Infosec Press

Reader

Read the latest posts from Infosec Press.

from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!


News For All

🕵️‍♂️ willhaben & PayLivery: Wie Kriminelle einen eigentlich sicheren Service ausnutzen cybercrime – Fraudsters manipulate victims into leaving a secure platform for WhatsApp, disguising their communications to bypass security checks, aiming for money transfers under false pretenses. https://www.watchlist-internet.at/news/willhaben-paylivery-sicheres-service/

🚨 CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe vulnerability – A critical vulnerability in Citrix NetScaler, CVE-2025-5777, is actively exploited worldwide, prompting urgent patching recommendations from CISA as attackers target sensitive data. Risks are particularly high for federal networks. https://cyberscoop.com/citrixbleed2-exploits-spread/

💔 Episource is notifying millions of people that their health data was stolen data breach – Episource has disclosed a cyberattack affecting over 5.4 million individuals, compromising personal and health data, including medical records and insurance information, attributed to ransomware. https://techcrunch.com/2025/07/14/episource-is-notifying-millions-of-people-that-their-health-data-was-stolen/

🚆 Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years vulnerability – A critical vulnerability allows hackers to remotely lock train brakes, known since 2012 but only recently addressed by the railroad industry, posing serious safety risks. https://www.404media.co/hackers-can-remotely-trigger-the-brakes-on-american-trains-and-the-problem-has-been-ignored-for-years/

🎮 FBI Seizes NSW2U, PS4PKG Domains in $170 Million Game Piracy Investigation cybercrime – The FBI has seized major domains involved in video game piracy, impacting sites like nsw2u, which offered early access to pirated games. Estimated losses reach $170 million, highlighting serious legal repercussions for such activities. https://thecyberexpress.com/fbi-seizes-nsw2u-ps4pkg-domains/

🔍 Meta fixes bug that could leak users' AI prompts and generated content vulnerability – Meta has resolved a security flaw that allowed users to access others' AI prompts and responses, discovered by a researcher who received a $10,000 bounty. No evidence of exploitation was found. https://techcrunch.com/2025/07/15/meta-fixes-bug-that-could-leak-users-ai-prompts-and-generated-content/

🔒 6554 marks the fifth actively exploited Chrome Zero vulnerability – CVE-2025-6554 is the fifth actively exploited zero-day vulnerability in Chrome for 2025, concerning a type-confusion issue in the V8 engine. Google has issued patches and is aware of existing exploits. https://securityaffairs.com/180001/hacking/cve-2025-6554-marks-the-fifth-actively-exploited-chrome-zero-day-patched-by-google-in-2025.html

🛒 UK retail giant Co-op confirms hackers stole all 6.5 million customer records data breach – Co-op confirmed a cyberattack resulted in the theft of 6.5 million customer records, including personal details. The breach was part of a broader campaign affecting the UK retail sector. https://techcrunch.com/2025/07/16/uk-retail-giant-co-op-confirms-hackers-stole-all-6-5-million-customer-records/

👶 Adoption Agency Data Exposure Revealed Information About Children and Parents data breach – A recent data exposure incident at an adoption agency compromised sensitive information about children and their parents, highlighting ongoing privacy and security concerns within such organizations. https://www.wired.com/story/adoption-agency-data-exposure-revealed-information-about-children-and-parents/

💼 Meta investors, Zuckerberg settle $8 billion privacy lawsuit tied to Cambridge Analytica scandal privacy – Meta investors have settled a lawsuit alleging mishandling of the Cambridge Analytica scandal, with unclear terms, while seeking $8 billion in damages related to data privacy violations. https://therecord.media/meta-investors-zuckerberg-settle-privacy-lawsuit

🔓 Hackers are trying to steal passwords and sensitive data from users of Signal clone cybercrime – Hackers are exploiting a vulnerability in the TeleMessage app, a Signal clone used by officials, to steal usernames, passwords, and sensitive data. The flaw has been recognized by CISA as actively exploited. https://techcrunch.com/2025/07/17/hackers-are-trying-to-steal-passwords-and-sensitive-data-from-users-of-signal-clone/

🍞 Loaf and order: Belgian police launch bread-based cybersecurity campaign cyber defense – Belgian police are promoting cybersecurity awareness by printing tips on bakery bags, aiming to reach those less engaged with digital media and educate the public about online fraud and scams. https://grahamcluley.com/loaf-and-order-belgian-police-launch-bread-based-cybersecurity-campaign/

📹 Ring reintroduces video sharing with police security news – Ring has resumed allowing police to request user footage through a partnership with Axon, reversing its previous stance on video sharing. Users can choose to share footage, which will be encrypted. https://www.theverge.com/news/709836/ring-police-video-sharing-police-axon-partnership

🔑 Authorities released free decryptor for Phobos and 8base ransomware cybercrime – Japanese police have released a free decryptor for Phobos and 8Base ransomware, enabling victims to recover files without paying ransom. The tool is available on official sites and promotes safe recovery practices. https://securityaffairs.com/180108/malware/authorities-released-free-decryptor-for-phobos-and-8base-ransomware.html

🔒 For privacy and security, think twice before granting AI access to your personal data privacy – As AI tools increasingly request extensive access to personal data, users should be cautious. Granting such access can pose significant privacy and security risks, often for minimal benefit. https://techcrunch.com/2025/07/19/for-privacy-and-security-think-twice-before-granting-ai-access-to-your-personal-data/


Some More, For the Curious

🔓 Framework 13. Press here to pwn vulnerability – The Framework 13 laptop has a vulnerability allowing BIOS reset via a tamper switch, compromising critical security settings without vendor fixes available. Users should be cautious in unsecured environments. https://www.pentestpartners.com/security-blog/framework-13-press-here-to-pwn/

⌚️ WatchWitch: Interoperability, Privacy, and Autonomy for the Apple Watch security research – The article discusses a project enhancing interoperability, privacy, and user autonomy for Apple Watch users with Android phones. https://arxiv.org/abs/2507.07210

🕵️‍♂️ Active Supply Chain Attack: npm Phishing Campaign Leads to Prettier Tooling Packages Compromise security research – A phishing campaign compromised npm packages, injecting malicious code. Developers are urged to check their installs and secure accounts against similar threats. https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise

🔧 Thread Support for Flipper Zero, Part 1: Introduction hacking write-up – This article introduces the integration of OpenThread with Flipper Zero, enhancing its smart home capabilities while discussing technical challenges and upcoming features in the series. https://cujo.com/blog/thread-support-for-flipper-zero-part-1-introduction/

🛠️ Severity Arbitrary File Write in Git CLI I Arctic Wolf vulnerability – A high-severity arbitrary file write vulnerability (CVE-2025-48384) in Git allows malicious repositories to execute code when cloned, posing risks mainly to macOS and Linux users. Immediate upgrades are recommended. https://arcticwolf.com/resources/blog/poc-available-for-high-severity-arbitrary-file-write-in-git-cli-cve-2025-48384/

🤖 Curl creator mulls nixing bug bounty awards to stop AI slop security news – Daniel Stenberg, founder of curl, considers ending the bug bounty program due to an influx of low-quality AI-generated bug reports, which now constitute 20% of submissions, overwhelming the small security team. https://www.theregister.com/2025/07/15/curl_creator_mulls_nixing_bug/

🐛 Hackers exploit a blind spot by hiding malware inside DNS records cybercrime – Hackers are embedding malware in DNS records, using hexadecimal encoding to evade detection, allowing malicious binaries to be fetched through overlooked DNS traffic. This technique poses significant security challenges. https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/

🕵️‍♂️ Cato CTRL™ Threat Actor Profile: IntelBroker cybercrime – Kai Logan West, known as IntelBroker, led a major data brokerage operation causing over $25 million in damages before his arrest in 2025. His methods exploited basic security flaws, revealing vulnerabilities in cybercriminal OPSEC. https://www.catonetworks.com/blog/cato-ctrl-threat-actor-profile-intelbroker/

🔐 SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices vulnerability – A financially motivated group, UNC6148, is exploiting fully patched SonicWall SMA 100 devices using stolen admin credentials for data theft and possible ransomware deployment, despite the vendor's support efforts. https://cyberscoop.com/sonicwall-sma100-attacks/

🚨 Operation Eastwood disrupted operations of pro cybercrime – Operation Eastwood, a coordinated effort by international law enforcement, disrupted the pro-Russian hacker group NoName057(16), taking down over 100 systems and issuing several arrest warrants amid ongoing DDoS attacks. https://securityaffairs.com/180027/cyber-crime/operation-eastwood-disrupted-operations-of-pro-russian-hacker-group-noname05716.html

💻 GitHub abused to distribute payloads on behalf of malware-as-a-service cybercrime – Cisco's Talos team uncovered a malware-as-a-service operation using GitHub accounts to distribute various malicious software, including the Emmenhtal loader and Amadey malware, exploiting GitHub's accessibility in enterprise networks. https://arstechnica.com/security/2025/07/malware-as-a-service-caught-using-github-to-distribute-its-payloads/

⚠️ Critical Vulnerabilities in Cisco ISE warning – Cisco has identified three critical vulnerabilities in its Identity Services Engine (ISE), allowing attackers to execute arbitrary code. Users are urged to update affected versions immediately. https://cert.europa.eu/publications/security-advisories/2025-025/

⚠️ Critical Vulnerabilities in VMWare Products warning – VMware has released a security advisory for three critical vulnerabilities allowing code execution on affected devices, urging immediate updates, especially for internet-facing virtual machines. https://cert.europa.eu/publications/security-advisories/2025-026/

📍 A surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations security research – Researchers found a Middle Eastern surveillance vendor exploiting a new SS7 attack to track phone locations by bypassing carrier security measures, raising concerns about the increasing use of such exploits for location tracking. https://techcrunch.com/2025/07/18/a-surveillance-vendor-was-caught-exploiting-a-new-ss7-attack-to-track-peoples-phone-locations/

🚨 CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild vulnerability – A critical zero-day vulnerability in CrushFTP (CVE-2025-54309) allows attackers to gain administrator access and is currently being exploited. CrushFTP has released mitigation techniques and identified affected versions. https://www.tenable.com/blog/cve-2025-54309-crushftp-zero-day-vulnerability-exploited-in-the-wild

