Wer von euch ist denn auf der SecIT in #Hannover? Ich halte morgen eine kurze Keynote (mit anschließendem Panel) mit dem Titel "KI - Schutzschild oder Einfallstor?" Iich tendiere zu letzterem und erwarte euren Widerspruch. Oder euren Zuspruch. :)
Freue mich über Gespräche zum Kaffee und so. Stupst ihr mich an, falls ihr vor Ort seid?
https://secit-heise.de/programm
#secIT #cybersecurity #ITSec

"Zusätzlicher Angriffspunkt": Weißes Haus direkt an Starlink angeschlossen

Der Sitz des US-Präsidenten ist dank eines "Geschenks" jetzt direkt an Starlink angeschlossen. Ein Cybersicherheitsexperte spricht von einem unnötigen Risiko.

https://www.heise.de/news/Zusaetzlicher-Angriffspunkt-Weisses-Haus-direkt-an-Starlink-angeschlossen-10319041.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Cyberkriminelle nutzen aktuell gefälschte OAuth-Anwendungen, die sich als bekannte Dienste wie Adobe Acrobat, Adobe Drive oder DocuSign ausgeben. Ziel dieser Angriffe ist es, sich Zugriff auf Microsoft-365-Konten zu erschleichen. Im Beitrag erfährst du auch, wie du dich vor solchen Angriffen schützen kannst.

https://teufelswerk.net/achtung-vor-boesartigen-adobe-und-docusign-oauth-apps-so-schuetzt-du-dein-microsoft-365-konto/

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

New threat alert! Malicious PyPI packages disguised as "time" utilities are stealing cloud access tokens. Over 14,100 downloads! Check your dependencies for acloud-client, enumer-iam, tcloud-python-test & more. Stay safe! #cybersecurity #python #supplychainsecurity #newz

https://thehackernews.com/2025/03/malicious-pypi-packages-stole-cloud.html

Edit: Apparently, Signal doesn't collaborate with any state actors whatsoever. Quote: "[at]dymaxion [at]cigitalgem We don't officially work with any gov, Ukraine or otherwise, and we never stopped. We're not sure where this came from or why." Source: https://mastodon.world/@Mer__edith/114160644341691299
#meaculpa sorry for my mistake & thx to all the folks who've pointed this out <3

Read more: https://cyberinsider.com/signal-no-longer-cooperating-with-ukraine-to-tackle-russian-cyber-threats/ #cybersecurity #Ukraine #Russia #Signal #privacy #newz

#Cyberangriff auf #Aerticket dauert nach wie vor an: Schon seit dem 9.3. ist der Berliner Großhändler für Flugtickets von einem Cybervorfall betroffen und zurzeit immer noch offline. Parallel wird eine alternative Buchungsplattform online gehen, um den Grundbetrieb zu ermöglichen. Der Angriff zeigt, dass auch die Kompromittierung eines Nicht-#KRITIS-Unternehmens in der #Lieferkette KRITIS-relevante Auswirkungen auf den Betrieb des Flugverkehrs haben kann:
#cybersecurity
https://www.golem.de/news/flugticketgrosshaendler-cyberangriff-legt-buchungssystem-von-aerticket-lahm-2503-194251.html

I just published the source code for my very naive #Python implementation for generating a node network based on MITRE Intrusion Sets and Techniques. It will output linked #Markdown files linking intrusion sets to their used techniques.

Perhaps someone finds it useful or interesting to experiment with.

Source code: https://github.com/cstromblad/markdown_node

I hinted at this in a thread started by @Viss where he asked for input on a few very likely malicious domains. Me @Viss @cR0w @neurovagrant and others did some OSINT fun work with a couple of the original domains.

It was this thread: https://mastodon.social/@Viss/114145122623079635

Now I posted a picture of a node network rendered in Obsidian and I hinted that perhaps Obsidian could be used as a poor mans version of performing threat intelligence work.

I just published the source code for my very naive #Python implementation for generating a node network based on MITRE Intrusion Sets and Techqniques. It will output linked #Markdown files linking intrusion sets to their used techniques.

Perhaps someone finds it useful or interesting to experiment with.

Source code: https://mastodon.social/@Viss/114145122623079635

I hinted at this in a thread started by @Viss where he asked for input on a few very likely malicious domains. Me @Viss @cR0w @neurovagrant and others did some OSINT fun work with a couple of the original domains.

It was this thread: https://mastodon.social/@Viss/114145122623079635

Now I posted a picture of a node network rendered in Obsidian and I hinted that perhaps Obsidian could be used as a poor mans version of performing threat intelligence work.

Dramaturgie eines Milliardencoups: Erste Untersuchungsdetails zum Fall Bybit

Die Kryptobörse Bybit erlitt mit einem Wallet des Anbieters "Safe" einen Milliardendiebstahl, wohl auch durch Social Engineering.

https://www.heise.de/news/Dramaturgie-eines-Milliardencoups-Erste-Untersuchungsdetails-zum-Fall-Bybit-10316989.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Singular IDS sensors generate 400 alerts per minute, up to a daily average of 400,000 alerts, without being under duress (the entire system generates millions of alerts daily). The typical system examines incoming traffic for risks and threats based on identified patterns and generates an alert at each instance. But solely depending on network traffic is not enough.

https://datatofu.wordpress.com

Tags: #ai #linux #tech #datascience #python #rstats #opensource #cybersecurity

‘Absurd’

When you have the press and civil society camped outside the courtroom, the secret might be out

Even so, we’re still denied the reasons why the UK government wants to take a battering ram to our security and privacy.

It shows contempt for the public interest in the Apple encryption case.

https://pressgazette.co.uk/media_law/apple-encryption-government-press-appeal-tribunal-snoopers-charter/

Hey everyone involved in #ComputerScience, are you looking for a #job in #academia?

Aalto University in Finland has several positions open for assistant professors. The topics include #MachineLearning, #Programming, #ComputerArchitecture, #CyberSecurity, #SoftwareEngineering and Human-Computer Interactions.

https://www.aalto.fi/en/department-of-computer-science/assistant-professor-positions

China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days https://www.securityweek.com/chinas-volt-typhoon-hackers-dwelled-in-us-electric-grid-for-300-days/ #cybersecurity #infosec

#NorthKorea confirmed to be active in the #memecoin markets (#PEPE is one of the bigger/more successful #memecoins). This is something I've always assumed but never seen fully confirmed.

American congressmembers like #MarkCollins are also active memecoin traders.

What could go wrong?
https://x.com/officer_cia/status/1900587377564766661

"Google refuses to deny it received encryption order from UK government"

The UK’s encryption-breaking order for a backdoor into iCloud isn’t a one-off.

The secret hearing happening RIGHT NOW is bigger than just Apple. If the government wins, our right to privacy and security falls.

Other services will be hit.

https://therecord.media/google-refuses-to-deny-it-received-uk-tcn

Sign our petition https://you.38degrees.org.uk/petitions/keep-our-apple-data-encrypted