Infosec Press


Read the latest posts from Infosec Press.

from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!


💰 Krypto-Betrüger: Sechs Österreicher festgenommen cybercrime – Six Austrians were arrested for running an online scam involving a supposed new cryptocurrency, defrauding investors of millions. Europol coordinated the operation, seizing over 500,000 euros in cryptocurrencies, 250,000 euros in fiat, and other assets. The suspects falsely claimed to open an online trading company with a new cryptocurrency, carrying out an Initial Coin Offering (ICO) without transparency, leading investors to realize they were deceived in February 2018.

Lockbit Corner 🛑 Law enforcement seized Lockbit group's website again cybercrime – Law enforcement seizes Lockbit group's website, threatens to reveal identities.

⛓️ U.S. Charges Russian Man as Boss of LockBit Ransomware Group – Krebs on Security cybercrime – U.S. charges Russian man as boss of LockBit ransomware group, part of elaborate criminal network.

🎙️ In interview, LockbitSupp says authorities outed the wrong guy cybercrime – LockBit leader denies being correctly identified.

🍧 LockBit gang claimed responsibility for the attack on City of Wichita cybercrime – The City of Wichita was hit by a LockBit ransomware attack, leading to network shutdown. The LockBit gang threatened to leak stolen data, prompting an investigation by third-party experts and law enforcement. Systems remain offline, with no definitive timeline for restoration.

News For All

🥠 Stealing cookies: Researchers describe how to bypass modern authentication security research – Researchers detail bypassing modern authentication via MITM attack.

🔐 Why Your VPN May Not Be As Secure As It Claims – Krebs on Security security research – Researchers reveal VPN vulnerability via rogue DHCP server attacks.

💸 Online Scams: Are These All Scams? Distinguishing the Legit from the Scam cybercrime – Sophisticated scammers create fake websites and emails, deceiving users.

🔑 Yubico bolsters authentication security with updated YubiKey 5 series devices security news – Yubico releases updated security keys with enhanced features.

🔗 April 2024’s Most Wanted Malware: Surge in Androxgh0st Attacks and the Decline of LockBit3 security research – significant increase in AndroXgh0st malware attacks during April 2024, alongside a noticeable decrease in LockBit3.0 attacks, highlighting the shifting landscape of cybersecurity threats.

🔍 New Case Study: The Malicious Comment security news – Malicious code hidden in 'Thank you' image compromised online shoppers.

⛔ Stolen children’s health records posted online in extortion bid data breach – Children's health records from NHS Dumfries and Galloway published by cybercriminals for extortion.

🧠 Back to the Hype: An Update on How Cybercriminals Are Using GenAI cybercrime – Cybercriminals continue to use generative AI, focusing on jailbreaking capabilities and emerging deepfake services for criminal activities.

✈️ Boeing confirms attempted $200 million ransomware extortion attempt cybercrime – Boeing faced a $200 million ransomware demand from LockBit, part of a larger cyberattack. Boeing did not pay the ransom and the incident impacted its parts and distribution business.

🚔 FBI Warns US Retailers That Cybercriminals Are Targeting Their Gift Card Systems warning – FBI warns US retailers of a cybercriminal group targeting staff with phishing attacks to create fraudulent gift cards, highlighting the financial losses and sophisticated tactics used.

❤️‍🩹 Major health care system hobbled by ‘cyber incident’ cybercrime – Ascension health care system suffers a cyber incident causing disruptions to clinical operations, affecting medical services, patient records access, and necessitating manual documentation. Incident follows recent high-profile attacks in the healthcare industry, highlighting the need for cybersecurity standards.

📢 Dell discloses data breach impacting millions of customers data breach – Dell revealed a data breach affecting millions of customers, exposing names, physical addresses, and hardware purchase data. Financial details and sensitive information were not compromised.

📱 Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials malware – Malicious Android apps impersonate popular services to trick users into installing them, then request extensive permissions to steal credentials and perform malicious activities, such as accessing contact lists, SMS messages, and launching phishing pages mimicking social media and financial services.

🪲 Google fixes fifth actively exploited Chrome zero vulnerability – Google patched the fifth zero-day vulnerability in Chrome this year, a use-after-free issue in the Visuals component, actively exploited in the wild, without disclosing details about the attacks.

😨 You've Been Breached: What Now? cyber defense – Breaches are inevitable in cybersecurity; after a breach, focus shifts to identifying the blast radius, providing temporary work credentials for affected employees, accountability at the executive level, and implementing incident response planning and a comprehensive cybersecurity strategy for recovery.