🔮 Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release vulnerability – A critical SQL injection vulnerability in Fortinet FortiWeb (CVE-2025-25257) was exploited within hours of a proof-of-concept release, compromising multiple systems. Immediate patching is advised. https://securityaffairs.com/180118/hacking/fortinet-fortiweb-flaw-cve-2025-25257-exploited-hours-after-poc-release.html


CISA Corner

⚠️ CISA Adds One Known Exploited Vulnerability to Catalog warning – CISA has added a known exploited vulnerability in Wing FTP Server to its catalog, urging federal agencies and all organizations to prioritize remediation to protect against cyber threats. https://www.cisa.gov/news-events/alerts/2025/07/14/cisa-adds-one-known-exploited-vulnerability-catalog ⚠️ CISA Adds One Known Exploited Vulnerability to Catalog warning – CISA has added a known exploited vulnerability in Fortinet FortiWeb to its KEV Catalog, urging federal agencies and all organizations to prioritize remediation to protect against cyber threats. https://www.cisa.gov/news-events/alerts/2025/07/18/cisa-adds-one-known-exploited-vulnerability-catalog

⚙️ CISA Releases Six Industrial Control Systems Advisories vulnerability – CISA has published six advisories addressing vulnerabilities in various Industrial Control Systems, urging users and administrators to review the details and implement mitigations to enhance security. https://www.cisa.gov/news-events/alerts/2025/07/15/cisa-releases-six-industrial-control-systems-advisories ⚙️ CISA Releases Three Industrial Control Systems Advisories vulnerability – CISA has published three new advisories addressing vulnerabilities in various Industrial Control Systems, urging users and administrators to review the details and implement necessary mitigations. https://www.cisa.gov/news-events/alerts/2025/07/17/cisa-releases-three-industrial-control-systems-advisories


While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

 
Read more...

from 000

using ffmpeg

good for making drum kits for the m8 – you can do this in a directory with a lot of tiny samples.

1. prepare the directory

put all the samples you want to concatenate into the same directory and then navigate to that location in the terminal.

2. add silence

this will create copies of the files which have a tiny amount of silence appended to them. this helps with the m8s auto-slice function (though you'll still usually want to tweak the results). This command will do it:

for i in *.wav; do ffmpeg -i "$i" -af "adelay=100|100" "${i%.*}-EDIT.wav"; done

3. remove the original files.

the newly created files will have “-EDIT” added to their names just before the .wav file extension. only keep those ones in the directory. (you can just move the other ones out of the folder, or delete them if you made copies to begin with).

4. generate input text file

from the files which are now in the folder

for f in *.wav; do echo "file '$f'" >> mylist.txt; done
  • bonus: you can change the order of the sounds by editing this text file before executing the next step.

5. concatenate all the wav files

ffmpeg -f concat -safe 0 -i mylist.txt -c copy concat.wav

6. rename the resultant “concat.wav” file

... to whatever describes the collection you've created. (I like to prefix these files with “cct” ie. “cct-Yamaha-MR10.wav”)

7. load it up

fine tune the slices, & fuck around with it.

 
Read more...

from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!


News For All

🍔 Would you like an IDOR with that? Leaking 64 million McDonald’s job applications security research – A security flaw in McDonald’s recruitment bot exposed personal data of 64 million applicants due to weak default credentials and an insecure API. Prompt remediation followed disclosure. https://ian.sh/mcdonalds

🕷️ Scattered Spider weaves web of social-engineered destruction cybercrime – Scattered Spider, a decentralized cybercrime group, exploits social engineering and phishing to target multiple industries, amassing over $66 million in extortion demands through clever tactics. https://cyberscoop.com/scattered-spider-social-engineering-cybercrime/

🤖 Unless users take action, Android will let Gemini access third-party apps privacy – Google's Gemini AI will soon access third-party apps like WhatsApp, overriding user settings. Users seeking to prevent this may struggle to find clear guidance on disabling or removing Gemini. https://arstechnica.com/security/2025/07/unless-users-take-action-android-will-let-gemini-access-third-party-apps/

💰 „Hallo Mama, das ist meine neue Nummer“ – Ein Blick hinter die Kulissen des Evergreens cybercrime – Scammers exploit emotional manipulation, posing as family members in need of urgent money transfers, often targeting parents to redirect funds into their own accounts. https://www.watchlist-internet.at/news/hallo-mama-hinter-den-kulissen/

🎨 Browser hijacking campaign infects 2.3M Chrome, Edge users security news – A malicious Chrome and Edge extension disguised as a color picker has hijacked over 2.3 million users' browsers, tracking activities and capturing sensitive data through silent updates. https://www.theregister.com/2025/07/08/browser_hijacking_campaign/

⛑️ Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Fixed, 17 High-Risk vulnerability – Microsoft's July Patch Tuesday fixed 130 vulnerabilities, including 17 high-risk ones, with a critical remote code execution flaw rated 9.8 affecting Windows 10 and above. https://thecyberexpress.com/microsoft-patch-tuesday-july-2025/

🏃 Yet Another Strava Privacy Leak data breach – Based on a new Strava Leak, Bruce Schneier points towards privacy, the impact of technology on society, and the need for informed public engagement in security matters. https://www.schneier.com/blog/archives/2025/07/yet-another-strava-privacy-leak.html

🎮 Activision pulls Call of Duty game after PC players are hacked security news – Activision has removed an outdated and insecure version of Call of Duty from the Microsoft Store after reports of hacking incidents affecting PC players. https://www.theverge.com/news/702255/call-of-duty-wwii-pc-game-pass-hacking-activision

🔒 AiLock ransomware: What you need to know cybercrime – AiLock is a ransomware-as-a-service that threatens victims with data leaks and regulatory notifications if ransoms aren't paid. Organizations are advised to enhance security measures to mitigate risks. https://www.fortra.com/blog/ailock-ransomware

💸 Fake CNN and BBC sites used to push investment scams security news – Cybercriminals are creating fake news websites mimicking CNN and BBC to promote fraudulent cryptocurrency investments, tricking users into sharing personal data and making deposits. https://therecord.media/news-websites-faked-to-spread-investment-scams

⚖️ German court rules Meta tracking technology violates European privacy laws privacy – A German court ruled that Meta must pay €5,000 to a user for violating GDPR by tracking data via pixels on third-party sites, potentially opening the door for extensive lawsuits. https://therecord.media/german-court-meta-tracking-tech

📱 Using Signal groups for activism privacy – Signal offers secure communication for activists, allowing safe organization through group features like QR code invites, admin approval, and announcement-only settings, ensuring privacy from law enforcement. https://micahflee.com/using-signal-groups-for-activism/

🚨 FinanzOnline – „Dringende Sicherheitswarnung wegen Anmeldeversuchs“ ist Phishing warning – Criminals are sending phishing emails claiming unauthorized login attempts to FinanzOnline accounts, attempting to steal user information under the guise of security alerts about 'unknown devices.' https://www.watchlist-internet.at/news/finanzonline-sicherheitswarnung-phishing/

👮 UK NCA arrested four people over M&S, Co-op cyberattacks cybercrime – The UK NCA arrested four individuals, including three teens, linked to cyberattacks on M&S and Co-op, which caused significant financial losses estimated between £270M and £440M. https://securityaffairs.com/179806/cyber-crime/uk-nca-arrested-four-people-over-ms-co-op-cyberattacks.html

🏀 Pro basketball player and 4 youths arrested in connection to ransomware crimes cybercrime – Authorities arrested former basketball player Daniil Kasatkin and four others linked to ransomware attacks, including operations targeting M&S and Co-op, attributed to the Scattered Spider group. https://arstechnica.com/security/2025/07/pro-basketball-player-and-4-youths-arrested-in-connection-to-ransomware-crimes/

🚗 Researchers identify critical vulnerabilities in automotive Bluetooth systems vulnerability – Researchers discovered four critical vulnerabilities in the OpenSynergy BlueSDK Bluetooth stack, affecting vehicles from Mercedes-Benz, Volkswagen, and Skoda, potentially allowing remote code execution via Bluetooth connections. https://cyberscoop.com/perfektblue-bluetooth-vulnerabilties-bluesdk-software/

💰 Hacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment cybercrime – A hacker returned $42 million stolen from GMX exchange after receiving a $5 million bounty, with the company agreeing not to pursue legal action if the funds were returned. https://therecord.media/hacker-returns-stolen-gmx-bounty

🤖 AI therapy bots fuel delusions and give dangerous advice, Stanford study finds security research – A Stanford study reveals critical flaws in AI therapy bots like ChatGPT, highlighting their tendency to validate harmful beliefs and provide dangerous advice, particularly for users with mental health issues. https://arstechnica.com/ai/2025/07/ai-therapy-bots-fuel-delusions-and-give-dangerous-advice-stanford-study-finds/


Some More, For the Curious

🔍 Hiding Prompt Injections in Academic Papers security research https://www.schneier.com/blog/archives/2025/07/hiding-prompt-injections-in-academic-papers.html

💡 Researchers Jailbreak AI by Flooding It With Bullshit Jargon security research – A study reveals that AI chatbots can be manipulated into providing harmful information by using complex jargon and fake citations, a technique dubbed 'InfoFlood.' https://www.404media.co/researchers-jailbreak-ai-by-flooding-it-with-bullshit-jargon/

🛡️ Google Online Security Blog: Advancing Protection in Chrome on Android cyber defense – Chrome's Advanced Protection enhances security on Android by isolating websites and disabling JavaScript optimizers to reduce vulnerabilities, catering to users with varying risk profiles. http://security.googleblog.com/2025/07/advancing-protection-in-chrome-on.html

🦠 Hackers weaponize Shellter red teaming tool to spread infostealers malware – Hackers exploit the leaked Shellter tool to package infostealer malware, evading detection and targeting users via phishing campaigns. Elastic Security Labs has developed a dynamic unpacker to counter this threat. https://securityaffairs.com/179745/malware/hackers-weaponize-shellter-red-teaming-tool-to-spread-infostealers.html

🚨 Critical CitrixBleed 2 vulnerability has been under active exploit for weeks vulnerability – A critical Citrix vulnerability allowing MFA bypass has been actively exploited for weeks, despite Citrix's claims of no evidence. Researchers criticize the lack of details in advisories, complicating defense efforts. https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/

