FreshRSS

πŸ”’
❌ About FreshRSS
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdaySecurity

Fujitsu Bugs That Sent Innocent People to Prison Were Known β€˜From the Start’

By Jon Brodkin, Ars Technica
Software flaws were allegedly hidden from lawyers of wrongly convicted UK postal workers.

US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked

By Lily Hay Newman
Plus: Microsoft says attackers accessed employee emails, Walmart fails to stop gift card fraud, β€œpig butchering” scams fuel violence in Myanmar, and more.

How to Opt Out of Comcast’s Xfinity Storing Your Sensitive Data

By Reece Rogers
One of America’s largest internet providers may collect data about your political beliefs, race, and sexual orientation to serve personalized ads.

β€˜Stablecoins’ Enabled $40 Billion in Crypto Crime Since 2022

By Andy Greenberg
A new report from Chainalysis finds that stablecoins like Tether, tied to the value of the US dollar, were used in the vast majority of crypto-based scam transactions and sanctions evasion in 2023.

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

By Newsroom
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow's build agents via

How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s Anonymity

By Andy Greenberg
Once, drug dealers and money launderers saw cryptocurrency as perfectly untraceable. Then a grad student named Sarah Meiklejohn proved them all wrongβ€”and set the stage for a decade-long crackdown.

A Flaw in Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data

By Lily Hay Newman, Matt Burgess
Patching every device affected by the LeftoverLocals vulnerabilityβ€”which includes some iPhones, iPads, and Macsβ€”may prove difficult.

The Sad Truth of the FTC's Location Data Privacy Settlement

By Dell Cameron
The FTC forced a data broker to stop selling β€œsensitive location data.” But most companies can avoid such scrutiny by doing the bare minimum, exposing the lack of protections Americans truly have.

CCDC 2024

By /u/TopShelfHockeyMN

Is anyone else competing in the 2024 Collegiate Cyber Defense Competition? Our regionals are coming up.

Looking for advice from those that have competed in the past. What kind of environment can I anticipate to encounter? I’m in no means in a position to win the competition, our University is fielding 2 teams and I am on the alternate team. Our main team, comprised of past CCDC participants, seems to know exactly what’s going to happen, have plenty of GitHub repos at their disposal, while we are kind of scratching our heads.

I’m an old head with plenty of knowledge on the CISCO stack, but the captains all say this is irrelevant to the competition now. It’s kind of discouraging talking about how we used to hop VLANs using 802 Q Double Encapsulation, capturing, spoofing in hex, and flooding ARP replies for ARP cache poisoning, when these current students have never even used the Cisco iOS CLI, and then additionally to be told that my skills and knowledge are archaic thinking. How can transform/evolve my thinking to be effective in this competition?

submitted by /u/TopShelfHockeyMN
[link] [comments]

Scame

By /u/Technical_Shelter621

Introducing Scanme, a Go Package for Effortless Network Scanning ⏳

Are you passionate about network exploration and security? Say hello to Scanme! 🌐 What is Scanme? Scanme is a straightforward Go package designed to simplify network scanning processes using SYN (stealth) scans. This tool allows you to effortlessly scan a single IP address for open ports and delve deeper into the realm of network scanning techniques. Scanme stands out by providing an automated solution for fast and efficient scans across all 65535 TCP ports! πŸ”„

submitted by /u/Technical_Shelter621
[link] [comments]

A Bloody Pig Mask Is Just Part of a Wild New Criminal Charge Against eBay

By Lily Hay Newman, Matt Burgess
Plus: Chinese officials tracked people using AirDrop, Stuxnet mole’s identity revealed, AI chatbot hacking, and more.

How to Stop Your X Account From Getting Hacked Like the SEC's

By Lily Hay Newman
The US Securities and Exchange Commission and security firm Mandiant both had their X accounts breached, possibly due to changes to X’s two-factor authentication settings. Here’s how to fix yours.

Child Abusers Are Getting Better at Using Crypto to Cover Their Tracks

By Andy Greenberg
Crypto tracing firm Chainalysis found that sellers of child sexual abuse materials are successfully using β€œmixers” and β€œprivacy coins” like Monero to launder their profits and evade law enforcement.

US School Shooter Emergency Plans Exposed in a Highly Sensitive Database Leak

By Matt Burgess
More than 4 million school records, including safety procedures, student medical files, and court documents, were also publicly accessible online.

Lawmakers Are Out for Blood After a Hack of the SEC’s X Account Causes Bitcoin Chaos

By Joel Khalili
The US Securities and Exchange Commission is under pressure to explain itself after its X account was compromised, leading to wild swings in the bitcoin market.
❌