Some More, For the Curious

⚔️ MITRE attributes the recent attack to China security news – MITRE discloses security breach attributed to China-linked UNC5221.

🫢 RemcosRAT Distributed Using Steganography security research – RemcosRAT distributed using steganography technique, warns of malware infection risks.

🗣️ Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution vulnerability – Cisco Talos discloses three zero-day vulnerabilities, two allowing code execution.

🤌 Breaking down Microsoft’s pivot to placing cybersecurity as a top priority security news – Microsoft faced criticism over their security practices, prompting a new focus on cybersecurity as a top priority with six pillars. The announcement includes re-prioritizing efforts to enhance internal systems and respond to threats promptly. The new governance structure is designed to centralize security efforts and hold leadership accountable for progress. Despite past issues, this shift demonstrates a commitment to improving security practices and ensuring Microsoft products are a safe choice for users.

⚙️ 21115: An Oracle VirtualBox LPE Used to Win Pwn2Own vulnerability – The exploit involved a bug in the VGA device heap memory, which could be triggered by setting specific values. Through a series of steps, the exploit gained increased VRAM access, disabled critical sections, achieved buffer overread and overflow, and executed arbitrary code, ultimately demonstrating control over the host system.

🚗 GhostStripe attack haunts self-driving cars by making them ignore road signs security news – novel hack called “GhostStripe” that targets autonomous vehicles by manipulating road sign visibility to the vehicles' cameras, making the signs unrecognizable to the self-driving system and thus potentially leading to dangerous driving errors.

🥅 Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation cyber defense – Juniper Threat Labs is monitoring the Ivanti Pulse Secure authentication bypass and remote code execution vulnerabilities being exploited by Mirai botnet.

🐡 Unmasking Tycoon 2FA: A Stealthy Phishing Kit Used to Bypass Microsoft 365 and Google MFA security research – the Tycoon 2FA phishing kit, which exploits session cookies to bypass multifactor authentication for Microsoft 365 and Gmail, employing a business model via Telegram to sell phishing services and significantly impacting cybersecurity efforts.

CISA Corner 🪫 CISA Advisory – alpitronic Hypercharger EV Charger vulnerability – Vulnerability in alpitronic Hypercharger EV charger allows attackers to disable the device, bypass payment, and access payment data due to the use of default credentials. Mitigations include changing default passwords, limiting network exposure, and implementing secure access methods.

⚠️ #StopRansomware: Black Basta security news – The joint advisory from FBI, CISA, HHS, and MS-ISAC reveals details on Black Basta, a ransomware variant impacting critical infrastructure sectors, including Healthcare and Public Health, outlining TTPs and IOCs to assist organizations in protecting against Black Basta and other ransomware threats.

🤹 ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies


from Sirius

Prefácio de Albert Einstein sobre a introdução à Lucrécio.

Titus Lucretius Carus (c. 94 a.C. – c. 50 a.C.) era um poeta e filósofo epicurista romano que, em seu De rerum natura (Da Natureza das Coisas), descreveu o universo como a combinação do vazio e uma coleção de minúsculas partículas semelhantes a átomos em movimento perpétuo (seguindo os seus mestres Demócrito e Epicuro), com o diferencial de ter adicionado a elas um desvio imprevisível, chamado clinamen, que as leva a colidir e compor formas mais complexas.

Tal estrutura não permite a vida após a morte, apenas a disseminação do corpo e da alma de volta às partículas. O imperativo estabelecido por Lucrécio, seguindo os ensinamentos de Epicuro, era que o homem maximizasse o prazer e minimizasse a dor na única vida que lhe estava disponível. No universo de Lucrécio era impensável que os deuses, absortos nos seus próprios afazeres, tivessem algum interesse nos assuntos humanos. O homem era livre para seguir seu próprio caminho.

Einstein, em suas correspondências, realiza uma introdução ao pensamento de Lucrécio, a qual segue abaixo com as devidas vênias por eventual má tradução do idioma alemão:

Introdução a Lucrécio


Para qualquer pessoa que não esteja totalmente imersa no espírito de nosso tempo, mas ocasionalmente se sinta como um espectador em relação ao seu mundo e especialmente à mentalidade intelectual dos contemporâneos, a obra de Lucrécio exercerá seu encanto. Aqui se vê como um homem dotado de interesse científico e especulativo, com sensibilidade e pensamento vivos, concebe o mundo, alguém independente que também não tem ideia dos resultados da ciência natural atual que nos são ensinados na infância, antes de podermos conscientemente ou criticamente enfrentá-los.