🔍 Uncovering Privilege Escalation Bugs in Lenovo Vantage — Atredis Partners vulnerability – Atredis Partners discovered multiple privilege escalation vulnerabilities in Lenovo Vantage, allowing attackers to exploit SQL injection and manifest manipulation for elevated access. Lenovo released patches on July 8. https://www.atredis.com/blog/2025/7/7/uncovering-privilege-escalation-bugs-in-lenovo-vantage

⚠️ Azure's Front Door WAF WTF: IP Restriction Bypass vulnerability – A critical flaw in Azure's Front Door WAF allows IP restriction bypass using the X-Forwarded-For header, undermining security expectations and highlighting poor documentation and variable naming practices. https://trustedsec.com/blog/azures-front-door-waf-wtf-ip-restriction-bypass

🐛 CVE-2025-48384: Git vulnerable to arbitrary file write on non-Windows systems vulnerability – CVE-2025-48384 allows arbitrary file writes and remote code execution on Linux and macOS when using git clone —recursive on malicious repositories. A patch was released on July 8, 2025. https://securitylabs.datadoghq.com/articles/git-arbitrary-file-write/

🍳 Let Me Cook You a Vulnerability: Exploiting the Thermomix TM5 hacking write-up – Research reveals critical vulnerabilities in the Thermomix TM5, allowing firmware downgrades and arbitrary code execution through weaknesses in nonce tampering, known AES keys, and incomplete secure boot mechanisms. https://www.synacktiv.com/en/publications/let-me-cook-you-a-vulnerability-exploiting-the-thermomix-tm5.html

⚠️ Critical Vulnerability in FortiWeb warning – Fortinet has released a security advisory for a critical vulnerability (CVE-2025-25257) in FortiWeb, allowing unauthorized code execution via crafted HTTP requests. Affected versions require immediate updates. https://cert.europa.eu/publications/security-advisories/2025-024/

🚨 10/10 Wing FTP bug exploited within hours, cyber pros say security news – A critical remote code execution vulnerability in Wing FTP Server was exploited within hours of public disclosure, allowing attackers to execute Lua code. Users are urged to patch immediately. https://www.theregister.com/2025/07/11/1010_wing_ftp_bug_exploited/

📄 Export to PDF allows local file inclusion/path traversal in Microsoft 365 security research – A vulnerability in Microsoft 365's PDF conversion feature allowed local file inclusion via HTML files, enabling access to sensitive server data. The issue has been reported and remediated, earning a $3000 bounty. https://security.humanativaspa.it/export-to-pdf-allows-local-file-inclusion-path-traversal-in-microsoft-365/


CISA Corner

⚠️ CISA Adds Four Known Exploited Vulnerabilities to Catalog warning – CISA has identified four new vulnerabilities that are actively exploited, emphasizing the need for federal agencies to remediate these risks to enhance cybersecurity. https://www.cisa.gov/news-events/alerts/2025/07/07/cisa-adds-four-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds One Known Exploited Vulnerability to Catalog warning – CISA has added a new vulnerability to its Known Exploited Vulnerabilities Catalog, urging all organizations to prioritize remediation to protect against cyber threats. https://www.cisa.gov/news-events/alerts/2025/07/10/cisa-adds-one-known-exploited-vulnerability-catalog

⚙️ CISA Releases One Industrial Control Systems Advisory vulnerability – CISA issued an advisory regarding vulnerabilities in Emerson ValveLink products, urging users to review the advisory for technical details and mitigation strategies. https://www.cisa.gov/news-events/alerts/2025/07/08/cisa-releases-one-industrial-control-systems-advisory ⚙️ CISA Releases Thirteen Industrial Control Systems Advisories vulnerability – CISA has released thirteen advisories regarding vulnerabilities in various Industrial Control Systems by Siemens, Delta Electronics, Advantech, KUNBUS, End/Head-of-Train, ECOVACS and IDEC, urging users to review for technical details and necessary mitigations. https://www.cisa.gov/news-events/alerts/2025/07/10/cisa-releases-thirteen-industrial-control-systems-advisories


While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

 
Read more...

from Bruno's ramblings

I stumbled upon this post on r/fibromyalgia, titled “How long did it take you to accept it?”. As I'm writing this, I'm still processing both the post and the comments; at the same time, feeling relieved that it's a lot more common to struggle to accept this fucking syndrome.

Knowing I'm not one of the few who struggle with accepting this and all the limitations it imposes is like taking weight off my chest. And to be honest, I don't think I'll ever fully accept this. Why would I? To me, that's like giving up, conceding defeat. Yes, I still cling to the hope that either a cure will be found or a medication will be developed that actually stops the pain. Or that the pain might one day stop by itself, just like it started.

Accepting it would mean I've given up on hope.

Of course, this doesn't mean I haven't adapted. I've developed strategies to deal with the pain level I'm feeling as I perform whatever task I'm doing and how it changes as I execute it.

A good example of this is cooking. Even if I'm just cooking a simple stew, there are days that I have to start cooking it 4 to 6 hours before the usual time and do it in small steps, with long periods of rest in between, because standing up for 10 minutes feels like torture. Think: “Getting the pan out and the ingredients. Rest. Chop some ingredients. Rest. Chop more ingredients. Rest.”

This may not make sense to you. That's OK. It probably wouldn't make sense to me either if I didn't live with nonstop pain.

#Fibromyalgia #ChronicPain

 
Read more...

from Grimoire

“Когато държавата се превърне в отечество, тя се готви да убива.”

 
Read more...

from rvyhvn

Being an anarchist is often misunderstood. Many people think it's about breaking all rules and creating chaos. Additionally in my country, even mainstream media are mistakenly saying vandalism is equal to anarchism. This make me shake my head as they don't understand what anarchism really is. I've been practically doing anarchism value in my immediate social circles. I contribute to education, I reject about structural group in college especially for making decisions and I educate people about abstaining from political participation because no politicians can truly be trusted. I often share my thoughts on social issues from an anarchist point of view. Like most anarchists, I believe in building a society aligned with anarchist values. But still, I don't want anarchism to be applied in our society yet, in any state. Why?

Too Extreme for People to Accept

Anarchism is seen as “too far left” ideology, unlike socialism or communism, we reject hierarchical rulers. Everyone should be treated equally and all opinions should matter (as long as they're logically sound). But most countries today are run by conservatives who uphold capitalism, which is the complete opposite anarchism. These governments are elected by the conservative citizens, so the system and the people share the same ideology. Which makes it harder to spread anarchist values. By definition, conservatism is a commitment to traditional values and ideas with opposition to change or innovation. Capitalism has been dominant for over a century. That's why people fear radical change. Which leads to the next point.

Historical Failures of Leftist Ideas

The Soviet Union was once the biggest leftist state in the world and it collapsed. Many people now see that as proof that leftist ideologies don’t work. They say systems like socialism or anarchism are too utopian to survive in the real world. Because of that fear, anarchism is seen as unrealistic, even dangerous.

Anarchism Is Misunderstood

This ties into ignorance and media literacy. Many people think anarchism means “no rules” e.g. total chaos, violence, people killing each other. That’s NOT what anarchism is. As I mentioned earlier, the media here even label May Day protests as “anarchic” just because of vandalism or people spray-painting walls. That’s not anarchism, that’s just destruction. These false narratives shape public misunderstanding.

Bad People Still Exist

This is the main reason I don't think anarchism can work right now. There are still people who will take advantage of others if laws don’t exist. Legal systems, even if flawed, can still restrain some bad behavior. But in a world without written laws? Those people would feel free to exploit, harm, or abuse others. It’s like saying morals come from religion. If religion disappears, would some people suddenly start robbing, raping, or killing? That’s the scary part.

People today still need to learn how to be decent human beings and open themselves to new perspectives. Only then can we start introducing anarchist values in a real, meaningful way.

 
Read more...

from copies

via Jürgen Hubert – @juergen_hubert@mementomori.social

Not far from the village of Retzin, which lies about one and a half miles away from Penkun, there is a long, tall hill and beneath it lies a lake commonly known as the Leichensee (“corpse lake”). On the hill, which is now overgrown with shrubs, there used to be a bandits' castle, whose remains can be spotted now and then amidst the shrubbery. The whole hill is therefore still called the Burgwall (“castle wall”)[1]. The bandits who lived in the castle threw the corpses of those they slew into the lake, from which the lake derives its name. The murdered and the murderers are said to haunt the lake and its environs in some nights, and nobody likes to visit the area after dark. Another tale gives us more details: The Leichensee is in the middle of two spots where two castles used to stand, and where now the villages of Lökenitz and Ramin can be found. These two castles belonged to a villainous robber knight named Hans von Ramin. The river Randow, which flows through the lake, was traversable by ships in those days[2] and thus it was common for ships to pass through the lake. The knight with his bandits only waited for those moments, and he had constructed an ingenious contraption which aided him in capturing those ships. He had put down two chains across the lake which were about 50 feet apart, and which were about two inches above the water when they were stretched taut. Whenever he saw a ship approaching in the distance he and his bandits hid in the reeds at the shore of the lake and left the first chain slacken so that it would be below the surface of the water. But when the ship had passed over it, he pulled it taut again. And thus the ship was stuck between the two chains and could go neither backwards nor forwards, and he and his bandits swarmed over it, slaughtered the crew, and took all of its goods. The corpses were thrown into the lake, on the side of the long hill[3]. It frequently occurred that the bandits discovered a larger crew on the ship than they had anticipated. In these cases they rang a large bell, which they had hung up at the shore for this very purpose. Then reinforcements would arrive from both castles. This bell fell into the lake after the death of the knight. It remains there, and at noon on St. John's Day it is still possible to hear its ringing. Source: Temme, J. D. H. Die Volkssagen von Pommern und Rügen, 1840. P. 202-204.

 
Read more...

from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!


