home3

Direct Links | Infosec News Feeds

The San Francisco Beat

SFInfoSec aggregates the latest news, podcasts and books covering Cyber Security, Hacking, Infosec, Online Privacy, Cryptography, Threat Research and Vulnerability Disclosures from all the leading sources.

Threatpost The First Stop For Security News

Student Loan Breach Exposes 2.5M Records
by Nate Nelson on August 31, 2022 at 12:57 pm
2.5 million people were affected, in a breach that could spell more trouble […]
Watering Hole Attacks Push ScanBox Keylogger
by Nate Nelson on August 30, 2022 at 4:00 pm
Researchers uncover a watering hole attack likely carried out by APT TA423, […]
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
by Nate Nelson on August 29, 2022 at 2:56 pm
Over 130 companies tangled in sprawling phishing campaign that spoofed a […]

Krebs on Security In-depth security news and investigation

U.S. Charges Russian Man as Boss of LockBit Ransomware Group
by BrianKrebs on May 7, 2024 at 5:36 pm
The United States joined the United Kingdom and Australia today in sanctioning […]
Why Your VPN May Not Be As Secure As It Claims
by BrianKrebs on May 6, 2024 at 2:24 pm
Virtual private networking (VPN) companies market their services as a way to […]
Man Who Mass-Extorted Psychotherapy Patients Gets Six Years
by BrianKrebs on April 30, 2024 at 1:34 pm
A 26-year-old Finnish man was sentenced to more than six years in prison today […]

darkreading Public RSS feed

CISOs Are Worried About Their Jobs…
by Dark Reading Staff on May 8, 2024 at 7:45 pm
The research shows a significant drop in the number of tech CISOs that got a […]
Critical Bug Could Open 50K+ Tinyproxy…
by Elizabeth Montalbano, Contributing Writer on May 8, 2024 at 4:31 pm
Patch now: CVE-2023-49606 in the open source, small-footprint proxy server can […]
Security Teams & SREs Want the Same…
by Lea Kissner on May 8, 2024 at 2:00 pm
Site reliability engineers (SREs) and security teams are more powerful when […]

Blog RSS Feed Fortra Blog

Hey, You. Get Off of My Cloud
by Katrina Thompson on May 8, 2024 at 7:44 am
The Rolling Stones wanted to protect their space; we, as security […]
ANSI and the International Society of Automation Explained
by Steven Sletten on May 8, 2024 at 7:44 am
As technologies advance and the world grows more complicated, collaboration and […]
Why Is Cyber Resilience Essential and Who’s Responsible for It?
by Zoë Rose on May 7, 2024 at 7:29 am
In the first installment of our series on cyber resilience, we discussed what […]

Security Latest Channel Description

Top FBI Official Urges Agents to Use Warrantless Wiretaps on US Soil
by Dell Cameron, William Turton on May 8, 2024 at 5:48 pm
An internal email from FBI deputy director Paul Abbate, obtained by WIRED, […]
A (Strange) Interview With the Russian-Military-Linked Hackers Targeting US…
by Andy Greenberg on May 8, 2024 at 10:00 am
Despite Cyber Army of Russia’s claims of swaying US “minds and hearts,” […]
The Alleged LockBit Ransomware Mastermind Has Been Identified
by Matt Burgess on May 7, 2024 at 2:19 pm
Law enforcement officials say they’ve identified, sanctioned, and indicted […]

Schneier on Security

New Attack on VPNs
by Bruce Schneier on May 7, 2024 at 3:32 pm
This attack has been feasible for over two decades: Researchers have devised an […]
New Lawsuit Attempting to Make Adversarial Interoperability Legal
by Bruce Schneier on May 6, 2024 at 11:03 am
Lots of complicated details here: too many for me to summarize well. It […]
Friday Squid Blogging: Squid Purses
by Bruce Schneier on May 3, 2024 at 9:05 pm
Squid-shaped purses for sale. As usual, you can also use this squid post to […]

Graham Cluley Cybersecurity expert & keynote speaker

Smashing Security podcast #370: The closed loop conundrum, default passwords,…
by Graham Cluley on May 1, 2024 at 11:01 pm
The UK Government takes aim at IoT devices shipping with weak or default […]
“Junk gun” ransomware: the cheap new threat to small businesses
by Graham Cluley on April 25, 2024 at 5:02 pm
A wave of cheap, crude, amateurish ransomware has been spotted on the dark web […]
Hacker posts fake news story about Ukrainians trying to kill Slovak President
by Graham Cluley on April 25, 2024 at 1:16 pm
Czech news agency ČTK announced on Tuesday that a hacker had managed to break […]

Cyber Defense Magazine InfoSec Knowledge is Power

Overcoming Common Data Security Challenges
by Stevin on May 8, 2024 at 1:16 pm
By Claude Mandy, Chief Evangelist at Symmetry Systems Organizations depend on […]
Detect and Destroy Cyber Threats with Red Piranha
by Stevin on May 7, 2024 at 4:35 pm
By Adam Bennett, CEO, Red Piranha Red Piranha is Australia’s leading […]
Revolutionizing Cybersecurity Recruitment and Networking: The Cyberr.ai Approach
by News team on May 7, 2024 at 1:04 pm
By Laurent Halimi, Founder, Cyberr In the wake of 4 million unfilled […]