Deve causar uma profunda impressão a firme confiança que Lucrécio, como fiel discípulo de Demócrito e Epicuro, deposita na compreensibilidade, respectivamente, na conexão causal de todos os acontecimentos mundiais. Ele está firmemente convencido, a ponto de acreditar que pode até mesmo provar, que tudo se baseia no movimento regular de átomos imutáveis, aos quais ele não atribui outras qualidades além das geométrico-mecânicas. Diz-se que as qualidades sensoriais do calor, do frio, da cor, do cheiro e do sabor remontam aos movimentos dos átomos, assim como todos os fenômenos da vida. Ele pensa que a alma e o espírito são formados a partir de átomos particularmente leves, atribuindo (inconsistentemente) qualidades particulares da matéria a caracteres experienciais específicos.

Ele tem como objetivo principal do seu trabalho a libertação das pessoas do medo servil causado pela religião e pela superstição, que é nutrido e explorado pelos sacerdotes para seus próprios fins. Certamente ele se preocupa com isso. Mas ele parece ter sido motivado principalmente pela necessidade de convencer os seus leitores da necessidade da visão de mundo atomista-mecânica, mesmo que não ousasse dizê-lo abertamente aos seus leitores romanos, que eram provavelmente mais práticos. Sua admiração por Epicuro, pela cultura e pela língua grega em geral, que ele coloca bem acima do latim, é comovente. Os romanos devem ser elogiados por permitirem que isso fosse dito. Onde está a nação moderna que nutre e expressa tal nobre sentimento em relação a uma contemporânea? Os versos de Diels são tão naturais que se esquece que se está diante de uma tradução.

Berlim, junho de 1924.

Albert Einstein

Eventualmente editarei esse texto para acrescentar alguns trechos do Da Natureza das Coisas.

Leia mais...

from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!

News For All

🤖 CISA unveils guidelines for AI and critical infrastructure security news

🔍 Watchdog reveals lingering Google Privacy Sandbox worries privacy

⚠️ Bewertungen entfernen lassen? Vorsicht vor warning

🔒 UK becomes first country to ban default bad passwords on IoT devices security news

🔓 FBCS data breach impacted 2M individuals data breach

😶‍ Russia Clones Wikipedia, Censors It, Bans Original security news – Russia clones Wikipedia to censor and ban original content.

🐄 The UK beefs up smart home security by going after bad default passwords security news

📍 FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data – Krebs on Security privacy

🔐 Apple's 'incredibly private' Safari not so private in Europe privacy – Apple's Safari browser in Europe exposed to privacy flaws due to third-party app store feature, leaking user activity and identifiers to approved marketplaces. Implementation lacks security measures, raising concerns about tracking.

🚗 Carmakers lying about requiring warrants before sharing location data, Senate probe finds privacy – Senate probe finds automakers deceive customers by sharing driver location data without warrants, contradicting pledges, and misleading for years. Requested FTC investigation. Automakers store location data for years. Alliance for Automotive Innovation statement conflicts with findings.

💸 UnitedHealth CEO confirms company paid $22 million ransom in heated Senate hearing security news – UnitedHealth Group paid ransom to BlackCat/AlphV gang post-ransomware attack. CEO admits multifactor authentication lapse. Senators criticize data restoration issues and impact on medical organizations.

🌐 We can have a different web Blogpost – Reflections on the evolution of the web from an open space to commercialized walled gardens. Call for reclaiming the web's original spirit of innovation, authenticity, connection, and less surveillance.

🗝️ Microsoft launches passkey support for all consumer accounts security news – allowing face, fingerprint, PIN, or security key authentication across devices to streamline signing in without traditional passwords.

🛡️ Organizations patch CISA KEV list bugs 3.5 times faster than others, researchers find security news

🕵️ Indonesia sneakily buys spyware, says Amnesty International security news – Amnesty International reveals Indonesia's purchase of spyware from various suppliers through intermediary companies, citing the lack of transparency and regulation in dual-use technology exports.

👔 Microsoft ties executive pay to security following multiple failures and breaches security news – Microsoft faces severe criticism for security failures and breaches, including breaches by China and Russia-based hacking groups; response under scrutiny by lawmakers and regulators. Introduces 'Secure Future Initiative' and ties executive pay to security milestones, emphasizing robust security practices.

💑 Dating apps kiss'n'tell all sorts of sensitive user info privacy – Most dating apps collect excessive user data, poor privacy practices revealed by Mozilla research. Grindr singled out for historically weak data protection. Concerns raised over user data sharing, AI integration, and privacy violations.

