Salta al contenuto principale

friendica (DFRN) - Collegamento all'originale
Microsoft is partnering with top firms to launch new AI security tools, boosting breach analysis, threat detection, and AI model protection across cloud platforms.#artificialintelligence #cybersecurity #microsoftsecuritycopilot #phishing #threatdetection

Microsoft Adds Even More AI to Its Security Copilot

Aminu Abdullahi (TechRepublic)
#Cybersecurity #artificialintelligence #phishing #threatdetection #microsoftsecuritycopilot

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
“The same qualities that make AI revolutionary – accessibility, adaptability and sophistication – also make it a powerful tool for criminal networks,” Europol says.#ai #artificialintelligence #cybercrime #eu #europe #europol #report

Europol Warns Criminal Networks Are Embracing AI, Making Fraud Smarter and Harder to Detect

Fiona Jackson (TechRepublic)
#Report #cybercrime #ai #artificialintelligence #eu #europol #europe

reshared this

Lorenzo ha ricondiviso questo.

mastodon - Collegamento all'originale
Nuove famiglie si formeranno, nonostante la contrarietà della Ministra per LA Famiglia.
Unknown parent

Marco Cappato
mastodon - Collegamento all'originale
Marco Cappato
@ALFA no, la ragione non è ben accetta da quelle parti.
@No Noi No

Lorenzo reshared this.

Lorenzo ha ricondiviso questo.

lemmy - Collegamento all'originale

Tentativo di phishing durante registrazione a Peertube.uno

Sono qui per chiedervi aiuto e chiarimenti. Spero sia il posto giusto.
Pochi giorni fa mi sono iscritto all'istanza Peertube.uno, e mi è successa una cosa molto strana.

Al momento della registrazione del mio account mi è stato detto, com'è consueto, che avrei ricevuto un'e-mail per verificare il mio account. Ho ricevuto una normalissima email (in foto) che presumo essere quella stock di Peertube. Ma l'e-mail ricevuta è stata contrassegnata dal mio provider di posta elettronica come a) proveniente da un dominio non verificato, e b) come un tentativo di phishing.

Lo era sicuramente: i link per l'attivazione dell'account erano camuffati in modo da apparire come conducenti al sito a cui mi stavo registrando (Peertube.uno), ma in realtà conducevano a un altro URL lungo e dall'aspetto strano: bacjhha.r.bh.d punto sendibt3 punto com (linko sotto, per chi volesse dare un'occhiata, a un pastebin con l'HTML della mail). Questo sia per il classico "clicca qui" sia, più subdolamente, per il link in formato esteso.
Il link in chiaro fornito (non il collegamento ipertestuale) nominalmente portava a Peertube.uno, quindi l'ho copincollato nel browser: si è rivelato essere il vero link di attivazione dell'account!

  • Che il dominio non fosse verificato è probabilmente un tentativo di spoofing (modifica dell'header per far apparire l'email come proveniente da Peertube.uno). Stavo usando un servizio di email aliasing per cui purtroppo non posso fornire l'header originale per l'analisi.
  • Resta però il dubbio: che fine ha fatto l'e-mail originale? Deve essere stata intercettata o qualcosa di simile. Ma come? L'unica idea che mi viene in mente è che il sistema di e-mail di Peertube.uno sia compromesso, e che dunque vengano alterati i messaggi da qualcuno con intenzioni malevole (ma allora non mi spiego lo spoofing del dominio...).

Tuttavia, non essendo un esperto di phishing né di questo genere di sistemi, volevo chiedervi cosa ne pensate; se è un problema mio, o se è di Peertube.uno e bisogna contattarli.

N.B.: mi fido del mio provider e-mail e del mio provider di alias.

Immagine della mail: ibb.co/7xF07Mnq
Pastebin coll'HTML della mail: rentry.co/phishing-peertube-un…

Edit: aggiungo immagine mail


phishing hosted at ImgBB

Image phishing hosted in ImgBB
ImgBB
Questa voce è stata modificata (1 mese fa)

reshared this

in reply to Peertube Uno Italia

seba
lemmy - Collegamento all'originale
seba

Grazie a voi per la risposta e spero risolviate presto. Mi sembra comunque naturale che venga flaggato come phishing un link congegnato in quel modo là: nominalmente a peertube.uno ma sottocoperta puntante altrove.

In che senso anche a voi è finita nello spam?

in reply to seba

Peertube Uno Italia
mastodon - Collegamento all'originale
Peertube Uno Italia
abbiamo provato a creare un nuovo account ed è finito nello spam, evidentemente l'email è stata configurata male durante l'ultmia migrazione di server.

friendica (DFRN) - Collegamento all'originale
Ransomware attackers know where your kids go to school and they want you to know it, according to professional negotiators at Sygnia.#ai #artificialintelligence #ransomware #ransomwarenegotiator #Sygnia

TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure”

Fiona Jackson (TechRepublic)
#ai #artificialintelligence #Ransomware #ransomwarenegotiator #Sygnia

Giorgio Sarto reshared this.

in reply to Lorenzo

P0rt5
mastodon - Collegamento all'originale
P0rt5
is this what’s happening with PowerSchool?