Leaks – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News

Major UK Security Provider Leaks Trove of Guard and Suspect Data
by Deeba Ahmed on May 7, 2024 at 9:46 pm
By Deeba Ahmed Over 1.2 million records were exposed in a major data breach at […]
Hackers Leak COVID-19 Data of 820K Dominicans, Including Vaccination Info
by Deeba Ahmed on May 7, 2024 at 11:46 am
By Deeba Ahmed A massive data leak of 820,000 Dominicans’ personal information […]
Trove of UK Student Records Exposed in School Software Server Leak
by Waqas on March 28, 2024 at 1:19 pm
By Waqas Hundreds of thousands of UK student records exposed in software […]

BleepingComputer BleepingComputer – All Stories

Stack Overflow suspends user for editing posts in OpenAI protest
by Mayank Parmar on May 8, 2024 at 7:59 pm
OpenAI and Stack Overflow recently teamed up to improve AI models. OpenAI will […]
New BIG-IP Next Central Manager bugs allow device takeover
by Sergiu Gatlan on May 8, 2024 at 7:52 pm
F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, […]
FBI warns of gift card fraud ring targeting retail companies
by Sergiu Gatlan on May 8, 2024 at 5:25 pm
The FBI warned retail companies in the United States that a financially […]

TechCrunch Startup and Technology News

OpenAI offers a peek behind the curtain of its AI’s secret instructions
by Devin Coldewey on May 8, 2024 at 7:52 pm
Ever wonder why conversational AI like ChatGPT says “Sorry, I can’t do […]
US Patent and Trademark Office confirms another leak of filers’ address data
by Zack Whittaker on May 8, 2024 at 7:44 pm
The federal government agency responsible for granting patents and trademarks […]
Encrypted services Apple, Proton and Wire helped Spanish police identify…
by Lorenzo Franceschi-Bicchierai on May 8, 2024 at 7:38 pm
As part of an investigation into people involved in the pro-independence […]

The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]

A SaaS Security Challenge: Getting Permissions All in One Place
by [email protected] (The Hacker News) on May 8, 2024 at 2:18 pm
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 […]
New Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys…
by [email protected] (The Hacker News) on May 8, 2024 at 2:17 pm
Researchers have discovered two novel attack methods targeting high-performance […]
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
by [email protected] (The Hacker News) on May 8, 2024 at 10:58 am
A newer version of a malware loader called Hijack Loader has been […]

The DFIR Report Real Intrusions by Real Attackers, The Truth Behind the Intrusion

From IcedID to Dagon Locker Ransomware in 29 Days
by editor on April 29, 2024 at 1:21 am
Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was … Read More
From OneNote to RansomNote: An Ice Cold Intrusion
by editor on April 1, 2024 at 12:04 am
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic, Havoc, … Read More
Threat Brief: WordPress Plugin Exploit Leads to Godzilla Web Shell, Discovery & New CVE
by editor on March 4, 2024 at 1:22 am
Below is a recent Threat Brief that we shared with our customers. Each year, we produce over 25 detailed Threat Briefs, which follow a format similar to the below. Typically, … Read More

all InfoSec news allinfosecnews.com aggregates all of the top news, podcasts and more about Cyber Security, InfoSec, Cryptography, Online Privacy, Hacking, Vulnerability and Threat Research into one place.

Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
on May 9, 2024 at 1:36 am
What is the vulnerability?A use-after-free vulnerability tagged as […]
Apple security advisory (AV24-247)
on May 8, 2024 at 8:15 pm
Article Link: Apple security advisory (AV24-247) – Canadian Centre for Cyber […]
#RSAC: Three Strategies to Boost Open-Source Security
on May 8, 2024 at 8:15 pm
Experts at the RSA Conference discussed how governments, the open-source […]

The Daily Swig | Cybersecurity news and views Keeping you up to date with the latest cybersecurity news from around the world.

We’re going teetotal: It’s goodbye to The Daily Swig
on March 2, 2023 at 2:05 pm
PortSwigger today announces that The Daily Swig is closing down
Bug Bounty Radar // The latest bug bounty programs for March 2023
on February 28, 2023 at 7:15 pm
New web targets for the discerning hacker
Indian transport ministry flaws potentially allowed creation of counterfeit driving licenses
on February 28, 2023 at 2:15 pm
Armed with personal data fragments, a researcher could also access 185 million citizens’ PII
Password managers: A rough guide to enterprise secret platforms
on February 27, 2023 at 3:30 pm
The second part of our password manager series looks at business-grade tech to handle API tokens, login credentials, and more

Biz & IT – Ars Technica Serving the Technologist for more than a decade. IT news, reviews, and analysis.

Ransomware mastermind LockBitSupp reveled in his anonymity—now he’s been…
by Dan Goodin on May 7, 2024 at 7:34 pm
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev.
Microsoft launches AI chatbot for spies
by Benj Edwards on May 7, 2024 at 7:22 pm
Air-gapping GPT-4 model on secure network won’t prevent it from potentially […]
Novel attack against virtually all VPN apps neuters their entire purpose
by Dan Goodin on May 6, 2024 at 8:35 pm
TunnelVision vulnerability has existed since 2002 and may already be known to […]