#CyberSecurity
securebulletin.com/us-indicts-…
US indicts Black Kingdom ransomware operator: technical analysis of ProxyLogon exploitation and law enforcement response - Secure Bulletin
The U.S. Department of Justice unsealed charges against Yemeni national Rami Khaled Ahmed (36) for deploying Black Kingdom ransomware via ProxyLogon exploits (CVE-2021-26855) against 1,500+ systems, including U.S.securebulletin.com
reshared this
#tech
spcnet.it/come-mitigare-lesecu…
@informatica
Come mitigare l’esecuzione non autorizzata di PowerShell via Microsoft Word
Microsoft Word può eseguire comandi di PowerShell, indicando un possibile attacco informaticoSpcnet.it
reshared this
#CyberSecurity
securebulletin.com/sophisticat…
Sophisticated npm malware campaign exploits Cross-Ecosystem typosquatting - Secure Bulletin
A coordinated malware operation targeting npm employs cross-ecosystem typosquatting to mimic popular libraries from Python, Java, C++, and .NET ecosystems.securebulletin.com
reshared this
#NINAsec is out!
Buon sabato a tutti, con la #newsletter oggi analizziamo il leak di 42mila domini di #phishing messi a disposizione da FBI, con del codice che potrebbe servire per le vostre organizzazioni.
Altre notizie, la situazione della settimana e un utile #funfact
ninasec.substack.com/p/securit…
Security Weekly 28-2/5/25
I 42.000 domini Phishing as-a-service di LabHost analizzati: hai verificato che la tua rete non abbia avuto contatti con uno di loro? Script Python.Dario Fadda (NINAsec)
reshared this
Viktoriia Roshchyna: cronaca e analisi politica di una morte annunciata
#PoliticalNotes
ilglobale.it/2025/05/viktoriia…
@politica
Viktoriia Roshchyna: cronaca e analisi politica di una morte annunciata
ilGlobale - Quotidiano di informazione economica, politica e tecnologicailGlobale.it
reshared this
#CyberSecurity
securebulletin.com/dismantling…
Dismantling “764”: inside the takedown of a sophisticated child exploitation network - Secure Bulletin
In a significant development for cybersecurity and child protection efforts, law enforcement agencies have successfully apprehended two key figures allegedly behind "764," a highly organized online child exploitation network.securebulletin.com
reshared this
#CyberSecurity
securebulletin.com/hijacking-t…
Hijacking Trust: how Gmail and Google APIs are being weaponized for stealthy C2 channels - Secure Bulletin
In the ever-evolving landscape of cybersecurity, attackers are increasingly exploiting trusted services to establish covert command-and-control (C2) channels.securebulletin.com
reshared this
In occasione della Festa dei Lavoratori, il sindacato CISAL-SIBC-ACN — primo e maggiormente rappresentativo all’interno dell’Agenzia per la Cybersicurezza Nazionale (ACN) e del CSIRT Italia — ha proclamato lo stato di agitazione sindacale.
La decisione arriva a soli sei mesi dalla precedente mobilitazione e denuncia gravi criticità: opacità nei meccanismi di reclutamento e carriera, ritardi nell’istituzione del fondo pensione e nel welfare aziendale, carichi di lavoro eccessivi per il personale del CSIRT, e un clima descritto come intimidatorio verso chi solleva obiezioni. Il sindacato chiede l’avvio urgente delle procedure di conciliazione.
insicurezzadigitale.com/notizi…
(in)sicurezza digitale
Notizie cybersecurity, malware, ransomware e sicurezza dei datiinSicurezzaDigitale.com
reshared this
fpf.org/press-releases/fpf-lau…
@privacy
FPF and University of Arizona Eller College of Management Awarded Grant by Alfred P. Sloan Foundation to Address Privacy Implications, and Data Uses of Technologies Aimed at Aging At Home The Future of Privacy Forum (FPF) — a global non-profit focused on data protection, AI and
FPF Launches Major Initiative to Study Economic and Policy Implications of AgeTech - Future of Privacy Forum
FPF and University of Arizona Eller College of Management Awarded Grant by Alfred P. Sloan Foundation to Address Privacy Implications, and Data Uses of Technologies Aimed at Aging At Home The Future of Privacy Forum (FPF) — a global non-profit focuse…Future of Privacy Forum
The Privacy Post reshared this.
Solo dal 2023 l'AI è diventata parte del discorso di tutti: il suo utilizzo, l'addestramento con nostri dati, le opposizioni ecc.
