Are your connected smart devices compliant? iotsecuritytrustmark.org by Cyber Trust Mark #iotsecurity #cybertrustmark #cybersecurity

Australian charged for ‘Evil Twin’ WiFi attack on plane - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Unknown threat actors are spreading trojanized #jQuery via npm, #GitHub, and jsDelivr in a complex supply chain attack. #Malware hides in the seldom-used 'end' function of jQuery, used by 'fadeTo'. Learn more: thehackernews.com/2024/07/trojan… #cybersecurity #coding #infosec

Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation - securityweek.com/supreme-court-…

New breach: Neiman Marcus suffered a breach in May which was later posted to a hacking forum. The data contained 31M unique email addresses, name, phone, DoB, physical address and partial credit card data. 76% were already in Have I Been Pwned. More: bleepingcomputer.com/news/security/…

#Microsoft released updates to address vulnerabilities in multiple products. Users and administrators are encouraged to review & apply updates. More👉 cisa.gov/news-events/al…. #Cybersecurity #InfoSec #PatchTuesday

🚨 ALERT: Cisco patches critical #vulnerability in Smart Software Manager On-Prem. This flaw could allow attackers to change any user's password, including admins. CVE-2022-22948 could be exploited with crafted HTTP requests—Patch now! Read: thehackernews.com/2024/07/cisco-… #infosec

The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks. #cybersecurity bleepingcomputer.com/news/security/…

Critical Cisco bug lets hackers add root users on SEG devices - Sergiu Gatlan bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

CrowdStrike releases Root Cause Analysis (RCA) report for the bad Falcon update. crowdstrike.com/wp-content/upl…

Falcon expected the update to have 20 input fields, but it had 21 input fields. "Therefore, the attempt to access the 21st value produced an out-of-bounds memory read beyond the end of the input data array and resulted in a system crash." abc.net.au/news/2024-08-0…?

#Microsoft is addressing two critical vulnerabilities in the Windows Update system. These flaws could allow attackers to stage downgrade attacks, replacing current Windows files with older, vulnerable versions. Read: thehackernews.com/2024/08/window… #cybersecurity #infosec

Critical vulnerabilities in six services under Amazon Web Services could have enabled account takeover, remote code execution, AI data manipulation, sensitive information disclosure and more, researchers from Aqua Security disclosed at #BHUSA #BlackHat2024. #cybersecurity bit.ly/4dx3YJJ

Vulnerability Allowed Eavesdropping via Sonos Smart Speakers securityweek.com/vulnerability-…

Chinese Backdoor Alert! Security enhancements on Mifare Classic cards used in hotels/business contain a supply chain backdoor making reading & exploitation trivial. Great paper by Philippe Teuwen Quarkslab eprint.iacr.org/2024/1275.pdf Watch your Chinese supply chains carefully folks!

.National Institute of Standards and Technology finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer. Here are for ways to prepare for the new post-quantum computing standards. #cybersecurity #infosec #ITsecurity bit.ly/3SPKOGR

The success of Cybersecurity and Infrastructure Security Agency's Secure by Design Pledge initiative hinges on a fundamental commitment to the "boring basics" of #cybersecurity so that all systems, old and new, are resilient against potential attacks, says Armis's Nadir Izrael. #infosec bit.ly/3yCyNOe

A vulnerability in Microsoft Entra ID (formerly Azure Active Directory) could let malicious actors with local administrative privileges on a pass-through authenticator (PTA) agent bypass authentication controls, according to Cymulate research. #infosec bit.ly/3WQkFsF

Weekly update is up! The Massive National Public Data Breach; FlightAware Breach; Other HIBP Breaches: LuLu, Shadow, LDLC, Chris Leong troyhunt.com/weekly-update-…

A cyber attack on councils across Greater Manchester has left thousands of residents vulnerable to a phishing scam. #cybersecurity bbc.co.uk/news/articles/…