@Em0nM4stodon @InfoSecSherpa For non-onion related browsing should you want to use extensions, #Librewolf is an option. They remove the crap Mozilla keeps putting in Firefox and it works great.
Good, but will they also start building official ARM-compatible binaries so that Raspberry Pi-type users can start having low-cost privacy features as well?
I would have expected EtherHiding to be more popular, but two years later, it's just ClearFake, a botnet I haven't heard anything about in ages, and now some North Korean hackers
On the Limitations of Domain Isolation Against Spectre-v2 Attacks TL;DR We present Training Solo, the first systematic analysis of self-training Spectre-v2 attacks that break the core assumption behind domain isolation—even when implemented perfectly…
Vulnerabilities in AEM Forms The Searchlight Cyber Research Team discovered and disclosed three critical vulnerabilities in Adobe Experience Manager Forms to Adobe in late April 2025.
Trend™ Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices, with impacts observed on Cisco 9400, 9300, and legacy 3750G series.
I'm generally surprised that the North Korean regime hasn't set up cyber scam compounds with its own citizens after seeing the success across Cambodia and Myanmar
REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada.
Oh you have to have the Google app to use it. I see. Scammers seem to have no problem though tricking users into allowing the scammers to recover their Google accounts via phone calls though.
-Windows 10 reaches End-of-Life -CISA layoffs didn't touch cyber personnel -US seizes $15 billion from cyber scam compound operator -Secure Boot bypass impacts 200k Framework systems -German police take down 1,400 scam sites -South Korea to investigate KT for obstruction over a breach -Ansell, Harvard breached -5CA denies role in Discord hack -Unity shop got skimmed -4chan fined in the UK -Calls to investigate TikTok in the UK
-Firmware update bricks Jeeps -Firefox 144 changes login storage encryption -Also get a VPN -California regulates AI -UK Crypt-Key goes live -Taiwan warns of "abnormal" social media accounts -China offers reward for Taiwan's psychological warfare unit -Australia, UK publish annual cyber threat reports -SonicWall SSLVPN mass-compromise -Another surveillance provider exposed (Cyber WAP) -TA585 profile -Analysis of Oct 7 DDoS attacks -Venezuela ran info-ops in Ecuador
-New UAC-0239 and UNC-RUS-ZIC APTs -Patch Tuesday is out -3 Microsoft zero-days -RMPocalypse attack -Pixnapping attack -LatentBreak attack -Half of satellite traffic is unencrypted -LevelBlue acquires Cybereason
I read the article about UNC-RUS-ZIC when it came out. It seems highly suspect to me. The attribution is vague at best, the other "details" are merely four-line paragraphs _devoid of details_. What made you chose this article for the newsletter?
25-cr-312_indictment.pdf BROOKLYN, NY - An indictment was unsealed today in federal court in Brooklyn charging Chen Zhi, also known as “Vincent,” the founder and chairman of Prince Holding Group (Prince Group), a multinational business conglomerate b…
Chinese authorities have issued bounties for 18 Taiwanese military members.
Police in China's Fujian province claim the 18 are part of Taiwan's "psychological warfare unit" that spread disinformation and propaganda on Taiwan's independence
Die Generalstaatsanwaltschaft Karlsruhe, das Landeskriminalamt Baden-Württemberg und die Finanzaufsicht BaFin informieren über einen Schlag gegen international agierende Cyberkriminelle.
Strange, I saw no mention of this in the Bulgarian news outlets I'm following...
BTW, 86k-per-day requests to a web site (most of them automated) is nothing special. Literally *anything* running on *any* port (not just 80 or 443) will get HTTP GET requests quite often.
-CVE-2025-24990 — Windows Agere Modem Driver Elevation of Privilege Vulnerability -CVE-2025-59230 — Windows Remote Access Connection Manager Elevation of Privilege Vulnerability -CVE-2025-47827 — Secure Boot bypass in IGEL OS before 11
I just realized this might screw up a lot of infostealers in the coming weeks. Chrome also does this regularly. Let's see how quick they adapt this time.
Researchers pointed a satellite dish at the sky for 3 years and monitored what unencrypted data it picked up. The results were shocking: They obtained thousands of T-Mobile users' phone calls and texts, military and law enforcement secrets, much more: 🧵👇wired.com/story/satellites-are…
"Pixnapping is a new class of attacks that allows a malicious Android app to stealthily leak information displayed by other Android apps or arbitrary websites."
