Cybersecurity

Green Bay Packers fans had their sensitive details exposed due to malicious code on the team's Pro Shop website.

#NFL #cybersecurity #cybercrime #datasecurity #DataPrivacy #infosec

https://cnews.link/green-bay-packers-shop-data-breach-3/

"The message from President Biden’s national security adviser was startling.

Chinese hackers had gained the ability to shut down dozens of U.S. ports, power grids and other infrastructure targets at will, Jake Sullivan told telecommunications and technology executives at a secret meeting at the White House in the fall of 2023, according to people familiar with it. The attack could threaten lives, and the government needed the companies’ help to root out the intruders.

What no one at the briefing knew, including Sullivan: China’s hackers were already working their way deep inside U.S. telecom networks, too.

The two massive hacking operations have upended the West’s understanding of what Beijing wants, while revealing the astonishing skill level and stealth of its keyboard warriors—once seen as the cyber equivalent of noisy, drunken burglars.

China’s hackers were once thought to be interested chiefly in business secrets and huge sets of private consumer data. But the latest hacks make clear they are now soldiers on the front lines of potential geopolitical conflict between the U.S. and China, in which cyberwarfare tools are expected to be powerful weapons."

https://www.wsj.com/tech/cybersecurity/typhoon-china-hackers-military-weapons-97d4ef95

#CyberSecurity #USA #China #SaltTyphoon #StateHacking #CyberWarfare

🌐 Open Source Congress 2024 🌟
From AI innovation to cybersecurity and digital public goods, the #OpenSourceCongress drives collaboration for a secure, inclusive digital future.
👉 Key highlights & full report:hubs.la/Q031mmK00

#AI #Cybersecurity #OpenSource

Was haben Insekten mit nervigen Fehlern von Computerprogrammen zu tun? 🪲

Tatsächlich mehr, als ihr wahrscheinlich vermuten würdet! Erfahrt mehr über die Geschichte der ersten Computerbugs 💻️

#DeutschlandDigiatlSicherBSI #CyberSecurity #Bug #ITSicherheit

Canada's Montréal-Nord (Montreal North) was claimed by the Rhysida ransomware group⤵️
#ransomware #cybersecurity #Canada

https://cnews.link/montreal-north-borough-claimed-rhysida-ransomware/

🐛 NEW SECURITY CONTENT 🐛

📱 iOS and iPadOS 18.2.1 - no CVE entries

#apple #cybersecurity #infosec #security #ios

"The European Commission is also currently working on guidelines for the implementation of the child safety article of the Digital Services Act (Article 28) and may come up with criteria for effective age verification. In parallel, the Commission has asked for proposals for a 'mini EU ID wallet' to implement device-level age verification ahead of the expected roll out of digital identities across the EU in 2026. At the same time, smaller social media companies and dating platforms have for years been arguing that age verification should take place at the device or app-store level, and will likely support the Commission's plans. As we move into 2025, EFF will continue to follow these developments as the Commission’s apparent expectation on porn platforms to adopt age verification to comply with their risk mitigation obligations under the DSA becomes clearer.

Mandatory age verification is the wrong approach to protecting young people online. In 2025, EFF will continue urging politicians around the globe to acknowledge these shortcomings, and to explore less invasive approaches to protecting all people from online harms."

https://www.eff.org/deeplinks/2024/12/global-age-verification-measures-2024-year-review

#CyberSecurity #Privacy #Surveillance #AgeVerification

About 3.3 million servers run unencrypted POP3/IMAP email services, mostly in the US, Germany, and Poland, per the Shadowserver Foundation.

#servers #encryption #cybersecurity #passwords #safety #cybercrime

https://cnews.link/millions-of-email-services-sending-passwords-in-plain-text-1/

A clever jailbreaking technique can manipulate AI assistants into producing hate, harassment, malware, and content on indiscriminate weapons and other illegal activities.

#jailbreak #AI #malware #cybercrime #research #CyberSecurity

https://cnews.link/researchers-bypass-ai-safety-with-bad-likert-judge-1/

Over five years ago, Apple was hit with a lawsuit over "unlawful and intentional recording" of Siri interactions. Now the case is coming to an end, with Apple agreeing to pay $95 million in a settlement. Read more at @9to5mac. #Apple #Siri #Lawsuit #Cybersecurity #Tech #Technology https://flip.it/QES7xk

Regel Nummer 1: Sichere Passwörter verwenden! 😇

Ja ja, ist wisst schon. Aber auch auf die Gefahr hin, dass ihr es nicht mehr hören könnt, sichere Passwörter sind ein Muss für jeden von uns! 🤐
Aber was bedeutet das eigentlich ganz genau? Wir haben die wichtigsten Dos und Don'ts für euch übersichtlich zusammengestellt.

Alle ausführlichen Tipps zu sicheren Passwörtern und Passwortmanagern findet ihr natürlich auf bsi.bund.de.

#CyberSecurity #ITSicherheit #Passwörter

They’re the lifeblood of the illicit economy – but how do piracy websites make money?

#cybercrime #CyberSecurity #piracy #website #internet #content

https://cnews.link/piracy-websites-money-making-explained-2/

Ransomware is 35 years old and now a billion-dollar problem. Here’s how it could evolve, from CNBC.

https://flip.it/OmFKr8

#Ransomware #Tech #Cybersecurity #Technology

"Connected cars are great—at least until some company leaves unencrypted location data on the Internet for anyone to find. That's what happened with over 800,000 EVs manufactured by the Volkswagen Group, after Cariad, an automative software company that handles much of the development tasks for VW, left several terabytes of data unprotected on Amazon's cloud.