Some More, For the Curious

🛡️ Brokewell: do not go broke from new banking malware! malware – Brokewell, a dangerous mobile banking malware with device takeover capabilities.

🔒 How we fought bad apps and bad actors in 2023 security news – Google Play's security measures in 2023.

🔓 Multiple Brocade SANnav SAN Management SW flaws allow device compromise vulnerability

🦠 Nearly 20% of Docker Hub Repositories Spread Malware & Phishing Scams security research – JFrog's security research team discovered nearly 20% of Docker Hub repositories hosting malicious content, ranging from spam to harmful entities like malware and phishing sites, driven by fake imageless repositories. Identified massive malicious campaigns targeting Docker Hub, leading to removal of 3.2 million suspicious repositories.

💻 AWS S3 storage bucket with unlucky name nearly cost developer $1,300 security news – Developer's AWS S3 bucket with common name faces massive unauthorized requests due to an open-source tool, accumulating over $1,300 bill in one day.

⚔️ Uncharmed: Untangling Iran's APT42 Operations security research – APT42 operations by Iranian state-sponsored threat actor with focus on enhanced social engineering, credential harvesting, cloud operations, and custom backdoors NICECURL and TAMECAT. Mandiant links APT42 to IRGC-IO and outlines their methods of stealing Microsoft, Yahoo, Google credentials.

🍯 Examining the Deception infrastructure in place behind security research – Microsoft repurposes the dangling subdomain into a honeypot to gather threat intelligence, simulating attacker interactions for research and protection.

🛡️ “Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps security research – Microsoft identifies a path traversal vulnerability pattern in popular Android apps, facilitating arbitrary code execution and token theft, with potential disastrous consequences.

🗽 State of Exploitation – A Peek into the Last Decade of Vulnerability Exploitation security research – Explores vulnerability trends from 2014 to 2023. Increase in known exploitation and POC exploits.

CISA Corner Microsoft SmartScreen Prompt GitLab Community and Enterprise Editions CERT/CC Reports R Programming Language Vulnerability

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.


from Kevin Neely's Security Notes

The annual Verizon Data Breach Investigation Report is out, and along with it an accounting of the #cybersecurity compromise and data breach happenings for the past year. As always, it's filled with data analysis and some trending commentary from the previous DBIR report.

The following is a TL;DR summary generated using fabric by Daniel Miessler with some very minor editing.


This year, the 2024 DBIR reveals a significant rise in vulnerability exploitation and ransomware attacks, emphasizing the urgent need for enhanced cybersecurity measures.

  • Vulnerability exploitation tripled from last year, driven by zero-day vulnerabilities.
  • Ransomware and extortion-related breaches accounted for 32% of all breaches.
  • Human error remains a significant factor, involved in 68% of breaches.
  • Third-party breaches increased by 68%, highlighting supply chain vulnerabilities.
  • Financially motivated attacks dominate, with ransomware and extortion leading the charge.
  • The median loss from #ransomware and extortion attacks was $46,000.
  • Phishing remains a critical initial attack vector, with a notable increase in reporting rates.
  • The use of stolen credentials and exploitation of vulnerabilities are top methods for system intrusion.
  • The #MOVEit vulnerability significantly impacted the threat landscape, affecting numerous industries, continuing the trend of “secure file transfer” systems being a significant risk to both company and customer data.
  • MOVEit and remote access (e.g. VPN) compromises are the focus of successful system-compromise attacks.


  • 180% increase in attacks involving vulnerability exploitation.
  • Ransomware accounts for 23% of breaches, with pure extortion at 9%.
  • Human element involved in 68% of breaches.
  • 15% of breaches involved third-party vulnerabilities.
  • Errors contributed to 28% of breaches.
  • Financial motives behind 92% of industries targeted by ransomware.
  • Median loss from ransomware/extortion attacks is $46,000.
  • 20% of users reported phishing attempts in simulations.
  • Median time to click on a phishing email is 21 seconds.
  • Exploitation of vulnerabilities as the initial breach action doubled from last year.


  • “Ransomware and extortion-related threats continue to evolve, posing significant risks across industries.”
  • “The human element remains a critical vulnerability in cybersecurity defenses.”
  • “Supply chain vulnerabilities are increasingly being exploited by attackers.”
  • “Misdelivery errors highlight the ongoing challenge of human error in data breaches.”
  • “Financially motivated attacks dominate the cyber threat landscape.”
  • “The MOVEit vulnerability has had a profound impact on the cybersecurity threat landscape.”
  • “Increased reporting rates for phishing attempts indicate growing awareness among users.”
  • “The rapid response to phishing emails underscores the need for continuous user education.”
  • “Stolen credentials and vulnerability exploitation remain preferred methods for attackers.”
  • “The rise in third-party breaches underscores the importance of vendor security assessments.”


