Cybersecurity

5993 readers

101 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

[email protected]

1

4

Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities (www.securityweek.com)

submitted 5 hours ago by [email protected] to c/cybersecurity

0 comments fedilink

2

15

Windows 11 BitLocker-Encrypted Files Accessed Without Disassembling Laptops (cybersecuritynews.com)

submitted 8 hours ago by [email protected] to c/cybersecurity

0 comments fedilink

Researchers demonstrated how attackers can bypass its protections without physically tampering with the device. The exploit, known as “bitpixie” (CVE-2023-21563), was showcased at the Chaos Communication Congress (38C3) by security researcher Thomas Lambertz.

The “bitpixie” exploit bypasses Secure Boot by exploiting a downgrade attack on the Windows Boot Manager.

3

27

Malicious PyPi package steals Discord auth tokens from devs (www.bleepingcomputer.com)

submitted 13 hours ago by kid to c/cybersecurity

2 comments fedilink

4

19

Pumakit - Sophisticated Linux Rootkit That Persist Even After Reboots (gbhackers.com)

submitted 13 hours ago by kid to c/cybersecurity

1 comments fedilink

5

18

Hackers Claim Breach of Hewlett Packard Enterprise, Lists Data for Sale (hackread.com)

submitted 13 hours ago by kid to c/cybersecurity

1 comments fedilink

6

17

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 (www.welivesecurity.com)

submitted 13 hours ago by kid to c/cybersecurity

0 comments fedilink

7

14

New Microsoft 2FA Bypass Attack Warning—Dangerous And Sneaky (www.forbes.com)

submitted 13 hours ago by kid to c/cybersecurity

2 comments fedilink

8

12

Hackers Exploit AnyDesk Impersonating CERT-UA to Launch Cyber-Attacks (socprime.com)

submitted 13 hours ago by kid to c/cybersecurity

0 comments fedilink

9

8

Otelier data breach exposes info, hotel reservations of millions (www.bleepingcomputer.com)

submitted 13 hours ago by kid to c/cybersecurity

0 comments fedilink

10

23

ChatGPT crawler flaw opens door to DDoS, prompt injection (go.theregister.com)

submitted 1 day ago by [email protected] to c/cybersecurity

0 comments fedilink

11

138

NSA Warns iPhone And Android Users—Disable Location Tracking (www.forbes.com)

submitted 3 days ago by kid to c/cybersecurity

53 comments fedilink

12

49

iPhone USB-C is hackable, but users don't need to worry yet (www.techspot.com)

submitted 3 days ago by kid to c/cybersecurity

23 comments fedilink

13

38

FBI warns agents of call log thefts by hackers, Bloomberg News reports (www.reuters.com)

submitted 3 days ago by kid to c/cybersecurity

5 comments fedilink

14

35

Chinese hackers accessed Yellen's computer in US Treasury breach, Bloomberg News reports (www.reuters.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

15

21

Malware stole internal PowerSchool passwords from engineer's hacked computer (techcrunch.com)

submitted 3 days ago by [email protected] to c/cybersecurity

2 comments fedilink

16

19

FCC Adopts Cybersecurity Rules in Wake of Salt Typhoon (broadbandbreakfast.com)

submitted 3 days ago by kid to c/cybersecurity

1 comments fedilink

17

21

Bypassing disk encryption on systems with automatic TPM2unlock (oddlama.org)

submitted 3 days ago by [email protected] to c/cybersecurity

2 comments fedilink

Note this post evaluates Linux systems. Microsoft presumably has a different, hopefully better, implementation.

18

18

MSSqlPwner: Open-source tool for pentesting MSSQL servers (www.helpnetsecurity.com)

submitted 3 days ago by kid to c/cybersecurity

1 comments fedilink

19

9

Cybernotes (cybernotes.xyz)

submitted 3 days ago by [email protected] to c/cybersecurity

0 comments fedilink

Sharing a website for those who are interested in red teaming and hacking. Could be some useful techniques added to your own penetration testing.

20

12

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV (gbhackers.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

21

16

Wolf Haldenstein law firm says 3.5 million impacted by data breach (www.bleepingcomputer.com)

submitted 3 days ago by kid to c/cybersecurity

1 comments fedilink

22

15

Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service (blog.sekoia.io)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink

23

11

Top 10 web hacking techniques of 2024: nominations open (portswigger.net)

submitted 3 days ago by [email protected] to c/cybersecurity

1 comments fedilink

On Portswigger's website: Nominations are now open for the top 10 new web hacking techniques of 2024!

24

30

Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp (cyberscoop.com)

submitted 4 days ago by kid to c/cybersecurity

0 comments fedilink

25

8

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024 (thehackernews.com)

submitted 3 days ago by kid to c/cybersecurity

0 comments fedilink