Ukraine's military intelligence agency GUR has allegedly hacked Russian internet service provider Orion Telecom
GUR hackers allegedly disabled 370 servers and 500 network switches and wiped backup servers
reshared this
-Predator spyware alive despite US sanctions
-Paragon spyware used a zero-click iOS zero-day
-28 OAGs sue 23andMe
-South Korea’s largest online bookstore gets ransomwared
-Another CISA leadership departure
-Europol complains about E2EE again
-CNIL draft targets email tracking pixels
-Meta sues nudify app maker
-Privacy groups protest against STOP CSAM Act
-Academics say govts should launch period tracking apps
Podcast: risky.biz/RBNEWS437/
Newsletter: news.risky.biz/risky-bulletin-…
Risky Bulletin: Predator spyware alive despite US sanctions
In other news: Paragon spyware used a zero-click iOS zero-day; 28 OAGs sue 23andMe; and major week for law enforcement actions.Catalin Cimpanu (Risky.Biz)
reshared this
An Intelligence Online report claims that a small Chinese telecommunications company deployed an unauthorized antenna near Airbus sites in an apparent attempt to spy on Airbus and French satellites
reshared this
There's a bug in Discord that lets threat actors exploit and hijack expired or deleted Discord invite links and redirect users to malware
research.checkpoint.com/2025/f…
The Discord Invite Loop Hole Hijacked for Attacks - Check Point Research
Learn how Discord's invite links are hijacked and reused to redirect users to harmful servers in place of trusted communitiesalexeybu (Check Point Research)
reshared this
The Stryker mobile pen-testing app is now free: t.me/strykerapp/518
Learn how to use it from Lukas Stefanko, an expert in Android malware and reverse engineering: mobile-hacker.com/2025/06/12/s…
Stryker App Goes Free: The Ultimate Mobile Pentesting Toolkit
Stryker is a powerful mobile app that transforms your Android device into a pentesting workspace. Designed to help you test networks and devices for common vulnerabilities without requiring specialized skills or extensive knowledgemh (Mobile Hacker)
reshared this
New Predator spyware infrastructure discovered... now in Mozmbique for the first time
recordedfuture.com/research/pr…
Predator Still Active, with New Client and Corporate Links Identified
Despite sanctions and global scrutiny, Predator spyware operations persist. Insikt Group reveals new infrastructure links in Mozambique, Africa, and Europe, highlighting ongoing threats to civil society and political targets.Insikt Group® (Recorded Future)
reshared this
Dutch police identified 126 Cracked hacking forum users, with the youngest being an 11-year-old
They filed criminal cases against 8 and warned the rest
politie.nl/nieuws/2025/juni/10…
Politie identificeert gebruikers op internationaal verdacht cyber platform
Steeds vaker worden gebruikersnamen en e-mailadressen aangetroffen op platforms waar cybercriminelen actief zijn. Denk aan de handel in hacking tools, frauduleuze refunds, combolijsten en verboden tools.www.politie.nl
reshared this
The use of E2EE apps has become an increasingly important obstacle to Europol investigations. Short metadata retention periods also impact criminal network mapping efforts.
This is the third year in a row that Europol has highlighted E2EE as a problem
europol.europa.eu/media-press/…
Steal, Deal, Repeat: Cybercriminals cash in on your data | Europol
Europol’s 2025 Internet Organised Crime Threat Assessment (IOCTA), published today, reveals how stolen data fuels the digital underworld, powering a criminal ecosystem that spans from online fraud and ransomware to child exploitation and extortion.Europol
reshared this
France's privacy watchdog is exploring the possibility of adding a consent mechanism to email tracking pixel technologies
cnil.fr/fr/consultation-publiq…
Pixels de suivi : la CNIL lance une consultation publique sur son projet de recommandation
Qu’est-ce qu’un pixel de suivi ? Les pixels de suivi (tracking pixel en anglais) sont une méthode de traçage alternative aux traceurs/cookies.www.cnil.fr
reshared this
Email tracking pixels are such a bs issue, because regardless of who the slimy party sending them is, it's always your own MUA selling you out by honoring them.