  • Implement multi-factor authentication to mitigate the risk of stolen credentials.
  • Regularly update and patch systems to protect against vulnerability exploitation.
  • Conduct continuous phishing awareness training for all employees.
  • Perform thorough security assessments of third-party vendors and suppliers.
  • Deploy endpoint detection and response solutions to identify and mitigate ransomware attacks.
  • Encourage the reporting of phishing attempts and provide clear reporting procedures.
  • Utilize web application firewalls to protect against basic web application attacks.
  • Establish robust data backup and recovery processes to minimize the impact of ransomware.
  • Monitor for unusual activity indicating the misuse of privileges by internal actors.

from Bruno Miguel

Fastfetch custom configuration

Neofetch is no more. The git repository for the venerable tool to show off the users' window manager configurations on /r/unixporn was archived and will no longer be maintained. Granted, it hadn't received a commit for around 3 years, so this is not unexpected. Thankfully, many tools of this kind abound in the FOSS world. One is Fastfetch, which is very similar to Neofetch but supposedly faster. Moments ago, I installed Fastfech and wasted a little bit of time configuring it. Why? Because.

The main difference between the two, from a user point of view, is that JSONC is used for Fastfetch's configuration. You can see all the options for the built-in modules on the schema present at the tool's repository or the documentation. You can also use my configuration below as a starting point.

    "$schema": "",
    "logo": {
        "type": "file",
        "source": "$HOME/.config/fastfetch/logo.txt"
    "display": {
        "separator": "  -> "
    "modules": [
            "type": "custom",
            "format": "┌────────────────────────────────────────────────────────────┐"
            "type": "os",
            "key": "│  OS"
                "type": "kernel",
                "key": "│  Kernel"
            "type": "packages",
            "key": "│  Packages",
            "type": "wm",
            "key": "│  WM",
            "type": "terminal",
            "key": "│  Terminal",
            "type": "shell",
            "key": "│  Shell"
            "type": "display",
            "key": "│  Display"
            "type": "cpu",
            "key": "│  CPU",
            "type": "gpu",
            "key": "│  GPU",
            "type": "memory",
            "key": "│  Memory",
            "type": "swap",
            "key": "│  Swap"
            "type": "custom",
            "format": "└────────────────────────────────────────────────────────────┘"
            "type": "colors"

If you want something different, there are several options, such as Nitch, Pfetch, Catnip, and Meowfetch. I'm the maintainer for the meowfetch-git package on Arch Linux's AUR, and I recommend it if you want to see a kitty every time you display your system info on the terminal.

via It's FOSS

#Neofetch #Fastfetch #UnixPorn #Linux #FOSS


from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know.

A little late this week and a little shorter, but with some work put into the summary-thingy. Enjoy.

News For All

🔐 Firstyear's blog – Passkeys – A shattered dream privacy – Author expresses frustration with the direction of Passkeys and issues with Webauthn standards, emphasizing the importance of password managers.

🚗 How G.M. Tricked Millions of Drivers Into Being Spied On (Including Me) privacy – G.M. collected driving data from OnStar users, shared with insurers.

⚠️ A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites vulnerability – Forminator plugin allows unrestricted file uploads, other vulnerabilities.

🔒 Europol asks tech firms, governments to get rid of E2EE privacy – Europol calls for end to E2EE to combat crimes, sparking debate on privacy versus law enforcement access.

🛡️ Hackers infect users of antivirus service that delivered updates over HTTP cybercrime – Hackers exploit eScan antivirus service for five years via MitM attack to deliver malware to end users.

⚕️ Nurses Protest 'Deeply Troubling' Use of AI in Hospitals security news – Nurses protest AI implementation in healthcare for potential negative impact on patient care and job roles.

🔒 Ring to pay $5.6M to settle claims of poor privacy practices privacy – The FTC fines Ring for poor privacy practices, leading to unauthorized access to customer cameras by cybercriminals and rogue employees.

📱 Flaws in Chinese keyboard apps expose smartphones to snoops privacy – Chinese keyboard apps, including major manufacturers' offerings, leak keystrokes due to weak encryption potentially exposing over 780 million smartphone users to surveillance.

🍷 Sweden’s liquor supply severely impacted by ransomware attack cybercrime – A ransomware attack on Swedish logistics company Skanlog severely impacts Sweden's liquor supply.

