Over Security

Over Security

33608 bookmarks
Custom sorting
Dal progetto al processo: i 5 errori che bloccano la sicurezza
Dal progetto al processo: i 5 errori che bloccano la sicurezza
Governare il passaggio da progetto a processo significa gestire persone, ruoli, responsabilità e il cambiamento culturale che ne consegue. Ecco gli errori e le pratiche per passare dal “fare” al “funzionare”
·cybersecurity360.it·
Dal progetto al processo: i 5 errori che bloccano la sicurezza
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions.
·bleepingcomputer.com·
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Microsoft removes Support and Recovery Assistant from Windows
Microsoft removes Support and Recovery Assistant from Windows
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10.
·bleepingcomputer.com·
Microsoft removes Support and Recovery Assistant from Windows
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks.
·bleepingcomputer.com·
Microsoft links Medusa ransomware affiliate to zero-day attacks
Drift $280M crypto theft linked to 6-month in-person operation
Drift $280M crypto theft linked to 6-month in-person operation
The Drift Protocol says that the $280+ million hack it suffered last week was the result of a long-term, carefully planned operation that included building "a functioning operational presence inside the Drift ecosystem."
·bleepingcomputer.com·
Drift $280M crypto theft linked to 6-month in-person operation
CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability by Friday.
·bleepingcomputer.com·
CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
Why Simple Breach Monitoring is No Longer Enough
Why Simple Breach Monitoring is No Longer Enough
Infostealers are harvesting credentials and session cookies at scale, bypassing traditional defenses. Lunar explains why simple breach monitoring alone can't keep up with modern credential-based attacks.
·bleepingcomputer.com·
Why Simple Breach Monitoring is No Longer Enough
North Korea Spent 6 Months Infiltrating Drift Protocol Only to Drain $285M in 12 Mins
North Korea Spent 6 Months Infiltrating Drift Protocol Only to Drain $285M in 12 Mins
The message Drift Protocol posted to X on April 1, opened with an unusual disclaimer: "This is not an April Fools joke." Within hours, the reason became clear. A $285 million exploit had wiped out more than half of the Solana-based decentralized perpetual futures exchange's total value.
·thecyberexpress.com·
North Korea Spent 6 Months Infiltrating Drift Protocol Only to Drain $285M in 12 Mins