Please give us laws that make the party selling the MUA liable for the privacy breach.
RedTeam Pentesting and Synacktiv have published technical analyses of CVE-2025-33073, a new way to execute NTLM reflection attacks.
This was fixed in this month's Patch Tuesday and also works against Kerberos.
blog.redteam-pentesting.de/202…
synacktiv.com/publications/ntl…
A Look in the Mirror - The Reflective Kerberos Relay Attack
It is a sad truth in IT security that some vulnerabilities never quite want to die and time and time again, vulnerabilities that have long been fixed get revived and come right back at you. While researching relay attacks, the bane of Active …RedTeam Pentesting - Blog
reshared this
SySS has also published its analysis of CVE-2025-33073 today:
blog.syss.com/posts/kerberos-r…
Authentication coercion of machine accounts and Kerberos relaying/reflection over SMB
In this blog article, further technical details concerning the Microsoft Windows SMB security vulnerability CVE-2025-33073 are presented.Stefan Walter, Daniel Isern (SySS Tech Blog)
For the past decade, academics have explored ways of exfiltrating data from air-gapped systems using smartphones as the receivers in those attacks. New research looks at the possibility of using smartwatches instead
reshared this
Sekoia has published a report looking at the AitM phishing kit landscape, its evolution, and today's largest providers.
blog.sekoia.io/global-analysis…
Global analysis of Adversary-in-the-Middle phishing threats
Explore the 2025 landscape of Adversary-in-the-Middle phishing threats with data, trends, and top detection insights.Quentin Bourgue, Grégoire Clermont and Sekoia TDR (Sekoia.io Blog)
reshared this
A new threat actor named UNK_SneakyStrike used TrustedSec's TeamFiltration tool to enumerate Entra ID accounts and launch password-spraying attacks against 80k+ Entra ID accounts
proofpoint.com/us/blog/threat-…
Attackers Unleash TeamFiltration: Account Takeover Campaign (UNK_SneakyStrike) Leverages Popular Pentesting Tool | Proofpoint US
Key takeaways Proofpoint threat researchers have recently uncovered an active account takeover (ATO) campaign, tracked as UNK_SneakyStrike, using the TeamFiltration pentestingProofpoint
reshared this
ISC2's 2025 Cybersecurity Hiring Trends is out
isc2.org/Insights/2025/06/cybe…
2025 Cybersecurity Hiring Trends: Why Investing in Entry- and Junior-Level Talent is Key to Building a More Resilient Cybersecurity Workforce
To understand how cybersecurity hiring managers are finding success investing in entry- and junior-level roles, ISC2 surveyed 929 hiring managers across organizations of all sizes in Canada, Germany, India, Japan, the U.K. and the U.S.www.isc2.org
reshared this
The CISSP is supposed to have 5 years of experience in cyber.
It is INSANE to “require” it for an entry level or junior position.
(Yes, ISC2 has the associate CISSP for those without 5 years, but CISSP is one of ISC’s main certs, so they should be aware enough to specify if the chart was talking about associate since it is a chart they made.)
Come proteggersi durante le proteste. I dimostranti affrontano gas lacrimogeni, granate stordenti, coronavirus e sorveglianza
Come evitare che le cosiddette armi non letali provochino danni temporanei o permanenti? Come proteggere la propria identità dagli strumenti di identificazione biometrica?
Nota dell'editore (11/06/25): Ripubblichiamo questo articolo del 2020 alla luce delle recenti proteste contro i raid sull'immigrazione a Los Angeles.
Grazie a @Mike Taylor 🦕 che ha condiviso l'articolo
scientificamerican.com/article…
It's astonishing that Scientific American is having to publish an article on How Not To Be Killed By The Police, but here it is: scientificamerican.com/article…(Update: as several people have pointed out to me, this article is from 2020. Not that that makes it any better.)
How to Protect Yourself during Protests
Demonstrators face tear gas, flash bangs, coronavirus and surveillanceKaren Kwon (Scientific American)
like this
reshared this
Etica Digitale (Feddit) reshared this.
