DOBBS.TOWN

316 posts174 participants22 posts today

Eva WolfangelWer von euch ist denn auf der SecIT in <a href="https://chaos.social/tags/Hannover" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hannover</a>? Ich halte morgen eine kurze Keynote (mit anschließendem Panel) mit dem Titel "KI - Schutzschild oder Einfallstor?" Iich tendiere zu letzterem und erwarte euren Widerspruch. Oder euren Zuspruch. :) Freue mich über Gespräche zum Kaffee und so. Stupst ihr mich an, falls ihr vor Ort seid? <a href="https://secit-heise.de/programm" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://secit-heise.de/programm</a> <a href="https://chaos.social/tags/secIT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#secIT</a> <a href="https://chaos.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://chaos.social/tags/ITSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITSec</a>

Loki the CatLooks like Google found its Wizard of Oz! 🧙‍♂️ Alphabet's dropping $32B on cybersecurity firm Wiz - their biggest acquisition ever. Funny how Big Tech's shopping list went from "cool gadgets" to "please don't hack us" these days. At this rate, Silicon Valley's becoming Cybersecurity Valley! <a href="https://jorijn.dev/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a> <a href="https://jorijn.dev/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://tech.slashdot.org/story/25/03/18/1117215/google-parent-alphabet-agrees-to-buy-cyber-security-group-wiz-for-32-billion" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://tech.slashdot.org/story/25/03/18/1117215/google-parent-alphabet-agrees-to-buy-cyber-security-group-wiz-for-32-billion</a>

Xavier «X» Santolaria :verified_paw: :donor:Round 2.0.Google's parent company, Alphabet, is in advanced talks to acquire cloud cybersecurity startup <a href="https://infosec.exchange/@wiz" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@wiz</a> for around $30 billion.This follows a previous attempt last summer to secure a deal at a $23 billion valuation, which fell through. Wiz's strong annual recurring revenue and cloud security products are seen as a good fit for Google Cloud.<a href="https://techcrunch.com/2025/03/17/google-revives-talks-to-acquire-wiz-at-higher-valuation/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://techcrunch.com/2025/03/17/google-revives-talks-to-acquire-wiz-at-higher-valuation/</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Conan the SysadminMany are the tricksters preying upon the innocent and the naive. May Set feast upon their souls, may Khepri roll them into little balls and push them into the river! <a href="https://mstdn.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://cromwell-intl.com/cybersecurity/scams-spam-phishing.html?s=mc" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cromwell-intl.com/cybersecurity/scams-spam-phishing.html?s=mc</a>

Christoffer S.Sekoia: <a href="https://blog.sekoia.io/clearfakes-new-widespread-variant-increased-web3-exploitation-for-malware-delivery/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.sekoia.io/clearfakes-new-widespread-variant-increased-web3-exploitation-for-malware-delivery/</a>A few days ago Brian Krebs wrote about ClickFix, and now Sekoia has written a technical deep dive of said malicious framework.In the Sekoia report they analyze the evolution of ClearFake, a malicious JavaScript framework that compromises legitimate websites to deliver malware through drive-by downloads. Since its emergence in July 2023, ClearFake has evolved from displaying fake browser updates to using sophisticated social engineering tactics called 'ClickFix' that trick users into executing malicious PowerShell code. The latest variant (December 2024-February 2025) uses fake reCAPTCHA or Cloudflare Turnstile verifications alongside technical issues to deceive users. ClearFake leverages the Binance Smart Chain through a technique called 'EtherHiding' to store malicious code, making it impossible to remove. The framework has infected thousands of websites and is actively distributing Lumma Stealer and Vidar Stealer malware.<a href="https://krebsonsecurity.com/2025/03/clickfix-how-to-infect-your-pc-in-three-easy-steps/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://krebsonsecurity.com/2025/03/clickfix-how-to-infect-your-pc-in-three-easy-steps/</a><a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@briankrebs</a> <a href="https://infosec.exchange/@sekoia_io" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@sekoia_io</a> <a href="https://swecyb.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://swecyb.com/tags/ClickFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ClickFix</a> <a href="https://swecyb.com/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a>

