Adobe Magneto: una pericolosa minaccia RCE per i siti di e-commerce
Gli specialisti di Sicurezza Informatica hanno avvertito che gli #hacker stanno già sfruttando una nuova #vulnerabilità in #Magento (CVE-2024-20720) e l'utilizzatore per implementare una #backdoor persistente sui siti di e-commerce.
Jack Posobiec (White supremacist that believes in conspiracies such as the white genocide conspiracy)
Jim Jordan (One of the main players to planning Jan 6th)
Matt Gaetz (A pedophile and operated a sex ring, but never was charged (fuck you justice department))
Steve Bannon (The fraudster that scammed trump supporters for a fake company to build Trump's wall)
-Vivek Ramaswamy (New face, but is young and likable. Dropped out of presidential nominee bid, but probably got a promise of a cushy job position in Trump's administration, from looks of things)
JD Vance (Didn't originally like Trump, but changed his opinion in 2018 and started spewing out many points from The Heritage, The Family Leader, etc)
Tommy Tuberville (One of the senators that helped to overturn the presidential election in 2020 and closely allied with Trump)
Kristi Noem (Governor of South Dakota, that is a terrible governor and well... I don't want to go into too much right now)
All seem to possibly be conspiring to overthrow the government. Articles are here:
This is all going off of this screenshot, which is a direct threat and should be taken seriously. I quickly put together this and uploaded what I could grab.
Ever wondered why cyber attacks seem unstoppable? It's the identity blind spots! Check out how Silverfort's platform fills this crucial gap, ensuring rapid detection and containment of compromised accounts.
Navigating the complexities of cyber threats requires more than just out-of-the-box settings. Learn how intent-based configurations can lead to more resilient cybersecurity frameworks.⤵️
In every instance that I’ve discovered shadow IT in an environment, I’ve eventually found someone in IT who knew about it and/or implicitly/explicitly enabled it. I hate to think it, and I understand there are always reasons but…
The call is coming from inside the house.
That means Shadow IT isn’t really in the shadows, and the solution has to start inside IT itself.
🛡️ Researchers uncover details of 3 vulnerabilities in #Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could have allowed attackers root access and system disruption.
Hooray for NYS AG Letitia James. She has sued Citibank for poor security and failure to comply with #EFTA when consumers report #fraud or #theft.
Snippets from the press release:
"The OAG found that Citi’s systems do not respond effectively to red flags, such as scammers who are using unrecognized devices, are accessing accounts from new locations, or are changing banking passwords or usernames. Additionally, Citi systems do not flag and stop efforts to transfer funds from multiple accounts into a single account and then send tens of thousands of dollars out the door in minutes. Citi also does not automatically initiate investigations or report fraudulent activity to police or law enforcement authorities when consumers first report it to Citi."
"Under EFTA, banks such as Citi are required to reimburse their customers for money in their accounts that is lost or stolen through unauthorized electronic payments. However, Citi illegally exploited a narrow exception in these laws to deny consumer claims for reimbursement, resulting in millions of dollars in losses for New York consumers. Through this lawsuit, Attorney General James is seeking to stop Citi’s deceptive practices and to collect restitution for victims who were denied reimbursement in the last six years, penalties, and disgorgement. "
Edit: Thank you all for boosting and answering.
I would love to make the Open Space format better known in the cybersecurity context. I think it is a valuable addition to existing formats such as traditional conferences or #BSides
If you would like to learn more about Open Space see my follow up posts
If you participated in Open Space events (in any domain) please share your experience.
Because these posts scroll away, I have posted something on DataBreaches.net about the discrepancies between what Raptor Technologies has told school districts and WIRED and what we know about the incident -- and what we don't know yet: