Agregátor RSS

Also, EU probes Snapchat, RedLine suspect extradited, AstraZeneca leak claim surfaces, and more

infosec in brief  The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on developers’ systems.…

OpenAI mělo před koncem loňského roku zavést režim pro dospělé. • Uživatelům měl umožnil vést s chatbotem erotické konverzace. • Nakonec ale nedorazí, měli s ním problém investoři i zaměstnanci.

Organizátoři Dne IPv6, tradiční akce věnované tématům spojeným s tímto protokolem, vyhlásili Call for Abstracts. Na webu konference mohou zájemci přihlašovat příspěvky o délce 20 nebo 40 minut či 10minutové lighting talky a to až do 30. dubna. Tvůrci programu uvítají návrhy přednášek z akademického i komerčního sektoru, které mohou být technického i netechnického zaměření. Den IPv6 se letos uskuteční 4. června a místem konání bude i tentokrát Ballingův sál Národní technické knihovny v pražských Dejvicích. Akci společně připravují sdružení CESNET, CZ.NIC a NIX.CZ.

A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. "It likely uses AI-assisted obfuscation and process injection to evade static scanning, while credential theft starts immediately and captures passwords and sessions even if the primary loader is blocked," ReliaQuest researchers Thassanai

A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. "It likely uses AI-assisted obfuscation and process injection to evade static scanning, while credential theft starts immediately and captures passwords and sessions even if the primary loader is blocked," ReliaQuest researchers Thassanai Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

HP 780M na první pohled velmi připomíná řadu Logitech MX Master. • HP se inspirovalo designem, tichými tlačítky a kolečkem se setrvačníkem. • Navrch ale přidává superkondenzátor pro velmi rychlé nabíjení.

Apple has introduced a security feature in macOS Tahoe 26.4 that blocks pasting and executing potentially harmful commands in Terminal and alerts users to possible risks. [...]

AI SOC agents can reduce alert fatigue, but most teams fail to measure real outcomes. Prophet Security breaks down Gartner's questions for evaluating AI SOC agents and separating real impact from hype. [...]

Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped being theoretical right around the time defenders stopped paying attention. There's a bit of everything this week. Persistence plays, legal wins, influence ops, and at least one thing that looks boring

Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped being theoretical right around the time defenders stopped paying attention. There's a bit of everything this week. Persistence plays, legal wins, influence ops, and at least one thing that looks boring Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Researchers say attackers are already looting vulnerable boxes

In-the-wild exploitation of a critical Citrix NetScaler bug has begun less than a week after disclosure, with researchers warning that attackers are already poking and pillaging vulnerable boxes.…

Univerzita obrany v minulých dnech hostila české kolo evropského obranného hackathonu EUDIS Defence. Do Brna se sjela padesátka účastníků, kteří pak ve dvaceti týmech řešili, jak vyvinout co nejlevnější interceptor, detektor před drony a jiné inovativní technologie PVO. Akce je už podle svého ...

One unauthenticated HTTP request is all it takes. From there, attackers can move from the edge straight into your internal network, operating from a system your Linux servers already trust.CVE-2026-21643 in FortiClient EMS isn't just another SQL injection. It turns a management server into a pivot point, giving attackers the same access paths your administrators rely on.

Euro-Office (Wikipedie) je evropský fork open source kancelářského balíku OnlyOffice. Za forkem stojí koalice firem IONOS, Nextcloud, Eurostack, XWiki, OpenProject, Soverin, Abilian a BTactic. Cílem je zajistit digitální suverenitu Evropy a snížit závislost na neevropských platformách. Projekt vznikl mimo jiné v reakci na nedávné uzavření cloudové služby OnlyOffice. OnlyOffice obviňuje Euro-Office z porušení licenčních podmínek. Na možné problémy upozorňuje i Collabora Online. Jednostranná změna licence není v pořádku.

What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage steps, and limited visibility early in the investigation. Fixing those process gaps can help Tier 1 move faster, reduce unnecessary escalations, and improve how the entire SOC responds under pressure

What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage steps, and limited visibility early in the investigation. Fixing those process gaps can help Tier 1 move faster, reduce unnecessary escalations, and improve how the entire SOC responds under [email protected]

LG s novou technologií LCD slibuje prodloužit výdrž notebooků až o polovinu. • U statického obsahu se obnovovací frekvence sníží jen na 1 Hz. • Technologii už používají nové Delly XPS 14 a 16 slibující až 40hodinovou výdrž.

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables" to facilitate credential phishing, keylogging, Remote Desktop Protocol (RDP) hijacking, and reverse tunneling

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables" to facilitate credential phishing, keylogging, Remote Desktop Protocol (RDP) hijacking, and reverse tunnelingRavie Lakshmananhttp://www.blogger.com/profile/[email protected]