Ma ogni tanto mi piace condividere ciò che succedeva già 17 anni fa, che ha posto le basi per tutto ciò, ma che in pochi tenevano in considerazione
reshared this
#CyberSecurity
securebulletin.com/kintetsu-wo…
Kintetsu World Express ransomware attack: technical overview and response - Secure Bulletin
Kintetsu World Express (KWE), a major Japanese global logistics provider, has confirmed a significant ransomware attack that began impacting its operations in late April 2025.securebulletin.com
reshared this
👩🏫👨💻 Parents, teachers, geeks, mentors... do you know "Ada & Zangemann"?
This illustrated book is a perfect tool to start conversations with kids (and everyone!) about software freedom, the need to shape our technology, and the joy of tinkering. 🛠️💭
Gift it. Read it. Share it. 📖✨
ada.fsfe.org
The Privacy Post reshared this.
Spoiler: it’s bad news on #encryption, #DataRetention, #Europol & more.
Read it here: edri.org/our-work/protecteu-se…
‘ProtectEU’ security strategy - European Digital Rights (EDRi)
The European Commission presented an internal security strategy that would undermine digital rights and even increase security threats.European Digital Rights (EDRi)
reshared this
oh, you mean the #BackdoorPlan that the EU comission calls ProtectEU and wants others to call it as well?
One of the great wins for privacy advocates is the fact that everybody have heard about #ChatControl and nearly nobody knows the name that the EU commission wants us to use. Let's call it #BackdoorPlan and before it sticks one can write #BackdoorPlan (a.k.a ä. protectEU)
reshared this
Fragilità
@Privacy Pride
Il post completo di Christian Bernieri è sul suo blog: garantepiracy.it/blog/fragilit…
No, non è Frittole, non è il millequattrocento - quasi millecinque, ma ci assomiglia molto e, mio malgrado, posso dire "io c'ero". Forse mi sto ripetendo perché cito spesso "non ci resta che piangere" ma non trovo nulla di più adatto. Tornando da una lunga…
reshared this
#CyberSecurity
securebulletin.com/jfl-hospita…
JFL Hospital targeted in ransomware attack amid wave of cyber incidents in US Virgin Islands - Secure Bulletin
Governor Juan F. Luis Hospital & Medical Center (JFL) in the US Virgin Islands has become the latest government entity to suffer a cybersecurity breach, confirming a ransomware attack that compromised its computer networks on Sunday.securebulletin.com
reshared this
💥 Thanks to our volunteers part of our translation team, our news can be delivered in diverse European languages! 💥
One of the tools they are using, also created by one of our volunteers, is Webpreview. Our latest update integrates LibreTranslate, providing a helpful starting point to speed up the translation process. 🚀
fsfe.org/news/2025/news-202504…
⚠️ You can also join our translators team! fsfe.org/contribute/translator…
Simplifying FSFE translation process: integrating LibreTranslate - FSFE
A new release of the Webpreview tool is here! This is our in-house Free Software preview tool for FSFE webpages. It supports our amazing volunteers in tran...FSFE - Free Software Foundation Europe
reshared this
Lo scammer che sussurrava all’unicorno
@Privacy Pride
Il post completo di Christian Bernieri è sul suo blog: garantepiracy.it/blog/lo-scamm…
Un gustoso articolo di Signorina37 (AKA Claudia), da leggere nel tempo di una canzone, per l'occasione, consiglio questa. Attenzione agli unicorni, sono strani. CB Comincia tutto con un messaggio, uno come tanti.
reshared this
Selten so galant gedisst worden:
Mahü.
"Bist du schon bei der Gewerkschaft?"
"Na, selbstständig..."
"Ahhh.. ein #Sozialpartner..." 😂
The Privacy Post reshared this.
fpf.org/blog/fpf-and-onetrust-…
@privacy
This Guide provides a detailed overview of Conformity Assessments (CAs) as established under the EU Artificial Intelligence Act (EU AIA). CAs are a central mechanism for demonstrating compliance with the EU’s product safety legislation and serve as a key
This updated Guide provides a detailed overview of Conformity Assessments (CAs) as established under the EU Artificial Intelligence Act (EU AIA). CAs are a central mechanism for demonstrating compliance with the EU’s product safety legislation and serve a
With the final legal text finalized in June 2024, this updated version of the Guide outlines a theoretical roadmap for conducting a CA under the AIA.Future of Privacy Forum
The Privacy Post reshared this.