Lorenzo reshared this.

friendica (DFRN) - Collegamento all'originale
FBI warns computer users to keep an eye out for malware, including ransomware, distributed through working document converters.#anti-malware #cybersecurity #fbi #identitytheft #malware #mp4converters #pdfconverters #ransomware

FBI 'Increasingly Seeing' Malware Distributed In Document Converters

Megan Crouse (TechRepublic)
#malware #Cybersecurity #Ransomware #fbi #identitytheft #anti-malware #mp4converters #pdfconverters

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
By simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat's session storage and gain control.#apache #apachetomcat #cybersecurity #cybersecurity #remotecodeexecution #security #servlets #vulnerabilities #webservers

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters

Fiona Jackson (TechRepublic)
#Cybersecurity #security #vulnerabilities #apache #remotecodeexecution #apachetomcat #webservers #servlets

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
Overwhelmed AppSec teams are turning to agentic AI to handle the tedious manual work of security reporting, threat modeling, and code reviews, but successful implementation requires careful human oversight.

Agentic AI’s Role in the Future of AppSec | TechRepublic

StudioA by TechnologyAdvice (TechRepublic)

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
Google’s agreement to buy cloud security startup Wiz will face antitrust scrutiny amid Alphabet’s ongoing legal battles.#alphabet #artificialintelligence #cloud #cybersecurity #developers #Google #googlecloud #m&a #mergersandacquisitions #multicloud #security #wiz

Google Acquires Startup Wiz for $32B to 'Turbocharge Improved Cloud Security’

Fiona Jackson (TechRepublic)
#Google #Cybersecurity #Alphabet #artificialintelligence #security #developers #cloud #multicloud #GoogleCloud #Wiz #MergersAndAcquisitions #m&a

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale

Dashlane’s zero-knowledge encryption and intuitive user interface make it a compelling password manager. Read our full Dashlane review to learn more.

Dashlane is a secure password manager with top-tier encryption and a sleek user interface. Read our 2025 review on its features, pricing, pros, and cons.#dashlane #dashlanereview


Dashlane Review: Features, Pricing, Security, Pros & Cons

TechRepublic Staff (TechRepublic)
#dashlane #dashlanereview

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
This breakthrough will finally allow secure, encrypted messaging between different mobile platforms.#android #Apple #cybersecurity #encryption #end-to-endencryption #Google #iphone #mobilesecurity

iPhone-Android: A Major Privacy Upgrade is Coming Soon

Allison Francis (TechRepublic)
#Android #Google #Cybersecurity #Apple #iPhone #encryption #MobileSecurity #end-to-endencryption
in reply to Lorenzo

⁉️
mastodon - Collegamento all'originale
⁉️
sure it's great, but still a privacy nightmare. I will not activate RCS on my device for that reason, until Apple ensures that the IP is masked or abbreviated. But then still remains the phone number. If each Network had their own independant server, that would have been a different story.
Questa voce è stata modificata (1 mese fa)

Lorenzo reshared this.

friendica (DFRN) - Collegamento all'originale
Medusa ransomware now operates as a RaaS model, recruiting affiliates from criminal forums to launch attacks, encrypt data, and extort victims worldwide.#cybersecurity #phishing #ransomware #ransomware-as-a-service

Medusa Ransomware: FBI & CISA Urge Immediate Action

Aminu Abdullahi (TechRepublic)
#Cybersecurity #Ransomware #phishing #ransomware-as-a-service

friendica (DFRN) - Collegamento all'originale
Amazon is mandating cloud-based processing for Echo voice commands, removing local storage and disabling Alexa’s voice ID to expand its generative AI capabilities.#ai #Amazon #amazonalexa #amazonecho #artificialintelligence #cloud #privacy #security

Amazon's Controversial Change to Echo's Privacy Settings Takes Effect Soon

Fiona Jackson (TechRepublic)
#privacy #ai #Amazon #artificialintelligence #security #cloud #amazonecho #amazonalexa

friendica (DFRN) - Collegamento all'originale
Which is better, NordPass or Bitwarden? This guide provides a detailed comparison of their features, security and pricing to help you choose your best fit.#Bitwarden #nordpass #passwordmanager

NordPass vs. Bitwarden: Which One's Easier & Safer to Use?

