The San Francisco Beat
SFInfoSec aggregates the latest news, podcasts and books covering Cyber Security, Hacking, Infosec, Online Privacy, Cryptography, Threat Research and Vulnerability Disclosures from all the leading sources.
2.5 million people were affected, in a breach that could spell more trouble […]
Researchers uncover a watering hole attack likely carried out by APT TA423, […]
Over 130 companies tangled in sprawling phishing campaign that spoofed a […]
The United States joined the United Kingdom and Australia today in sanctioning […]
Virtual private networking (VPN) companies market their services as a way to […]
A 26-year-old Finnish man was sentenced to more than six years in prison today […]
The research shows a significant drop in the number of tech CISOs that got a […]
Patch now: CVE-2023-49606 in the open source, small-footprint proxy server can […]
Site reliability engineers (SREs) and security teams are more powerful when […]
The Rolling Stones wanted to protect their space; we, as security […]
As technologies advance and the world grows more complicated, collaboration and […]
In the first installment of our series on cyber resilience, we discussed what […]
An internal email from FBI deputy director Paul Abbate, obtained by WIRED, […]
Despite Cyber Army of Russia’s claims of swaying US “minds and hearts,” […]
Law enforcement officials say they’ve identified, sanctioned, and indicted […]
This attack has been feasible for over two decades: Researchers have devised an […]
Lots of complicated details here: too many for me to summarize well. It […]
Squid-shaped purses for sale. As usual, you can also use this squid post to […]
The UK Government takes aim at IoT devices shipping with weak or default […]
A wave of cheap, crude, amateurish ransomware has been spotted on the dark web […]
Czech news agency ČTK announced on Tuesday that a hacker had managed to break […]
By Claude Mandy, Chief Evangelist at Symmetry Systems Organizations depend on […]
By Adam Bennett, CEO, Red Piranha Red Piranha is Australia’s leading […]
By Laurent Halimi, Founder, Cyberr In the wake of 4 million unfilled […]
By Deeba Ahmed Over 1.2 million records were exposed in a major data breach at […]
By Deeba Ahmed A massive data leak of 820,000 Dominicans’ personal information […]
By Waqas Hundreds of thousands of UK student records exposed in software […]
OpenAI and Stack Overflow recently teamed up to improve AI models. OpenAI will […]
F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, […]
The FBI warned retail companies in the United States that a financially […]
Ever wonder why conversational AI like ChatGPT says “Sorry, I can’t do […]
The federal government agency responsible for granting patents and trademarks […]
As part of an investigation into people involved in the pro-independence […]
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 […]
Researchers have discovered two novel attack methods targeting high-performance […]
A newer version of a malware loader called Hijack Loader has been […]
Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was … Read More
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic, Havoc, … Read More
Below is a recent Threat Brief that we shared with our customers. Each year, we produce over 25 detailed Threat Briefs, which follow a format similar to the below. Typically, … Read More
What is the vulnerability?A use-after-free vulnerability tagged as […]
Article Link: Apple security advisory (AV24-247) – Canadian Centre for Cyber […]
Experts at the RSA Conference discussed how governments, the open-source […]
PortSwigger today announces that The Daily Swig is closing down
New web targets for the discerning hacker
Armed with personal data fragments, a researcher could also access 185 million citizens’ PII
The second part of our password manager series looks at business-grade tech to handle API tokens, login credentials, and more
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev.
Air-gapping GPT-4 model on secure network won’t prevent it from potentially […]
TunnelVision vulnerability has existed since 2002 and may already be known to […]