News For All

🤖 ICE Rolls Facial Recognition Tools Out to Officers' Phones privacy – ICE introduces Mobile Fortify, a facial recognition app for agents, raising concerns about privacy and wrongful arrests due to potential inaccuracies and surveillance risks. https://www.wired.com/story/ice-rolls-facial-recognition-tools-out-to-officers-phones/

🚨 BreachForums broken up? French police arrest five members of notorious cybercrime site cybercrime – French police arrest five alleged members of BreachForums, a major cybercrime marketplace, including one sought by the US for selling hacked data worth millions, amid ongoing investigations. https://www.bitdefender.com/en-us/blog/hotforsecurity/breachforums-broken-up-french-police-arrest-five-members-of-notorious-cybercrime-site

🏎️ How we turned a real car into a Mario Kart controller by intercepting CAN data security research – A team converted a Renault Clio into a Mario Kart controller by intercepting its CAN data, enabling real driving controls for a game demo, despite some technical challenges. https://www.pentestpartners.com/security-blog/how-we-turned-a-real-car-into-a-mario-kart-controller-by-intercepting-can-data/

💰 SafePay Ransomware: What You Need To Know security news – SafePay ransomware encrypts files and steals data, demanding cryptocurrency ransoms. Unlike typical ransomware, it doesn't operate as RaaS, focusing on operational security. It's linked to previous notorious groups and has specific language restrictions to avoid certain victims. https://www.fortra.com/blog/safepay-ransomware-what-you-need-know

⚠️ Security pro counts the cost of Microsoft dependency security news – A blog post highlights the risks of heavy reliance on Microsoft, advocating for improved digital sovereignty and quantifying potential security costs to influence decision-makers away from sole dependency on American cloud services. https://www.theregister.com/2025/06/26/cost_of_microsoft_dependency/

🔒 Complaint says Bumble feature connected to OpenAI violates European data privacy rules privacy – A complaint alleges Bumble's Icebreakers feature, powered by OpenAI, breaches GDPR by lacking user consent and transparency regarding data transfers, prompting concerns over privacy and control. https://therecord.media/bumble-for-friends-openai-noyb-complaint-gdpr

🎧 Security Advisory: Airoha-based Bluetooth Headphones and Earbuds vulnerability – Vulnerabilities in Airoha-based Bluetooth devices allow unauthenticated attackers to manipulate and take over devices within Bluetooth range. Users are advised to await firmware patches for remediation. https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/

⚰️ Qilin ransomware attack on NHS results in confirmed death cybercrime – The NHS confirmed that a ransomware attack by Qilin on Synnovis led to a patient's death due to delays in receiving blood test results, highlighting the serious impact of cyberattacks on healthcare. https://www.theregister.com/2025/06/26/qilin_ransomware_nhs_death/

🖨️ New Vulnerabilities Expose Millions of Brother Printers to Hacking vulnerability – Hundreds of Brother printers and others have serious vulnerabilities allowing hackers to exploit devices without authentication. A critical flaw can expose admin passwords, risking device misuse. https://www.securityweek.com/new-vulnerabilities-expose-millions-of-brother-printers-to-hacking/

💍 Ring can use AI to 'learn the routines of your residence' privacy – Ring's new Video Descriptions feature uses AI to analyze motion activity, providing detailed notifications about detected events. Concerns arise over privacy and security given Ring's history and data handling practices. https://www.theregister.com/2025/06/25/amazons_ring_ai_video_description/

🔓 Russia frees REvil hackers after sentencing security news – Four members of the REvil ransomware group were released from custody after serving time while awaiting trial, despite pleading guilty to fraud and malware charges, with no fines imposed. https://www.theverge.com/news/692582/russia-revil-hacker-group-ransomware-sentencing

🏙️ Glasgow City Council impacted by ‘cyber incident’ data breach – Glasgow City Council is dealing with a cyber incident disrupting online services and potentially involving customer data theft, with affected servers taken offline and residents advised to be cautious. https://therecord.media/glasgow-city-council-cyber-incident

🕯️ What LLMs Know About Their Users privacy – The article discusses a prompt for analyzing user interaction data in detail, highlighting preferences, past conversation topics, and insights into user behavior, raising questions about the capability of AI to build human-readable profiles. https://www.schneier.com/blog/archives/2025/06/what-llms-know-about-their-users.html

☠️ Hackers Are Poisoning Google Search Results for AI Tools to Deliver Infostealer Malware cybercrime – Threat actors are hijacking Google search results for AI tools to distribute malware via trojanized sites, using black hat SEO tactics to redirect users to infected downloads, notably Vidar and Lumma infostealers. https://thecyberexpress.com/poisoning-google-search-results-infostealers/

🔓 Leak of data belonging to 7.4 million Paraguayans traced back to infostealers data breach – Hackers accessed data on 7.4 million Paraguayans via infostealer malware on a government employee's device, leading to massive data leaks from multiple agencies. Paraguay's government plans a National Cybersecurity Strategy in response. https://therecord.media/data-leak-paraguayan-millions-infostealer

👓 Smartglass Ray-Ban Meta: Dauerüberwachung im Sonnenbrillengehäuse privacy – Meta's Ray-Ban Smartglasses, equipped with always-on recording capabilities and AI features, raise significant privacy concerns as they continuously collect data without clear opt-out options for bystanders. https://www.kuketz-blog.de/smartglass-ray-ban-meta-dauerueberwachung-im-sonnenbrillengehaeuse/


Some More, For the Curious

🛡️ RedirectionGuard: Mitigating unsafe junction traversal in Windows security news – Microsoft introduces RedirectionGuard in Windows 11 to prevent filesystem redirection attacks, closing a critical security gap and enhancing system integrity against privilege escalation. https://msrc.microsoft.com/blog/2025/06/redirectionguard-mitigating-unsafe-junction-traversal-in-windows/

📜 NIS2 Technical Implementation Guidance security news – ENISA provides practical guidance for implementing the NIS2 Directive, detailing cybersecurity requirements for various entities and offering examples and mappings for compliance. https://www.enisa.europa.eu/publications/nis2-technical-implementation-guidance

🔓 When Backups Open Backdoors: Accessing Sensitive Cloud Data via “Synology Active Backup for Microsoft 365” vulnerability – A leaked credential in Synology's backup tool allowed unauthorized access to sensitive Microsoft 365 data, raising serious security concerns and highlighting vulnerabilities in cloud services. https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/

✈️ FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector security news – The FBI warns that the hacking group Scattered Spider is now targeting airlines and transportation, employing social engineering and ransomware tactics to compromise sensitive data. https://techcrunch.com/2025/06/28/fbi-cybersecurity-firms-say-scattered-spider-hackers-now-targeting-airlines-transportation-sector/

💻 Microsoft security updates address CrowdStrike crash, kill ‘Blue Screen of Death’ security news – Microsoft announces security updates to prevent future outages caused by third-party software, limiting direct kernel access and enhancing recovery features, including a revamped crash interface. https://cyberscoop.com/microsoft-security-updates-kernel-restrictions-downtime/

🥸 The Age of Integrity security research – Data integrity is crucial in the era of AI and Web 3.0, requiring systems to ensure accurate data throughout its lifecycle. We need to focus on integrous design to address integrity challenges. https://www.schneier.com/blog/archives/2025/06/the-age-of-integrity.html

⚠️ CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php vulnerability – CVE-2024-39914 is a critical unauthenticated command injection vulnerability in FOG Project versions ≤ 1.5.10.34, allowing attackers to execute system commands or deploy webshells via export.php. https://www.offsec.com/blog/cve-2024-39914/

🔐 Cisco fixes two critical make-me-root bugs vulnerability – Cisco patched two critical vulnerabilities, CVE-2025-20281 and CVE-2025-20282, in its Identity Services Engine, allowing unauthenticated attackers to execute code with root privileges via API flaws. https://www.theregister.com/2025/06/26/patch_up_cisco_fixes_two/

🔑 Common SCCM Misconfigurations Leading to Privilege Escalation cyber defense – Misconfigurations in SCCM can lead to privilege escalation, allowing attackers to exploit Network Access Accounts and Domain Join Accounts to compromise domains. Recommendations include enforcing least privilege and avoiding legacy settings. https://www.truesec.com/hub/blog/sccm-tier-killer

🚨 Sipping from the CVE Firehose: How We Prioritize… cyber defense – The article discusses how security teams prioritize CVEs using a tiered scoring system to identify real-world threats, moving beyond traditional CVSS metrics to focus on attributes that reflect actual impact on customer attack surfaces. https://bishopfox.com/blog/sipping-cve-firehose-how-we-prioritize-emerging-threats-for-real-world-impact

🔒 Hackers deploy fake SonicWall VPN App to steal corporate credentials security research – Hackers are distributing a trojanized SonicWall NetExtender VPN app, dubbed SilentRoute, to steal user credentials by modifying the installer to bypass security checks. Users are advised to download only from official sources. https://securityaffairs.com/179332/hacking/hackers-deploy-fake-sonicwall-vpn-app-to-steal-corporate-credentials.html

📈 Surge in MOVEit Transfer Scanning Activity Could Signal Emerging Threat Activity warning – GreyNoise reports a significant increase in scanning activity targeting MOVEit Transfer systems, with over 300 unique IPs observed daily since May 27, 2025, indicating potential emerging threats and exploitation attempts. https://www.greynoise.io/blog/surge-moveit-transfer-scanning-activity

🦠 New Malware Embeds Prompt Injection to Evade AI Detection malware – A malware sample named Skynet attempts to use prompt injection to manipulate AI models for evasion, but the method fails against current LLMs. The article discusses its features and implications for future threats. https://research.checkpoint.com/2025/ai-evasion-prompt-injection/

🌐 Stealth China-linked ORB network gaining footholds in US, East Asia security research – A China-linked ORB network, dubbed 'LapDogs', has surpassed 1,000 devices, primarily in the US and East Asia, focusing on stealthy operations that complicate detection and attribution for espionage activities. https://cyberscoop.com/orb-network-china-lapdogs/

🔒 Up next on the KEV? All signs point to 'CitrixBleed 2' vulnerability – Citrix's new critical vulnerability, dubbed 'CitrixBleed 2', affects its NetScaler products, allowing attackers to read sensitive information without authentication. Experts warn of inevitable exploitation and urge immediate patching. https://go.theregister.com/feed/www.theregister.com/2025/06/24/critical_citrix_bug_citrixbleed/