🔒 Discord Shuts Down ‘Spy Pet’ Bots That Scraped, Sold User Messages privacy

⚠️ Experts warn of malware campaign targeting WP vulnerability – A critical SQL injection vulnerability in the WordPress Automatic plugin allows attackers to inject backdoors and compromise websites. Admins are urged to update immediately.

🔒 Okta warns of unprecedented scale in credential stuffing attacks on online services

🔒 How to Remove Personal Information From Data Broker Sites privacy – Data brokers, like Acxiom and Epsilon, collect personal information for marketing purposes. Advises visiting each broker's site, create an account, locate your information, and request removal to safeguard privacy. Opting out may vary require annual repetition.

🔒 (The) Postman Carries Lots of Secrets ◆ Truffle Security Co. security news – Postman, known for hosting a vast collection of public APIs, has become a major source of leaked secrets with over 4,000 live credentials exposed.

Some More, For the Curious

🐍 Double Agents and User Agents: Navigating the Realm of Malicious Python Packages malware – Malicious Python packages act as double agents, tricking users to build grabbers that collect data for nefarious purposes.

⚔️ M-Trends 2024: Our View from the Frontlines security research – Mandiant Consulting's M-Trends report highlights increased attacker evasion tactics and improved defender detection, emphasizing the need for ongoing vigilance in cybersecurity.

🔍 Distribution of Infostealer Made With Electron malware – Infostealer malware strain created with Electron framework; evades detection with NSIS installer format.

🪝 Unplugging PlugX: Sinkholing the PlugX USB worm botnet security research – Sophos and Sekoia sinkhole PlugX worm botnet to control its activities and explore remote system disinfection methods.

📵 A Briefing on SIM Hijacking cybercrime – SIM hijacking: stealing phone numbers for cryptocurrency theft and account takeovers.

🦮 Microsoft Security – Guidance for Incident Responders cyber defense

🔐 The private sector probably isn’t coming to save the NVD security news – Major backlogs in U.S. National Vulnerability Database prompt potential solutions from government and private sector

🧠 Microsoft Deleted Its LLM Because It Didn’t Get a Safety Test, But Now It’s Everywhere security news – Microsoft releases powerful language model, WizardLM 2, without safety testing, leading to unintended spread on the internet.

CISA Corner Cicso ASA & CrushFTP added to KEV Microsoft Print Spooler PEV added to KEV

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.


from Bruno Miguel

Grand Utopia map overview Image from the Grand Utopia website. All rights reserved to the project

I uninstalled Euro Truck Simulator 2 (ETS2) a few weeks ago. I needed the space to install another game and try it out. That game was cool but not as good as ETS2, so I replaced it with the truck driving simulator. However, after watching a streamer use it, I added the Grand Utopia mod.

Grand Utopia is a map mod of a fictional island, partially inspired by the game's French map. The best thing about it is it uses a 1:1 scale, unlike the official game maps, which means a trip takes around the same time as it would in real life for its distance. The scenery is also well made but uses more graphic elements, so expect it to utilize more resources.

I've been playing with this mod for over a week and enjoy it very much. The new places to unlock, the beautiful sceneries, and the 1:1 scale add to a pleasant gaming experience. I cannot recommend it enough.

If you want to try Grand Utopia, there's one thing you need to do: create a new profile. It won't work with your current profiles and will even crash the game if you try to force it on an existing one.

#Linux #LinuxGaming #ETS2 #EuroTruckSimulator2 #Gaming


from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know.

Highlight 🚨 Erneut Phishing-Mails im Namen der ÖGK im Umlauf!

News For All

🐢 PuTTY vulnerability vuln-p521-bias vulnerability

🦦 Fake cheat lures gamers into spreading infostealer malware security news

🤖 Liberals accuse Conservatives of using AI for amendments to jobs bill as votes loom security news – using AI for unconstructive bill amendments

💻 UPDATED: Ready or Not Developer Has 4TB Of Data Stolen Including Full Source Code data breach

🌐 UNDP Investigates Cyber-Security Incident data breach – HR and procurement data stolen

🔑 Advanced Phishing Kit Adds LastPass Branding for Use in Phishing Campaigns warning – phishing campaign with Voice Phishing (Vishing)

🔐 Delinea releases Secret Server patches for critical vuln vulnerability – critical

🔒 Roku switches on 2FA for all following latest security snafu *security news – after two incidents led to unauthorized access *

🛂 MGM sues to block FTC investigation of its data security security news – questioning the constitutionality of the agency's requests.

