Cybersecurity

7169 readers

72 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

1726

[AL-091] Ongoing Phishing Campaign Targeting CrowdStrike Users (www.csa.gov.sg)

submitted 9 months ago by kid to c/cybersecurity

0 comments fedilink

1727

160

Fake Hot Fix for CrowdStrike ''crowdstrike-hotfix.zip'' Spreads Remcos RAT (hackread.com)

submitted 9 months ago by kid to c/cybersecurity

7 comments fedilink

1728

A recommended tool for people using Defender. (github.com)

submitted 9 months ago by ModerateImprovement to c/cybersecurity

4 comments fedilink

Based on my last post I saw a lot of people who recommend me windows defender, so I wanted to suggest this tool for people who use it on their systems.

1729

What is the best antivirus for windows 10/11? (self.cybersecurity)

submitted 9 months ago by ModerateImprovement to c/cybersecurity

21 comments fedilink

I am under the impression that the best antivirus programs that work without account is Eset and Kaspersky.

Is there is a better solutions?

1730

Companies around the world hit by IT outage (archive.is)

submitted 9 months ago by [email protected] to c/cybersecurity

6 comments fedilink

1731

How did the FBI access the trump rally shooters phone? (www.xda-developers.com)

submitted 9 months ago by [email protected] to c/cybersecurity

23 comments fedilink

1732

[Dasharo Coreboot] Intel's HBFA-FL fuzzer for UEFI CI-CD fuzzing (www.youtube.com)

submitted 9 months ago by [email protected] to c/cybersecurity

0 comments fedilink

1733

Microsoft-Signed Chinese Adware Opens the Door to Kernel Privileges (www.darkreading.com)

submitted 9 months ago by [email protected] to c/cybersecurity

0 comments fedilink

An official stamp of approval might give the impression that a purported "HotPage" adtech tool is not, in fact, a dangerous kernel-level malware — but that's just subterfuge.

1734

Power9, Talos-II PC, the most open source modern PC you can get (www.youtube.com)

submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/cybersecurity

8 comments fedilink

https://www.raptorcs.com/TALOSII

I just saw this, even if it is pretty old.

They continue the IMB powerPC architecture.

Talk with a developer

3mdeb develops coreboot for the architecture.

Here is an interesting presentation

OS Installation is complex, but Linux/BSD with support for ppc64 should work.

The used AMD Radeon Pro WX7100 GPU is pretty open, but the boot code contains blobs.

Just as the NVME controller.

This is a competitor to RISC-V, while the latter is in early steps but is high in trend and developing fast.

FYI, SimpleX chat on RISC-V

1735

[Dasharo Coreboot] Verified Boot and secure updates - How to do them securely and openly? (www.youtube.com)

submitted 9 months ago by [email protected] to c/cybersecurity

0 comments fedilink

1736

Threat group FIN7 adapts with new tactics and tools, researchers say (cybernews.com)

submitted 9 months ago by kid to c/cybersecurity

0 comments fedilink

1737

Vulnerability in Cisco Smart Software Manager lets attackers change any user password (arstechnica.com)

submitted 9 months ago by [email protected] to c/cybersecurity

1 comments fedilink

1738

Rite Aid breach exposes 2.2 million customer records (arstechnica.com)

submitted 9 months ago by [email protected] to c/cybersecurity

2 comments fedilink

1739

Void Banshee APT exploited "lingering Windows relic" in zero-day attacks (www.helpnetsecurity.com)

submitted 9 months ago by kid to c/cybersecurity

5 comments fedilink

1740

Email addresses of 15 million Trello users leaked on hacking forum (www.bleepingcomputer.com)

submitted 9 months ago by kid to c/cybersecurity

4 comments fedilink

1741

It’s never been easier for the cops to break into your phone (www.theverge.com)

submitted 9 months ago by [email protected] to c/cybersecurity

13 comments fedilink

1742

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data (gbhackers.com)

submitted 9 months ago by kid to c/cybersecurity

1 comments fedilink

1743

New BugSleep malware implant deployed in MuddyWater attacks (www.bleepingcomputer.com)

submitted 9 months ago by kid to c/cybersecurity

0 comments fedilink

1744

Attackers Exploit URL Protections to Disguise Phishing Links (www.infosecurity-magazine.com)

submitted 9 months ago by kid to c/cybersecurity

1 comments fedilink

1745

'Trial' DDoS Attacks on French Sites Portend Greater Olympics Threats (www.darkreading.com)

submitted 9 months ago by kid to c/cybersecurity

1 comments fedilink

1746

Facebook ads for Windows desktop themes push info-stealing malware (www.bleepingcomputer.com)

submitted 9 months ago by [email protected] to c/cybersecurity

1 comments fedilink

1747

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks (krebsonsecurity.com)

submitted 9 months ago by [email protected] to c/cybersecurity

0 comments fedilink

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

1748

Netgear warns users to patch auth bypass, XSS router flaws (www.bleepingcomputer.com)

submitted 9 months ago by kid to c/cybersecurity

0 comments fedilink

1749

AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records (www.wired.com)

submitted 10 months ago by [email protected] to c/cybersecurity

7 comments fedilink

1750

A Simple Firmware Update Completely Hides a Device’s Bluetooth Fingerprint (today.ucsd.edu)

submitted 10 months ago by [email protected] to c/cybersecurity

3 comments fedilink

A smartphone’s unique Bluetooth fingerprint could be used to track the device’s user–until now. A team of researchers have developed a simple firmware update that can completely hide the Bluetooth fingerprint, eliminating the vulnerability.