pact For the Future, a declaration pledging concrete actions toward a safer, more peaceful, sustainable, and inclusive future. The Pact includes a worldwide commitment to ensure that digital technologies contribute to sustainable development and human rights, while addressing risks like digital divides, #cybersecurity, and misuse of technology. How do you think this will impact you in the next 5-10 years? <https://www.un.org/global-digital-compact/en> #OpenSource #OSS
FBI warns of sophisticated Iranian hackers targeting personal accounts⤵️ #FBI #cybersecurity #Iran #infosec #hacking <https://cnews.link/iranian-hackers-targeting-personal-accounts/>
Deepfake Ukrainian diplomat targeted US senator on Zoom call. Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/deepfake-ukrainian-diplomat-targeted-us-senator-on-zoom-call/> #cybersecurity #deepfake
The Irish Data Protection Commission has fined Meta with a $101.5 million penalty after investigating a 2019 security breach in which the company mistakenly stored users' passwords in plain text. Via @Engadget. #Meta #Cybersecurity #Tech #Technology <https://flip.it/ZD45rD>
Security researchers have found a set of vulnerabilities that could allow bad actors to hack into Kia vehicles made after 2013. #Kia #hack #vulnerabilities #CyberSecurity #datasecurity #infosec <https://cnews.link/hackers-could-exploit-kia-vulnerabilities-3/>
Microsoft has discovered a new threat actor that previously operated as an affiliate for other ransomware-as-a-service gangs. #Microsoft #ransomware #CyberAttack #CyberSecurity #infosec <https://cnews.link/former-affiliate-upgrades-and-launches-its-own-attacks-1/>
Gemini, a powerful Google Workspace AI assistant, can be manipulated to produce misleading or malicious unintended responses. #Google #Gemini #AI #CyberSecurity #infosec <https://cnews.link/hidden-prompts-emails-docs-google-gemini-haywire-3/>
Losses from hacks and fraud in the crypto industry decreased significantly in the third quarter of this year compared to Q3 of 2023. #cyrpto #hack #fraud #CyberSecurity #infosec <https://cnews.link/fewer-losses-crypto-hacks-2/>
The US Treasury Department has announced sanctions against several Russian crypto companies. #US #Crypto #CyberSecurity #ransomware #infosec <https://cnews.link/us-sanctions-russian-crypto-exchanges-ransomware-2/>
A group of independent security researchers were able to scan virtually any internet-connected Kia vehicle’s license plate and within seconds gain the ability to track that car’s location, unlock the car, honk its horn, or start its ignition at will. More from @WIRED (Subscription may be required). #Kia #Hack #Tech #Technology #Cybersecurity <https://flip.it/2fswDC>
When UK rail stations' Wi-Fi was defaced by hackers the only casualty was the truth. Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/when-uk-rail-stations-wi-fi-was-defaced-by-hackers-the-only-casualty-was-the-truth/> #cybersecurity #hacking
Handala Hack leaked 60,000 thousand ‘secret emails’ allegedly belonging to Gabriel "Gabi" Ashkenazi and exposed Benny Gantz. #Israeli #dataleak #DataSecurity #CyberSecurity #infosec <https://cnews.link/pro-palestinian-hackers-claim-hacked-israeli-politicians-1/>
Run to the hills! Run to the hills! Pull the communication cord! Oh, hang on... it's just some kids who've defaced a hotspot login page... #cybersecurity #hype
CISA has warned that hackers continue to be capable of compromising industrial control systems using "unsophisticated methods" - suggesting that much more still needs to be done to secure them properly. Meanwhile, hackers claim to have changed chlorine levels at Lebanese water facilities... Read more in my article on the Tripwire blog: <https://www.tripwire.com/state-of-security/cisa-warns-hackers-targeting-industrial-systems-unsophisticated-methods> #cybersecurity #ics #ot #wws
Malicious attackers are trying to capitalize on public interest surrounding charges against the rap star Sean “Diddy” Combs. #hackers #SeanCombs #Malware #CyberSecurity #infosec <https://cnews.link/hackers-hiding-malware-in-fake-deleted-diddy-files-1/>
▪️ @cybernews@infosec.exchange research ▪️ A massive leak has exposed 95 million records belonging to French citizens. #cybersecurity #dataleak #datasecurity #infosec #France <https://cnews.link/french-records-exposed-mysterious-data-hoarder/>
