#cybersecurity

These are public posts tagged with #cybersecurity. You can interact with them if you have an account anywhere in the fediverse.

SecuritySnacks

Cybercrime group FIN6 (aka Skeleton Spider) is leveraging trusted cloud services like AWS to deliver malware through fake job applications.

Our latest analysis breaks down:
🔹 How attackers use LinkedIn & Indeed to build trust
🔹 The use of resume-themed phishing lures
🔹 Cloud-hosted infrastructure that evades detection
🔹 The delivery of the More_eggs backdoor via .LNK files
🔹 Key defense strategies for recruiters and security teams

This campaign is a masterclass in low-complexity, high-evasion phishing

📖 Read the full breakdown: dti.domaintools.com/skeleton-s

#CyberSecurity #ThreatIntel #FIN6 #Phishing #CloudSecurity #MalwareAnalysis #InfoSec #SkeletonSpider

Jun 10, 2025, 13:05 · · 1 · 0
BeyondMachines :verified:

Multiple vulnerabilities reported in DataEase Platform exposing risk of system compromise

DataEase, an open-source business intelligence platform, disclosed multiple critical vulnerabilities including authentication bypass (CVE-2025-49001) that allows JWT token forging and remote code execution flaws (CVE-2025-49002 and CVE-2025-48999) that bypass previous security patches through case sensitivity variations and malicious JDBC statements.

**If you are using DataEase, pmake sure to isolate it from the internet and allow access only from trusted networks. Then plan a quick upgrade to version 2.10.10 or later. There are at least two scary (and fairly dumb) exploits that can compromise your DataEase.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Multiple vulnerabilities reported in DataEase Platform exposing risk of system compromise

DataEase, an open-source business intelligence platform,…

BeyondMachines
Jun 10, 2025, 13:01 · · 0 · 0
Patrick Coyle

Bills Introduced – 6-9-25 – 43 bills – HR 3838, defense acquisition – HR 3841 – healthcare cybersecurity – MIP: S 1988, military academies – tinyurl.com/2rp9xp6c Subscription required #Legislation #Cybersecurity

Bills Introduced – 6-9-25

43 bills – HR 3838, defense acquisition – HR 3841 –…

CFSN Detailed Analysis
Jun 10, 2025, 12:08 · · 0 · 0
BeyondMachines :verified:

Critical account takeover flaw reported in WordPress PayU India plugin

A critical vulnerability (CVE-2025-31022) in the WordPress PayU India plugin allows unauthenticated attackers to hijack any user account, including administrators, through exploitation of insecure API routes and hardcoded email validation that enables token generation and session manipulation.

**If you are PayU India plugin, be aware that it's critically vulnerable with no fixes. Immediately deactivate and the plugin from your WordPress installations.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

Critical account takeover flaw reported in WordPress PayU India plugin

A critical vulnerability (CVE-2025-31022) in the WordPress…

BeyondMachines
Jun 10, 2025, 12:01 · · 0 · 0
dan_nanni

A secure HTTPS connection starts with an SSL/TLS handshake, during which the browser and the server verify each other’s identities, choose encryption protocols, and share cryptographic keys to create a protected communication channel

Here is how SSL/TLS handshake works step by step 😎👇 #infoeec #privacy #tls #encryption

Find high-res pdf books with all my #cybersecurity related infographics at study-notes.org

Jun 10, 2025, 11:52 · · 0 · 0
Miguel Afonso Caetano

"In a victory for personal privacy, a New York federal district court judge today granted a preliminary injunction in a lawsuit challenging the U.S. Office of Personnel Management’s (OPM) disclosure of records to DOGE and its agents.

Judge Denise L. Cote of the U.S. District Court for the Southern District of New York found that OPM violated the Privacy Act and bypassed its established cybersecurity practices under the Administrative Procedures Act. The court will decide the scope of the injunction later this week. The plaintiffs have asked the court to halt DOGE agents’ access to OPM records and for DOGE and its agents to delete any records that have already been disclosed. OPM’s databases hold highly sensitive personal information about tens of millions of federal employees, retirees, and job applicants.

