NIS2: New leak of the draft bill
The new draft of the NIS2 Implementation Act provides for other areas of application and less influence from industry.
heise online · NIS2: New leak of the draft bill
Verwaltet von:
#security
411 Beiträge267 Beteiligte30 Beiträge heute
Billions of login credentials may have leaked. Here's how you can protect your accounts
A recent report by Cybernews claimed that 16 billion login credentials were exposed and compiled into datasets online, giving cybercriminals access to accounts for online platforms like Google, Apple and Facebook. While much is still unconfirmed about the leak, ex...
#security #cybercrime #data #leak #News #Business
https://www.cbc.ca/news/business/login-credentials-leak-password-protection-1.7567621?cmp=rss
https://github.com/brotheralameen1/Discordforschool/security/advisories/GHSA-63xr-98vc-whx5
Published Security Advisory for OneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value. Currently, submitted this to MITRE CVE to request publication of my CVE to the National Vulnerability Database and awaiting their response. You can click the link above to learn more about the exploit.
GitHubOneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value# OneTrust SDK v6.33.0 - Prototype Pollution Vulnerability via `Object.setPrototypeOf` and `Object.assign` (DoS Impact)
- **Exploit Title**: OneTrust SDK v6.33.0 - Prototype Pollution Vulnerabil...
"Noem isn’t doing homeland #security. I’m not sure she knows its meaning. Like habeas corpus, which she thinks is an Ecuadorian offshoot of MS-13. Instead of safety and security, Noem’s turned the agency into the rabid attack dog she wanted Cricket to be"
READ MORE https://www.blueamp.co/p/were-all-cricket-and-the-united-states #news #usa #politics #dhs #ice #losangeles #la #tv #nato #media #press #russia #ukraine #eu us #unitedstates #america #trump #donaldtrump #cliffschecter #blueamp #cliffsnote #cliffsedge #davidshuster
Blue Amp · We're All Kristi's Dog Cricket, and the United States is Noem’s Gravel Pit
Flagship EU defense plan may be illegal, German parliamentary report warns – POLITICO https://www.byteseu.com/1125612/ #Canada #Defense #DefenseBudgets #EUTreaties #Europe #EuropeanDefense #Exclusive #Germany #INFRASTRUCTURE #Military #Procurement #Security #Serbia #Turkey #UKDefense #Ukraine #UnitedKingdom
CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message - Hackers exploited a vulnerability in CoinMarketCap’s front-end system, using a seemingly ... - https://www.coindesk.com/tech/2025/06/21/coinmarketcap-briefly-exploited-with-wallet-phishing-pop-up-message #coinmarketcap #security #tech #news
CoinDesk · CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message
Iran confirmed it shut down internet to protect the country against cyberattacks – Source: securityaffairs.com https://ciso2ciso.com/iran-confirmed-it-shut-down-internet-to-protect-the-country-against-cyberattacks-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #IranIsraelconflict #SecurityAffairscom #CyberSecurityNews #SecurityAffairs #SecurityAffairs #BreakingNews #Cyberwarfare #SecurityNews #Security #hacking #Israel #Iran
CISO2CISO.COM & CYBER SECURITY GROUP · Iran confirmed it shut down internet to protect the country against cyberattacks – Source: securityaffairs.comSource: securityaffairs.com - Author: Pierluigi Paganini Iran confirmed an Internet shutdown to counter Israeli cyberattacks, citing th
Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider – Source: securityaffairs.com https://ciso2ciso.com/cloudflare-blocked-record-breaking-7-3-tbps-ddos-attack-against-a-hosting-provider-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Cloudflare #Security #hacking #Mirai #DDoS
CISO2CISO.COM & CYBER SECURITY GROUP · Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider – Source: securityaffairs.comSource: securityaffairs.com - Author: Pierluigi Paganini Cloudflare blocked a record-breaking 7.3 Tbps DDoS attack in May 2025. Clou
Iranian hackers target Albania in retaliation for hosting dissidents https://www.politico.eu/article/iran-hackers-target-albania-servers-in-retaliation-hosting-dissidents/?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndication #CybersecurityandDataProtection #Communications #Infrastructure #Cybersecurity #Intelligence #Security #Services #Balkans #digital #History #Data
POLITICO · Iranian hackers target Albania in retaliation for hosting dissidents
NIS2: Neuer Leak des Referentenentwurfs
Der neue Entwurf für das Umsetzungsgesetz zu NIS2 sieht andere Geltungsbereiche und weniger Einfluss der Wirtschaft vor.
heise online · NIS2: Aktueller Referentenentwurf geleakt
Fortgeführter Thread
Honestly, I just want to hear a good argument to skip the braces.