🇩🇪Morgen diskutieren EU-Regierungsvertreter den polnischen Vorschlag, die drohende #Chatkontrolle freiwillig zu belassen und sichere Verschlüsselung zu schützen. data.consilium.europa.eu/doc/d…
Mindestens Irland, Spanien, Ungarn und Estland bestehen auf verpflichtender Chatkontrolle!
reshared this
🇬🇧Tomorrow, EU government representatives are discussing the Polish proposal to keep #ChatControl voluntary and protect secure encryption. data.consilium.europa.eu/doc/d…
Before the meeting at least Ireland, Spain, Hungary and Estonia have insisted in mandatory scanning of our chats!
Gazzetta del Cadavere reshared this.
Immer wieder wiederholen:
"Kriminelle wissen sich zu schützen. Die einzigen die mit Chatkontrolle ausspioniert werden, sind die einfachen Menschen."
Die unsichere #ePA kommt automatisch. Außer du sagst: Nein danke.
✍️ Jetzt widersprechen: patrick-breyer.de/soll-ich-der…
#Piraten 🔐
Soll ich der elektronischen Patientenakte widersprechen und wie geht das?
Wenn du gesetzlich krankenversichert bist, stellt deine Krankenkasse ab 29.04.2025 eine elektronische Patientenakte für dich bundesweit bereit – es sei denn, du widersprichst. Durch einen Widerspruch dürfen dir keine Nachteile entstehen.Patrick Breyer
crossgolf_rebel - kostenlose Kwalitätsposts likes this.
reshared this
As part of the "Dialogue for Cybersecurity" project, the @fsfe and the German Federal Office for Information Security (BSI) are working together with representatives from civil society, academia, industry and government in a project on the #CRA and its implications for #FreeSoftware.
📺 Watch the recording of the first event in this series, which took place on 3 April: media.fsfe.org/w/f14ys5iqatZgK…
Free Software and CRA - expert talk and discussion
As part of the “Dialog für Cybersicherheit” (Dialogue on Cybersecurity) project, the FSFE and the Federal Office for Information Security (BSI) are working together with representatives from civil society, academia, industry and public authorities in a project on the Cyber Resilience Act (CRA) and its implication for Free Software. To ensure clarity, information is needed on who will take on which role and which tasks and processes are to be carried out. In particular, the role of Open Source Stewards and Free Software beyond commercial interest are of particular importance to the project.This video is a recording of an event held as part of the "Dialogue for Cybersecurity." The statements
made therein do not necessarily reflect the opinion of the Federal Office for Information Security
(BSI). The first event in the workstream series took place on April 3, 2025.Moderators: Alexander Sander, Free Software Foundation Europe (FSFE) und Michael Schuster, (BSI)
Speakers: Caroline Krohn (BSI) and Maarten Aertsen, senior internet technologist at NLnet Labs
Maarten Aertsen's talk focuses on how Free and Open-Source Software (FOSS) is addressed by the
Cyber Resilience Act and in particular on how that is different from other New Legislative Framework
(NLF) style regulations in different segments.In the "Dialog for Cybersecurity", organized civil society and representatives from science, culture
and media, industry and state (dialogue partners) enter into intensive exchange with each other and
with the BSI.More information: dialog-cybersicherheit.de/work…
© BSI
The Privacy Post reshared this.
💣Keine Absage an #Chatkontrolle - bisher auch keine rote Linie für @spdbt
💣Vorratsspeicherung unserer Autofahrten
💣biometrische Überwachung
💣Internet-#Vorratsdatenspeicherung
reshared this
netzpolitik.org/2021/kennzeich…
Kennzeichenscanner: Große Koalition einigt sich auf bundesweite Auto-Rasterfahndung
Die große Koalition wird kurz vor Ende der Legislaturperiode die Strafprozessordnung verschärfen. Mit dem Gesetz werden Kennzeichenscanner bundesweit legalisiert. Ein weiterer Punkt erlaubt nächtliche Hausdurchsuchungen der Polizei.netzpolitik.org
🚀 “Public Money? Public Code!” & FSFE Boooth at #LUGA
🗓️ Join us tomorrow, Saturday 26 April at the Augsburger Linux-Infotag
👩🏾💻 @annabonnie will present the "Public Money? Public Code!" initiative. She will pay special attention and highlight how the purchase of #FreeSoftware by public bodies can have an impact on the surrounding ecosystem of the public institution. 🏛
➡️ fsfe.org/events/index.en.html#…
Events - FSFE
If you know about a FSFE related event that is not yet listed here or that you run on your own, you can easily add it by using our event announcement tool....FSFE - Free Software Foundation Europe
reshared this
🚨 The EU-Singapore #DigitalTradeAgreement may pose risks to our #FundamentalRights because of prohibitions on access to source code and data flows– we sounded the alarm together with @beuc and the European Trade Union Confederation (ETUC).
