RJ Javier 🫡👻🤖🥷

APT group UAC-0099 targets Ukraine exploiting WinRAR flaw The threat actor UAC-0099 is exploiting a flaw in the WinRAR to deliver LONEPAGE malware in attacks against Ukraine.

APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw

Google Chrome now scans for compromised passwords in the background Google says the Chrome Safety Check feature will work in the background to check if passwords saved in the web browser have been compromised.

Google Chrome now scans for compromised passwords in the background

GTA 5 source code reportedly leaked online a year after RockStar hack ​The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data.

GTA 5 source code reportedly leaked online a year after RockStar hack

New Terrapin Attacking SSH Protocol to Downgrade the Connection Security Terrapin attack” has been discovered which will allow threat actors to downgrade the SSH protocol version exploitation of vulnerable servers.

New Terrapin Attacking SSH Protocol to Downgrade the Connection Security

GCHQ Christmas Codebreaking Challenge - Schneier on Security Looks like fun . Details here .

GCHQ Christmas Codebreaking Challenge

Key Building Blocks to Advance American Leadership in AI AI has tremendous potential to improve efficiency and outcomes in the public and private sectors. A holistic approach to AI and security is critical to achieving the potential of AI while minimizing the risks.

Key Building Blocks to Advance American Leadership in AI

CryptoGuard: An asymmetric approach to the ransomware battle In the second of our new technical thought leadership series, Sophos X-Ops takes a detailed look at anti-ransomware techniques

CryptoGuard: An asymmetric approach to the ransomware battle

Top 3 Cybersecurity Trends for SME Business Leaders in 2024 As Cynet’s COO, my team and I get to work closely with risk management executives at small-to-medium enterprises (SMEs) around the world.

Top 3 Cybersecurity Trends for SME Business Leaders in 2024

Okta to Acquire Spera Security Okta, the leading Identity, and Access Management (IAM) provider has announced its acquisition of Spera Security, a rising star.

Okta to Acquire Spera Security

Bugcrowd Announces Vulnerability Ratings for LLMs The update to the company's Vulnerability Rating Taxonomy offers vulnerability researchers a framework for assessing and prioritizing vulnerabilities in large language models.

Bugcrowd Announces Vulnerability Ratings for LLMs

Transportation Department fines Southwest $140 million for Christmas meltdown The Transportation Department fined Southwest Airlines $140 million for what it said were multiple violations of the law during its meltdown around last Christmas and New Year’s, while also ordering...

The Transportation Department fined Southwest Airlines $140 million for what it said were multiple violations of the law during its meltdown around last Christmas and New Year’s, while also ordering the airline to establish a $90 million fund to compensate passengers affected by future delays.

QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry QakBot malware returns, using sneaky phishing emails masquerading as IRS employees.

QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry

China Issues New Data Security Incident Response Classifications iPhones and other foreign devices ban spreads across Chinese government, MongoDB reports corporate system breach, Hackers steal millions of dollars worth of NFTs, Apple clips Flipper Zero, much more

China Issues New Data Security Incident Response Classifications

National Grid pulls Chinese kit over cybersecurity concerns Move reportedly made after consulting with National Cyber Security Centre

National Grid latest UK org to zap Chinese kit from critical infrastructure

Mortgage giant Mr. Cooper data breach affects 14.7 million people Mr. Cooper is sending notices of a data breach to customers who were impacted by a cyberattack the firm suffered in November 2023.

Mortgage giant Mr. Cooper data breach affects 14.7 million people

5 Benefits of XDR for Cybersecurity Cybersecurity requires staying one step ahead. A main force of digital protection is eXtended Detection and Response (XDR).

5 Benefits of XDR for Cybersecurity

Reimagining Network Pentesting With Automation Manual vs. automated pen testing—what's better? We break down the pros and cons to help you choose the right approach.

Reimagining Network Pentesting With Automation

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders Iranian state-sponsored group OilRig deployed three new downloader malware in 2022 to maintain access to Israeli organizations.

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders

James Gunn's 25 Favorite Songs of 2023 James Gunn's 25 Favorite Songs of 2023 · Playlist · 25 songs · 250 likes

My favorite songs from the past year! open.spotify.com/playlist/7rU...

Interesting talk Dmitriy Danilov (twitter.com/Sox0j) and Jörn Weber (twitter.com/corma_agency):

How to return 2 million euros with #OSINT
Jörn’s strangest OSINT cases
Secrets to a well-structured investigation
Essential skills investigator should master
and more.

www.youtube.com/watch?v=Z3E8...

Pharmacies share medical data with police without a warrant, inquiry finds Findings of a congressional inquiry raise privacy concerns as some states seek to criminalize abortion.

The nation’s largest pharmacy chains have handed over Americans’ prescription records to police and government investigators without a warrant, a congressional investigation found, raising concerns about threats to medical privacy.

Cloud engineer gets 2 years for wiping ex-employer’s code repos Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company.

Cloud engineer gets 2 years for wiping ex-employer’s code repos

Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign APT28, the Russian nation-state threat actor, is using lures related to the Israel-Hamas war to distribute the HeadLace backdoor.

Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign

Apache ActiveMQ Vulnerability Exploited by Kinsing to Attack Linux Servers The Apache ActiveMQ vulnerability was actively targeted by threat actors to get unauthorized access to messaging systems.

Apache ActiveMQ Vulnerability Exploited by Kinsing to Attack Linux Servers

Microsoft: Mystery Group Targeting Telcos Linked to Chinese APTs Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups.

Microsoft: Mystery Group Targeting Telcos Linked to Chinese APTs

Shut down...

Need this ....

Need to support a legacy system using prop OS and DB but critical to business .. good times

Fave topic - encryption 👍💯

In time, the masses will have to come to terms with the fact that even Bluesky cannot be free, not without some (arguably) undesirable trade-offs.

It's the desire for free things that led us to requiring solutions like Bluesky and the AT Protocol in the first place.

We should discuss cost models.