📩 CyberWeekly by Hacklido — Issue №6; 20th of July, 2024
Dive into the latest insights with the current edition of the CyberWeekly Newsletter, courtesy of Hacklido.
Uncover discussions on a wide range of themes, such as:
• HIPPA
• Snort IPS
• Crowdstrike outage
• CVE202427956 - SQLi
• Healthcare ransmoware
• RAG manipulation attacks
• Oracle bulk patch updates
• Active Directory pentesting
• CVE202440626 - XSS (Stored)
There is much more to explore in this version.
Read the full article here.
-----
→ If your Company / Project / Community wants to become a partner of Cyber Security News...
Please, do not hesitate to contact us by sending a direct message to @cybersecadmin
-----
@Cyber_Security_Channel
Major Data Breaches That Have Rocked Organizations in 2024
Find out what led to the breaches and how they affected the breached organizations.
The information in this recap might help your organization strengthen its cybersecurity posture.
Cyber_Security_Channel
⚡️Microsoft Users Around the World Report Widespread Outages
Banks, airlines, TV stations and health systems in countries around the world that rely on Microsoft's 365 apps reported widespread outages Friday.
Microsoft IT outage disrupts flights, banks, media outlets, and companies worldwide.
Thousands of flights and train services were cancelled in the U.S. and Europe, and there were disruptions to many other public and retail services.
In a statement to CBS News later on Friday, CrowdStrike CEO George Kurtz said that the issue had been identified and a solution was being implemented.
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted," Kurtz said.
"This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed."
@Cyber_Security_Channel
Nearly All Customers Affected by New AT&T Data Breach
The company said that it believes that none of the data is publicly available.
AT&T serves upwards of 100 million customers in the US, meaning that data from hundreds of millions of people has been obtained and could be used for various nefarious activities.
Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №5; 13th of July, 2024
The CyberWeekly Newsletter powered by our partners (Hacklido) is back on your feed.
Get ready to explore all of the exhilarating things that are on the table in this release:
• WGU
• STOK
• EvilnoVNC
• Polyfill(.)io
• Pentesting AD
• Windows Remoting
• False File Immutability
• Evernote & Universal RCE
• Reverse engineering .NET
• Global AppSec 2024 Lisbon
• CVE|2021|40444, MSHTML
Find more exciting materials inside this version.
Read the full publication here.
-----
→ If your Company / Project / Community wants to become a partner of Cyber Security News...
Please, do not hesitate to contact us by sending a direct message: @cybersecadmin
-----
@Cyber_Security_Channel
A Hacker Posted Nearly 10 Billion Passwords Online — Likely the Biggest Leak Ever
The report claimed that not all the passwords in the file appeared to be new which means that they have been leaked previously and this increases the chance of “credential stuffing.”
As per the practice, a bad actor can take a user’s known password and try to reuse it to break into other accounts in their name, Cybernews, a cybersecurity-focused news outlet, explained.
Cyber_Security_Channel
Elon Musk Attacks WhatsApp Over Lack of Privacy
Musk, the owner of X (formerly Twitter), has renewed his criticism of WhatsApp over its handling of personal data.
The Tesla and SpaceX CEO questioned the platform's security practices in response to a user query on Saturday.
A user on X had asked, "If WhatsApp messages are end-to-end encrypted, why do we see ads related to the things we discussed in our chats?"
Musk briefly replied by saying: "WhatsApp is not secure at all."
This recent comment is part of a broader dispute between Musk and WhatsApp, which is owned by Mark Zuckerberg's conglomerate Meta.
@Cyber_Security_Channel
⚡️RockYou2024: 10 Billion Passwords Leaked in the Largest Compilation of All Time
According to the team’s analysis of RockYou2024, attackers developed the dataset by scouring the internet for data leaks, adding another 1.5 billion passwords from 2021 through to 2024 and increasing the dataset by 15 percent.
Cyber_Security_Channel
Are Your Kids Safe Online? Exploring the Unseen Risks Beyond The Screen With Parental Control
You can achieve that by understanding what they are interested in online, engaging in open conversations with them, making learning enjoyable, and utilizing the appropriate tools.
