Sicurezza è Lavoro: dal cantiere al cloud, dobbiamo proteggere chi costruisce l’Italia!
Link all'articolo : https://www.redhotcyber.com/post/sicurezza-e-lavoro-dal-cantiere-al-cloud-dobbiamo-proteggere-chi-costruisce-litalia/
Sicurezza è Lavoro: dal cantiere al cloud, dobbiamo proteggere chi costruisce l’Italia!
Link all'articolo : https://www.redhotcyber.com/post/sicurezza-e-lavoro-dal-cantiere-al-cloud-dobbiamo-proteggere-chi-costruisce-litalia/
Il Lato Oscuro delle Estensioni dei browser: Il 99% dei Dipendenti Espone i Dati Aziendali
Link all'articolo : https://www.redhotcyber.com/post/il-lato-oscuro-delle-estensioni-dei-browser-il-99-dei-dipendenti-espone-i-dati-aziendali/
Il mondo della cybersecurity evolve ogni giorno
34 settimane di formazione intensiva
HackMeUp: la piattaforma dove metti in pratica le tue skill
Per chi vuole entrare (o crescere) nel mondo dell’ethical hacking
E non sei solo: entrando nel corso, contribuisci anche allo sviluppo della community RHC, da anni al fianco della divulgazione cyber in Italia. Promo attiva fino all’11 aprile alle 18
Dopo, addio prezzo scontato.https://www.cybersecurityup.it/ethical-hacker-path
3755931011
e.picconi@fatainformatica.it
225 milioni di dollari per l’Uso Illecito delle Foto Online. Clearview perde la class Action e cede il 23%
Link all'articolo : https://www.redhotcyber.com/post/225-milioni-di-dollari-per-luso-illecito-delle-foto-online-clearview-perde-la-class-action-e-cede-il-23/
Ogni tanto una gioia… anzi mezza! Scoperto un modo per decifrare Akira su server Linux
Link all'articolo : https://www.redhotcyber.com/post/ogni-tanto-una-gioia-anzi-mezza-scoperto-un-modo-per-decifrare-akira-su-server-linux/
PassMark released a report on CPU performance, highlighting a recent bottleneck in performance growth since 2023. Is Moore's Law truly becoming obsolete? How might this impact legal and legislative discussions on technology advancement? Stay informed on these key developments and their implications for privacy and cybersecurity. #TechLaw #PrivacyRights #CybersecurityAwareness
What are your thoughts on this evolving landscape? Let's discuss!
Read more: https://steelefamlaw.com/OfWKcL
DeepSeek or DeepRisk?
A new AI powerhouse is making waves—DeepSeek has skyrocketed in popularity, rivaling top AI models at a fraction of the cost.
But with data stored in China and unknown security safeguards, is your organization at risk?
Join @sherridavidoff and @MDurrin in our latest episode of Cyberside Chats for an in-depth look at DeepSeek’s cybersecurity implications!
Watch here: https://youtu.be/3DoZbzLMsI8
Listen here: https://www.chatcyberside.com/e/deepseek-ai-revolutionary-or-risky/?token=05c4390134bd6b32d0ae7e7ddcf14232
Follow us for weekly Cyberside Chats episodes!
QR-codes: privacy/security-drama
Minister Beljaarts is niet goed bij zijn hoofd (https://nos.nl/artikel/2553994-minister-steunt-qr-plan-van-supermarkten-nederlands-etiket-niet-heilig). Marketingmensen willen dit niet, niet iedereen heeft een smartphone of wil QR-codes scannen, en bovendien zijn URL-QR-codes een privacy- en security-drama.
QR-codes op de meeste producten in de supermarkt wijzen namelijk naar websites van derde partijen en/of gebruiken URL-verkorters (die zijn zeker van derde parijen).
Ook zijn er veel QR-codes met een http- (in plaats van https-link) of geheel zonder protocolaanduiding (wat browsers nog steeds als http interpreteren. Waarom dat een risico is leest u in mijn antwoord op deze toot.