According to Motor1, a whistleblower gave German publication Der Spiegel and hacking collective Chaos Computer Club a heads-up about the misconfiguration. Der Spiegel and CCC then spent some time sifting through the data, with which allowed them to tie individual cars to their owners."

https://arstechnica.com/cars/2024/12/whistleblower-finds-unencrypted-location-data-for-800000-vw-evs/

#CyberSecurity #EVs #IoT #VW

🚨 SECURITY PSA - 7ZIP VULN🚨

Update your 7zip, folks

https://cybersecuritynews.com/7-zip-vulnerability-arbitrary-code/

#cybersecurity #zeroday #7zip #malware #security #it #infosec

Pig butchering scams are scamming billions and destroying lives worldwide, yet one of its most notorious players, Broken Tooth, lives freely.

#CyberCrime #cybersecurity #scammer #Criminal #Online

https://cnews.link/broken-tooth-pig-butcher-1/

"In her remarks, Neuberger confirmed that nine telecommunications providers were impacted by the breaches, adding one more firm to the eight she acknowledged earlier this month. She noted that guidance was given to key U.S. telecommunications firms early on — a “hunting guide” and a “hardening guide” — that detailed Chinese hacking methods and allowed companies to “look for those techniques in their networks and call for help if they discover it.” This led to the determination that a ninth telco provider had been impacted by the same Salt Typhoon breach, alongside Lumen Technologies, AT&T, Verizon and others.

It’s unclear if the Chinese hackers have been fully evicted from all of the U.S. telecommunications networks. Earlier this month, Neuberger said that none of the providers have managed to oust the Chinese hackers from their networks, an assertion that some of the providers, including Lumen and AT&T, have refuted.

Neuberger explained that once Chinese hackers infiltrated telecommunication networks, they essentially had “broad and full access” to American data, which allowed them to “geolocate millions of individuals” and “record phone calls at will.”"

https://www.politico.com/news/2024/12/27/chinese-hackers-telco-access-00196082

#CyberSecurity #China #SaltTyphoon #USA #BigTelco #StateHacking

"Quien sí piensa que Pegasus se debe prohibir es Claudiu Dan Gheorghe, exingeniero jefe de WhatsApp. Pero el software de espionaje comercial funciona precisamente porque trabaja sobre monocultivos: un agujero de seguridad en WhatsApp abre la puerta a 2.000 millones de usuarios. Un fallo de seguridad en Android abre 2.500 millones de teléfonos a la vez. Las empresas como Google, Apple y Meta invierten mucho presupuesto luchando contra estos ataques y comprando agujeros de seguridad en un mercado caliente y competitivo. Al final, Pegasus está en el mismo negocio que WhatsApp —espiar al usuario a través de sus propios dispositivos—, pero no existiría sin él. Los dos son la verdadera amenaza contra nuestro modelo de sociedad."

https://elpais.com/opinion/2024-12-30/la-vigilancia-que-devoro-occidente.html

#CyberSecurity #Surveillance #Spyware #NSOGroup #Pegasus #WhatsApp

Criminals are using a new method to spread crypto-stealing malware by pretending to be recruiters from popular companies.

#crypto #cybercrime #cybersecurity #malware #ethereum

https://cnews.link/crypto-thieves-recruiting-messages-2/

Cybercriminals claim that Schneider Electric has refused to pay a ransom in baguettes.

#cybersecurity #Schneider #datasecurity #dataprivacy #cybercrime

https://cnews.link/schneider-electrics-data-breach-3/

A hacking spree has compromised 25 Chrome extensions, affecting over two million users. Learn more⤵️

#Chrome #hack #DataSecurity #cybersecurity #dataprivacy #infosec

https://cnews.link/25-chrome-extensions-breached-hackers-are-after-user-data-3/

"Hackers have compromised several different companies' Chrome browser extensions in a series of intrusions dating back to mid-December, according to one of the victims and experts who have examined the campaign.

Among the victims was the California-based Cyberhaven, a data protection company that confirmed the breach in a statement to Reuters on Friday.

"Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension," the statement said. It cited public comments from cybersecurity experts. These comments, said Cyberhaven, suggested that the attack was "part of a wider campaign to target Chrome extension developers across a wide range of companies."

Cyberhaven added: "We are actively cooperating with federal law enforcement.""

https://www.reuters.com/technology/cybersecurity/data-loss-prevention-company-cyberhaven-hit-by-breach-statement-says-2024-12-27/

#CyberSecurity #GoogleChrome #Chrome #Cyberhaven

Thanks for obscuring my email address, TikTok.

What criminal mind could possibly figure out what the missing character is?! #cybersecurity

WPA3 secures WiFi passwords but is vulnerable to a man-in-the-middle attack that tricks users into revealing them.

#CyberSecurity #password #WiFi #security #CyberAttack

https://cnews.link/wifi-hackers-can-bypass-wpa3-security-1/

"Barcelona has become the cyber offensive capital of Europe, and Haaretz has learned that at least three teams of Israeli researchers focused on facilitating advanced hacking capabilities have relocated to the Catalonian capital in the past year and a half, the latest of them in recent months.
Haaretz Podcast

"There are roughly six such groups of Israelis who are the elite in the field – and half of them have moved to Spain," says an industry executive.

In the past two months, a team of Israeli vulnerability researchers - an industry term for hackers specializing in identifying weaknesses in digital defenses, known as "exploits" - arrived in Barcelona from Singapore. The team specializes in finding breaches in smartphone defenses through which spyware can be remotely installed."

https://www.haaretz.com/israel-news/security-aviation/2024-12-26/ty-article/.premium/israeli-hackers-flock-to-barcelona-as-spyware-industry-shifts/00000193-fec4-df5b-a9b3-fec5d9dc0000

#Israel #CyberSecurity #Hacking #Spyware #Spain #Barcelona