🕵️ A Spy Site Is Scraping Discord and Selling Users’ Messages privacy – Spy Pet, an online service, selling access to users' messages, voice channel activity, and more for $5.

🧢 House passes bill to limit personal data purchases by law enforcement, intelligence agencies mycat: security news privacy – “Fourth Amendment Is Not For Sale Act” to limit government purchases of personal data without a court order.

🤌 EU tells Meta it can't paywall privacy privacy – Meta maintains its subscription model complies with EU laws, while privacy groups argue against 'fake choice' practices, citing GDPR violations.

🏫 Kaspersky Study: Devices Infected With Data-Stealing Malware Increased by 7 Times Since 2020 security research

👥 Microsoft’s VASA-1 can deepfake a person with one photo and one audio track security news

Some More, For the Curious

🛡️ “Totally Unexpected” Package Malware Using Modified Notepad++ Plugin malware

⚔️ Leaked LockBit builder in a real-life incident response case security research – Analysis of LockBit builder in ransomware incident response

👁️ Entra IDs “Banned Password Lists”: password spraying optimizations and defenses security research

⚙️ Creating Payloads with ScareCrow to Mimic Reputable Sources and Bypass Anti-Virus hacking write-up

🍵 Shostack + Friends Blog > CSRB Report on Microsoft security news – An in-depth analysis of the CSRB report on Microsoft's intrusion.

⚖️ Warrantless spying powers extended to 2026 with Biden’s signature security news

🚄 Russia is trying to sabotage European railways, Czech minister said security news

⏳ What’s the deal with the massive backlog of vulnerabilities at the NVD? security news – unanalyzed vulnerabilities, impacting patch management efforts and leading to delays in severity score assignments.

🪱 Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm security research

🥀 Critical CrushFTP zero-day exploited in attacks in the wild vulnerability

CISA Corner Oracle Releases Critical Patch Update Advisory for April 2024 Cisco Releases Security Advisories for Cisco Integrated Management Controller

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.


from Bruno Miguel

I have fibromyalgia, a hell that began almost four years ago. During the first two years, more or less, I read a lot of studies. Still, none got me genuinely excited. That is until a team in Sweden decided to see if the syndrome has an autoimmune origin. The first part of their investigation points to that, and there was subsequent Research from another team that also showed solid evidence of this hypothesis being correct. The second part of the Swede's is still pending.

As far as I know, that's it for Research. A team or even two might be doing work around fibromyalgia, but publishing it will probably take a while. Even after that, assuming the identification of the syndrome's origin and the development of an effective treatment, it will take even more time to adjust the current shitty therapies available that fail miserably at keeping the pain at bay or at least at non-hellish levels.

Every day, the hope of getting access to an effective treatment for fibromyalgia during my lifetime fades away, little by little.

#Health #Fibromyalgia #ChronicPain #Research


from 📰wrzlbrmpft's cyberlights💥

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!


🚫 Help us to take down the parasite website security news – Malicious site impersonates Notepad++ for profit, containing deceptive ads.

⚠️ Vorsicht vor kostenlosen Diensten zur Anpassung und Veränderung von Dateien warning – Vorsicht vor kostenlosen Dateikonvertierungsdiensten, die in Abofallen locken.

📑 Messenger-Matrix: Großes Update, zwei neue Messenger (Line, Viber) und neue Kategorien privacy

News For All

🦇 BatBadBut flaw allowed an attacker to perform command injection on Windows vulnerability – RyotaK discovered the 'BatBadBut' vulnerability affecting multiple programming languages, permitting command injection in Windows.

🤖 Chinese hackers are using AI to inflame social tensions in US, Microsoft says cybercrime – China uses AI to spread disinformation, specifically targeting elections.

📞 How to Protect Yourself (and Your Loved Ones) From AI Scam Calls security news – avoid falling for AI scam calls impersonating loved ones.

❤️‍🩹 U.S. Department of Health warns of attacks against IT help desks security news – Sophisticated attacks target healthcare IT help desks using social engineering.

💰 Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits security news

🔍 It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise security research – Increasing trends in malware-initiated scanning attacks against networks.

🏥 Hospital websites share visitors' data with Google, Meta privacy – Research reveals that 96% of non-federal acute care hospitals' websites transmit user data to third parties without privacy policies, posing risks to visitors and hospitals. Tracking technologies expose data to tech giants like Google, Meta, Adobe, and data brokers.

