Cybersecurity

5923 readers

251 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

201

No more punched tape and CDs? NCSC promises progress on £2.6 billion cryptographic key overhaul (www.thestack.technology)

submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/cybersecurity

0 comments fedilink

Keys "were originally shipped around in plastic bags..."

202

Police seize Matrix (not matrix.org) encrypted chat service after spying on criminals (www.bleepingcomputer.com)

submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/cybersecurity

6 comments fedilink

An international law enforcement operation codenamed 'Operation Passionflower' has shut down MATRIX, an encrypted messaging platform used by cybercriminals to coordinate illegal activities while evading police.

Note: It's not the service by run by the Matrix.org Foundation. Different service with the same name.

203

Apple espionage on its employees iPhones and iCloud accounts (www.cybersecurity-insiders.com)

submitted 1 month ago by kid to c/cybersecurity

5 comments fedilink

204

International operation takes down another encrypted messaging service used by criminals | Europol (www.europol.europa.eu)

submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/cybersecurity

5 comments fedilink

What does this mean? Have they hacked a Matrix server, a client, the protocol, or is there some other underground chat-app called MATRIX?

205

The shocking speed of AWS key exploitation - Help Net Security (www.helpnetsecurity.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

206

Salesforce Applications Vulnerability Could Allow Full Account Takeover (gbhackers.com)

submitted 1 month ago by kid to c/cybersecurity

1 comments fedilink

207

UK Ministry of Defense MoD passwords leaked on Dark Web - Cybersecurity Insiders (www.cybersecurity-insiders.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

208

Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software (securityonline.info)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

209

Korea arrests CEO for adding DDoS feature to satellite receivers (www.bleepingcomputer.com)

submitted 1 month ago by kid to c/cybersecurity

2 comments fedilink

210

Microsoft Boosts Device Security With Windows Resiliency Initiative (www.darkreading.com)

submitted 1 month ago by kid to c/cybersecurity

2 comments fedilink

211

8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (thehackernews.com)

submitted 1 month ago by kid to c/cybersecurity

1 comments fedilink

212

Apple Safari JavaScriptCore Remote Code Execution Flaw Exploited in the Wild (gbhackers.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

213

New Windows Server 2012 zero-day gets free, unofficial patches (www.bleepingcomputer.com)

submitted 1 month ago by kid to c/cybersecurity

1 comments fedilink

214

Novel phising campaign uses corrupted Word documents to evade security (www.bleepingcomputer.com)

submitted 1 month ago by kid to c/cybersecurity

2 comments fedilink

215

Lab401 black friday / cyber monday sale with hamster hunt (biglemmowski.win)

submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/cybersecurity

0 comments fedilink

https://lab401.com/ (I guess one of the bigger supplier/e-shop of hacking tools in EU) has a sale going on.

If you are interested you can check it out but I have another question, has anyone actually found the hamster?
I've even started scouring the page sources, considering the nature of the site it wouldn't be unusual to have it hidden literally but no bueno.
The 200EUR hamsters were gone within few hours so I must be doing something wrong or... :shrug:

E: Hoping to get the Chameleon Ultra for this christmas and this seems to be the only official/renown seller of them in EU (open to alternatives though!), I know it's rather sub-par compared to the Proxmark but PX is currently overkill for me and I love how cute and small the CU is.

216

Zabbix urges upgrades after SQL injection bug disclosure • The Register (go.theregister.com)

submitted 1 month ago by kid to c/cybersecurity

3 comments fedilink

217

Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (thehackernews.com)

submitted 1 month ago by kid to c/cybersecurity

3 comments fedilink

218

Ransomware spreading through Microsoft Teams - Cybersecurity Insiders (www.cybersecurity-insiders.com)

submitted 1 month ago by kid to c/cybersecurity

1 comments fedilink

219

Mimic Ransomware: What You Need To Know (www.tripwire.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

220

Researchers Detailed New Exfiltration Techniques Used By Ransomware Groups (gbhackers.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

221

SMOKEDHAM Backdoor Mimic As Legitimate Tools Leveraging Google Drive And Dropbox (gbhackers.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

222

Zello asks users to reset passwords after security incident (www.bleepingcomputer.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

223

Attack Group APT-C-60 Targets Japan Using Trusted Platforms (www.infosecurity-magazine.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

224

Pro-Russian Hacktivists Launch Branded Ransomware Operations (www.infosecurity-magazine.com)

submitted 1 month ago by kid to c/cybersecurity

0 comments fedilink

225

Hackers abuse popular Godot game engine to infect thousands of PCs (www.bleepingcomputer.com)

submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/cybersecurity

3 comments fedilink

Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months.