To me, braces don't look much less readable and it's a lot easier to add statements.
Plus, #security bugs: https://dwheeler.com/essays/apple-goto-fail.html
dwheeler.comThe Apple goto fail vulnerability: lessons learnedDescription of what we have learned
16 billion login records!!
Researchers at Cybernews, an online tech publication, said they had found 30 datasets stuffed with credentials harvested from malicious software known as “infostealers” and leaks.
[...] the datasets had become temporarily available after being poorly stored on remote servers – before being removed again.
The Guardian · Internet users advised to change passwords after 16bn logins exposed
Systeminformer - Portables Open-Source-Tool zur deep down walkenden Analyse, Steuerung von Systemprozessen und Performance-Tuning. Dieser Lümmel erkennt versteckte Prozesse, analysiert Handles, Threads, DLLs und Treiber und überwacht CPU-, RAM-, I/O- und Netzwerkressourcen im Detail.
https://hackspoiler.de/systeminformer-open-source-windows-ressourcen-monitoring/
Cybercriminals breach Aflac as part of hacking spree against US insurance industry
Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday
#Aflac #insurance #databreach #security #cybersecurity #hacker #Hacking #hacked
I need advice to secure a web server. I am currently managing an OJS server at my University. This server is often attacked, such as with PHP script injections, to cause malfunction or online gambling contents. What I have done so far:
1. Set permissions (the user owns all PHP scripts instead of www-data, these files are often modified by a third party)
2. File access monitoring ( I log every access that happens in the doc root)
3. daily backup
The Protesters' Guide to #Smartphone #Security
https://www.privacyguides.org/articles/2025/01/23/activists-guide-securing-your-smartphone/#scrub-photo-metadata
Very helpful tips for your own protection when you're protesting or even living in failed country like #USA, #Russia, #China, #Hungary, and so forth.
Furthermore, it's impressive how complex it is to protect you from your own #mobile #phone.
As a security pro and despite using #GrapheneOS, I'd rather leave the phone at home than to go through all the tips and still might overlook a thing. 
Privacy Guides · The Protesters' Guide to Smartphone Security
Mehr von 
Jonah Aragon
Interesting Git repos of the week:
Detection:
* https://github.com/hdm/ctail - tail CA transparency logs with @hdm
* https://github.com/sgInnora/sharpeye - another Linux EDR
* https://github.com/HullaBrian/COMmander - enrich Windows RPC events
Exploitation:
* https://github.com/e-ago/bitcracker - BitLocker cracker
* https://github.com/Moopinger/smugglefuzz - HTTP downgrade fuzzer
* https://github.com/Ignitetechnologies/Windows-Privilege-Escalation - Windows LPE playbook
* https://github.com/giuliano108/SeBackupPrivilege - elevate/collect via SeBackupPrivilege
* https://github.com/adgaultier/caracal - sneaky bees
* https://github.com/v-p-b/xer - encoding h3x with @buherator
Hard hacks:
* https://github.com/zhuowei/cheese - PoC for CVE-2025-21479, affecting Adreno A7xx (Snapdragon 8 Gen 1 / XR2 Gen 2 and newer) devices
* https://github.com/tomasz-lisowski/simurai - evaluate SIM card security
GitHubGitHub - hdm/ctail: Tail Certificate Transparency logs and extract hostnamesTail Certificate Transparency logs and extract hostnames - hdm/ctail
Unexpected security footguns in Go's parsers
https://blog.trailofbits.com/2025/06/17/unexpected-security-footguns-in-gos-parsers/
The Trail of Bits Blog · Unexpected security footguns in Go's parsersFile parsers in Go contain unexpected behaviors that can lead to serious security vulnerabilities. This post examines how JSON, XML, and YAML parsers in Go handle edge cases in ways that have repeatedly resulted in high-impact security issues in production systems. We explore three real-world attack scenarios: marshaling/unmarshaling unexpected data, exploiting parser differentials, and leveraging data format confusion. Through examples, we demonstrate how attackers can bypass authentication, circumvent authorization controls, and exfiltrate sensitive data by exploiting these parser behaviors.
Billions of login credentials may have leaked. Here's how you can protect your accounts
A recent report by Cybernews claimed that 16 billion login credentials were exposed and compiled into datasets online, giving cybercriminals access to accounts for online platforms like Google, Apple and Facebook. While much is still unconfirmed about the leak, ex...
#security #cybercrime #data #leak #News #Business
https://www.cbc.ca/news/business/login-credentials-leak-password-protection-1.7567621?cmp=rss