Voorbeelden van hufterige QR-codes (ik heb steeds een spatie tussen // en de domeinnaam gevoegd zodat Mastodon de http/https informatie niet verstopt).
Prodent tandpasta https:// dl.ulcp.io/01/3014230002601
Calvé pindakaas https:// qr.ulcp.io/W5NKZMFC
Crystal Clear framboos/bosbes https:// qrco.de/crystalclear_3
Flesje Coke Zero https:// cokeurl.com/srn5000112646702
Bus Pringles http:// pringles.eu/1w9vz52
Lassie Bio Zilvervliesrijst http:// l.ead.me/462ZILVER
Merk op dat *elke* "doorstuurwebsite vanalles over u te weten kan komen en cookies kan zetten. Ook kan een "doorstuurder" door een criminele partij worden overgenomen, en uw browser naar een andere website sturen dan de maker van het product bedoelde. Op zo'n nepsite kunt u vervolgens worden opgelicht.
Maar ook maken maketeers, die graag aanrommelen met QR-codes, fouten - zoals (in 2015) Heinz met ketchupflessen (https://id.nl/huis-en-entertainment/computer-en-gaming/software/qr-code-op-ketchupfles-verwijst-per-ongeluk-naar-pornosite).
1/2
DON'T use free emails for biz. DO invest in a professional email & online portfolio. #CybersecurityAwareness #BusinessTips 4/10
Cybersecurity is a crucial aspect of our digital lives. From understanding the basics to knowing the different types of cyber threats, being informed helps us stay protected.
Encryption plays a vital role in safeguarding data and preventing unauthorized access, making it a must-have tool in our security arsenal. Let's prioritize digital safety and be proactive in securing our information.
For my SecOps role, it’s fairly important to keep on top of the types of social engineering scams out there, and https://www.reddit.com/r/Scams/ is a great resource for this.
However it still find it really concerning the number of people struggling to identify scam red flags - they are doing the right thing by asking, but it would be great if they knew straight up.
#Infosec community, if you are in a position to do so and haven't already, please take the time to have a chat with family and friends about what to look out for with scam messages and staying safe online :)
Alla scoperta del Phishing 3D. Quando le AI elevano le tecniche di phishing verso un nuovo livello
Nel panorama degli anni ’90, il concetto di “#phishing” ha avuto origine tra gli #hacker desiderosi di acquisire #informazioni sensibili da utenti ignari attraverso l’inganno, principalmente utilizzando e-mail.
#redhotcyber #hacking #cti #ai #online #it #cybercrime #cybersecurity #technology #news #cyberthreatintelligence #innovation #privacy #engineering #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity
Si chiamerà Umoja! Sarà il primo Cavo Sottomarino che Collegherà Africa e Australia
#redhotcyber #online #it #ai #hacking #innovation #privacy #cybersecurity #technology #engineering #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity
Upgrade your Atlassian Server and Data Center to mitigate CVE-2024-21683
Advisory:
https://jira.atlassian.com/browse/CONFSERVER-95832
Update Links:
https://www.atlassian.com/software/confluence/download-archives
https://confluence.atlassian.com/doc/confluence-release-notes-327.html
#PatchNOW
#cybersecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
#zeroday
Underground Zeroday: 10.000 dollari per 110.000 siti WordPress!
La piattaforma di #intelligence sulle minacce informatiche ThreatMon ha riferito che su un noto #forum di #hacker è #apparsa una pubblicità per la vendita di un #exploit #ZeroDay per #WordPress .
Il venditore afferma che l’exploit, implementato come script PHP, può essere utilizzato insieme a un plugin WordPress per caricare script di shell su circa 110.000 siti Web e recuperare un elenco dei loro URL.
Condividi questo post se hai trovato la news interessante.
#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity
https://www.redhotcyber.com/post/underground-zeroday-10-000-dollari-per-110-000-siti-wordpress/
Happy New Year! Here are the ICS Advisory Project 2023 Annual Summary Slides for CISA ICS Advisories and this week's Other CERT & Vendor vulnerability advisories weekly summary for 25 – 29 December 2023. Attached are 2023's Annual summary slides.
