Over Security

Over Security

33613 bookmarks
Custom sorting
Microsoft: June 2026 Windows updates break Recycle Bin prompts
Microsoft: June 2026 Windows updates break Recycle Bin prompts
Microsoft has confirmed a confusing Windows bug that causes different filenames to appear in the confirmation dialog when deleting a file from the Recycle Bin.
·bleepingcomputer.com·
Microsoft: June 2026 Windows updates break Recycle Bin prompts
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks.
·bleepingcomputer.com·
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
NY man charged after harassing college student with AI-generated nudes
NY man charged after harassing college student with AI-generated nudes
A New York man faces cyberstalking charges after allegedly sharing AI-generated nude images and fabricated racist messages using fake social media profiles to harass a Georgia college student.
·bleepingcomputer.com·
NY man charged after harassing college student with AI-generated nudes
New iPhone BootROM Flaw Enables Hardware-Level Compromise
New iPhone BootROM Flaw Enables Hardware-Level Compromise
iPhone BootROM vulnerability affects A12, A13 and Apple Watch S4/S5 devices, enabling SecureROM code compromise via USB flaw in usbliter8 exploit.
·thecyberexpress.com·
New iPhone BootROM Flaw Enables Hardware-Level Compromise
Governance by design: il prezzo delle scorciatoie
Governance by design: il prezzo delle scorciatoie
Ridurre le analisi, comprimere le verifiche e rinviare le valutazioni può apparire come la scelta più conveniente, per accelerare i processi decisionali. Ma l'esperienza sul campo svela l'importanza della Governance by design. Ecco perché le scorciatoie si trasformano in costi dilatati, asimmetrici e imprevedibili
·cybersecurity360.it·
Governance by design: il prezzo delle scorciatoie
CISA warns Fortinet users to secure devices after FortiBleed leak
CISA warns Fortinet users to secure devices after FortiBleed leak
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed "FortiBleed."
·bleepingcomputer.com·
CISA warns Fortinet users to secure devices after FortiBleed leak
Ralph Lauren - 139,903 breached accounts
Ralph Lauren - 139,903 breached accounts
In June 2026, fashion retailer Ralph Lauren was targeted in a ShinyHunters "pay or leak" extortion campaign. The group subsequently published hundreds of gigabytes of data they claimed was obtained from the organisation's Salesforce instance, including 140k unique email addresses along with names, phone numbers, genders and age groups.
·haveibeenpwned.com·
Ralph Lauren - 139,903 breached accounts
Gentlemen ransomware uses multiple EDR killers to disable defenses
Gentlemen ransomware uses multiple EDR killers to disable defenses
The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliates evade detection in attacks.
·bleepingcomputer.com·
Gentlemen ransomware uses multiple EDR killers to disable defenses
Operation Endgame 4.0 - 153,527 breached accounts
Operation Endgame 4.0 - 153,527 breached accounts
On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation, a prolific malware distribution network used to compromise systems and facilitate further cybercrime. Coordinated by international law enforcement agencies with support from Europol and Eurojust, the operation remediated almost 15,000 compromised websites and disrupted more than 100 servers and domains used to distribute malware. Authorities also provided HIBP with 154k impacted email addresses and more than half a million previously unseen passwords.
·haveibeenpwned.com·
Operation Endgame 4.0 - 153,527 breached accounts
FlipCTL — our GUI framework for embedded Linux systems
FlipCTL — our GUI framework for embedded Linux systems
Do you know why Flipper Zero is so popular? Not because of the little cute dolphin, but because you can use it right out of the box. If we made Flipper Zero in a Proxmark3-like form factor without a screen (no offense, Iceman), it would only be used by a small group of hardcore professionals. We all love simple, clear things: press a button and get results. Before Flipper Zero, no one really cared about intuitive interfaces of niche devices for geeks. Everyone was building separate hardware and
·blog.flipper.net·
FlipCTL — our GUI framework for embedded Linux systems
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised.