Compare NordPass and Bitwarden for 2025. Explore their features, pricing, security, and ease of use to find the best password manager for your needs.
Franklin Okeke (TechRepublic)
#bitwarden #passwordmanager #nordpass

friendica (DFRN) - Collegamento all'originale
The vulnerability allowed malicious code running inside the Web Content sandbox, an isolated environment for web processes designed to limit security risks, to impact other parts of the device.#Apple #cybersecurity #ios #iPadOS #security #update #vulnerabilities

Update Your iPhone Now to Fix Safari Security Flaw

Fiona Jackson (TechRepublic)
#Cybersecurity #Apple #security #ios #ipados #update #vulnerabilities

reshared this

friendica (DFRN) - Collegamento all'originale
Cisco’s training through its Networking Academy will help “build a resilient and skilled workforce ready to meet Europe’s digital transformation and AI objectives.”#ai #cisco #cybersecurity #datascience #digitaltransformation #techskills #techskillsgap #techtraining

Will Cisco’s Free Tech Training for 1.5M People Help Close EU’s Skills Gap?

Esther Shein (TechRepublic)
#digitaltransformation #ai #Cybersecurity #datascience #Cisco #TechSkills #TechTraining #techskillsgap

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
The British side reportedly said they would have to produce warrants for each individual data access request, so they will always have to be made as part of an investigation into serious crime.#advanceddataprotection #Apple #cloudsecurity #dataprivacy #government #icloud #privacy #tribunal #trump #uk #unitedkingdom #us #usa

Apple Fights UK Over Encryption Backdoors as US Officials Warn of Privacy Violations

Fiona Jackson (TechRepublic)
#privacy #USA #Apple #us #dataprivacy #uk #government #Trump #icloud #unitedkingdom #tribunal #cloudsecurity #advanceddataprotection

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
Speedify VPN offers speed-centered features that may not make up for its lacking security features and pricey plan. Find out how this VPN measured up in our review.

Speedify VPN Review 2025: Features, Security, and Performance

www.techrepublic.com

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
Microsoft's March 2025 Patch Tuesday includes six actively exploited zero-day vulnerabilities. Learn about the critical vulnerabilities and why immediate updates are essential.#cybersecurity #Microsoft #MicrosoftOffice #microsoftwindows #remotedesktopservice #securityadministration #securitypatches #windowsdnsserver #windowssubsystemforlinux

Patch Tuesday: Microsoft Fixes 57 Security Flaws

TechRepublic Staff (TechRepublic)
#Microsoft #Cybersecurity #microsoftoffice #MicrosoftWindows #windowssubsystemforlinux #securitypatches #remotedesktopservice #securityadministration #windowsdnsserver

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale

Learn how to set up and use NordPass to store and manage your passwords with this step-by-step guide.

NordPass is a secure password manager for storing and auto-filling passwords. Learn how to set it up, save logins, and explore its features.#nordpass #passwordmanager


How to Use NordPass: A Guide for Beginner’s

Luis Millares (TechRepublic)
#passwordmanager #nordpass

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
Apple argues sideloading threatens security, while users demand more choice. With global market pressure rising, will iOS open up to third-party apps?#Apple #appleios #apps #brazil #cybersecurity #sideloading #third-partyapps

Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading

TechRepublic Staff (TechRepublic)
#Cybersecurity #Apple #apps #brazil #sideloading #appleios #third-partyapps

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
Authorities say Garantex has processed more than $96 billion in transactions since it launched in 2019.#crypto #cryptocurrency #cybercrime #cybersecurity #moneylaundering

Russian Crypto: Why Secret Service Seized Garantex

Aminu Abdullahi (TechRepublic)
#cybercrime #Cybersecurity #crypto #cryptocurrency #moneylaundering

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
Researchers warn these commands could be exploited to manipulate memory, impersonate devices, and bypass security controls.#bluetooth #chip #cybersecurity #esp32 #internetofthings #iotsecurity #microcontroller #mobilesecurity #research #security #supplychain #tarlogic #vulnerability #wifi

Billions of Devices at Risk of Hacking Due to Hidden Commands

Fiona Jackson (TechRepublic)
#Cybersecurity #security #Research #supplychain #Bluetooth #wifi #internetofthings #Chip #vulnerability #ESP32 #microcontroller #MobileSecurity #IoTSecurity #tarlogic

Giorgio Sarto reshared this.

friendica (DFRN) - Collegamento all'originale
In 2024, women accounted for 22% of global security teams on average, compared to 17% in 2023, according to ISC2.#cybersecurity #cybersecurity #DE&I #diversity #fairhiring #gender #isc2 #report #security

Women in Cyber Security on the Rise, But Facing More Layoffs and Budget Cuts Than Men

Fiona Jackson (TechRepublic)
#Report #Cybersecurity #diversity #security #gender #ISC2 #DE&I #fairhiring