Cybersecurity

6981 readers

84 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

SSL Certificate Validity Reduced to 47 Days After Apple Proposal (securityonline.info)

submitted 1 hour ago by kid to c/cybersecurity

8 comments fedilink

Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M (hackread.com)

submitted 1 hour ago by kid to c/cybersecurity

0 comments fedilink

Chrome 136 fixes 20-year browser history privacy risk (www.bleepingcomputer.com)

submitted 1 hour ago by kid to c/cybersecurity

0 comments fedilink

China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report (www.securityweek.com)

submitted 2 hours ago by kid to c/cybersecurity

0 comments fedilink

South African telecom provider Cell C disclosed a data breach (securityaffairs.com)

submitted 1 hour ago by kid to c/cybersecurity

0 comments fedilink

TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign (sublime.security)

submitted 2 hours ago by kid to c/cybersecurity

0 comments fedilink

GoPhish Infrastructure Targets Polish Energy and Government (hunt.io)

submitted 2 hours ago by kid to c/cybersecurity

0 comments fedilink

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (thehackernews.com)

submitted 2 hours ago by kid to c/cybersecurity

0 comments fedilink

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing (hackread.com)

submitted 2 hours ago by kid to c/cybersecurity

0 comments fedilink

Wolters Kluwer allegedly hit by data breach, threatening Fortune 500 firms (cybernews.com)

submitted 2 hours ago by kid to c/cybersecurity

0 comments fedilink

AI-hallucinated code dependencies become new supply chain risk (www.bleepingcomputer.com)

submitted 1 day ago by [email protected] to c/cybersecurity

3 comments fedilink

Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (www.bleepingcomputer.com)

submitted 1 day ago by [email protected] to c/cybersecurity

22 comments fedilink

Microsoft Defender will isolate undiscovered endpoints to block attacks (www.bleepingcomputer.com)

submitted 1 day ago by [email protected] to c/cybersecurity

0 comments fedilink

U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

submitted 3 days ago by kid to c/cybersecurity

4 comments fedilink

Phishing kits now vet victims in real-time before stealing credentials (www.bleepingcomputer.com)

submitted 3 days ago by kid to c/cybersecurity

1 comments fedilink

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks (www.trendmicro.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

Jenkins Docker Images Vulnerable to SSH Host Key Reuse (securityonline.info)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

Hackers exploit WordPress plugin auth bypass hours after disclosure (www.bleepingcomputer.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

17,000,000 GrubHub passwords and other data exposed, hackers claim (cybernews.com)

submitted 4 days ago by kid to c/cybersecurity

8 comments fedilink

Google fixes two actively exploited zero-day vulnerabilities in Android (www.malwarebytes.com)

submitted 4 days ago by kid to c/cybersecurity

1 comments fedilink

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) - Help Net Security (www.helpnetsecurity.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale (www.sentinelone.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

China-based SMS Phishing Triad Pivots to Banks (krebsonsecurity.com)

submitted 3 days ago by [email protected] to c/cybersecurity

0 comments fedilink

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff.

Ransomware attack cost IKEA operator in Eastern Europe $23 million (www.bleepingcomputer.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

Oracle Appears to Admit Breach of 2 'Obsolete' Servers (www.darkreading.com)

submitted 4 days ago by kid to c/cybersecurity

0 comments fedilink

The database company said its Oracle Cloud Infrastructure (OCI) was not involved in the breach. And at least one law firm seeking damages is already on the case.