“The plaintiffs have shown that the defendants disclosed OPM records to individuals who had no legal right of access to those records,” Cote found. “In doing so, the defendants violated the Privacy Act and departed from cybersecurity standards that they are obligated to follow. This was a breach of law and of trust. Tens of millions of Americans depend on the Government to safeguard records that reveal their most private and sensitive affairs.”"

eff.org/press/releases/privacy

#USA #Trump #Musk #DOGE #OPM #CyberSecurity #Privacy #DataProtection

Privacy Victory! Judge Grants Preliminary Injunction in OPM/DOGE Lawsuit

NEW YORK–In a victory for personal privacy, a New York…

Electronic Frontier Foundation
Jun 10, 2025, 11:40 · · 0 · 0
Miguel Afonso Caetano

"A cybersecurity researcher was able to figure out the phone number linked to any Google account, information that is usually not public and is often sensitive, according to the researcher, Google, and 404 Media’s own tests.

The issue has since been fixed but at the time presented a privacy issue in which even hackers with relatively few resources could have brute forced their way to peoples’ personal information.

“I think this exploit is pretty bad since it's basically a gold mine for SIM swappers,” the independent security researcher who found the issue, who goes by the handle brutecat, wrote in an email. SIM swappers are hackers who take over a target's phone number in order to receive their calls and texts, which in turn can let them break into all manner of accounts.

In mid-April, we provided brutecat with one of our personal Gmail addresses in order to test the vulnerability. About six hours later, brutecat replied with the correct and full phone number linked to that account."

wired.com/story/a-researcher-f

#Privacy #Google #DataProtection #CyberSecurity #Hacking

Jun 10, 2025, 11:35 · · 0 · 0
teufelswerk

Phishing-Mails sind längst nicht mehr plump oder schlecht formuliert – mittlerweile wirken viele täuschend echt. In einem aktuellen Fall wurde in einer gefälschten E-Mail, die angeblich von der Commerzbank stammt, nach über 200 Leerzeilen ein vollständiger Wikipedia-Artikel über die Commerzbank eingefügt. Diese Maßnahme ist kein Zufall, sondern Teil einer gezielten Täuschungsstrategie.

teufelswerk.net/commerzbank-fa

#phishing #fake #fakemail #spam #scam #commerzbank #cybersecurity #teufelswerk

Commerzbank-Fake-Mail: Wie Phishing-Mails Wikipedia nutzen, um glaubwürdiger zu wirken

Mittlerweile wirken viele Phishing-Mails täuschend…

teufelswerk | IT-Sicherheit & Cybersecurity
Jun 10, 2025, 11:09 · · 1 · 0
Miguel Afonso Caetano

"China’s state-owned aircraft maker had just announced the Western engine it had chosen for its new aircraft.

One month later, in January 2010, American cyber researchers started to see the “preparatory activity” of a Chinese hacking group focusing on an American turbine company that made a part needed for jet engines.

For years afterwards, a division of China’s intelligence apparatus could be seen trying to steal engine design information from Western companies. By 2017 and 2018, the US government had opened indictments – with convictions to follow – against figures in the US and China trying to steal Western aerospace information.

The subterfuge, now largely forgotten by the public, is an essential chapter in the origin story of the C919, which was developed to compete with two of the world’s most widely used passenger aircraft – the Boeing 737 and the Airbus A320neo. It was also the foundation of establishing the Commercial Aircraft Corporation of China (COMAC) as a serious player in the global commercial aviation market.

The C919 is now in regular production, and it’s taking its first steps in aiding China’s systematic efforts to both develop its aerospace industry and to produce a viable passenger aircraft.
But years after concerns were raised over Chinese intellectual property theft, few of the affected parties are keen to talk openly about the alleged cyber-espionage."

smh.com.au/business/companies/

#China #Boeing #Airbus #COMAC #C919 #IPTheft #StateHacking #CyberSecurity

‘Prisoner’s dilemma’: How China is using the West to try and rule the skies

China’s Great Leap Skyward has the potential to shake…

The Sydney Morning Herald
Jun 10, 2025, 11:07 · · 1 · 0
BeyondMachines :verified:

Indian grocery startup KiranaPro hit by insider security incident affecting over 55,000 people

KiranaPro, a Bengaluru-based grocery delivery startup, suffered a catastrophic security incident between May 24-25, 2024, that completely wiped out its AWS infrastructure, GitHub repositories, and customer databases containing data from over 55,000 users due to a former employee's credentials not being properly deactivated after departure.

**Make sure to ALWAYS offboard employees from all systems. Because whether it was a disgruntled person or hackers compromising credentials, the credentials of a departed employee were abused.**
#cybersecurity #infosec #incident #databreach
beyondmachines.net/event_detai

Indian grocery startup KiranaPro hit by insider security incident affecting over 55,000 people

KiranaPro, a Bengaluru-based grocery delivery startup,…

BeyondMachines
Jun 10, 2025, 11:01 · · 0 · 0
Nicola Fabiano :xmpp:

🎉 Un momento che aspettavo da tempo!

