Over Security

Over Security

33592 bookmarks
Custom sorting
Maine disables data breach notification portal after fake disclosures
Maine disables data breach notification portal after fake disclosures
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, prompting a review of procedures to prevent abuse in the future.
·bleepingcomputer.com·
Maine disables data breach notification portal after fake disclosures
phpBB forum fixes auth bypass bug lurking for a decade
phpBB forum fixes auth bypass bug lurking for a decade
A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators.
·bleepingcomputer.com·
phpBB forum fixes auth bypass bug lurking for a decade
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to software supply-chain risk.
·bleepingcomputer.com·
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
Microsoft fixes Windows update failures linked to WUSA installer
Microsoft fixes Windows update failures linked to WUSA installer
Microsoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share.
·bleepingcomputer.com·
Microsoft fixes Windows update failures linked to WUSA installer
Da alert fatigue a cyber resilience: come Novomatic ha trasformato il proprio SOC con HyperSOC
Da alert fatigue a cyber resilience: come Novomatic ha trasformato il proprio SOC con HyperSOC
Infrastruttura on-premise complessa, molteplici obblighi normativi e un SOC sommerso dagli alert: queste le sfide di Novomatic Italia. Ecco come la collaborazione con HWG Sababa e l’uso della piattaforma HyperSOC hanno ridefinito detection, risposta e resilienza
·cybersecurity360.it·
Da alert fatigue a cyber resilience: come Novomatic ha trasformato il proprio SOC con HyperSOC
Pharma giant Novo Nordisk discloses breach of clinical trials data
Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials.
·bleepingcomputer.com·
Pharma giant Novo Nordisk discloses breach of clinical trials data
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04.
·bleepingcomputer.com·
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
Over 73,000 French govt employees affected in Tchap messenger breach
Over 73,000 French govt employees affected in Tchap messenger breach
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector.
·bleepingcomputer.com·
Over 73,000 French govt employees affected in Tchap messenger breach
Fable 5 Mythos violato in 24 ore: il caso che scuote la cybersecurity
Fable 5 Mythos violato in 24 ore: il caso che scuote la cybersecurity
Il caso del jailbreak a Fable 5, con esposizione delle sue istruzioni segrete, mostra quanto siano fragili i sistemi di sicurezza proprietari davanti ad attacchi distribuiti e agentici. L’incidente diventa un monito sulla nuova fase della cybersecurity legata agli HACCA
·cybersecurity360.it·
Fable 5 Mythos violato in 24 ore: il caso che scuote la cybersecurity
Debito organizzativo: il costo nascosto del “poi vediamo”
Debito organizzativo: il costo nascosto del “poi vediamo”
Attraverso l'esame dei rischi trasversali che colpiscono la data protection, la cyber security, l'intelligenza artificiale e le risorse umane nella Governance by design, ecco come le moderne normative fungono da preziosi acceleratori per intercettare le vulnerabilità in fase di progettazione e strutturare organizzazioni resilienti
·cybersecurity360.it·
Debito organizzativo: il costo nascosto del “poi vediamo”
Debito organizzativo: il costo nascosto del “poi vediamo”
Debito organizzativo: il costo nascosto del “poi vediamo”
Attraverso l'esame dei rischi trasversali che colpiscono la data protection, la cyber security, l'intelligenza artificiale e le risorse umane nella Governance by design, ecco come le moderne normative fungono da preziosi acceleratori per intercettare le vulnerabilità in fase di progettazione e strutturare organizzazioni resilienti
·cybersecurity360.it·
Debito organizzativo: il costo nascosto del “poi vediamo”
Maine breach portal abused to publish fake data breach disclosures
Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims.
·bleepingcomputer.com·
Maine breach portal abused to publish fake data breach disclosures
Oracle warns of security bug that hackers abused to breach 100+ companies
Oracle warns of security bug that hackers abused to breach 100+ companies
The tech giant warned of a security flaw that a cybercrime gang said it's exploiting as part of a mass-hacking campaign. Google said it notified more than 100 organizations that had potentially vulnerable servers.
·techcrunch.com·
Oracle warns of security bug that hackers abused to breach 100+ companies
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks.
·bleepingcomputer.com·
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
A tale of two eras
A tale of two eras
In this week’s newsletter, Amy reminisces on the tech toys of their childhood, inspired by a hilarious lesson about why your digital privacy shouldn't be left on an open channel.
·blog.talosintelligence.com·
A tale of two eras