Cybersecurity

5935 readers
19 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
601
602
1
Why Pay A Pentester? (thehackernews.com)
submitted 3 months ago by [email protected] to c/cybersecurity
 
 

What do you guys think? I don't think there's a lot of depth to the arguments, myself. It reads more like an threadbare op-ed with a provocative title. But I'd like to hear you opinions on the impact of automated testing solutions on the role of pen-testers in the industry.

603
 
 

The authorities infiltrated Ghost’s distribution channel and modified updates to gain access to subscribers’ phones.

604
605
 
 

Hackers are brute-forcing passwords for highly privileged accounts on exposed Foundation accounting servers, widely used in the construction industry, to breach corporate networks.

606
 
 

​CISA and the FBI urged technology manufacturing companies to review their software and ensure that future releases are free of cross-site scripting vulnerabilities before shipping.

607
 
 

Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit malware attacks.

608
 
 

Hacktivists love to target financial services companies, and their attacks are growing both larger and longer.

609
 
 

Attackers could have exploited a dependency confusion vulnerability dubbed "CloudImposer" affecting various Google Cloud services to execute a sprawling supply chain attack via just one malicious Python code package.

610
611
612
613
614
615
616
617
618
619
620
621
 
 

Infection corrals devices running AOSP-based firmware into a botnet.

622
623
624
 
 

Fake Python job opportunities used to attack programmers

625
view more: ‹ prev next ›