It’s about providing them with the knowledge they require in today’s tech-savvy world.
Cyber_Security_Channel
Your Phone's 5G Connection Is Vulnerable to Bypass, DoS Attacks
It's a remarkably accessible form of attack, they say, involving commonly overlooked vulnerabilities and equipment you can buy online for a couple of hundred dollars.
Cyber_Security_Channel
Authenticator for X, TikTok Exposes Personal User Info for 18 Months
Though the researcher limited his snooping, some data fields appeared to indicate the nature and purpose of the stored data, such as a chart with values such as "Impersonation_XCorp" and "uber-carshare-passport."
Cyber_Security_Channel
Apple AirPods Bug Allows Eavesdropping
"When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones," reported Apple in an advisory.
Cyber_Security_Channel
Google Software Engineers Can Take A Nap While Software Solves Problems
"We hope in the future this can close some of the blind spots of current automated vulnerability discovery approaches, and enable automated detection of 'unfuzzable' vulnerabilities," Google Project Zero software engineers Sergei Glazunov and Mark Brand wrote in a post.
Cyber_Security_Channel
Measure Success: Key Cybersecurity Resilience Metrics
Strengthening a company’s cyber resilience is an ongoing exercise as attackers launch more sophisticated attacks nearly every day.
It’s getting tougher to cope now that bad actors have added malicious AI to their arsenal.
But surviving these attacks rests almost entirely on the competence and reliability of the cyber resilience strategy.
Cyber_Security_Channel
Bitdefender Ultimate Small Business Security review: Versatile All-Round Protection For Low Headcounts
Larger businesses should look instead at Bitdefender also offers its Gravityzone Business Security platform, which can scale to any size – but there's a definite appeal to a security system that's designed specifically for small operations, working with limited budgets and minimal in-house expertise.
Cyber_Security_Channel
Arrest Made in MGM Resorts $100 Million Hacking Attack
A 17-year-old boy from Walsall has been arrested in connection with a global cyber online crime group targeting large organisations with ransomware and gaining access to computer networks.
The BetMGM 2024 cyber attack is one of the significant cases under investigation.
Cyber_Security_Channel
💡 Computer Networking: All-in-One For Dummies
Our partners at Codelivly created a hyper effective resource for Cyber Security beginners.
13 modules, full of value:
— Theory + hands-on learning
— Fundamentals + advanced topics
— Knowledge + skills to navigate networking
= A no-brainer offer.
Helping you become a better specialist.
Grab 178 pages of content and upskill yourself:
↳ https://codelivly.gumroad.com/l/computer-networking
What Is Cloud Penetration Testing & Why Is It Important?
Cloud computing involves the storage, processing and management of data and applications on remote servers, often provided by third-party service providers.
These applications can range from your simple email service to something as robust as cloud identity and management access services.
Cyber_Security_Channel
Google Near $23 Billion Deal for Cybersecurity Startup Wiz
This deal is set to be company's largest acquisition in history, so far.
Google has been working to bulk up its cybersecurity business, focused on the cloud.
Alphabet is eyeing the deal at a time of intense antitrust scrutiny of the search company and other tech giants.
The acquisition could also help boost Alphabet’s efforts in cloud computing, an important and growing business but one where it has lagged behind peers.
@Cyber_Security_Channel
Cybersecurity Stakes Higher Than Ever at Paris Olympics 2024
As the world gears up for the Paris Olympic Games 2024, attention turns to the athletic feats that will be on display and the massive cybersecurity challenges of hosting such a high-profile international event.
With nearly 3 million spectators expected to attend the 329 events held over a 6-week period, spending an estimated $4 billion...
The stakes for cybersecurity are higher than ever.
Olympics have increasingly become a major target for cyber attacks.
The Tokyo Olympics 2021 saw a staggering 450 million attempted cyberattacks – a 2.5x increase from the London Olympic Games 2012.