Etica Digitale (Feddit) reshared this.
-SentinelOne avoids a Chinese APT hack
-New Salt Typhoon victims uncovered
-Cyberattack disrupts grocery deliveries in the US
-Kazakhstan arrests 140 for selling citizens' data on Telegram
-New lead for FBI cyber division
-300k hit in Texas DOT breach
-Android 16 launched
-macOS to support container images
-Ofcom to investigate 4chan
-Outlook to block more file attachments
-YouTube quietly relaxed content moderation
Podcast: risky.biz/RBNEWS436/
Newsletter: news.risky.biz/risky-bulletin-…
Risky Bulletin: SentinelOne says it avoided Chinese APT hack
In other news: New Salt Typhoon victims uncovered; cyberattack disrupts grocery deliveries in the US; Kazakhstan arrests 140 for selling citizen data on Telegram.Catalin Cimpanu (Risky.Biz)
reshared this
-Grok getting blocked in corporate networks
-Gabbard pushes IC to outsource to tech sector
-Paragon and Italy cut ties
-Russia denies entry to users who wiped phones
-Five scammers plead guilty in US
-Extortionist sentenced in South Africa
-Over 40k cams expose feeds online
-Scammers target app testers
-New GhostVendors group
-New HelloTDS
-Librarian Ghouls steal data at night
-BlackSuit adopts social-engineering attacks
-Most internet scans target Git and env files
-Mirai botnet targets Wazuh SIEMs
-DanaBleed vulnerability in DanaBot exposed operator identities
-Stealth Falcon uses WebDAV zero
-Patch Tuesday is out
-Apple accused of silently patching major bug
-Two new Secure Boot bypasses found
-Google patches bug exposing users' phone numbers
-Switch 2 exploit found day one
-New Russian disinfo op launched
-New Kimsuky ops
-Guardian launches CoverDrop, secure IM whistleblowing app
Google launching Android 16 on the second day of WWDC has peak screw you energy
reshared this
This month, Microsoft patched 67 vulnerabilities, including one actively exploited zero-days—CVE-2025-33053, a WebDAV RCE discovered by Check Point
reshared this
Check Point has linked this to the Stealth Falcon APT
research.checkpoint.com/2025/s…
Stealth Falcon's Exploit of Microsoft Zero Day Vulnerability - Check Point Research
Check Point Research uncovers Stealth Falcon's cyber espionage campaign exploiting a Microsoft Zero Day Vulnerabilitysamanthar@checkpoint.com (Check Point Research)
The UK's telecommunications watchdog has started an investigation of online message board 4chan for hosting potential illegal content under the UK Online Safety Act
Prolly the easiest investigation ever
ofcom.org.uk/online-safety/ill…
Enforcing the Online Safety Act: Ofcom opens nine new investigations
Ofcom has today launched investigations into whether seven file-sharing services, 4chan and porn provider First Time Videos have failed to comply with their duties under the UK’s Online Safety Act.www.ofcom.org.uk
reshared this
A hacking group is breaching Russian companies using special malware designed to steal data only at night
The Librarian Ghouls (Rare Wolf and Rezet) uses scripts that wake up infected systems between 1AM and 5AM to steal data while employees are at home
securelist.com/librarian-ghoul…
Sleep with one eye open: how Librarian Ghouls steal data by night
According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.Kaspersky
reshared this
DanaBot had a HeartBleed-like bug for three years
Leaked all the juicy stuff, such as threat actor usernames, IP addresses, private keys, and loads more
zscaler.com/blogs/security-res…
DanaBleed: DanaBot C2 Server Memory Leak Bug
A flaw in DanaBot's C2 server code caused a memory leak that we named "DanaBleed", exposing sensitive data and offering researchers a look into DanaBot’s operations.ThreatLabz (Zscaler)
reshared this
Akamai has spotted two Mirai botnets abusing a recently patched RCE (CVE-2025-24016) in the Wazuh SIEM
akamai.com/blog/security-resea…
cvereports.com/cve-2025-24016-…
CVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution
Executive Summary CVE-2025-24016 is a critical remote code execution (RCE) vulnerability affecting Wazuh, a widely used open-source security information and event management (SIEM) platform.Robert Morgan (Daily CVE Reports)
reshared this
A cyberattack is disrupting the operations of United Natural Foods, a distributor of grocery products in the US.
United Natural Foods is the largest grocery carrier and the 14th largest logistics company in the US.
ttnews.com/articles/cybersecur…
Cyberattack at United Natural Foods Affects Orders
United Natural Foods has taken some of its systems offline while it investigates “unauthorized activity” with outside cybersecurity help.Margi Murphy (Transport Topics)
reshared this
Russian border authorities are denying entry to Ukrainians with clean phones.
According to court documents, authorities denied entry to users who wiped their image galleries, messenger chats, or deleted their YouTube watch history
ria.ru/20250608/prichiny-20216…
Стало известно, из-за чего некоторым украинцам отказали во въезде в Россию
Признаки удаления информации с мобильного телефона становились причиной для отказа гражданам Украины во въезде в Россию, следует из десятка судебных документов, РИА Новости, 08.06.2025РИА Новости
reshared this
-EU launches private DNS service
-Trump scraps and revises Biden and Obama cyber EOs
-Supply chain attack hits popular npm packages
-Mysterious iOS attacks in the US and EU
-FSB can allegedly intercept some Telegram messages
-Russia wants prison sentences for DDoS attacks, but not those attacking "prohibited sites"
-Russia has a WeChat surveillance program
-DOGE gets SSN access
-Brazil's dWallet will pay users for their PII
Podcast: risky.biz/RBNEWS435/
Newsletter: news.risky.biz/risky-bulletin-…
Risky Bulletin: EU launches private DNS service
In other news: Trump scraps and revises Biden and Obama cyber EOs; supply chain attack hits popular npm packages; mysterious iOS attacks in the US and EU.Catalin Cimpanu (Risky.Biz)
reshared this
-Italy admits to using spyware against NGOs, again
-Linux Found. launches FAIR package manager for WordPress
-Spanish ISPs blocked Google trying to block piracy sites
-Twitter sues content farmers
-Nigerian hacker sentenced in the US
-Nigeria sentences 72 for cybercrime
-India disrupts two scam call centers
-Feds go after pig-butchering couple
-New Grey Nickel group
-APT-Q-27 (Golden Eye Dog) targets the gambling sector
-Stark Industries rebrands after sanctions
-New Global ransomware gang
-APT reports on Cyber Partisans, APT36, Taiwan's ICEFCOM
-Security updates for Splunk, Jenkins, QNAP
-Samsung bug bounty payouts reach $6mil
-Loads of Tenda POCs published online
-Scamnetic sues BlackCloak in new infosec drama
-F5 acquires Fletch
-New tools ProxyBlob, Newtowner, DroidGround, and Code Auditor CTF
-Security Fest and CyCon conference streams
evariste.gal🌈is reshared this.
A threat actor compromised 16 npm libraries from the Gluestack UI framework.
The attacker compromised a Gluestack admin's account, added a RAT to the libraries, and pushed updates on Friday.
It's the same threat actor behind the rand-user-agent package last month.
linkedin.com/feed/update/urn:l…
#supplychainsecurity #npm #infosec #javascript #reactnative #devsecops… | Aikido Security
🚨 Active NPM Supply Chain Attack – 1 Million weekly downloads 🚨 Today, we uncovered a rapidly evolving supply chain attack targeting GlueStack packages on NPM.Aikido Security (www.linkedin.com)
reshared this
Talks from the NATO CCDCOE's CyCon 2025 security conference, which took place at the end of May, are available on YouTube
youtube.com/watch?v=Q1lGmXOiCb…
Live streams from the Security Fest 2025 conference, which took place over the week, are available on YouTube
reshared this
Following up on @campuscodi post on the NATO CCDCOE CyCon security conference, I watched the talk by Rense Buijen - Head of Global Incident Response, Trend Micro, who delivered his thoughts on the threats from APTs and the value of Red Teaming. #cybersecurity #redteam
youtube.com/watch?v=yKgBGBHBoW…
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
China's National Computer Virus Emergency Response Center published a report on APT groups associated with Taiwan's ICEFCOM cyber warfare unit:
-APT-C-01 (Poison Vine)
-APT-C-62 (Viola Tricolor)
-APT-C-64 (Anonymous 64)
-APT-C-65 (Neon Pothos)
-APT-C-67 (Ursa)
PDF: cverc.org.cn/head/zhaiyao/Inve…
reshared this
iVerify has found traces of a mysterious exploit on the iPhones of individuals in the US and the EU.