🍏 Apple swaps 'state-sponsored' lingo for 'mercenary spyware' security news – Apple shifts attributing attacks to broadly categorizing them, highlighting the difficulty in identifying perpetrators of sophisticated digital threats.

💸 Change Healthcare faces another ransomware threat—and it looks credible cybercrime – Change Healthcare faces a complex ransomware situation, with ransomware groups AlphV and RansomHub involved.

⚠️ Crooks manipulate GitHub's search results to distribute malware malware – techniques like automatic updates and fake stars to boost visibility.

Some More, For the Curious

🦫 Why CISA is Warning CISOs About a Breach at Sisense security news

🫦 Vulnerabilities Identified in LG WebOS vulnerability – Bitdefender discovers vulnerabilities in LG WebOS exposing devices to remote attacks.

⚔️ Confidential VMs Hacked via New Ahoi Attacks security research – New Ahoi attacks target confidential VMs using malicious interrupts.

🛡️ Microsoft fixes two Windows zero-days exploited in malware attacks vulnerability – Microsoft patches actively exploited zero-days in April 2024 Patch Tuesday.

🔍 Zero Day Initiative — The April 2024 Security Updates Review security news – Zero Day Initiative review of April 2024 security updates by Adobe and Microsoft.

💳 VISA PUBLIC Biannual Threats Report – A Payment Ecosystem Report by Visa Payment Fraud Disruption security news – Visa report highlights evolving, advanced fraud tactics and ransomware threats.

🔑 Microsoft left internal passwords exposed in latest security blunder security news – Microsoft exposed internal passwords on open server to the internet.

🛡️ Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker security research – Attackers embed credit card skimmer in fake Facebook Pixel script to steal sensitive information from checkout pages.

🛡️ CISA emergency directive tells agencies to fix credentials after Microsoft breach security news – CISA issues emergency directive for federal agencies to reset passwords by April 30 and identify affected email correspondence due to security risks.

🔪 Awkward Adolescence: Increased Risks Among Immature Ransomware Operators security research – Contrasting mature ransomware groups with less sophisticated, riskier ones.

CISA Corner KEV – Palo Alto – CVSS 10 KEV – D-Link NAS Siemens Citrix Xen Juniper Microsofts BULK! Adobe – more or less ALL Fortinet

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.


from Kevin Neely's Security Notes

I always loved Lesley Carhart's blog post on packing for hacker conferences and referred to it many times while prepping for #DEFCON , #BSides, other cons, and even general travel. As time has gone by, I've developed a three-tier system that kind of builds on itself for longer and more involved travel. The general ideaidea is that

Tier 1 Go Bag – The Weekender

The most basic level of the tech travel stack I've created is what I call “The Weekender”. it's meant for being out and about all day long or for short weekend getaways. As such, the requirements are basically: 1. Take up little room, being able to fit in any backpack or even a sling bag. 2. be able to charge the devices I'm likely to carry, from ear buds to a laptop. 3. Plan for extended periods away from a power source.

image image 1: Tier 1 go bag – The Weekender with a backup battery, USB-C to USB-C cable, USB-A to micro-USB cable, and USB-C adapter. Small, ready to go, and easy to drop into any bag.

Bag Contents

In order to address these simple requirements, I realized I needed to be able to provide power to USB-C and micro-USB devices, for a laptop, I need a bit more oomph, so the adapter can deliver enough power to charge a laptop battery. Limited by the space requirements, I went with a 33W charger that can absolutely charge a laptop, but it will not keep up with power consumption under load. This means that if I'm going to be working all day on the laptop, I'm going to need to move up to the next tier.

Power sources & adapters

  • 1x multi-adapter (USB-A for devices, USB-C for laptops) like the Anker 323 at 33W it won’t fully power a laptop, however, it will greatly extend the battery life and will change the laptop when it’s off or in standby
  • 1 5000mAh battery pack with dual USB-C ports – thin and light is key here



Note that all cables can transfer data. For versatility, I don’t mess with power-only cables. – 1x USB-A to microUSB cable – 3ft. – 1x 5ft. USB-C to USB-C cable – This is the minimum length you want to ensure your phone can reach the bed when charging


Converters extend the utility and versatility of the other equipment – USB micro female to USB-C male. This gives me a third USB-C cable

image Image 2: Zipped Weekender Go-bag and its contents in detail


from critic

Che poi con la doccia alla sera si risparmia tempo la mattina... certo se poi quel tempo lo usi per pulire le cacche dei gatti allora torniamo al punto di partenza.


from critic

Non funziona con la app di Writefreely. Sono un po’ deluso. Nonostante ciò proverò ad usarlo via browser.