Cybersecurity

6894 readers

156 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

1726

Nasty bug with very simple exploit hits PHP just in time for the weekend (arstechnica.com)

submitted 9 months ago by [email protected] to c/cybersecurity

4 comments fedilink

1727

New York Times source code stolen using exposed GitHub token (www.bleepingcomputer.com)

submitted 9 months ago by [email protected] to c/cybersecurity

1 comments fedilink

1728

PHP fixes critical RCE flaw impacting all versions for Windows (www.bleepingcomputer.com)

submitted 9 months ago by [email protected] to c/cybersecurity

4 comments fedilink

A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide.

1729

Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells (www.bleepingcomputer.com)

submitted 9 months ago by [email protected] to c/cybersecurity

0 comments fedilink

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama.

1730

New Gitloker attacks wipe GitHub repos in extortion scheme (www.bleepingcomputer.com)

submitted 9 months ago by [email protected] to c/cybersecurity

1 comments fedilink

Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information.

1731

Ukraine says hackers abuse SyncThing tool to steal data (www.bleepingcomputer.com)

submitted 9 months ago by kid to c/cybersecurity

16 comments fedilink

1732

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks (thehackernews.com)

submitted 9 months ago by kid to c/cybersecurity

0 comments fedilink

1733

POC exploit code published for critical Apache HugeGraph bug (www.theregister.com)

submitted 9 months ago by kid to c/cybersecurity

1 comments fedilink

1734

Dutch political websites hit by cyber attacks as EU voting starts (blog.cloudflare.com)

submitted 10 months ago by [email protected] to c/cybersecurity

0 comments fedilink

1735

Cisco addressed Webex flaws used to compromise German government meetings (securityaffairs.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1736

Linux version of TargetCompany ransomware focuses on VMware ESXi (www.bleepingcomputer.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1737

FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out (www.bleepingcomputer.com)

submitted 10 months ago by [email protected] to c/cybersecurity

0 comments fedilink

The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free.

1738

GitHub - xaitax/TotalRecall: This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots. (github.com)

submitted 10 months ago by kid to c/cybersecurity

1 comments fedilink

1739

Vulnerability in Cisco Webex cloud service exposed government authorities, companies (www.helpnetsecurity.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1740

New V3B phishing kit targets customers of 54 European banks (www.bleepingcomputer.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1741

Russian hackers claim cyberattack on Spanish defence company (www.reuters.com)

submitted 10 months ago by kid to c/cybersecurity

1 comments fedilink

1742

Arctic Wolf sniffs out new ransomware variant (www.csoonline.com)

submitted 10 months ago by [email protected] to c/cybersecurity

0 comments fedilink

The ransomware payload is designed for an easy and quicker payday over a deep, double-extortive infection.

1743

NIST is finally getting help with the National Vulnerability Database backlog (www.csoonline.com)

submitted 10 months ago by [email protected] to c/cybersecurity

0 comments fedilink

NIST is paying Analygence $865,657 to help process incoming CVEs.

1744

Critical incident declared as ransomware attack disrupts multiple London hospitals (therecord.media)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1745

High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) (www.helpnetsecurity.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1746

Cybercriminals attack banking customers in EU with V3B phishing kit (www.resecurity.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1747

8220 Gang Exploiting Oracle WebLogic Server Flaw To Deploy Cryptominer (gbhackers.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1748

APT28 targets key networks in Europe with HeadLace malware (securityaffairs.com)

submitted 10 months ago by kid to c/cybersecurity

0 comments fedilink

1749

Cybercriminals pose as "helpful" Stack Overflow users to push malware (www.bleepingcomputer.com)

submitted 10 months ago by kid to c/cybersecurity

1 comments fedilink

1750

Azure Service Tags tagged as security risk, Microsoft disagrees (www.bleepingcomputer.com)

submitted 10 months ago by [email protected] to c/cybersecurity

2 comments fedilink

Security researchers at Tenable discovered what they describe as a high-severity vulnerability in Azure Service Tag that could allow attackers to access customers' private data.