Possible victims include government officials and individuals linked to political campaigns, media organizations, and AI companies.
Apple denied the attacks
iverify.io/blog/iverify-uncove…
iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S.
Examining a previously unknown iMessage vulnerability with possible exploitation in the US and EUiverify.io
reshared this
"This essay addresses that gap by examining Indonesia’s use of domain name system (DNS) redirection as a method of internet censorship"
reshared this
Mapping Hidden Alliances in Russian-Affiliated Ransomware
dti.domaintools.com/mapping-hi…
Mapping Hidden Alliances in Russian-Affiliated Ransomware - DomainTools Investigations | DTI
Explore the hidden web of Russian-affiliated ransomware groups through a visual map revealing human overlaps, shared infrastructure, and evolving cybercriminal alliances in the post-Conti eraDomainTools Investigations | DTI
reshared this
like this
reshared this
Bitwarden vs LastPass 2024: Which Password Manager Is Best?
LastPass’ recent data breaches makes Bitwarden the clear choice as a secure and all-around password manager in 2025.Luis Millares (TechRepublic)
Giorgio Sarto reshared this.
@.mau. hai ragione i meganegozi di bici ormai sono diventati peggio di decathlon. E almeno da decathlon trovi spesso meccanici che avevano il negozietto e che l'hanno chiuso per sfinimento ma che almeno hanno passione e competenza, mentre i megastore della bici sfornano solo roba standard.
Se vuoi qualcosa di meglio ormai devi andare da quei negozi legatissimi ai club di cicloturisti o mountain bikers perché ancora ragionano sulla personalizzazione
Giorgio Sarto reshared this.
Giorgio Sarto reshared this.
Giorgio Sarto reshared this.
Giorgio Sarto reshared this.
La California è il primo stato a fare causa a Trump sui dazi. Si tratta dell'attacco più diretto del governatore Gavin Newsom contro Trump da quando il presidente è rientrato in carica.
SACRAMENTO, California — Il governatore della California, Gavin Newsom, ha intentato causa a Donald Trump per i dazi, in una mossa aggressiva per porre fine alla morsa del presidente sul commercio globale.
La causa intentata da Newsom, annunciata mercoledì mattina insieme al procuratore generale della California Rob Bonta, è la prima contestazione da parte di uno Stato americano contro il simbolo della politica estera di Trump.
reshared this
Giorgio Sarto reshared this.
Catalin Cimpanu
in reply to Catalin Cimpanu • • •-New DDoS against Russian Railways DDoS
-DDoS attack hit Sweden
-Hack costs Victoria's Secret $10mi
-RCMP lost an USB with informant names
-Dutch police identify Cracked[.]io users
-Interpol takes down infostealer infra
-Scammers detained across SE Asia
-Turkiye detains 400+ on cybercrime charges
-China spies on Airbus
-Sextortionist pleads guilty
-Proxy provider linked to DDoS attacks
Catalin Cimpanu
in reply to Catalin Cimpanu • • •-ConnectWise rotates certs over security
-Threat actors abuse dead Discord invite link
-New Teamxxx, Warlock, and Walocker ransomware gangs
-Malware reports on BrowserVenom, CyberEye, Pickai, Myth Stealer, Fog
-Campaign places keyloggers on Exchange login pages
-EchoLeak zero-click Copilot vulnerability
-TokenBreak attack
-Thunderbird patches bug that leaked Windows credentials
-GitHub Device Code Phishing
-Major Magento bug warning