Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6): How do analyst relations professionals 'sort through the noise' and help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out. welivesecurity.com/en/videos/infl…

New cybersecurity advisory highlights defense-in-depth strategies: In 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team operation against an FCEB (Federal Civilian Executive Branch) organization. In July 2024, CISA… securityintelligence.com/articles/new-c…

US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities: In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and bolstering cyber resilience infosecurity-magazine.com/news/us-cybers…

UN Experts Urge United Nations to Lay Foundations for Global Governance of Artificial Intelligence: Left ungoverned, AI’s benefits could be limited to a handful of countries, companies and individuals, and pose risks to peace and security. The post UN… securityweek.com/un-experts-urg…

Google Now Syncing Passkeys Across Desktop, Android Devices: Users can now save passkeys to Google Password Manager on computers running Windows, macOS, and Linux, in addition to Android devices. The post Google Now Syncing Passkeys Across Desktop,… securityweek.com/google-now-syn…

Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials: Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The… thehackernews.com/2024/09/europo…

UNC1860 provides Iran-linked APTs with access to Middle Eastern networks: Iran-linked APT group UNC1860 is operating as an initial access facilitator that provides remote access to Middle Eastern Networks. Mandiant researchers warn that an Iran-linked… securityaffairs.com/168656/apt/unc…

Here’s what corporate boards are asking Kevin Mandia about: The Mandiant founder and Google Cloud adviser says boards are paying more attention than ever before, and dispensed some advice for how CISOs can give them what they want. The post Here’s what… cyberscoop.com/kevin-mandia-m…

Clever Social Engineering Attack Using Captchas: This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line. Clever. schneier.com/blog/archives/…

Ubuntu Security Notice USN-7015-2: Ubuntu Security Notice 7015-2 - USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and… packetstormsecurity.com/files/181691/U…

Red Hat Security Advisory 2024-6890-03: Red Hat Security Advisory 2024-6890-03 - New Red Hat build of Keycloak 24.0.8 packages with security impact Important are available from the Customer Portal. Issues addressed include a privilege escalation… packetstormsecurity.com/files/181692/R…

Red Hat Security Advisory 2024-6891-03: Red Hat Security Advisory 2024-6891-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP… packetstormsecurity.com/files/181693/R…

Red Hat Security Advisory 2024-6892-03: Red Hat Security Advisory 2024-6892-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP… packetstormsecurity.com/files/181694/R…

Red Hat Security Advisory 2024-6893-03: Red Hat Security Advisory 2024-6893-03 - Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal. Issues addressed include a denial of service vulnerability. packetstormsecurity.com/files/181695/R…

BlackNET 3.7.0.0 Missing Authentication / File Deletion / Traversal: BlackNET version 3.7.0.0 appears to allow unauthenticated access to modify data and suffers from arbitrary file deletion and directory traversal vulnerabilities while authenticated. packetstormsecurity.com/files/181696/b…

Ubuntu Security Notice USN-6968-2: Ubuntu Security Notice 6968-2 - USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS. Noah Misch… packetstormsecurity.com/files/181697/U…

OpenSSH 9.9p1: This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many… packetstormsecurity.com/files/181698/o…

Debian Security Advisory 5773-1: Debian Linux Security Advisory 5773-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. packetstormsecurity.com/files/181699/d…

Ubuntu Security Notice USN-7027-1: Ubuntu Security Notice 7027-1 - It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS,… packetstormsecurity.com/files/181700/U…

How to Accelerate Vulnerability Remediation with Hai: Hai, HackerOne's AI co-pilot, streamlines remediation efforts and accelerates the find-to-fix process. hackerone.com/ai/accelerate-… #cybersecurity