Over Security

Over Security

33613 bookmarks
Custom sorting
Residential proxies evaded IP reputation checks in 78% of 4B sessions
Residential proxies evaded IP reputation checks in 78% of 4B sessions
Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinction between attackers and legitimate users.
·bleepingcomputer.com·
Residential proxies evaded IP reputation checks in 78% of 4B sessions
Internet in Russia al rallentatore: fra restrizioni e aggiramenti, ecco il futuro della rete dello zar
Internet in Russia al rallentatore: fra restrizioni e aggiramenti, ecco il futuro della rete dello zar
Parallelamente al filtraggio puntuale, le autorità hanno perfezionato la tecnica del throttling, per rendere praticamente inutilizzabili le piattaforme prese di mira. Ecco cosa succede a Internet in Russia, dove l'infrastruttura di censura spicca tra le più sofisticate al mondo e si va verso un ecosistema digitale alternativo alla cinese: chiuso e controllato
·cybersecurity360.it·
Internet in Russia al rallentatore: fra restrizioni e aggiramenti, ecco il futuro della rete dello zar
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
Threat actors are exploiting vacant homes as "drop addresses" to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector.
·bleepingcomputer.com·
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments.
·bleepingcomputer.com·
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
Medtech giant Stryker fully operational after data-wiping attack
Medtech giant Stryker fully operational after data-wiping attack
Stryker Corporation, one of the world's leading medical technology companies, says it's fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the Iranian-linked Handala hacktivist group.
·bleepingcomputer.com·
Medtech giant Stryker fully operational after data-wiping attack
[Video] The TTP Ep 21: When Attackers Become Trusted Users
[Video] The TTP Ep 21: When Attackers Become Trusted Users
An episode of the Talos Threat Perspective on the 2025 Year in Review trends. We explore how identity is being used to gain, extend, and maintain access inside environments.
·blog.talosintelligence.com·
[Video] The TTP Ep 21: When Attackers Become Trusted Users
App-server Codex di OpenAI: configurazione insicura espone a esecuzione di comandi remoti
App-server Codex di OpenAI: configurazione insicura espone a esecuzione di comandi remoti
Il CERT-AgID ha segnalato un problema di sicurezza dell’app-server Codex di OpenAI: non prevedendo meccanismi di protezione e autenticazione, una sua esposizione in rete potrebbe consentire a soggetti non autorizzati di interagire direttamente con il sistema ed eseguire comandi remoti. Ecco come mitigare il rischio
·cybersecurity360.it·
App-server Codex di OpenAI: configurazione insicura espone a esecuzione di comandi remoti
Critical Cisco IMC auth bypass gives attackers Admin access
Critical Cisco IMC auth bypass gives attackers Admin access
Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) authentication bypass that enables attackers to gain Admin access.
·bleepingcomputer.com·
Critical Cisco IMC auth bypass gives attackers Admin access
Qilin EDR killer infection chain
Qilin EDR killer infection chain
This blog provides an in-depth analysis of the malicious “msimg32.dll” used in Qilin ransomware attacks, which is a multi-stage infection chain targeting EDR systems.
·blog.talosintelligence.com·
Qilin EDR killer infection chain
Phishing e attacchi AiTM: come le email compromesse diventano trampolini per spam massivo
Phishing e attacchi AiTM: come le email compromesse diventano trampolini per spam massivo
Il phishing non punta più a leggere le email ma a usare account compromessi come trampolini. Tecniche AiTM intercettano token e cookie di sessione aggirando l'MFA, mentre i kit di phishing-as-a-service abbassano la barriera tecnica. Necessario monitoraggio comportamentale e analisi forense post-compromissione
·cybersecurity360.it·
Phishing e attacchi AiTM: come le email compromesse diventano trampolini per spam massivo
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) vulnerability.
·bleepingcomputer.com·
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
Vertex AI e il rischio dei “double agent” AI
Vertex AI e il rischio dei “double agent” AI
Un recente studio della Unit 42 di Palo Alto ha messo in luce un aspetto ancora poco esplorato della sicurezza dei sistemi basati su agenti AI: la possibilità che un agente distribuito in ambienti enterprise possa trasformarsi in un “doppiogiochista” (un  double agent) capace di compromettere l’intera infrastruttura cloud. L’analisi si concentra sulla piattaforma Vertex …
·securityinfo.it·
Vertex AI e il rischio dei “double agent” AI
New CrystalRAT malware adds RAT, stealer and prankware features
New CrystalRAT malware adds RAT, stealer and prankware features
A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities.
·bleepingcomputer.com·
New CrystalRAT malware adds RAT, stealer and prankware features