Information Security News Autonomous, GenAI-Driven Attacker Platform Enters the ChatDark Reading – Elizabeth Montalbano EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcherBleepingComputer – Bill Toulas Voluntary ‘Pall Mall Process’ seeks to curb spyware abusesCyberscoop – Tim Starks That massive GitHub supply chain attack? It all started with a stolen SpotBugs tokenThe Register – Jessica Lyons […]
information security
Cyber (In)Securities – Issue 138
Information Security News Disclosure Drama Clouds CrushFTP Vulnerability ExploitationDark Reading – Rob Wright CISA warns of Fast Flux DNS evasion used by cybercrime gangsBleepingComputer – Bill Toulas Google Quick Share Bug Bypasses Allow Zero-Click File TransferDark Reading – Tara Seals China-Linked Threat Group Exploits Ivanti BugDark Reading – Jai Vijayan International intelligence agencies raise the […]
Cyber (In)Securities – Issue 136
Information Security News Italian government approved use of spyware on members of refugee NGO, MPs told The Guardian by Angela Giuffrida & Stephanie KirchgaessnerItalian lawmakers have been informed that spyware was authorised against members of a refugee NGO, sparking fierce backlash over potential human rights violations. Critics argue this blurs the line between national security […]
Cyber (In)Securities – Issue 135
Information Security News US Weakens Disinformation Defenses, as Russia & China Ramp Up Dark Reading by Robert LemosAs geopolitical tensions escalate, the US has notably reduced its efforts to combat disinformation, especially from key adversaries like Russia and China. This rollback occurs despite increasing efforts by these nations to spread misinformation aimed at influencing global […]
Cyber (In)Securities – Issue 132
Information Security News Elon Musk’s Starlink Could Be Used to Transmit Australian Election Voting Results The Guardian by Josh TaylorThe Guardian reports that Elon Musk’s satellite internet service, Starlink, is being considered as a potential method to transmit voting results in Australian elections. This proposal aims to leverage Starlink’s extensive network to ensure reliable and […]
Cyber (In)Securities – Issue 131
Information Security News EU Looks to Tech Sovereignty with EuroStack Amid Trade War Biometric Update by Masha BorakThe European Union is making significant strides towards tech sovereignty with the development of EuroStack, a comprehensive technology initiative aimed at reducing dependence on foreign tech giants amid ongoing trade tensions. This ambitious project seeks to bolster the […]
Cyber (In)Securities – Issue 129
Information Security News Latin American Orgs Face 40% More Attacks Than Global Average Dark Reading by Nate NelsonOrganisations in Latin America are experiencing a surge in cyberattacks, facing 40% more incidents than the global average. This alarming trend underscores the unique cybersecurity challenges in the region, exacerbated by rapid digital transformation and targeted attacks by […]
Opinion: Disinformation, Attacks on Society, and Our Responsibility as Infosec Professionals
The world’s full of information-borne threats to society – from active baddies to those who support them. As professionals, there is a lot we can and should do to stop these.
Europe: Prepare for (Cyber) War…
Si Vis Pacem… A recent article published in the Frankfurter Allgemeine Zeitung (FAZ – soft paywall) about Germany’s “Operationsplan Deutschland” (English version of the informational brochure here), or OPLAN DEU, has drawn media attention to escalating tensions between the EU and aligned countries, and Russia, accelerated since Russia’s 2022 invasion of Ukraine. The operational plan […]
Faking GitHub Commits – What Could Go Wrong?
Found: a tool creating dummy GitHub source code commits to help programmers game job evaluation mechanisms. This illustrates a deeper issue with how badly designed incentives can have serious security consequences.