🤔 The ‘16 billion password breach’ story is a farce security news – Recent reports of a 16 billion credential breach lack substantial evidence and are criticized by experts as recycled data from past leaks. The incident highlights the ongoing threat of infostealer malware and the need for better cybersecurity practices. https://cyberscoop.com/colossal-data-breach-16-billion-credentials-no-evidence-media-exaggeration/

💰 The State of Ransomware 2025 security research – The Sophos report reveals that exploited vulnerabilities and compromised credentials are major causes of ransomware attacks. While recovery rates are improving, ransom payments remain high, highlighting ongoing risks for organizations. https://news.sophos.com/en-us/2025/06/24/the-state-of-ransomware-2025/


CISA Corner

⚠️ CISA Adds Three Known Exploited Vulnerabilities to Catalog warning – CISA has added three vulnerabilities to its Known Exploited Vulnerabilities Catalog, including CVE-2024-54085, CVE-2024-0769, and CVE-2019-6693, highlighting significant risks to federal networks. https://www.cisa.gov/news-events/alerts/2025/06/25/cisa-adds-three-known-exploited-vulnerabilities-catalog

⚙️ CISA Releases Two Industrial Control Systems Advisories vulnerability – CISA issued two advisories on June 26, 2025, addressing vulnerabilities in Mitsubishi Electric Air Conditioning Systems and TrendMakers Sight Bulb Pro, urging users to review for mitigation details. https://www.cisa.gov/news-events/alerts/2025/06/26/cisa-releases-two-industrial-control-systems-advisories ⚙️ CISA Releases Eight Industrial Control Systems Advisories vulnerability – CISA issued eight ICS advisories on June 24, 2025, addressing vulnerabilities in various systems including Schneider Electric and Mitsubishi Electric, urging users to review for mitigation strategies. https://www.cisa.gov/news-events/alerts/2025/06/24/cisa-releases-eight-industrial-control-systems-advisories

🔒 New Guidance Released for Reducing Memory-Related Vulnerabilities security news – CISA and NSA released a guide to reduce memory-related vulnerabilities in software, advocating for the adoption of memory safe languages (MSLs) to enhance security in development practices. https://www.cisa.gov/news-events/alerts/2025/06/24/new-guidance-released-reducing-memory-related-vulnerabilities


While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

 
Read more...

from Бележник | Notеs

“Комуникацията е жизненоважният мост между човешките съзнания – нейното отсъствие ражда бездни от недоразумения, в които се погубват мисли, чувства и намерения. Колко му е хората да започнат да си споделят повече притесненията и емоциите? “

Да споделиш е да се отвориш, да се отключиш, да се отдадеш. Всяко малко отдаване причинява страх, който все по-дълбоко копае навътре в черупката на комфорта и спокойствието. От друга страна, липсата на емоционална връзка със света те прави уязвим и склонен към крайности.

Ето какво казва Ursula K. Le Guin в The wave in the Mind за комуникацията:

The ruling concept of communication as a mechanical model

Кутия А и кутия В са свързани с тръба. Кутия А съдържа единица информация. Кутия А е предавателят, изпращачът. Тръбата е начинът, по който се предава информацията – тя е средата. А кутия В е приемникът. Те могат да редуват ролите си. Изпращачът, кутия А, кодира информацията по начин, подходящ за средата – в двоични битове, или пиксели, или думи, или каквото и да е, и я предава чрез средата на приемника, кутия В, който я получава и декодира.

А и В могат да се разглеждат като машини, например компютри. Те могат да се разглеждат и като умове. Или едната може да е машина, а другата – ум.

В повечето случаи на хора, които действително разговарят помежду си, човешката комуникация не може да бъде сведена до информация. Съобщението не само включва, то е връзка между говорещия и слушащия. Средата, в която е вградено съобщението, е изключително сложна, безкрайно повече от код: тя е език, функция на общество, култура, в която езикът, говорещият и слушащият са вградени.

В човешкия разговор, в живата, действителна комуникация между или сред човешки същества, всичко „предадено“ – всичко казано – е оформено по време на говорене от действителен или очакван отговор.

Живата човешка комуникация лице в лице е интерсубективна. Интерсубективността включва много повече от машинно-медиирания тип стимул-реакция, наричан в момента „интерактивен“. Изобщо не е стимул-реакция, нито механично редуване на предварително кодирано изпращане и получаване. Интерсубективността е взаимна. Тя е непрекъснат обмен между две съзнания. Вместо редуване на роли между кутия А и кутия В, между активен субект и пасивен обект, това е непрекъсната интерсубективност, която тече двупосочно през цялото време.

Моят личен модел за интерсубективност, или комуникация чрез реч, или разговор, е амеби, които се репродуцират. Както знаете, амебите обикновено се размножават, като просто тихо се оттеглят в ъгъла и се разделят на две амеби; но понякога условията показват, че малко генетичен обмен може да подобри местната популация и две от тях се събират, буквално, и се протягат една към друга и сливат псевдоподите си в малка тръбичка или канал, който ги свързва.

fig 2

След това амеба А и амеба В обменят генетична „информация“, тоест буквално си дават вътрешни части от телата си, чрез канал или мост, който е направен от външни части на телата им. Те прекарват доста време, изпращайки части от себе си напред-назад, взаимно отговаряйки си.

Това е много подобно на това как хората се съединяват и си дават части от себе си – вътрешни части, умствени, а не телесни части – когато говорят и слушат.

Две амеби, които се съединяват по този начин, или двама души, които говорят, образуват общност от двама. Хората също могат да образуват общности от много, чрез постоянно изпращане и получаване на части от себе си и другите – тоест чрез говорене и слушане. Говоренето и слушането в крайна сметка са едно и също нещо.

Речта ни свързва толкова непосредствено и жизненоважно, защото тя е физически, телесен процес. Ако монтирате два стенни часовникови махала едно до друго на стената, те постепенно ще започнат да се люлеят заедно. Те се синхронизират взаимно, като улавят малки вибрации, които всеки предава през стената.

Всякакви две неща, които осцилират с приблизително един и същ интервал, ако са физически близо едно до друго, постепенно ще имат тенденцията да се „заключат“ и да пулсират точно с един и същ интервал. Нещата са лениви. Изисква по-малко енергия да пулсират съвместно, отколкото да пулсират в опозиция. Физиците наричат тази красива, икономична леност взаимно фазово синхронизиране, или „увличане“.

Всички живи същества са осцилатори. Ние вибрираме. Амеба или човек, ние пулсираме, движим се ритмично, променяме се ритмично; ние поддържаме ритъм. Можете да го видите в амебата под микроскоп, вибрираща в честоти на атомно, молекулярно, субклетъчно и клетъчно ниво. Това постоянно, деликатно, сложно туптене е самият процес на живота, направен видим.

Ние, огромните многоклетъчни същества, трябва да координираме милиони различни осцилационни честоти и взаимодействия между честотите в телата ни и нашата среда. Повечето от координацията се осъществява чрез синхронизиране на импулсите, чрез привеждане на ударите в главен ритъм, чрез „увличане“.

Подобно на двете махала, макар и чрез по-сложни процеси, двама души заедно могат взаимно да се фазово синхронизират. Успешните човешки взаимоотношения включват увличане – влизане в синхрон. Ако това не се случи, връзката е или некомфортна, или катастрофална.


Катастрофата се получава, когато страна А или B не е предразположена към такъв обмен и се опитва да се отскубне от връзката с тръбата, ако въобще е била поставена. Това се случва (може би) по-лесно в XXI век, тъй като масовата култура подкрепя затвореността, нишовостта, разделението.

Divide et impera!

И все пак, не можем да спрем да се опитваме да говорим с хора, а особено трябва да вземем присърце и опитите (често синоним на провалите) да комуникираме и с по-затворените хора, които често имат толкова много да кажат.


 
Read more...

from Hyperscale Security

As a profession, cyber/information security has been telling itself that it is “risk-based”, but often fails to live up to that in practice. We see this from hyping threats because they're cool and make for a good conference talk, to having to make a market for a new Gartner product category.

We therefore often mistake the possible for the probable, and the PoC for a Production threat we have to invest to fix. Nowhere is this more extreme than in post quantum cryptography (PQC) and the false urgency of fixing it now, just in case.

Crypto Agility and PQC

Don't get me wrong. Crypto agility and PQC are good things. It is good to know which libraries in your code provide crypto functions so you can keep them up-to-date, whether for PQC or otherwise. That is not the debate. What I have trouble with is the urgency on a problem that everybody agrees to isn't real yet. There are no working quantum computers. Estimates are 5 (optimistic) to 10 (more realistic) to 20 (maybe) years out. Are we still doing risk-based infosec if we're spending time and effort on a problem that realistically won't occur for years?

Are we, when most organizations can't even keep on top of known vulnerabilities or running an effective CSPM program? Between your phishing defense, ransomware resilience and XDR adoption, where does this rate?

“Harvest Now, Decrypt Later” isn't Real

“Oh, but adversaries could capture TLS traffic, store it till a later date and decrypt when quantum computers are viable”.

Yes. Theoretically. But TLS + storage for 10 years is not free – especially when you consider the volume of TLS traffic that runs across the internet on a continuous basis. Google Search gives me daily internet traffic volumes running from 33 exabytes to 0.4 zettabytes which is quite the range, but enough to make it clear that is “stupid scale”. Therefore, simply due to volume, any HNDL would have to be targeted. Unless you're a foreign government or critical industry, that almost certainly already puts you outside of danger.

But BGP Hijacks...

BGP hijacks do happen, where adversaries route vast traffic volumes through infrastructure they control. This is almost certainly to capture metadata, not to HNDL. Even after filtering, what worth is a snapshot of a few hours or days after a decade? At the very least you'd want a continuous stream.

BGP hijacks would be incredibly wasteful to adversaries – storing data in the hope a fragment of a conversation might one day prove useful.

What About Targeted Organizations or Journalists?

If you're a targeted organization watch your XDR and network detection! If you're a journalist, use safe modes and reboot often as surveillance tools targeting you are already on the market.

You're WRONG, I have Clearance and Know it Happens

Very good. And maybe it is, but that still doesn't mean it's a threat. Those adversaries may believe it and waste their time. And you should still start your crypto agility program if not already done, for reasons nothing to do with PQC. Either way, I am happy to admit I am wrong, if that proves to be the case a decade from now. I'll wear the badge “PQC, The One I Got Wrong”.