Link to ICS Advisory Project Annual Summary Slides: https://drive.google.com/file/d/1HYDE_rD1dvJb30r7CuoJuXEYSPNs7MxU/view
This past week, CISA did not release any new ICS Advisories. In its place, the ICS[AP] provided a high-level summary of the 380 CISA ICS Advisories released in 2023. Within this summary, you will find a high-level review of the following:
- Total Number of vendors reported in ICS Advisories ranked by country
- Vendors with a high number of critical severity vulnerabilities
- Overview of Vendor & products Affected Global Distribution & Updated CISA Advisories in 2023
- Overview of 2023 CISA ICS Advisories CVE CVSS Vectors by Severity
- Top 10 CWEs identified on MITRE's 2023 CWE Top 25 Most Dangerous Software Weaknesses (MDSW).
- Most reported impacted Critical Infrastructure sectors and by Vendor
- ICS Asset Type metrics
- Total number of CISA ICS Advisories correlated to CISA KEV Catalog
- Mitigation statics based on CISA ICS Advisories recommendations
- Top Independent Vulnerability Researchers and Research Organizations for 2023
ICS[AP] identified 12 new other CERT and vendor products security advisories were released this week for vulnerabilities in the following Vendor products: Moxa (LTE Wireless Gateway & Ethernet remote I/O with 2-port Ethernet switch), Buffalo (Router), Weintek (HMI), and Gallagher (Access Control System). See Weekly Summary of Other Vendor & CERT Advisories for potentially impacted CI sectors.
View the summary details of other CERT & Vendor product advisories identified last week (25 – 29 December 2023) at: https://drive.google.com/file/d/1wBofoXVnP9m9wAKxx2VCSFeS9tTlNMmg/view?usp=sharing
No updates were added to the CISA KEV Catalog this week.
Visit the ICS[AP] CISA KEV Catalog Dashboards: https://www.icsadvisoryproject.com/ics-advisory-dashboards/cisa-kev-for-cisa-ics-advisories
View previous ICS Advisory Project annual and weekly summaries: https://www.icsadvisoryproject.com/ics-advisory-summaries
To view the updated ICS Advisory Project Dashboards, visit: icsadvisoryproject.com
We appreciate everyone's comments & support. Have a great week!
#CISA #ot #ics #otcybersecurity #otsecurity #icscybersecurity
#cybersecurity #cybersecuritythreats #cybersecurityawareness
TechCrunch's analysis of the 23andMe breach highlights the vulnerability of personal genetic data, raising concerns about data protection and transparency.
What do you think about this new case of a user data breach by a company revealing sensitive user data? And what steps do you take to ensure the security of your sensitive information? Share your thoughts and experiences with us!
#CyberSecurityAwareness #DataSecurity #DigitalPrivacy
https://techcrunch.com/2023/12/04/23andme-confirms-hackers-stole-ancestry-data-on-6-9-million-users/
This is your #infosec Public Service Announcement: Today is the first day of Fall (in the upper hemisphere).
All users should now rotate their passwords to:
If they are fancy, they can rotate their passwords to:
Note, users should change their passwords to their local language, eg:
Further Note, if users are in the southern hemisphere, please use the corresponding terms for Spring.
Le auto a guida autonoma di Tesla arriveranno entro l’anno
Il CEO di #Tesla, #ElonMusk, ha annunciato che l’azienda è vicina alla realizzazione di #auto a #guida completamente #autonoma, con la possibilità di raggiungere questo traguardo entro l’anno. Musk ritiene di essere più vicino che mai a raggiungere la piena capacità di guida autonoma.
Questa volta ce la farà davvero?
#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity
https://www.redhotcyber.com/post/le-auto-a-guida-autonoma-di-tesla-arriveranno-entro-lanno/
HTTP Status Code