English- •
- www.bleepingcomputer.com
- •
- 3M
- •
> A vulnerability dubbed "CosmicSting" impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks.
- •
- 2M
- •
South Korean ISP is serving malware!
[https://youtube.com/watch?v=iRjdjck3obY](https://youtube.com/watch?v=iRjdjck3obY)
[@piracy](https://lemmy.dbzer0.com/c/piracy) [@cybersecurity](https://sh.itjust.works/c/cybersecurity)
[\#southkorea](https://mas.to/tags/southkorea) [#piracy](https://mas.to/tags/piracy) [#infosec](https://mas.to/tags/infosec) [#malware](https://mas.to/tags/malware) [#torrent](https://mas.to/tags/torrent) [#cybersecurity](https://mas.to/tags/cybersecurity) [#tech](https://mas.to/tags/tech) [#hacking](https://mas.to/tags/hacking)
- •
- betanews.com
- •
- 2M
- •
> Check Point Research (CPR) has identified a critical zero-day spoofing attack exploiting Microsoft Internet Explorer on modern Windows 10/11 systems, despite the browser's retirement.
- @0x0@programming.dev English
- •
- krebsonsecurity.com
- •
- 2M
- •
> At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.
- •
- today.ucsd.edu
- •
- 2M
- •
> A smartphone’s unique Bluetooth fingerprint could be used to track the device’s user–until now. A team of researchers have developed a simple firmware update that can completely hide the Bluetooth fingerprint, eliminating the vulnerability.
- •
- www.bleepingcomputer.com
- •
- 3M
- •
> A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data.
- •
- www.bleepingcomputer.com
- •
- 3M
- •
> Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites.
- •
- www.csoonline.com
- •
- 3M
- •
> Attackers are using social engineering to get users to copy, paste, and run malicious scripts — all while thinking they are helping out the IT team.
- •
- www.bleepingcomputer.com
- •
- 3M
- •
> The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database.
- •
- www.bleepingcomputer.com
- •
- 2M
- •
> The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center.
- •
- www.bleepingcomputer.com
- •
- 2M
- •
> The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected up to tens of millions of websites has been traced to a common operator. Researchers discovered a public GitHub repository with leaked API keys helping them draw a conclusion.
- •
- arstechnica.com
- •
- 3M
- •
> Malicious updates available from WordPress.org create attacker-controlled admin account.
- •
- www.bleepingcomputer.com
- •
- 3M
- •
> A novel command execution technique dubbed 'GrimResource' uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform code execution via the Microsoft Management Console.
Cybersecurity
!cybersecurity@sh.itjust.worksYou are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !cybersecurity@sh.itjust.works
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We’re all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your “friends” socials you’re just going to get banned so don’t do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
- 0 users online
- 3 users / day
- 5 users / week
- 14 users / month
- 20 users / 6 months
- 0 subscribers
- 117 Posts
- 0 Comments
- Modlog
- mods:
- Kid
sh.itjust.works
A bilingual (EN/FR) general-purpose instance located in eastern Canada! Powered by 99% renewable energy! Everyone is welcome eh.
Useful Links
Rules:
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Règles :
- Soyez respectueux. Tout le monde doit se sentir le bienvenu ici.
- Pas de bigoterie - y compris le racisme, le sexisme, le capacitisme, l’homophobie, la transphobie ou la xénophobie.
- Pas de publicités / Pas de spam.
- Pas de pornographie.
Other UI options (more to come)
Monitoring Services
lemmy-meter.info