Infosec.Pub

From Input Output via this RSS feed

From Input Output via this RSS feed

From Input Output via this RSS feed

From Input Output via this RSS feed

A new study reveals that passkeys—widely promoted as a safer login method compared with passwords—may unintentionally expose users to serious risks in situations involving interpersonal abuse. The research introduces the first framework for analyzing how digital authentication tools can be exploited in contexts such as intimate partner violence, elder abuse and human trafficking.

News of the fictitious bounty fooled news outlets into reporting that $50K would be paid for information on two Qilin administrators. The post Europol bounty for Russian crypto ransomware gang wasn’t real appeared first on Protos.

Chris Prentice / Reuters: The DOJ says it will no longer target developers who create decentralized crypto platforms without criminal intent, as part of a regulatory retreat on crypto  —  The U.S. Justice Department does not plan to target software developers that create decentralized platforms for transmitting …

“Kia Boys will be Flipper Boys by 2026,” one person in the reverse engineering community said.

It seems like there are a few incidents in Puerto Rico

After six years of near-total silence from the developers and enough feverish anticipation to make it the most wish-listed game on Steam, the sequel to the indie hit Hollow Knight is releasing in two weeks. Team Cherry, the small team behind both games, announced the news Thursday in a trailer.

Why did it take so long?

I think it's safe to say… finally!

Including the original Switch

Discover a vast, haunted kingdom in Hollow Knight: Silksong! The sequel to the award winning action-adventure. Explore, fight and survive as you ascend to the peak of a land ruled by silk and song.

From IOG Academy via this RSS feed

From Input Output via this RSS feed

iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.…

Comments

A significant security vulnerability has been discovered in Microsoft’s Copilot for M365 that allowed users, including potential malicious insiders, to access and interact with sensitive files without leaving any record in the official audit logs. After patching the flaw, Microsoft has reportedly decided against issuing a formal CVE or notifying its customers, leaving organizations unaware […] The post Copilot Vulnerability Breaks Audit Logs and Access Files Secretly for Hackers appeared first on Cyber Security News.

Orange SA’s Belgian business said that hackers gained access to data from 850,000 customer accounts, in the third major cyberattack targeting the French telecommunications firm this year.

Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. [...]