Tested to steal data from Gmail, Google Accounts, Signal, Google Authenticator, Venmo, and Google Maps
“Pixnapping forces sensitive pixels into the rendering pipeline and overlays semi-transparent activities on top of those pixels via Android intents. To induce graphical operations on these pixels, our instantiations use Android’s window blur API. To measure rendering time, our instantiations use VSync callbacks.”
Security firm DarkTower has discovered four different Telegram emoji packs that contain bank logos and are likely used in cybercrime channels as a way to order phishing pages.
Trevor Wilson Introduction A Telegram Emoji Pack is a collection of custom static or animated images that users can add to the messenger to personalize their communication.
-Nigerian scammer arrested in Argentina -Scam compound raided in Cambodia -PowerSchool hacker sentencing is this week -Spain arrests major phishing provider -RDP attack wave targets US -Aisuru botnet gets US-heavy -New Brotherhood leak site -New ChaosBot and ClayRat malware -New APT35 leaks -DPRK IT workers now target architects -New Gladinet zero-day -New Oracle EBS bug -NSO has US owners now
Is 'don't use InTune because the authors have no idea what the principle of least privilege means, put a huge pile of things that handle untrusted code in high-privilege modes, and then tell you "it's a management system not a security system, don't use it for security" when you object to it being rolled out across all devices' one of them?
El sospechoso está acusado de ser uno de los líderes de una organización internacional dedicada a las estafas virtuales que se hizo de un botín de US$8.000.000
Trend Micro's ZDI has reported 13 vulnerabilities in the Ivanti Endpoint Manager that are still unpatched after the vendor requested an extension until March next year
Telegram founder and general a-hole Pavel Durov, whose IM network hosts hundreds of groups where info-ops coordinate their activity and pay for content, is annoyed that democracies are fighting back against the damage he, personally, has helped usher in in many autocratic regimes
The US, the UK, and the EU are gradually implementing shit they used to criticize China, Russia, and Iran for. Global surveillance, censorship, imprisoning people for their speech, cancel culture, Internet fragmentation, etc.
I haven't seen any evidence that Pavel Durov is an arsehole.
If you're going to post takes like this, please elaborate on whether you would want the same measures Durov describes being enacted against Mastodon.
The line of reasoning that goes 'this encrypted app hosts <bad content>' is exactly the line authoritarians of all stripes use to shut down any form of free internet.
Also he's using mildly right-coded speech, but so what, he's correct.
What repercussions has the ransomware attack had on the people in your IT/cybersecurity team, if any?
...I can't imagine a ransomware attack not resulting in just a tiny bit of "increased pressure" from senior leaders.
"Oh, we're under a ransomware attack? Not to worry, all in good time, folks. No need to work overtime, we'll get around to fixing things eventually."
I'm not sure I'd be able to respond to the question without clarification. Are they talking about increased pressure during the attack, or increased pressure after the next quarterly financial report? Constant pressure or only while stuff is on fire?
-EU scraps Chat Control vote -Ukraine establishes a Cyber Force -CISA workers reassigned to immigration enforcement -Teenagers arrested for Kido hack -Salesforce will not pay the ransom -US Court halts FCC data breach rules -California enacts tracking opt-out law -China cleanses its internet of bad feelings -All MySonicWall customers impacted by recent breach -Discord breach impacted only 70k -Kasatkin case starts in France
Em
in reply to Catalin Cimpanu • • •Tris
in reply to Em • • •Em
in reply to Tris • • •🦄 🅃🅁🄰🄽🅂🄸🄲🄾🅁🄽 🏳️⚧️
in reply to Em • • •@Em0nM4stodon @InfoSecSherpa For non-onion related browsing should you want to use extensions, #Librewolf is an option. They remove the crap Mozilla keeps putting in Firefox and it works great.
librewolf.net/
LibreWolf Browser
librewolf.netRegendans
in reply to Catalin Cimpanu • • •VessOnSecurity
in reply to Catalin Cimpanu • • •The Turtle
in reply to Catalin Cimpanu • • •Tariq
in reply to Catalin Cimpanu • • •this is such a sad situation
Firefox adding crap only for everyone else to remove it.
it increases workload for no good reason
and increases the risk of error
again, for no good reason
Sean Payne
in reply to Catalin Cimpanu • • •