But I'll take those chances. At least as long as the front doors remain wide open in most of our organizations.

 
Read more...

from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!


News For All

🤔 WhatsApp is officially getting ads privacy – WhatsApp introduces ads in its Updates tab, using limited user data for personalization. While it promises not to misuse personal information, privacy concerns remain. https://www.theverge.com/news/687519/whatsapp-launch-advertising-status-updates

🔓 Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach data breach – A data breach at VirtualMacOSX exposed sensitive information of 10,000 customers, including personal and financial details, posing significant security risks and potential account takeovers. https://hackread.com/hackers-leak-virtualmacosx-customers-data-breach/

🎮 Minecraft Players Targeted in Sophisticated Malware Campaign malware – A malware campaign disguises itself as Minecraft mods, stealing sensitive data from players. This threat particularly targets the younger player base, raising significant security concerns. https://blog.checkpoint.com/research/minecraft-players-targeted-in-sophisticated-malware-campaign/

😟 Meta Users Feel Less Safe Since It Weakened ‘Hateful Conduct’ Policy, Survey Finds security news – A survey reveals that users feel increasingly unsafe on Meta platforms following weakened policies against harmful content, with many reporting exposure to hate speech and online harassment. https://www.404media.co/meta-users-feel-less-safe-since-it-weakened-hateful-conduct-policy-survey-finds/

🔒 The WIRED Guide to Protecting Yourself From Government Surveillance privacy – With increased government surveillance, individuals are urged to enhance privacy protections through encrypted communications, secure devices, and careful data management to safeguard against potential threats. https://www.wired.com/story/the-wired-guide-to-protecting-yourself-from-government-surveillance/

🚫 SEC withdraws cyber rules for investment companies, advisers security news – The SEC has retracted proposed cybersecurity regulations for investment firms, citing industry concerns that public disclosures could compromise security and divert focus from actual threats. https://cyberscoop.com/sec-withdrawals-cyber-rules-for-investment-companies-advisers/

🚔 Police dismantle Archetyp dark web drug market, arrest administrator cybercrime – Authorities have shut down Archetyp Market, a major dark web drug marketplace, arresting its administrator and seizing assets worth €7.8 million, disrupting a significant drug trafficking network. https://therecord.media/archetyp-market-dark-web-takedown-europol

🚨 Car-sharing giant Zoomcar says hacker accessed personal data of 8.4 million users data breach – Zoomcar reported a data breach affecting 8.4 million users, with names and phone numbers compromised. The company is enhancing security measures but has not confirmed if customers were notified. https://techcrunch.com/2025/06/16/car-sharing-giant-zoomcar-says-hacker-accessed-personal-data-of-8-4-million-users/

👁️ Emails Reveal the Casual Surveillance Alliance Between ICE and Local Police security news – Emails expose informal collaborations between local Oregon police and federal agencies like ICE, sharing surveillance tools and tactics, raising concerns about privacy and the extent of law enforcement surveillance. https://www.404media.co/emails-reveal-the-casual-surveillance-alliance-between-ice-and-local-police/

💸 Malicious Loan App Removed from iOS and Google Play App Store Posed Severe Risks to Users malware – The 'RapiPlata' app, posing as a loan service, harvested sensitive data from users and threatened them with false debts. It was downloaded by over 150K victims before removal. https://blog.checkpoint.com/research/malicious-loan-app-removed-from-ios-and-google-play-app-store-posed-severe-risks-to-users/

💻 Freedman HealthCare targeted by cyber extortionists data breach – Freedman HealthCare faces threats from an extortion gang claiming to have stolen sensitive data, potentially affecting millions. However, the company asserts that no protected health information was compromised. https://www.theregister.com/2025/06/16/extortionists_claim_freedman_healthcare_hack/

🔍 Minnesota Shooting Suspect Allegedly Used Data Broker Sites to Find Targets’ Addresses security news – The suspect in a Minnesota shooting allegedly used data broker sites to find the addresses of lawmakers he targeted, raising concerns about privacy and the dangers of accessible personal information. https://www.wired.com/story/minnesota-lawmaker-shootings-people-search-data-brokers/

📧 State-sponsored hackers compromised the email accounts of several Washington Post journalists security news – State-sponsored hackers compromised the Microsoft email accounts of several Washington Post journalists, potentially exposing sensitive work emails related to national security and economic policy. https://securityaffairs.com/179065/security/state-sponsored-hackers-compromised-the-email-accounts-of-several-washington-post-journalists.html

📚 AI Scraping Bots Are Breaking Open Libraries, Archives, and Museums security news – AI scraping bots are increasingly targeting libraries, archives, and museums, raising concerns about privacy and the potential misuse of easily accessible personal information. https://www.404media.co/ai-scraping-bots-are-breaking-open-libraries-archives-and-museums/

🎣 Arctic Wolf Observes Social Engineering Campaign Targeting IT Staff of Healthcare Providers to Reset User Credentials security news – The Arctic Wolf Threat Report highlights a social engineering campaign aimed at IT staff in healthcare, seeking to reset user credentials, emphasizing ongoing cybersecurity challenges in the sector. https://arcticwolf.com/resources/blog/arctic-wolf-observes-social-engineering-campaign-targeting-it-staff-of-healthcare-providers-reset-user-credentials/

🩺 More than 5 million affected by data breach at healthcare tech firm Episource data breach – Episource reported a data breach affecting over 5.4 million individuals, with stolen information including Social Security numbers and medical records. The company is working with law enforcement and customers to address the incident. https://therecord.media/5-million-affected-episource-data-breach

💔 A ransomware attack pushed the German napkin firm Fasana into insolvency cybercrime – Fasana, a German napkin manufacturer, filed for insolvency after a ransomware attack paralyzed operations, causing significant financial losses and halting production for two weeks. https://securityaffairs.com/179160/security/ransomware-attack-napkin-firm-fasana-insolvency.html

🔍 Attack on Oxford City Council exposes 21 years of staff data data breach – A cyberattack on Oxford City Council compromised 21 years of staff data related to elections, affecting current and former employees. The council is investigating and has assured the public of limited data access. https://www.theregister.com/2025/06/20/oxford_city_council_breach/

🛡️ Aflac duped by social-engineering attack, marking another hit on insurance industry cybercrime – Aflac disclosed a cyberattack on June 12, linked to social engineering tactics, marking it as the third insurance company targeted in a recent wave of attacks. No ransomware was detected. https://cyberscoop.com/aflac-cyberattack-insurance-sector-scattered-spider/

📞 Netflix, Apple, BofA sites hijacked with fake help numbers cybercrime – Scammers are hijacking search results for major companies like Netflix and Apple, tricking victims into calling fake support numbers to steal personal and financial information through manipulated ads. https://www.theregister.com/2025/06/20/netflix_apple_bofa_websites_hijacked/


Some More, For the Curious

🐠 How Long Until the Phishing Starts? About Two Weeks security news – A new Google Workspace account received targeted phishing emails just two weeks after creation, highlighting the need for security training for new hires to combat such threats. https://isc.sans.edu/diary/rss/32052

🤖 Cato CTRL™ Threat Research: WormGPT Variants Powered by Grok and Mixtral security research – Cato CTRL reports on new WormGPT variants that exploit uncensored LLMs for malicious purposes, showcasing how threat actors adapt existing models like Grok and Mixtral for cybercrime. https://www.catonetworks.com/blog/cato-ctrl-wormgpt-variants-powered-by-grok-and-mixtral/

🔐 Path Traversal Vulnerability Discovered in ZendTo vulnerability – A path traversal vulnerability in ZendTo versions 6.15-7 allows attackers to access sensitive user information. Users are urged to upgrade to version 6.15-8 to mitigate risks. https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/

⚠️ Dangerous by default: Insecure GitHub Actions found in MITRE, Splunk, and other open source repositories vulnerability – Sysdig's research reveals critical security gaps in GitHub Actions across popular open source projects, exposing secrets through insecure workflows like pullrequesttarget. Recommendations for securing CI/CD processes are provided. https://sysdig.com/blog/insecure-github-actions-found-in-mitre-splunk-and-other-open-source-repositories/

🛠️ libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable Burden security news – The maintainer of libxml2 has stopped supporting embargoed vulnerability reports, citing unsustainable demands on unpaid volunteers. This change reflects frustrations with big tech's reliance on open source without adequate support. https://socket.dev/blog/libxml2-maintainer-ends-embargoed-vulnerability-reports

🔒 Critical Vulnerability in Veeam Backup & Replication vulnerability – Veeam has announced a critical vulnerability (CVE-2025-23121) in Backup & Replication, allowing remote code execution by authenticated domain users. Users are urged to update immediately to mitigate risks. https://cert.europa.eu/publications/security-advisories/2025-021/

📞 How to Design and Execute Effective Social Engineering Attacks by Phone hacking write-up – John Malone outlines strategies for executing social engineering attacks via phone, emphasizing confidence, reconnaissance, and crafting believable ruses to manipulate targets into revealing sensitive information. https://www.blackhillsinfosec.com/how-to-design-and-execute-effective-social-engineering-attacks-by-phone/

💼 Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay cybercrime – The Qilin ransomware group has introduced a 'Call Lawyer' feature for affiliates, providing legal support to enhance ransom negotiations and exert pressure on victims, reflecting a disturbing professionalization of cybercrime. https://www.tripwire.com/state-of-security/qilin-offers-call-lawyer-button-affiliates-attempting-extort-ransoms-victims

🚫 Iran's government says it shut down internet to protect against cyberattacks security news – Iran's government confirmed a national internet blackout was ordered to protect against Israeli cyberattacks, severely limiting communication and information access for citizens amid ongoing conflicts. https://techcrunch.com/2025/06/20/irans-government-says-it-shut-down-internet-to-protect-against-cyberattacks/

🔑 Why Kerberoasting Still Matters for Security Teams cyber defense – Kerberoasting remains a prevalent and effective technique for attackers to gain credentials in Windows environments. Mitigation strategies include using strong passwords and auditing service accounts to reduce vulnerabilities. https://www.varonis.com/blog/kerberoasting-still-matters