·bleepingcomputer.com·
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Close Encounters of the Human Kind
Close Encounters of the Human Kind
In the latest Threat Source, Hazel channels her inner Spielberg to explore why humans are delightfully irrational, reminding us that while security best practices are simple in theory, they’re a lot harder to pull off when you’re busy dealing with real life.
·blog.talosintelligence.com·
Close Encounters of the Human Kind
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded…
·krebsonsecurity.com·
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
USB worm spreads crypto-stealing malware via Windows shortcut files
USB worm spreads crypto-stealing malware via Windows shortcut files
Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self-spreading capabilities and using the Tor network to conceal communication.
·bleepingcomputer.com·
USB worm spreads crypto-stealing malware via Windows shortcut files
Lock-in tecnologico cyber: come pianificare la strategia di uscita
Lock-in tecnologico cyber: come pianificare la strategia di uscita
Il lock-in tecnologico è uno dei rischi più sottovalutati nella governance IT: invisibile finché non diventa urgente, costoso da gestire quando si materializza. Questa guida analizza le quattro forme del lock-in, introduce il Vendor Dependency Index come strumento di misurazione e illustra le strategie di exit per proteggere la continuità operativa
·cybersecurity360.it·
Lock-in tecnologico cyber: come pianificare la strategia di uscita
The Analyst's New Job Description
The Analyst's New Job Description
The deterministic work is moving to agents, which is good, because that's where most of the burnout was coming from. The judgment work is staying with humans, which is also good, because that's where the value is. The deterministic work is moving to agents, which is good, because that's where most of the burnout was coming from. The judgment work is staying with humans, which is also good, because that's where the value is. What's leaving the analyst's queue If you walk through a typical Tier 1 day from 2022, most of it is deterministic work. That work is leaving the queue. The remaining tier-1 work in 2027 isn't pre-processing alerts. The work that's moving is the work analysts were burning out on. The work that's staying, and growing, is the work analysts wanted to do in the first place. It's a redistribution within it, with the boring 80 percent of the work moving off the human side. They're the ones whose training, hiring, and metrics still treat queue throughput as the primary signal. Three new responsibilities are landing on the analyst's desk The work moving onto the analyst's desk has three identifiable shapes. In the 2022 model, hunting was an aspirational activity that senior analysts did when the queue was clear, which was approximately never. This is judgment work, and it requires the analyst to read the agent output critically, not deferentially. Stop training on Speed at queue clicking Individual log interpretation in isolation Tickets-per-shift as the throughput metric Start training on Hypothesis construction for hunting Critical evaluation of AI output Decision-provenance discipline Cross-system timeline construction Hiring for ambiguity tolerance If your reviews still anchor on tickets-per-shift, you are training for the old job. Stop training analysts to be fast at queue clicking. The training time you are spending on queue speed is training time you are not spending on the new work. Reading a single firewall log and deciding what it means is exactly the deterministic pattern-matching work that agents handle better. With it, the agent layer gets better, the audit trail gets stronger, and new analysts ramp faster. Building a real training program requires senior analysts with curriculum-design time, leadership that is willing to invest before payoff, and a hiring pipeline that filters for the right traits rather than the legacy ones. The replacement narrative assumes the work is fungible and the agent does it cheaper. The deterministic work is fungible and the agent does that part cheaper, yes. The judgment work isn't fungible, and the agent doesn't do it at all.
·binarydefense.com·
The Analyst's New Job Description
Editoriale newsletter Guerre Di Rete
Editoriale newsletter Guerre Di Rete
Come certamente sapete, lo scorso 3 Giugno Carola Frediani è venuta a mancare.
·guerredirete.substack.com·
Editoriale newsletter Guerre Di Rete
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Market intelligence platform Klue suffered a OAuth breach that enabled the "Icarus" threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign.
·bleepingcomputer.com·
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks