Over Security - Cybersecurity news aggregator's Avatar

Over Security - Cybersecurity news aggregator

@oversecurity.net.web.brid.gy

A collection of the main information cyber security news. The articles come from various selected sources or from individual articles considered interesting. [bridged from https://oversecurity.net/ on the web: https://fed.brid.gy/web/oversecurity.net ]

6 Followers  |  0 Following  |  3,847 Posts  |  Joined: 12.05.2025  |  1.3984

Latest posts by oversecurity.net.web.brid.gy on Bluesky

Preview
Managing Cisco NDO Limitations from the APIC We have observed that NDO currently has some important limitations that must be kept in mind: NDO frameworks have limitations, particularly NaC NDO itself has limitations certain configurations must necessarily be managed directly on the APIC This consideration is far from trivial, and to fully understand it, we need to analyze how objects are created by NDO on the APIC.
26.10.2025 09:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Timestomping a PE compile timestamp - adversary tradecraft and detection A deep technical dive into timestomping the IMAGE_FILE_HEADER.TimeDateStamp in Windows binaries - why adversaries do it, how to implement it safely, and what defenders can look for.
26.10.2025 09:19 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
New 'CoPhish' technique wraps OAuth phishing in Microsoft Copilot A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.
25.10.2025 16:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
US to attend UN cybercrime treaty signing in Hanoi despite industry concerns After years of negotiations, officials from around the world will convene in Hanoi this weekend for the signing of the landmark UN cybercrime convention.
24.10.2025 20:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Hackers launch mass attacks exploiting outdated WordPress plugins A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE).
24.10.2025 19:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Calling TeaOnHer’s content 'seemingly illegal,' lawmakers demand info from company House Oversight Committee Chairman James Comer wants the developer of the controversial dating-safety app TeaOnHer to explain if its privacy and content moderation practices adhere to federal law.
24.10.2025 17:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Critical WSUS flaw in Windows Server now exploited in attacks Attackers are now exploiting a critical-severity Windows Server Update Service (WSUS) vulnerability, which already has publicly available proof-of-concept exploit code.
24.10.2025 16:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Il Pwn2Own Irlanda si Γ¨ concluso con oltre 1 milione di dollari di vincite Il Pwn2Own- Irlanda, si Γ¨ concluso dopo con un bilancio Γ¨ di oltre 1 milione di dollari vinti e 73 vulnerabilitΓ  zero-day scoperte.
24.10.2025 15:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Amazon: This week’s AWS outage caused by major DNS failure Amazon says a major DNS failure was behind a massive AWS (Amazon Web Services) outage that took down many websites and online services on Monday.
24.10.2025 15:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
La trappola del falso supporto tecnico: attenti, Γ¨ phishing È stata rivelata una campagna di truffe online che sfrutta il logo Microsoft in uno schema di falso supporto tecnico. L’attacco non punta tanto sulla sofisticazione tecnica, quanto sulla capacitΓ  di sfruttare la fiducia e la paura per ottenere il controllo completo del dispositivo della vittima. Ecco tutti i dettagli
24.10.2025 15:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
La parola regolata: Cina e Italia, due modelli opposti di controllo digitale Dalla laurea obbligatoria per gli influencer in Cina alla trasparenza del Codice AGCOM: due visioni della qualitΓ  dell’informazione e del ruolo della competenza nell’era dell’intelligenza artificiale
24.10.2025 15:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Fake LastPass death claims used to breach password vaults LastPass is warning customers of a phishing campaign sending emails with an access request to the password vault as part of a legacy inheritance process.
24.10.2025 15:00 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
How to reduce costs with self-service password resets Password resets account for nearly 40% of IT help desk calls, costing orgs time and money. Specops Software's uReset lets users securely reset passwords with flexible MFA options like Duo, Okta, and Yubikey while enforcing identity verification to stop misuse.
24.10.2025 14:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Budget fantastici… ma non troppo Fra il dire e il fare la sicurezza IT, c'Γ¨ sempre una questione di budget che per essere risolta richiede un approccio maturo da parte dell'organizzazione, che dev'essere in grado di svolgere un corretto ragionamento in ordine a costi e benefici avendo consapevolezza dei rischi e delle strategie
24.10.2025 14:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image 24.10.2025 14:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image 24.10.2025 13:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Mozilla: New Firefox extensions must disclose data collection practices Starting next month, Mozilla will require Firefox extension developers to disclose whether their add-ons collect or share user data with third parties.
24.10.2025 13:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Counter Ransomware Initiative stresses importance of supply-chain security As cybercriminals increasingly exploit third-party products to deploy ransomware against organizations, a global coalition is urging companies to pay more attention to their software supply chains.
24.10.2025 12:31 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments A veterinary certification platform and systems that track products and chemicals were among the tools disrupted by a DDoS incident, Russia's food safety watchdog said.
24.10.2025 12:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Atlas, il browser intelligente di OpenAI che ricorda cosa facciamo online: i rischi privacy OpenAI lancia Atlas, il nuovo browser integrato con ChatGPT: promette navigazione intelligente e assistenza AI in tempo reale, ma raccoglie dati dettagliati sulle attivitΓ  online degli utenti. Ecco cosa comporta per privacy e sicurezza
24.10.2025 10:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Think passwordless is too complicated? Let's clear that up We’ve relied on passwords for years to protect our online accounts, but they’ve also become one of the easiest ways attackers get in. Cisco Duo helps clear up some of the biggest passwordless myths.
24.10.2025 10:03 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Dalla minaccia alla metrica: ridefinendo la valutazione del cyber risk La valutazione del cyber risk trasforma la sicurezza in un processo misurabile e strategico per l’impresa.
24.10.2025 09:48 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Formare la sicurezza: come colmare il gap di competenze cyber security nell’era del cloud Affrontare il gap di competenze cybersecurity tra cloud e AI si puΓ²: puntando su formazione, stage e collaborazione con universitΓ .
24.10.2025 08:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
ANY.RUN Recognized as Threat Intelligence Company of the Year 2025 Explore TI solutions by ANY.RUN, threat intelligence company of the year acknowledged by CyberSecurity Breakthrough Awards.
24.10.2025 08:19 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Windows Server emergency patches fix WSUS bug with PoC exploit Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code.
24.10.2025 07:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
La responsabilitΓ  proattiva nel GDPR e nella NIS 2: una nuova grammatica del diritto La responsabilitΓ  proattiva sta sostituendo l’obbedienza come fondamento della conformitΓ . Ecco perchΓ© solo chi la adotta puΓ² essere davvero credibile, solido e resiliente
24.10.2025 07:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Hackers earn $1,024,750 for 73 zero-days at Pwn2Own Ireland ​The Pwn2Own Ireland 2025 hacking competition has ended with security researchers collecting $1,024,750 in cash awards after exploiting 73 zero-day vulnerabilities.
24.10.2025 06:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
North Korean hacking group targeting European drone maker with ScoringMathTea malware Researchers at ESET said they found evidence of a new tentacle of the long-running Operation DreamJob campaign β€” where North Korea’s Lazarus group sends malware-laden emails purporting to be from recruiters at top companies.
24.10.2025 01:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Toys β€œR” Us Canada warns customers' info leaked in data breach Toys "R" Us Canada has sent notices of a data breach to customers informing them of a security incident where threat actors leaked customer records they had previously stolen from its systems.
23.10.2025 22:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Cyber security e geopolitica nell’era dell’AI: le lezioni dal Cybertech Europe 2025 L'intreccio tra AI, cybersecurity e geopolitica ridefinisce la sicurezza nazionale. Dal Cybertech Europe 2025 emergono lezioni cruciali: attacchi continui, necessitΓ  di Cyber Command e resilienza come prioritΓ . Ma la vera sfida Γ¨ sensibilizzare cittadini e aziende
23.10.2025 22:03 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0