🕵️‍♂️ Unusually patient suspected Russian hackers pose as State Department in ‘sophisticated’ attacks on researchers cybercrime – Suspected Russian hackers employed a sophisticated approach to compromise researcher Keir Giles' accounts, using social engineering and app-specific passwords to bypass security measures, showcasing a new level of patience and planning in cyberattacks. https://cyberscoop.com/russian-hackers-state-department-sophisticated-attacks-researchers-citizen-lab/

🔒 Severe Vulnerabilities in Citrix Products vulnerability – Citrix has identified two high-severity vulnerabilities in NetScaler ADC and Gateway, urging users to update to secure versions immediately to prevent exploitation. https://cert.europa.eu/publications/security-advisories/2025-022/

🐧 Linux flaws chain allows Root access across major distributions vulnerability – Researchers found two local privilege escalation vulnerabilities (CVE-2025-6018 and CVE-2025-6019) that can be chained to allow unprivileged users to gain root access on major Linux distributions. Users are urged to apply security patches. https://securityaffairs.com/179174/security/linux-flaws-chain-allows-root-access-across-major-distributions.html

🌐 Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic security news – Cloudflare reported a record DDoS attack peaking at 7.3Tbps, flooding a target with 37.4TB of traffic in 45 seconds. The attack utilized UDP floods and reflection techniques, overwhelming the target's resources. https://arstechnica.com/security/2025/06/record-ddos-pummels-site-with-once-unimaginable-7-3tbps-of-junk-traffic/

🔑 Sitecore CMS flaw let attackers brute-force 'b' for backdoor vulnerability – A serious vulnerability in Sitecore CMS allows attackers to exploit hardcoded passwords and path traversal flaws, potentially leading to full system takeover for many high-profile companies. https://www.theregister.com/2025/06/17/sitecore_rce_vulnerabilities/


CISA Corner

⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has included two new vulnerabilities, targeting Apple and TP-Link, in its Known Exploited Vulnerabilities Catalog, highlighting active exploitation risks. https://www.cisa.gov/news-events/alerts/2025/06/16/cisa-adds-two-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds One Known Exploited Vulnerability to Catalog warning – CISA has added a new Linux Kernel vulnerability to its Known Exploited Vulnerabilities Catalog, urging all organizations to prioritize remediation. https://www.cisa.gov/news-events/alerts/2025/06/17/cisa-adds-one-known-exploited-vulnerability-catalog

⚙️ CISA Releases Five Industrial Control Systems Advisories vulnerability – CISA issued five advisories on June 17, 2025, addressing vulnerabilities in Industrial Control Systems by Siemens, LS Electric, Fuji and Dover, urging users to review them for security details and mitigation strategies. https://www.cisa.gov/news-events/alerts/2025/06/17/cisa-releases-five-industrial-control-systems-advisories


While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

 
Read more...

from Bruno's ramblings

One of the symptoms I hate the most in fibromyalgia is how it messes with my internal temperature perception. Whatever the season we're in, if I'm in pain, I'm sweating. If I do something that my body interprets as physical effort, I transform into a human sweat waterfall. Sometimes, things get even worse, and I feel so hot that I have trouble breathing.

Let me use today as an example. When I woke up, I brushed my teeth and then cleaned Chico's toilet. In a matter of seconds, my t-shirt was soaked in sweat, and my eyes were burning from the perspiration dripping from my forehead and into my eyes.

But it gets worse. Sometimes, I feel so hot that I have trouble breathing. And today was another example of that.

All of this because I woke up, got out of bed, brushed my teeth, and cleaned my cat's toilet. Just this.

There's an upside to this, though [I'm trying to look on the bright side of this, ok...]. Occasionally, before I start feeling the pain increasing, I start feeling crazy hot and sweating. This allows me to at least have a few moments to prepare myself for the upcoming pain increase. Those few moments can go from a few seconds to a few minutes, but never more than that, unfortunately.

Better than nothing, though 🤷.

Always look on the bright side of life

#ChronicPain #Fibromyalgia #Pain

 
Read more...

from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!


News For All

🎭 Over 20 Malicious Crypto Wallet Apps Found on Google Play, CRIL Warns security research – More than 20 malicious apps on Google Play impersonate popular crypto wallets, tricking users into revealing their mnemonic phrases and risking their digital assets. https://thecyberexpress.com/new-crypto-phishing-campaign/

💾 US air traffic control still runs on Windows 95 and floppy disks security news – The FAA plans to replace outdated air traffic control systems still using Windows 95 and floppy disks, citing critical infrastructure needs despite skepticism about timely modernization. https://arstechnica.com/information-technology/2025/06/faa-to-retire-floppy-disks-and-windows-95-amid-air-traffic-control-overhaul/

☎️ A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account vulnerability – A researcher exploited a vulnerability to uncover any Google account's linked phone number, raising privacy concerns for users at risk of SIM swapping. Google has since fixed the issue. https://www.wired.com/story/a-researcher-figured-out-how-to-reveal-any-phone-number-linked-to-a-google-account/

✈️ Airlines Don't Want You to Know They Sold Your Flight Data to DHS privacy – Major airlines sold U.S. travelers' flight data, including personal and financial details, to Customs and Border Protection, raising privacy concerns over surveillance and data transparency. https://www.404media.co/airlines-dont-want-you-to-know-they-sold-your-flight-data-to-dhs/

📹 40,000 cameras expose feeds to datacenters, health clinics privacy – Security researchers accessed 40,000 exposed cameras globally, including those in sensitive locations, raising privacy and espionage concerns as vulnerabilities could be exploited by both criminals and state actors. https://www.theregister.com/2025/06/10/40000_iot_cameras_exposed/

🛒 Ongoing cyberattack at US grocery distributor giant UNFI affecting customer orders cybercrime – UNFI is grappling with a cyberattack that disrupts operations and customer orders, leading to limited shipping and potential shortages in grocery stores. The company is working to restore systems. https://techcrunch.com/2025/06/10/ongoing-cyberattack-at-us-grocery-distributor-giant-unfi-affecting-customer-orders/

🛠️ Microsoft Patch Tuesday addresses 66 vulnerabilities, including an actively exploited zero-day vulnerability – Microsoft's latest security update fixed 66 vulnerabilities, including a zero-day exploited by the Stealth Falcon group for targeted attacks. Users are urged to patch systems due to widespread risks. https://cyberscoop.com/microsoft-patch-tuesday-june-2025/

🌐 DNS4EU: Die EU startet eigenen DNS-Resolver-Dienst mit optionalen Filtern privacy – Die EU hat DNS4EU eingeführt, einen eigenen DNS-Resolver-Dienst, der digitale Unabhängigkeit fördern soll. Nutzer können zwischen verschiedenen Filteroptionen wählen, während Datenschutz versprochen wird. https://www.kuketz-blog.de/dns4eu-die-eu-startet-eigenen-dns-resolver-dienst-mit-optionalen-filtern/

💼 Crooks posing as job hunters to malware-infect recruiters cybercrime – Cybercriminals from FIN6 are targeting recruiters by posing as job seekers and directing them to fake portfolio sites that deliver malware, enabling remote access and credential theft. https://www.theregister.com/2025/06/11/crooks_posing_job_hunters_target_recruiters/

🤖 AI Therapy Bots Are Conducting 'Illegal Behavior,' Digital Rights Organizations Say security news – Digital rights groups are urging the FTC to investigate Character.AI and Meta for unlicensed therapy bots misleading users about credentials and confidentiality, raising serious ethical concerns. https://www.404media.co/ai-therapy-bots-meta-character-ai-ftc-complaint/

⚠️ Angriffe mit manipulierten SVG warning – CERT.at warnt vor Phishing-Angriffen, die manipulierte SVG-Dateien als Anhänge nutzen, um JavaScript auszuführen und sensible Informationen zu stehlen. Sicherheitsmaßnahmen sind dringend erforderlich. https://www.cert.at/de/warnungen/2025/6/phishing-angriffe-mit-manipulierten-svg-dateien-vorsicht-geboten

🔒 Apple fixes new iPhone zero-day bug used in Paragon spyware hacks vulnerability – Apple has patched a zero-day vulnerability exploited by Paragon spyware to hack iPhones of two journalists, revealing the flaw was fixed in the February iOS update but not disclosed until now. https://techcrunch.com/2025/06/12/apple-fixes-new-iphone-zero-day-bug-used-in-paragon-spyware-hacks/

📢 How to Protest Safely in the Age of Surveillance privacy – With rising surveillance during protests, individuals should consider both physical and digital security. Key strategies include limiting phone use, using encrypted communication, and being cautious about online activity. https://www.wired.com/story/how-to-protest-safely-surveillance-digital-privacy/

🎣 “Anmeldung mit nicht erkanntem Gerät”: Phishing warning – Phishing attacks are using fake websites that mimic official ones, often with subtle changes in the URL, such as replacing a letter, to deceive victims into revealing sensitive information. https://www.watchlist-internet.at/news/phishing-attacke-paypal/

💻 Bert Ransomware: What You Need To Know cybercrime – Bert ransomware encrypts files and demands payment for decryption, also exfiltrating data. Victims are advised to contact hackers for recovery, emphasizing the need for strong cybersecurity measures. https://www.fortra.com/blog/bert-ransomware-what-you-need-know

👮 Dutch police identify users as young as 11-year-old on Cracked.io hacking forum security news – Dutch police identified 126 users from the dismantled Cracked.io hacking forum, including an 11-year-old, highlighting the involvement of young individuals in cybercrime. Authorities aim to educate and warn them about potential consequences. https://www.bitdefender.com/en-us/blog/hotforsecurity/dutch-police-cracked-io-hacking-forum

🎮 Exploiting Heroes of Might and Magic V vulnerability – The article discusses a vulnerability in Heroes of Might and Magic V related to how the game handles map files, allowing attackers to exploit the game's zip file processing to execute arbitrary code. https://www.synacktiv.com/publications/exploiting-heroes-of-might-and-magic-v.html


Some More, For the Curious

👾 Internet infamy drives The Com’s crime sprees cybercrime – The Com, a youth-driven cybercrime group, thrives on notoriety, engaging in serious crimes like sextortion and violence, fueled by economic pressures and a need for belonging. https://cyberscoop.com/the-com-subculture-infamy-crimes/

