#Ukraine #propaganda via @NewsBot Everyone knows Ukraine is a #cyberthreat and they spoof Russia's ips. #Russia 'election influence ads' , for instance. No Russian was EVER brought to full trial. Just Indicted. Ukraine is also #1 in #Phishing and other scams.
GitVenom: Fake-GitHub-Repos verbreiten Malware! Kaspersky warnt vor manipulierten Open-Source-Projekten, die Daten & Krypto stehlen. Entwickler aufgepasst! 
#Malware #GitHub #CyberThreat #DevSecurity
Learn about the free application from Kaspersky that lets you scan Linux systems for known cyberthreats https://www.admin-magazine.com/News/A-Look-at-Kaspersky-s-New-Virus-Removal-Tool-for-Linux
#Kaspersky #KVRT #virus #cyberthreat #security #tools #Linux
[en] Commercial spyware firms make mobile phones and devices increasingly insecure
"Nearly two thirds of mobile and browser flaws were used by spyware firms".
"... in 2023, spyware produced by commercial surveillance vendors (CSVs) were responsible for 64% of known exploited mobile and browser zero-day vulnerabilities."
Tell your Mastodon admins to apply this update ASAP!
If your server has the very latest version of Mastodon, it should be at v4.2.5, now, but the patch is available for earlier releases.
- Fix insufficient origin validation (CVE-2024-23832, GHSA-3fjr-858r-92rw)
https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
Latest issue of my curated #cybersecurity and #infosec list of resources for week #42/2023 is out! It includes the following and much more:
➝ 
Tracking Unauthorized Access to #Okta's Support System
➝ 
#Casio discloses #databreach impacting customers in 149 countries
➝ 
Hacker leaks millions more #23andMe user records on #cybercrime forum
➝ 
D-Link confirms data breach after employee #phishing attack
➝ 
#Equifax Fined $13.5 Million Over 2017 Data Breach
➝ 
Ukrainian activists hack Trigona #ransomware gang, wipe servers
➝ 
FBI: Thousands of Remote IT Workers Sent Wages to #NorthKorea to Help Fund Weapons Program
➝ 
#India targets #Microsoft, #Amazon tech support #scammers in nationwide crackdown
➝ 
#Hamas-linked app offers window into cyber infrastructure, possible links to Iran
➝ 
Police seize #RagnarLocker leak site
➝ North Korean Hackers Exploiting Recent #TeamCity Vulnerability
➝ 
#China replaces #Russia as top #cyberthreat
➝ 
CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
➝ 
#France frees the two biggest Spanish hackers
➝ 
️ Ex-Navy IT head gets 5 years for selling people’s data on #darkweb
➝ 
#Switzerland’s e-voting system has predictable implementation blunder
➝ 
Critical Vulnerabilities Expose #Weintek HMIs to Attacks
➝ #Milesight Industrial Router #Vulnerability Possibly Exploited in Attacks
➝ 
Fake #Corsair job offers on #LinkedIn push #DarkGate malware
➝ Google-hosted #malvertising leads to fake #Keepass site that looks genuine
➝ 
#Discord still a hotbed of #malware activity — Now APTs join the fun
➝ 
SpyNote: Beware of This Android #Trojan that Records Audio and Phone Calls
➝ 
#Android will now scan sideloaded apps for malware at install time
➝ 
#WhatsApp #passkeys on the way, but as usual, for Android first
➝ 
Pro-Russian Hackers Exploiting Recent #WinRAR Vulnerability in New Campaign
➝ 
Signal Pours Cold Water on Zero-Day Exploit Rumors
➝ 
#Cisco warns of new #IOS XE #zeroday actively exploited in attacks
This week's recommended reading is: "RTFM: Red Team Field Manual v2" by Ben Clark and Nicholas Downer
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end 
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-422023
The vulnerability was discovered by Cycode researchers, who reported it to Microsoft along with an exploit example.
KillNet team to launch "Dark School" on May 25 as per the groups latest post on their telegram channel. The group claims to recruit the candidates to their new Cyber Army of Russia from this.
Statistical data on cyber conflict is lacking. A new dataset by a European research initiative called EuRepoC tries to solve this problem by launching a dashboard to visualize more than 1,400 cyber incidents.
#CyberWar #CyberSecurity #DDoS #Europe #CyberAttack #CyberConflict #CyberThreat
From Matthias Schulze: https://www.lawfareblog.com/quantifying-cyber-conflict-introducing-european-repository-cyber-incidents
You’re into #CyberThreats? But not in a creepy way! 
Join @CERTEU and #teamDIGIT as #CyberThreat Intelligence Analyst (FGIV) and help keep our cyber space safe. 
Find out more & apply by 23 August at noon 
https://europa.eu/!TgNkyy
Going through #Cloudflare is the new #starfish.
Don't perform, dear #bank, just siphon #customerData to us, we'll print the rest.
What if good #banks don't go through Cloudflare, but use #renewableEnergy to secure #bitcoin and other #currencies that are actually worth something and we paide pay them in transaction fees.
What if there existed a company that is likely to learn how much you have in the #bank and which #homes and or #land that you are looking at moving into?
Does anyone else see the intense danger here, especially if there was some kind of #dataBreach?
Anyway, that company is #Cloudflare.
If #privatised infrastructure gets #hacked, #managment would need to be replaced and the #infrastructure should be returned to public hands, or get broken up.
Similar to how #banks collapsing or creating extreme instability should be dealt with.
What do you think?
What about a postcard that you can give to someone? The front says "The biggest #cyberthreat that noone is brave enough to talk about".
The back might say" Since 2009 Cloudflare and Amazon's growth in control of the internet infrastructure and basic keys to the internet including *many* popular websites, is making us vulnerable."
"Society depends on the internet.
"What are we setting ourselves up for when two corporations alone control encryption keys to large swathes of #theInternet.
1/2