heise online English"Additional point of attack": White House directly connected to StarlinkThe seat of the US President is now directly connected to Starlink thanks to a "gift". A cyber security expert speaks of an unnecessary risk.<a href="https://www.heise.de/en/news/Additional-point-of-attack-White-House-directly-connected-to-Starlink-10319127.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/en/news/Additional-point-of-attack-White-House-directly-connected-to-Starlink-10319127.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://social.heise.de/tags/DonaldTrump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DonaldTrump</a> <a href="https://social.heise.de/tags/ElonMusk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ElonMusk</a> <a href="https://social.heise.de/tags/SpaceX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SpaceX</a> <a href="https://social.heise.de/tags/Starlink" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Starlink</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

heise online"Zusätzlicher Angriffspunkt": Weißes Haus direkt an Starlink angeschlossenDer Sitz des US-Präsidenten ist dank eines "Geschenks" jetzt direkt an Starlink angeschlossen. Ein Cybersicherheitsexperte spricht von einem unnötigen Risiko.<a href="https://www.heise.de/news/Zusaetzlicher-Angriffspunkt-Weisses-Haus-direkt-an-Starlink-angeschlossen-10319041.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Zusaetzlicher-Angriffspunkt-Weisses-Haus-direkt-an-Starlink-angeschlossen-10319041.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://social.heise.de/tags/DonaldTrump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DonaldTrump</a> <a href="https://social.heise.de/tags/ElonMusk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ElonMusk</a> <a href="https://social.heise.de/tags/SpaceX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SpaceX</a> <a href="https://social.heise.de/tags/Starlink" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Starlink</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

Conan the SysadminIf one cannot pen a message with clear meaning, without resorting to rare inks and fancy illuminations, perhaps one should not write. <a href="https://mstdn.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://cromwell-intl.com/cybersecurity/html-email.html?s=mc" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cromwell-intl.com/cybersecurity/html-email.html?s=mc</a>

flagthisCritical ESP32 vulnerabilities enable remote code execution via Bluetooth; update advised. <a href="https://ioc.exchange/tags/ESP32" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESP32</a> <a href="https://ioc.exchange/tags/IoTsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IoTsecurity</a> <a href="https://ioc.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> More details: <a href="https://borncity.com/win/2025/03/16/tarlogic-security-detects-unknown-commands-in-esp32-chip-bluetooth-wifi/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://borncity.com/win/2025/03/16/tarlogic-security-detects-unknown-commands-in-esp32-chip-bluetooth-wifi/</a> - <a href="https://www.flagthis.com/news/11336" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.flagthis.com/news/11336</a>

Marco Ciappelli🎙️✨:verified: :donor:Webinars Are Old News. Here is Something New: <a href="https://infosec.exchange/tags/Webinars" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Webinars</a>!Introducing <a href="https://techhub.social/@ITSPmagazine" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ITSPmagazine</a> Webinars: Join the Conversation and Learn from the ExpertsITSPmagazine Webinars — The Future of Thought Leadership is Here<a href="https://www.linkedin.com/pulse/webinars-old-news-here-something-new-itspmagazine-z08qe" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.linkedin.com/pulse/webinars-old-news-here-something-new-itspmagazine-z08qe</a><a href="https://infosec.exchange/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technology</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/society" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#society</a> <a href="https://infosec.exchange/@seanmartin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@seanmartin</a>

Conan the SysadminA land between Afghulistan and Vendhya, long known for harboring terrorists, also launches <a href="https://mstdn.social/tags/cyberwar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberwar</a> attacks. <a href="https://mstdn.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://cromwell-intl.com/cybersecurity/cyberwar/pakistan.html?s=mc" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cromwell-intl.com/cybersecurity/cyberwar/pakistan.html?s=mc</a>

Conan the SysadminA secret tongue is crucial for <a href="https://mstdn.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>, but one must choose it well and use it cautiously. <a href="https://cromwell-intl.com/cybersecurity/cipher-selection.html?s=mc" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cromwell-intl.com/cybersecurity/cipher-selection.html?s=mc</a>

Nonilex…It was…unclear if <a href="https://masto.ai/tags/Starlink" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Starlink</a> communications were <a href="https://masto.ai/tags/encrypted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#encrypted</a>. At a minimum, the system allows for a network separate from existing WH servers that people on the grounds are able to use, keeping that data separate.“It’s super rare” to install Starlink or another <a href="https://masto.ai/tags/internet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#internet</a> provider as a replacement for existing govt <a href="https://masto.ai/tags/infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infrastructure</a> that has been vetted & secured, said Jake Williams, a VP for R&D at Hunter Strategy, a <a href="https://masto.ai/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> consultancy. “I can’t think of a time that I have heard of that.”