🔎 LinkedIn for OSINT: tips and tricks – Compass Security Blog hacking write-up – LinkedIn is a rich source for open-source intelligence, offering insights into individuals and companies. Caution is advised to maintain privacy while gathering useful data for assessments. https://blog.compass-security.com/2025/06/linkedin-for-osint-tips-and-tricks/

🏢 Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilott vulnerability – Aim Labs discovered a zero-click AI vulnerability called EchoLeak in Microsoft 365 Copilot, enabling attackers to exfiltrate sensitive data without user interaction, highlighting critical security risks in AI applications. https://www.aim.security/lp/aim-labs-echoleak-blogpost

⚠️ High Severity Vulnerabilities in Gitlab Products vulnerability – GitLab released security updates addressing multiple high-severity vulnerabilities, including account takeover and XSS issues. Users are urged to update affected installations promptly. https://cert.europa.eu/publications/security-advisories/2025-020/

🛡️ Cyber resilience begins before the crisis security news – Microsoft's Deputy CISO emphasizes the importance of proactive planning and communication for cyber resilience, highlighting misconceptions, actionable steps, and the role of AI in improving response to cyber incidents. https://www.microsoft.com/en-us/security/blog/2025/06/12/cyber-resilience-begins-before-the-crisis/

🔐 Mitigating prompt injection attacks with a layered defense strategy cyber defense – Google addresses the rising threat of indirect prompt injection attacks on AI systems by implementing a layered defense strategy, including content classifiers, user confirmation, and URL redaction to enhance security. https://security.googleblog.com/2025/06/mitigating-prompt-injection-attacks.html

🪂 Paraguay is Being Targeted by Cybercriminals – 7.4 Million Citizen Records for Sale data breach – A significant data breach in Paraguay has exposed 7.4 million citizen records for sale on the dark web, linked to cybercriminals who demand a ransom. The incident highlights increasing cybersecurity threats in the region. https://www.resecurity.com/blog/article/paraguay-is-being-targeted-by-cybercriminals-74-million-citizen-records-for-sale

🪩 NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073 security research – The article analyzes CVE-2025-33073, a vulnerability allowing NTLM reflection attacks, detailing its exploitation, patching process, and emphasizing the importance of SMB signing for enhanced security. https://www.synacktiv.com/en/publications/ntlm-reflection-is-dead-long-live-ntlm-reflection-an-in-depth-analysis-of-cve-2025.html

🔧 the Microsoft way (part 89): user group policies don't deserve tamper protection vulnerability – The article discusses vulnerabilities in user group policies on Windows, highlighting how unprivileged users can bypass restrictions by manipulating registry files. Recommendations for countermeasures are provided. https://seclists.org/fulldisclosure/2025/Jun/13

🎮 Hijacked Trust: How Malicious Actors Exploited Discord’s Invite System to Launch Global Multi-Stage Attacks cybercrime – Attackers hijacked expired Discord invite links to redirect users to malicious servers, using fake bots and phishing sites to steal credentials and deploy malware, primarily targeting cryptocurrency users. https://blog.checkpoint.com/research/hijacked-trust-how-malicious-actors-exploited-discords-invite-system-to-launch-global-multi-stage-attacks/

🏖️ Check Point Research Warns of Holiday-Themed Phishing Surge as Summer Travel Season Begins cybercrime – Phishing scams spike with over 39,000 new vacation-related domains; cybercriminals mimic trusted platforms to steal personal and payment information from travelers. https://blog.checkpoint.com/research/check-point-research-warns-of-holiday-themed-phishing-surge-as-summer-travel-season-begins/

🔌 The Growing Risk of Malicious Browser Extensions security research – Malicious browser extensions are increasingly hijacking user sessions and manipulating content, posing serious risks to privacy and security, with recent campaigns targeting sensitive data and financial information. https://socket.dev/blog/the-growing-risk-of-malicious-browser-extensions

🪞 Reflective Kerberos Relay Attack Against Domain vulnerability – The Reflective Kerberos Relay Attack allows low-privileged users to gain NT AUTHORITY\SYSTEM privileges on domain-joined Windows systems without SMB signing, posing a high security risk. A patch is available. https://www.redteam-pentesting.de/en/advisories/rt-sa-2025-002/


CISA Corner

💁 Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider security news- CISA warns that ransomware actors are exploiting unpatched vulnerabilities in SimpleHelp RMM to compromise utility billing software providers, urging immediate action for software updates and mitigations. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-163a

⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has added two vulnerabilities in Erlang/OTP SSH Server and Roundcube Webmail to their catalog. https://www.cisa.gov/news-events/alerts/2025/06/09/cisa-adds-two-known-exploited-vulnerabilities-catalog ⚠️ CISA Adds Two Known Exploited Vulnerabilities to Catalog warning – CISA has added two vulnerabilities in Wazuh and WebDAV to its KEV Catalog. https://www.cisa.gov/news-events/alerts/2025/06/10/cisa-adds-two-known-exploited-vulnerabilities-catalog

⚙️ CISA Releases Four Industrial Control Systems Advisories vulnerability – CISA issued four advisories addressing vulnerabilities in industrial control systems by SinoTrack, Hitachi, MicroDicom and Assured Telematics. https://www.cisa.gov/news-events/alerts/2025/06/10/cisa-releases-four-industrial-control-systems-advisories ⚙️ CISA Releases Ten Industrial Control Systems Advisories vulnerability – CISA has published ten advisories addressing vulnerabilities in various industrial control systems by Siemens, AVEVA and PTZOptics. https://www.cisa.gov/news-events/alerts/2025/06/12/cisa-releases-ten-industrial-control-systems-advisories


While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

 
Read more...

from rvyhvn

When I started university, I expected challenges, but not from my teammates. In my university, we had basic physics, chemistry, and calculus before continuing to more focused degree courses. I took a gap year after high school, so I worried I’d forgotten some of it. But I managed fine.

The surprise? My younger groupmates from industrial and environmental engineering — fresh out of high school — had forgotten even the basics. During physics and chemistry practicums, lab assistants would ask simple questions before we began (like formulas for free-fall motion). Out of six people in our group, only two of us could answer: me and one other. Worse, some didn’t even know how to zip files for task submission. But the problem wasn’t just my groupmates – some of the lab assistants were also clueless. I even debated with them because they were teaching students the wrong way to calculate error percentages during practicum. I reported them to the lecturer the next day. The lecturer accepted my complaint, but in class the following week he just told us to “understand the assistants” because they’re students too and can make mistakes. That wasn’t the point. I had already shown the assistants the correct method, but they were too arrogant – they insisted I was the one who couldn’t do math. I was furious. Imagine how many students had been taught the wrong thing by these people.

On social media, I see the same pattern: teens unable to answer basic questions like “What’s the capital of Central Java?” or “What’s 12 × 12?”. Sure, I was lazy in school too — people called me wasted potential — but I wasn’t this bad.

Bloom's taxonomy Young Indonesians are stuck at the lowest level of Bloom’s taxonomy:

  • ✅ Remembering facts
  • ❌ Understanding concepts
  • ❌ Applying knowledge
  • ❌ Analyzing ideas
  • ❌ Evaluating situations
  • ❌ Creating something new

Our schools drill memorization. That’s it. No focus on thinking, questioning, or solving problems.

From my perspective, the main causes are:

  • Social media + online game addiction –> meaningless consumption –> weaker memory, impulsivity, anxiety, less empathy [source]. The deeper problem? Parents, teachers and even the government aren't prepared to guide healthy digital habits. They're trapped in the same cycle.
  • No reading culture –> no curiosity, no new ideas [source]. But this also has a deeper problem. In my country, books are relatively expensive and are harder to reach for grass-roots. Making it hard to contain new information from analog writings.
  • Black-and-white thinking –> no room for nuance or creativity. Our education system and media oversimplify complex issues. Critical thought is never encouraged.
  • Cultural pressure to stay quiet –> Eastern values teach politeness and respect for authority, so students avoid asking questions or debating because they fear being seen as rude or attention-seeking. This value is so deeply rooted that breaking it risks social rejection, even when the intention is to learn.

See: Indonesian kids don’t know how stupid they are

#thoughts #society #education

 
Read more...

from rvyhvn

To me, a web framework should make web development easy. What I call “easy” is being able to work alone and/or with other people — especially if I have front-end teammates. Since AdonisJS uses TypeScript, both the back-end and front-end can easily understand each other’s code without learning a new language they’ve never seen before.

I’m also looking for a fast framework at runtime. AdonisJS uses Node.js as its runtime, making it fast and offering better performance than frameworks based on popular scripting languages like Python, Ruby, or PHP. The libraries provided by the AdonisJS team on Adonis packages can also fulfill my basic needs for building a web app — though they’re not as rich as what other frameworks like Laravel offer.

AdonisJS also has out-of-the-box support for InertiaJS, which I always use to make full-stack development easy and fun, without needing separate configs to get the front-end and back-end working together. Want a minimal version, like API-only? AdonisJS has templates for that too.

Community is also a key part of what I want in a framework. The community on Discord is quite helpful, even though it’s not huge. A small community is a plus for me, since I can contribute packages and learn more about web engineering — not just be a web developer. Deployment is easy too; it just needs Docker to ship, and there’s a minimal Docker setup in the docs.

I’ve tried several frameworks like Express.js, Django, and Laravel. What I don’t like about Express.js is that it’s so minimal — I have to do everything by hand, which makes development slow (bad DX). It also uses plain JavaScript without types, which can raise runtime errors. I love Django, especially its “batteries included” philosophy, but I don’t enjoy writing Python. If there were an official Python that used braces instead of indentation, I might go back to Django. But since it uses Python, it doesn’t fit my definition of “easy” from the first paragraph — especially when working with front-end teammates who use JavaScript/TypeScript.

Laravel is good — AdonisJS is inspired by Laravel — but the team behind AdonisJS wanted a TypeScript version of Laravel. Personally, I don’t enjoy coding in PHP; using dollar signs for variables is bad DX for me.

I’d like to see the community grow so more people can contribute, improve packages, and enhance the documentation.

#learned #webdev

 
Read more...