Cybersecurity

5918 readers

151 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

126

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts (hackread.com)

submitted 4 weeks ago by kid to c/cybersecurity

0 comments fedilink

127

Is it a bad idea to go on with a pixel 4a? (lemmy.world)

submitted 4 weeks ago* (last edited 4 weeks ago) by [email protected] to c/cybersecurity

10 comments fedilink

Hi, I have a pixel 4a that I love and works great (with CalyxOS) I bought it when it came out and I really don't want a new phone, but...

Security updates from google stopped for the 4a about a year and a bit ago, and for the last year I have been slowly getting more and more anxious while trying to ignore it. I'm still getting the android security updates (software) for another year or so (thanks calyx!) But I'm not getting the firmware security updates anymore.

I'm experienced in the field of cyber security and I feel like I'm in denial because I really really don't want to buy a new phone.

Please tell me if I really should get a new phone or not...

My threat model would be just an average person but with the added paranoia of knowing too much about privacy and security, and my avoidance of getting a new phone is mostly rooted in zero-waste ideology and the pure hate towards google for forcing me to stop using a great phone that would otherwise probably be usable for another few years.

128

Windows RDP Service Flaw let Hackers Execute Remote Code (gbhackers.com)

submitted 4 weeks ago by kid to c/cybersecurity

0 comments fedilink

129

FYI OpenCVE 2.0 Opensource Vulnerability Management Platform is out (www.opencve.io)

submitted 4 weeks ago by [email protected] to c/cybersecurity

0 comments fedilink

cross post from : https://lemmy.sdf.org/post/26290623

OpenCVE 2.0 Opensource Vulnerability Management Platform is out 😸

https://www.opencve.io

https://github.com/opencve/opencve/releases/tag/v2.0.0

#cybersecurity #cve #cvss #opencve #vunlnerability

(note to self : is it really how cross post works on lemmy ? bit odd is it ?)

130

Dell Warns of Critical Code Execution Vulnerability in Power Manager (gbhackers.com)

submitted 4 weeks ago by kid to c/cybersecurity

1 comments fedilink

131

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows (www.cadosecurity.com)

submitted 4 weeks ago by kid to c/cybersecurity

0 comments fedilink

132

U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

submitted 4 weeks ago by kid to c/cybersecurity