Cybersecurity

4991 readers

89 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

A tool for encrypting files using puzzle based time-lock encryption and password (lemmy.world)

submitted 2 hours ago by Super_gamer46861@lemmy.world to c/cybersecurity@sh.itjust.works

0 comments fedilink

https://github.com/umutcamliyurt/TimeLockCrypt

[Gamers Nexus] Zotac's Big Mistake | Consumer Warranty & Business Data Exposure (www.youtube.com)

submitted 21 hours ago* (last edited 20 hours ago) by recursive_recursion@programming.dev to c/cybersecurity@sh.itjust.works

0 comments fedilink

Within the first minute of the vid I'm thinking holy shit Zotac!

easily googlable private customer and B2B info is publicly available

~~They're gonna have one hell of a class action coming their way~~

Edit:
alright I'm 5mins in and now I'm thinking there might not be a class action anymore but Zotac's information handling is just funny and confusing now

lmao love the quote from Zotac's partner😂:

If I can Google search my own credit memos... what the fuck is this? How can you be this insecure? How can you run a business like this?

RockYou2024: 10 billion passwords leaked in the largest compilation of all time (cybernews.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

25 comments fedilink

Cloudflare Details 1.1.1.1 Service Outage Incident (gbhackers.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

4 comments fedilink

BGP, again.

OpenAI's internal AI details stolen in 2023 breach, NYT reports (www.reuters.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Ethereum mailing list breach exposes 35,000 to crypto draining attack (www.bleepingcomputer.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

2 comments fedilink

New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks (thehackernews.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Operation Morpheus took down 593 Cobalt Strike servers used by threat actors (securityaffairs.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

114

Authy Users' Phone Numbers Compromised via Twilio API Vulnerability (www.bleepingcomputer.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

24 comments fedilink

OVHcloud blames record-breaking DDoS attack on MikroTik botnet (www.bleepingcomputer.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Polish government investigates Russia-linked cyberattack on state news agency (securityaffairs.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Ghostscript Vulnerabilities Patched in Recent Ubuntu Updates (securityboulevard.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Brazil Data Regulator Bans Meta From Mining Data to Train AI Models (www.securityweek.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Formula 1 governing body discloses data breach after email hacks (www.bleepingcomputer.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

1 comments fedilink

Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication (www.darkreading.com)

submitted 4 days ago by BrikoX@lemmy.zip to c/cybersecurity@sh.itjust.works

19 comments fedilink

Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.

Patelco shuts down banking systems following ransomware attack (www.bleepingcomputer.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

3 comments fedilink

Ransomware Eruption: Novel Locker Malware Flows From ‘Volcano Demon' (www.darkreading.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug (www.securityweek.com)

submitted 5 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

8 comments fedilink

Latest Intel CPUs impacted by new Indirector side-channel attack (www.bleepingcomputer.com)

submitted 5 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

6 comments fedilink

Remote access giant TeamViewer says Russian spies hacked its corporate network (techcrunch.com)

submitted 6 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

3 comments fedilink

Traeger smokes security bugs threatening grillers' hard work (www.theregister.com)

submitted 3 days ago by Alphane_Moon@lemmy.world to c/cybersecurity@sh.itjust.works

5 comments fedilink

Prudential Financial now says 2.5 million impacted by data breach (www.bleepingcomputer.com)

submitted 5 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Police allege ‘evil twin’ in-flight Wi-Fi used to steal info (www.theregister.com)

submitted 6 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

10 comments fedilink

Another Critical OpenSSH Vulnerability (odysee.com)

submitted 5 days ago by Lanky_Pomegranate530@midwest.social to c/cybersecurity@sh.itjust.works

3 comments fedilink

Google Opens $250K Bug Bounty Contest for VM Hypervisor (www.darkreading.com)

submitted 5 days ago by BrikoX@lemmy.zip to c/cybersecurity@sh.itjust.works

2 comments fedilink

If security researchers can execute a guest-to-host attack using a zero-day vuln in the KVM open source hypervisor, Google will make it worth their while.