Oggi ho ricevuto le prime copie cartacee del mio nuovo libro e non riesco a nascondere l'emozione. Tenere tra le mani il risultato di mesi di lavoro, ricerca e dedizione è una sensazione indescrivibile.

Disponibile sui principali store online.

🌐 Maggiori informazioni qui: nicfab.eu/it/pages/bookai/

🇺🇸 The English edition will also be available soon.

#AI #Privacy #Ethics #AIAct #LLM #Neurodiritti #Cybersecurity #DigitalInnovation #Libro

Jun 10, 2025, 10:44 · · 3 · 0
BeyondMachines :verified:

State of (in)security - Week 23, 2025

During the week of June 2-9, 2025, cybersecurity incidents surged with 23 data breach events impacting over 212 million individuals (up from 2.44 million the previous week), driven primarily by malware/ransomware attacks (6 incidents) and a massive unsecured database exposure affecting 100 million users. The week was marked by active exploitation of critical vulnerabilities in widely-used systems including Roundcube, Wazuh, and Chrome and destructive supply chain attacks targeting software packages.

**External packages can be compromised. Always vet them and make sure to use packages with a lot of contributors and and a lot of users. Avoid brand new packages and packages with a single contributor and NEVER just trust packages suggested by AI.**
#cybersecurity #infosec #knowledge #weeklyreport
beyondmachines.net/event_detai

State of (in)security - Week 23, 2025

During the week of June 2-9, 2025, cybersecurity incidents…

BeyondMachines
Jun 10, 2025, 10:01 · · 0 · 0
Marco Ciappelli🎙️✨:verified: :donor:

On ITSPmagazine: A new Brand Story Brifing from London!

🎙️✨ From Vulnerability to Visibility: Rethinking Exposure Management
A Brand Story with Tod Beardsley from runZero — recorded On Location at Infosecurity Europe 2025

Here’s one fantastic Brand Stories we captured On Location last week in London. Enjoy, share, and follow runZero! 🙂

In this conversation, Tod Beardsley from runZero shares insights on how modern exposure management is evolving — and how organizations can move from simply identifying vulnerabilities to gaining true visibility and control.

Security leaders face a persistent challenge: understanding what truly exists in their environments and how it contributes to organizational risk. While vulnerability scoring systems like CVSS, EPSS, and SSVC offer frameworks for prioritizing patching and remediation, they often fall short in the real-world conditions of fragmented IT environments, cloud sprawl, and unmanaged assets.
The gap between theoretical risk scoring and operational reality leaves defenders overwhelmed, uncertain where to focus, and vulnerable to avoidable incidents.

runZero addresses these issues by offering a solution that is built not just to catalog known assets, but to illuminate the unknown — those overlooked, misconfigured, or entirely forgotten devices that may never trigger a CVE alert but can still open doors for attackers.

📖 Read the full story + watch or Listen to the episode:
itspmagazine.com/their-stories

Big thanks to runZero for supporting our Infosecurity Europe 2025 coverage and sharing their expertise with our global audience!

Sean Martin, CISSP & Marco Ciappelli
_________________________________________

🧭 Next stop on our On Location Tour: #BlackHat USA in Las Vegas.
If your company would like to record a Brand Story with us On Location at Black Hat USA — now’s the time to book your spot:

✔️ Book your Full Sponsorship
itspmagazine.com/event-coverag

✔️ Book your On Location Briefing
itspmagazine.com/event-coverag

🎙️ See you in Vegas — and stay tuned as we publish more editorials from Infosecurity Europe 2025.

#infosec #infosecurity #cybersecurity #infosecurityeurope2025 #onlocation #exposuremagement #blackhatusa2025 #itspmagazine #tech #technology #society

From Vulnerability to Visibility: Rethinking Exposure Management | A Brand Story with Tod Beardsley from runZero | An infosecurity Europe 2025 Conference On Location Brand Story — ITSPmagazine | Broadcasting Ideas. Connecting Minds.™

When vulnerability scores alone can’t tell you what…

ITSPmagazine
Jun 10, 2025, 09:21 · · 1 · 0

Resources

Developers

What is Mastodon?

qoto.org

More…

v3.5.19-qoto · Privacy policy