🫱🏾🫲🏻 Trade deals build bridges but they must do so while protecting people's rights.
Watch the video and read our statement to find out why we're concerned ⤵️
beuc.eu/news/joint-push-consum…
Joint push from consumer, worker and digital rights groups on EU-Singapore digital trade risks
As discussions on the EU-Singapore Digital Trade Agreement (DTA) continue, BEUC has teamed up with ETUC (European Trade Union Confederation), and EDRi (European Digital Rights) shed a light on the potential privacy risks the agreement poses to consum…BEUC
reshared this
Preferisci giocare da solo? Ubisoft ti tiene d'occhio! noyb ha presentato un reclamo contro lo sviluppatore e produttore francese di videogiochi Ubisoft
L'azienda obbliga i suoi utenti a connettersi a Internet ogni volta che avviano un gioco per giocatore singolo. Questo vale anche se il gioco non dispone di funzionalità online
Il post di @Noyb
L'istanza social.linux.pizza non sarebbe stata così veloce senza il nostro fornitore CDN, bunny.net.
Se desideri testare un fornitore CDN davvero affidabile, veloce e flessibile per il tuo sito web o progetto, considera l'utilizzo di questo URL di affiliazione:
bunny.net?ref=arpubb037k
Se crei un account, rimani attivo per 14 giorni ed effettui un pagamento, questa istanza riceverà 20 dollari che andranno direttamente allo scarico dei file multimediali e al server DNS Anycast che utilizza.
Grazie per la tua attenzione 😀
bunny.net - The Content Delivery platform that truly Hops!
Hop on bunny.net and speed up your web presence with the next-generation Content Delivery Service (CDN), Edge Storage, and Optimization Services at any scale.bunny.net
reshared this
Google annuncia, non rinunceremo all'uso dei 'cookie' su Chrome
Google ha annunciato che non rinuncerà all'uso dei 'cookie' nel suo browser Chrome, cinque anni dopo aver promesso che li avrebbe eliminati gradualmente. Lo riportano i media americani.
pillole.graffio.org/pillole/go…
Google annuncia, non rinunceremo all'uso dei 'cookie' su Chrome
Google ha annunciato che non rinuncerà all'uso dei 'cookie' nel suo browser Chrome, cinque anni dopo aver promesso che li avrebbe eliminati...pillole.graffio.org
reshared this
Una faccia, una razza. Le poste polacche e il ricorrente vizietto di non utilizzare il cervello.
@Privacy Pride
Il post completo di Christian Bernieri è sul suo blog: garantepiracy.it/blog/polonia/
Già lo sento arrivare: "ma tanto i dati anagrafici non sono pericolosi." Ma certo, come no. Il "Garante Privacy" polacco ha sanzionato pesantemente le POSTE POLACCHE (€6.400.000) e il Ministro degli Affari digitali
Privacy Pride reshared this.
Have you heard about the Legal Network? It is a neutral, non-partisan group of experts in different fields involved in #FreeSoftware legal issues.
Once per year, the members of the Legal Network community meet face-to-face and share legal expertise in the Free Software Legal & Licensing Workshop.
The 2025 convened in Essen, bringing together over 100 legal and compliance professionals, technologists, and policy experts from across the globe.
More: fsfe.org/news/2025/news-202504…
LLW 2025, “unperfect” discussions around Free Software in a legal environment - FSFE
The Free Software Legal & Licensing Workshop convened once again, this time in Essen, bringing together over 100 legal and compliance professionals, techno...FSFE - Free Software Foundation Europe
reshared this
Yesterday, the European Commission slammed tech giants #Meta and #Apple for breaching the #DigitalMarketsAct #DMA – but then stopped short of sticking the landing with the low penalties. What does it mean for our #FundamentalRights and online experiences? 🤔
We unpack the mixed bag of takeaways in our full press release ⤵️ edri.org/our-work/press-releas…
Commission slams Apple and Meta for breaching the Digital Markets Act, doesn’t stick the landing with fines - European Digital Rights (EDRi)
The European Commission has shown some teeth with the EU’s digital rulebook by slamming tech giants Apple and Meta with admittedly low fines for breaching the Digital Markets Act (DMA).European Digital Rights (EDRi)
reshared this
didn't know about NGI zero initiative from NLnet foundation. Thanks for the info - just looked it up.