The Donald Trump presidential campaign has been aware of a hack since mid-August. #Trump #hack #Iran #cybersecurity #infosec <https://cnews.link/trump-campaign-hack-iran-ongoing-3/>
MoneyGram is making some progress restoring operations after a full-blown cyberattack incapacitated its networks over the weekend. #MoneyGram #US #cyberattack #cybersecurity #infosec <https://cnews.link/moneygram-cyberattack-outage-unprocessed-payments-3/>
Cybersecurity executives say they are taking legal steps to protect themselves from “unprecedented” pressures of a shifting threat landscape. #AI #CyberSecurity #threats #infosec <https://cnews.link/ai-threats-pushing-cyber-pros-1/>
Cyber Pros need to turbocharge their skills with AI if they want to stay competitive. #AI #hackers #CyberSecurity #infosec <https://cnews.link/ai-makes-ethical-hackers-twice-as-productive-1/>
Two men arrested one month after $230 million of cryptocurrency stolen from a single victim. The men were allegedly less than careful hiding their behaviour - spending $500,000 a night in nightclubs, buying hundreds of bottles of champagne, gifting designer handbags (and even a pink Lamborgini) to random women they bumped into on a night out... Read more in my article on the Bitdefender blog: <https://www.bitdefender.com/blog/hotforsecurity/two-men-arrested-one-month-after-230-million-of-cryptocurrency-stolen-from-a-single-victim/> #cybersecurity #cryptocurrency
▪️@cybernews research▪️ Popular podcast platform leaks data of tens of millions of its customers⤵️ #dataleak #KukuFM #datasecurity #cybersecurity #infosec <https://cnews.link/kukufm-customer-data-leaked/>
🧪 NEW BETA RELEASES 🧪 📱 iOS 18.1 beta 5 (22B5054e) 📱 iPadOS 18.1 beta 5 (22B5054e) 💻 macOS 15.1 beta 5 (24B5055e) 📺 tvOS 18.1 beta 2(22J5552d) 🥽 visionOS 2.1 beta 2 (22N5553d) ⌚ watchOS 11.1 beta 2 (22R5554e) #apple #cybersecurity #infosec #security #ios
“My weapon of choice? Phishing.” #phishing #CyberAttack #CyberSecurity #datasecurity #infosec <https://cnews.link/combating-phishing-attacks-1/>
▪️ @cybernews@infosec.exchange research ▪️It was revealed that a massive data leak at MC2 Data, a background check firm, affects a staggering amount of US citizens. #US #dataleak #DataSecurity #CyberSecurity #infosec <https://cnews.link/us-mc2-background-check-data-leaked/>
Almost half of cyberattacks in the European Union are denial of service attacks (DDoS). #DDoS #EU #CyberAttack #CyberSecurity #infosec #ransomware <https://cnews.link/ddos-overtakes-ransomware-as-most-active-threat-1/>
A giant phishing network has been shut down in Spain and Latin America, resulting in multiple searches and seized items. #phishing #Spain #Europol #datasecurity #CyberSecurity #infosec <https://cnews.link/europol-busts-iserver-phishing-network-2/>
Up to date in Sachen Cybersicherheit: Die Meldungen von Bürger-CERT und CERT-Bund sowie die Cyber-Sicherheitswarnungen findet ihr direkt hier: <https://www.bsi.bund.de> #Cybersecurity #StaySafe #DeutschlandDigitalSicherBSI
An Iranian malicious cyber actor tried to tempt Joe Biden’s campaign with non-public material stolen from Trump’s campaign. #Iran #Trump #Biden #cybersecurity #DataSecurity #infosec <https://cnews.link/iran-tried-to-hand-stolen-trump-campaign-data-to-biden-3/>
Hezbollah walkie-talkies targeted by Israel in new round of simultaneous fatal blasts⤵️ #Hezbollah #cybersecurity #cyberwar #Israel <https://cnews.link/hezbollah-walkie-talkies-israel-explosions/>
Windows users risk losing funds from crypto wallets and other personal data from a new form of attack involving captcha verification. #Crypto #captcha #CyberSecurity #CyberAttack #infosec <https://cnews.link/captcha-lumma-malware-1/>
▪️ @cybernews@infosec.exchange research▪️ Chrome extension hides malware to steal crypto: new operation uncovered⤵️ #SpiderX #crypto #malware #cybersecurity #infosec #privacy <https://cnews.link/chrome-extension-new-malware-steal-crypto/>
AT&T is reaching for its wallet again. This time, it’s to settle a cloud breach investigation led by the FCC. #FCC #breach #DataSecurity #cybersecurity #infosec <https://cnews.link/at-t-ffc-13-million-settlement-3/>
Cybersecurity
!cybersecurity@fedia.ioAn umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Rules
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.