gcluley, Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys.
Read more in my article on the Tripwire blog: https://www.tripwire.com/state-of-security/hit-lockbit-fbi-waiting-help-you-over-7000-decryption-keys
evawolfangel, German Please help: I am looking for a spokesperson or even better a CISO of the government of the Netherlands - ideally both. I need a quick and easy contact for an IT security related issue. The website is not helpful.
#cybersecurity #netherlands
evawolfangel, German Oh and in case there a journalists from the Netherlands in my bubble (or in yours, please share!): It might be interesting to do a follow-up to our article (which will be published tomorrow) because WebEx leaked tons of data from the Dutch government.
Feel free to contact me for further information.
#webex #cybersecurity #netherlands
melroy, German @evawolfangel not a journalist. But I'm from the Netherlands 🤗
percepticon, Russian Hackers Use Legit Remote Monitoring Software to Spy on Ukraine and Allies https://thecyberexpress.com/remote-monitoring-software-to-spy-on-ukraine/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec
evawolfangel, German Oops, wieder in ein fremdes Webex-Meeting verirrt. 😜
Aber die Menschen nehmen es mit Humor. "Hallo, mein Name ist Eva Wolfangel, Ich recherchiere über Sicherheitslücken bei Webex Nur ganz kurzes Schweigen. Dann: "Herzlichen Glückwunsch, die Recherche scheint erfolgreich zu sein."Artikel kommt bald - und ja: das Problem ist seit meinen beiden anderen Artikeln ... größer geworden.
#cybersecurity #webex
evawolfangel, German Die Leute entwickeln echt Galgenhumor. Gestern wurde ich zwar gleich entdeckt als Spionin im Webex-Meeting, aber rausgeflogen bin ich nicht allzu schnell. "Wer ist denn da jetzt per Telefon zugeschaltet, es fehlt doch niemand mehr." Die fünf anderen diskutieren, wer vielleicht doch noch fehlen könnte. Bis einer nachdenklich sagt: "Big brother is watching you." Da musste ich lachen und verraten, wer ich bin.
evawolfangel, German @HistoPol Nee ist schon eine systematische Lücke seitens Webex.
evawolfangel, German Ok, ich habe gestern mittag ein paar Anfragen rausgeschickt - und eine Deadline genannt, weil meine Erfahrung zeigt, dass sonst erstmal gar nichts passiert. Ich habe aber nicht gesagt, dass man mir erst dann antworten DARF. Trotzdem sind alle Antworten quasi gleichzeitig heute Abend eingetrudelt. Wie Deadline-Abhängig sind deutsche Behörden und US-Konzerne? 😂
Text kommt morgen früh :)
#webex #cybersecurity
ai6yr, #cybersecurity #arrl #hamradio
"On or around May 12, 2024, ARRL was the victim of a sophisticated network attack by a malicious international cyber group. ARRL immediately involved the FBI and engaged with third party experts to investigate.
This serious incident was extensive and categorized by the FBI as “unique,” compromising network devices, servers, cloud-based systems, and PCs...."
kc2ihx, Said it elsewhere, but "unique" (and the quotes around it) is an interesting choice of wording...
ai6yr, @kc2ihx LOL "unique" as in "WHAT ARE YOU GUYS RUNNING THIS PLACE ON?!" or "unique" as in "oh, we haven't seen this before"
(I suspect the first)
Some cyber guy/gal at the FBI:
"So, you've been storing all of your user data in this Microsoft Access database on Windows XP since when?"
bogo, Dear amazing people.
As of today, I offer you two new workshops that you might want to add into your plan of being smarter:
Visual Threat Modeling (there is a dog involved)
Me(n)tal Health: Learn and improve your soft skills with heavy metal.
See more here: https://talkweb.eu/join-my-two-new-workshops/
percepticon, We polled thousands of IT pros – and sustainability just ain't a priority right now https://go.theregister.com/feed/www.theregister.com/2024/05/28/register_it_sustainability/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec
percepticon, Google’s in-house docs about search ranking leak online, sparking SEO frenzy https://go.theregister.com/feed/www.theregister.com/2024/05/29/internal_google_search_documents/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec
mattotcha, Federal agency warns critical Linux vulnerability being actively exploited
https://arstechnica.com/security/2024/05/federal-agency-warns-critical-linux-vulnerability-being-actively-exploited/ #CISA #cybersecurity #linux #vulnerability #exploit
kubikpixel, «How Corporate Boards Are Setting CEO’s Up For Cybersecurity Failure»
– on @Forbes—
#cybersecurity #hacking #ceo #itsecurity #fail #failure #business #capitalism #us
percepticon, US officials: A Russian rocket launch last week likely deployed a space weapon https://arstechnica.com/?p=2026816&utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec
nf3xn, @percepticon Threatening the entire planet with the Kessler Effect is not going to endear them to their Chinese allies much. Certainly it will not affect our ability to deploy additional arrays to either the JSL or RFG and makes their use more likely not less. 🤪🥸
m0bi13, Polish 📰 ❗ "W związku z prawdopodobnie rosyjskim cyberatakiem na Polską Agencję Prasową i podaniem dezinformujących wiadomości o rzekomej mobilizacji w Polsce, Agencja Bezpieczeństwa Wewnętrznego we współpracy z Ministerstwem Cyfryzacji podjęła natychmiastowe działania" - poinformował w mediach społecznościowych rzecznik ABW Jacek Dobrzyński."