Yeah, it needs to be upscaled by at least thrice the current amount.
Personally, I feel that hundreds of millions are quite substantial, and they could be repeated if violations persist.
Ti piace giocare da solo? Ubisoft ti tiene ancora d'occhio! Ubisoft obbliga le persone a connettersi a Internet prima di poter giocare in single player mickey24 April 2025
European Data Protection Board (EDPB) has published its 2024 Annual Report
The #EDPB Annual Report is out: "Protecting personal data in a changing landscape"! 🛡️ 🌍 🔒
🎯 New EDPB Strategy
🧩 More Art. 64(2) Coherence Opinions
🛡️ Continued efforts to provide #GDPR guidance and legal advice
reshared this
🎧 #SoftwareFreedom Podcast news episode about the coalition treaty in Germany and its role for #FreeSoftware
The German coalition treaty has recently been published. In our latest episode @lexelas and @annabonnie talk about the coalition treaty and break down the position of Free Software in it.
fsfe.org/news/podcast/episode-…
SFP#33: Policy and EU: Coalition treaty in Germany and its role for Free Software - FSFE
Recently, the German coalition treaty from the CDU/CSU and SPD has been published with over 140 pages. In our latest episode Alexander Sander and Bonnie Me...FSFE - Free Software Foundation Europe
reshared this
📚🌍 Happy #WorldBookDay! 📚
We never need an excuse to gift a book… but if you enjoy the tradition of buying one for yourself or your loved ones, "Ada & Zangemann: A Tale of Software, Skateboards, and Raspberry Ice Cream" 🍦 is a fantastic choice!
P.S. Did you know that in some regions of Spain, they gift a rose 🌹 along with a book today?
#FreeSoftware #SoftwareFreedom
Ada & Zangemann - A Tale of Software, Skateboards, and Raspberry Ice Cream - FSFE
Here you find additional information and resources about the book "Ada & Zangemann - A Tale of Software, Skateboards, and Raspberry Ice Cream" by Matthias ...FSFE - Free Software Foundation Europe
reshared this
🔓 Your device, your choice!
When you get a device, you should be able to decide what apps you install or which OS you use.
#DeviceNeutrality helps to break up digital monopolies and restore competition by giving back to end-users control of their devices.
👾 #FreeSoftware is also key for it.
reshared this
Combine that with the SCA of the PSD2 Directive (EU 2015/2366) which mandates banking 2FA and EBA's opinion on SCA (EBA/OP/2019/06) telling banks to use PushTAN and suddenly your rights to use your device how you see fit are worth nothing.
Public Money? Public Code! 🏛💻
Software funded by taxpayers should be Free Software! This ensures that everyone can use, study, share, and improve the tools that serve the public
🔗 publiccode.eu
reshared this
I used to work for a government agency, and this WAS the rule there.
The taxpayers funded my salary, so everything I wrote was public property. We didn't call it open source back then, but it was open source.
#CyberSecurity
securebulletin.com/supercard-x…
SuperCard X: exposing a MaaS for NFC Relay fraud operation - Secure Bulletin
The Cleafy Threat Intelligence team has uncovered SuperCard X, a sophisticated Android malware campaign leveraging NFC-relay attacks to authorize fraudulent POS and ATM transactions.securebulletin.com
reshared this
fpf.org/blog/south-koreas-new-…
@privacy
On 21 January 2025, South Korea became the first jurisdiction in the Asia-Pacific (APAC) region to adopt comprehensive artificial intelligence (AI) legislation. Taking effect on 22 January 2026, the Framework Act on Artificial Intelligence Development and Establishment of a Foundation
The Privacy Post reshared this.
reshared this
EU pledged to improve GDPR cooperation - and made it worse
The EU's GDPR Procedural Regulation was supposed to fix overly complex procedures and improve cooperation. Now, it could actually undermine enforcementnoyb.eu
🍀 ThePrivacyPost è un account di servizio gestito direttamente dagli amministratori di Poliverso e pubblica notizie provenienti da diversi siti, blog, account del fediverso e alcuni contenuti originali.
🩸 Se apprezzi questo servizio, prendi in considerazione la possibilità di effettuare una donazione a Poliverso. Puoi scegliere due canali:
1) Ko-Fi ☕
2) LiberaPay 💳
reshared this
plan-A
in reply to N_{Dario Fadda} • • •its fed job