Kevin Thomas ✅Israeli-Russian citizen Rostislav Panev, a developer for the LockBit ransomware group, has been extradited to the U.S. to face charges related to global cyberattacks that caused $500 million in damages across 2,500 victims in 120+ countries. Investigators linked Panev to LockBit via credentials found on his device granting access to repositories storing the malware, and he allegedly received $230,000 in cryptocurrency for his work. LockBit, known for its ties to Russian intelligence, has targeted governments, corporations, hospitals, and critical infrastructure using advanced ransomware techniques. Panev, arrested in Haifa in August 2024, was denied FBI questioning in Israel, and a gag order was imposed to prevent further suspects from fleeing. He is the third LockBit affiliate arrested, following Mikhail Vasiliev (Canada) and Ruslan Astamirov (U.S.), while the U.S. offers $10M for the capture of LockBit’s leader, Dmitry Khoroshev. <a href="https://defcon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://defcon.social/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ransomware</a> <a href="https://www.ynetnews.com/article/by9yfx4hyx" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.ynetnews.com/article/by9yfx4hyx</a>

Tom Eston :verified:Data overload got you down? Tune into our latest <a href="https://infosec.exchange/@sharedsecurity" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@sharedsecurity</a> podcast episode as we explore mastering vulnerability remediation with insights from experts Dahvid Schloss and Dan DeCloss from PlexTrac.Watch on YouTube: <a href="https://youtu.be/_6B-zEp54a8" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtu.be/_6B-zEp54a8</a>Listen and subscribe! <a href="https://sharedsecurity.net/2025/03/17/tackling-data-overload-strategies-for-effective-vulnerability-remediation/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://sharedsecurity.net/2025/03/17/tackling-data-overload-strategies-for-effective-vulnerability-remediation/</a><a href="https://sharedsecurity.net/subscribe" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://sharedsecurity.net/subscribe</a><a href="https://infosec.exchange/tags/podcast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#podcast</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/plextrac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#plextrac</a>

Christoffer S.It would appear as if Wiz may have discovered another supply-chain compromise:<a href="https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup</a>The attack involved compromising the v1 tag of reviewdog/action-setup between March 11th 18:42 and 20:31 UTC. Unlike the tj-actions attack that used curl to retrieve a payload, this attack directly inserted a base64-encoded malicious payload into the install.sh file. When executed, the code dumped CI runner memory containing workflow secrets, which were then visible in logs as double-encoded base64 strings. The attack chain appears to have started with the compromise of reviewdog/action-setup, which was then used to compromise the tj-actions-bot Personal Access Token (PAT), ultimately leading to the compromise of tj-actions/changed-files. Organizations are advised to check for affected repositories using GitHub queries, examine workflow logs for evidence of compromise, rotate any leaked secrets, and implement preventive measures like pinning actions to specific commit hashes rather than version tags.<a href="https://swecyb.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://swecyb.com/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChain</a>

Lenin alevski 🕵️💻New Open-Source Tool Spotlight 🚨🚨🚨Covenant is an open-source Command and Control framework designed for red team operations. Built in .NET Core, it supports cross-platform compatibility and multiple operators working simultaneously. It's a powerful tool, but keep in mind its ethical use depends on the intention behind it. <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> 👉 <a href="https://github.com/cobbr/Covenant" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/cobbr/Covenant</a><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Software</a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CTF</a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecuritycareer</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blueteam</a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#purpleteam</a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tips</a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloudsecurity</a>— ✨ 🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

The New OilLarge enterprises scramble after supply-chain attack spills their secrets<a href="https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/DataBreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataBreach</a>

The New OilConsumer Groups Push New Law Fighting 'Zombie' <a href="https://mastodon.thenewoil.org/tags/IoT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IoT</a> Devices<a href="https://yro.slashdot.org/story/25/03/17/0126204/consumer-groups-push-new-law-fighting-zombie-iot-devices" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://yro.slashdot.org/story/25/03/17/0126204/consumer-groups-push-new-law-fighting-zombie-iot-devices</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

The New OilFake "Security Alert" issues on <a href="https://mastodon.thenewoil.org/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> use <a href="https://mastodon.thenewoil.org/tags/OAuth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OAuth</a> app to hijack accounts<a href="https://www.bleepingcomputer.com/news/security/fake-security-alert-issues-on-github-use-oauth-app-to-hijack-accounts/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/fake-security-alert-issues-on-github-use-oauth-app-to-hijack-accounts/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Recent searches

Search options

Administered by:

Server stats:

#cybersecurity