#PAP #ABW #NASK #MinCyfry #cybersecurity #dezinfo #wojna #rosja
forumstandaardisatie, Dutch 🛡️ Help bij het vormgeven van de nieuwe Baseline Informatiebeveiliging Overheid (BIO2)! Ben jij een expert in informatiebeveiliging? Jouw input is cruciaal voor het ontwikkelen van de BIO2, het nieuwe overheidskader voor informatiebeveiliging. De nieuwe BIO volgt op de evaluatie van de huidige BIO en valt samen met de ontwikkelingen rondom de NIS2-richtlijn. Tot 7 juni in te vullen 👉:https://github.com/MinBZK/Baseline-Informatiebeveiliging-Overheid
@DigitaleOverheid @minbzk @internet_nl #NIS2 #consultatie #cybersecurity
chartier, Question for #cybersecurity folks:
It turns out that #PlayStation players have been able to download the major #Destiny2 expansion early. Again.
(it was scheduled for next week)
All they had to do was change the clock on their PlayStation to next week’s date, and Sony‘s servers gave them the expansion.
Does that sound like #Sony has anyone employed in system security? Cuz to this layperson it sure doesn’t.
ai6yr, Wow, someone deployed malware in October of 2023 which bricked 600,000 Internet routers -- owned by a SINGLE ISP.
"over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement."
ai6yr, **I'm wondering if they have looked at their competitors closely 🔍
gcluley, Microsoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and is your company hiring North Korean IT workers?
Join us as we chat with special guest author @geoffwhite247 in this latest episode of the "Smashing Security" podcast.
conansysadmin, Passwords and secret signs are crucial #cybersecurity defenses. Craft good ones, and use them well. https://cromwell-intl.com/cybersecurity/basics/04-passwords.html?s=mc
mikey, @conansysadmin Sliding in to drop my favorite password manager that no one talks about:
rvps2001, 🇪🇺 Disruptive digital attacks, many of which have been traced to Russia-backed groups, have doubled in the European Union in recent months and are also targeting election-related services, according to the EU’s top #cybersecurity official.
ai6yr, Success... long weekend with pihole (ad and malware blocker) on the home network, and didn't hear anyone complain about anything changing. #piaware #cybersecurity
smatheson, @ai6yr Oh. Also, after a month or two you will be shocked by the ad cruft when you are on someone else’s network. Work VPN makes much of the web pretty much unusable.
ai6yr, @smatheson Oh yeah, I already knew that. I had already changed my personal machines to point at the piholes, but not the work machine and everyone else's devices.
beardedtechguy, Hackers are targeting Check Point VPNs to breach corporate networks, exploiting vulnerabilities to gain unauthorized access. Stay vigilant and update network security measures to protect against potential breaches. #Cybersecurity #CheckPointVPN #NetworkSecurity
nopatience, MITRE Intrusion-Sets and ATT&CK Techniques mapped in an Obsidian Markdown node-network.
With inspiration from @screaminggoat and @mttaggart I have put together a first iteration of this.
https://publish.obsidian.md/nopatience/MITRE+-+Intrusion+Sets
Have a look, see what you think. How could I make it more useful to you?
It's generated using a custom-made graph-network abstraction layer I wrote in Python and then pulling some publicly available JSON-files for the Intrusion Sets and Techniques.
BenjaminHCCarr, #UnitedHealth's 'egregious negligence' led to #ChangeHealthcare #ransomware infection
'I'm blown away by the fact that they weren't using MFA'
The #cybersecurity practices that led up to the stunning Change Healthcare ransomware infection indicate "egregious negligence" on the part of parent company UnitedHealth, according to Tom Kellermann, SVP of cyber strategy at Contrast Security.
https://www.theregister.com/2024/05/08/unitedhealths_egregious_negligence/
itsfoss, Master malware analysis with these six must-know Linux commands!