For bad actors, the Olympics present an enticing combination of factors:
— Large crowds
— Limited physical presence
— Highly distributed events staff
— Zero margin for error and downtime
@Cyber_Security_Channel
Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability
To mitigate the risk, it is crucial to update all Microsoft Outlook and Office applications with the latest patches.
Additionally, implementing robust email security measures, such as disabling automatic email previews and educating users about the risks of opening emails from unknown sources, is essential.
Cyber_Security_Channel
Unleash Your Growth Potential: 90+ Actionable Tactics for Your SaaS Business
Are you a SaaS Business Owner? Or would you like to start one?
Unlock the growth potential of your product with a list of 90+ hand-picked, proven growth tactics for early-stage B2B SaaS Start-Ups.
The content of this product:
• Cold Calling
• Discount policy
• Virality features
• Lead generation
• Referral programs
• Content Marketing
• Product-led growth
• Product Onboarding
• Sales Demos & Discovery
• Multichannel Outbound Sales
• Landing Page & Website structure
This bundle is right for you, if:
[01] You are a Founder/Leader of a SaaS Start-Up.
[02] Your revenue is between 0€ and 3.000.000€ ARR.
[03] You want to learn from the experience of others before starting your own SaaS Company.
Click below to find out more:
→ https://gumroad.com/a/1023033043/nuftu
Why Windows Recall Feature Creates a Data Privacy Nightmare
Microsoft promoted Recall as essentially a new type of search engine.
For example, if wanted to revisit a document, video, or webpage but can’t remember where you saw it, you can enter what you remember into a text interface.
Windows will then use AI to find what you are looking for.
Cyber_Security_Channel
Evolve Bank Shares Data Breach Details as FinTech Firms Report Being Hit
Wise, a fintech firm whose services are widely used for international money transfers, revealed late last week that the Evolve data breach impacts some of its customers.
Wise had worked with Evolve to provide USD account details between 2020 and 2023.
While the companies no longer work together, it seems Evolve was still storing some data provided by Wise.
Cyber_Security_Channel
👨💻 HTML and CSS | Programming Notes and Flashcards
This bundle = 70+ pages and 500+ flashcards on every major concept of HTML and CSS.
Web Development Fundamentals
HTML Basics
CSS Basics
CSS Advanced
Building an Incident Response Strategy in 2024
Previously, incident response aimed to address threats at the organizational boundary.
However, as the lines between internal and external environments have blurred, strategies need to adapt, says Ridley.
“With the increasing adoption of cloud services in various business operations, the traditional concept of a well-defined perimeter has become obsolete,” he says.
Cyber_Security_Channel
Quantum Innovation: The Cybersecurity Revolution
SmartBrief: What strategic advantages do you see quantum innovation providing, particularly in addressing emerging threats and vulnerabilities?
Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №4; 22nd of June, 2024
Today, we would like to share the current Issue of the CyberWeekly Newsletter from our partners, Hacklido.
This time, you will be able to delve into the topics such as:
• TOR
• Kali Linux
• Kaspersky ban
• Major breaches
• LSASS decryption
• Cutting-edge tools
• Nmap port scanning
• VDPS for career launch
• Anonymity with ProxyChains
Bonus note: improved news section.
Along with more up-to-date news inside...
The full version can be found here.
-----
→ If your company / project / community wants to become a partner of Cyber Security News, feel free to reach out: @cybersecadmin
-----
@Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №3; 15th of June, 2024
Please welcome the most recent Issue of the CyberWeekly Newsletter from our partners — Hacklido.
This time, you will be able to explore the following areas:
• The Mask APT
• JavaScript for hackers
• GitHub phishing & extorsions
• NTLM deprecation by Microsoft 2024
And more hidden gems inside...
Find the full text here.
-----
→ If your company / project / community wants to become a partner of Cyber Security News, feel free to reach out: @cybersecadmin
-----
@Cyber_Security_Channel
Ascension Hospitals Breach Caused by Employee Downloading Malicious File
The X post said, “We detected unusual activity on select technology network systems, which we now believe is due to a cybersecurity event.
Our care teams have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible,” the post said.
Cyber_Security_Channel