Over Security

Over Security

33557 bookmarks
Custom sorting
Relazione annuale: quando il Garante privacy ridefinisce sé stesso
Relazione annuale: quando il Garante privacy ridefinisce sé stesso
Dall'IA alla cyber sicurezza, passando per Big Tech, sanità digitale e diritto di cronaca: la Relazione annuale 2025 del Garante privacy descrive una precisa idea del ruolo che l'Autorità ritiene di dover assumere nell'era dell'intelligenza artificiale, della geopolitica dei dati e della governance digitale
·cybersecurity360.it·
Relazione annuale: quando il Garante privacy ridefinisce sé stesso
Sicurezza urbana e Codice della strada: due finalità che il GDPR non considera equivalenti
Sicurezza urbana e Codice della strada: due finalità che il GDPR non considera equivalenti
Il Garante privacy ha sanzionato un Comune per aver utilizzato il filmato di una telecamera installata a fini di sicurezza urbana per ricostruire la dinamica di un incidente stradale e contestare una violazione del Codice della strada: due finalità ritenute incompatibili. Ecco una riflessione operativa sull’importanza di una corretta DPIA
·cybersecurity360.it·
Sicurezza urbana e Codice della strada: due finalità che il GDPR non considera equivalenti
Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign
Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign
An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake Stealer, to target organizations in Russia, Kazakhstan, and Brazil.
·securelist.com·
Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign
Piste di decollo e firewall: i 2 fattori che pesano sulla cyber security aeroportuale
Piste di decollo e firewall: i 2 fattori che pesano sulla cyber security aeroportuale
Ogni secondo in cui un aeroporto opera, migliaia di dispositivi connessi si scambiano dati. L'infrastruttura digitale, che accompagna i passeggeri al gate, è una delle superfici di attacco più esposte e complesse fra tutte le critiche. Ecco perché la complessità è il cuore del problema, in un sistema di sistemi dove gli incidenti cyber si propagano
·cybersecurity360.it·
Piste di decollo e firewall: i 2 fattori che pesano sulla cyber security aeroportuale
Your Credentials are Invited: How Corporate Cyber Defenses are Flanked by Paperless Post Phish
Your Credentials are Invited: How Corporate Cyber Defenses are Flanked by Paperless Post Phish
The message looks harmless — a wedding invitation, a shared card, a document someone wants you to see. It's wedding season after all. Better yet, it arrives from a name you recognize: a colleague, a client, a friend. That is the whole trick. The social-invite phish is engineered to look like the least threatening thing in your inbox, and it is precisely that disguise that carries it past the layered defenses a corporate security team spends its budget on. We have tracked this technique in enterprise browsers continuously for more than two years — from early 2024 through last week — and while the consumer press treats it as a personal-inbox nuisance, what we see is a credential-and-OTP harvester wearing a costume built to flank the enterprise stack.
·pixmsecurity.com·
Your Credentials are Invited: How Corporate Cyber Defenses are Flanked by Paperless Post Phish
Your Credentials are Invited: How Corporate Cyber Defenses are Flanked by Paperless Post Phish
Your Credentials are Invited: How Corporate Cyber Defenses are Flanked by Paperless Post Phish
The message looks harmless — a wedding invitation, a shared card, a document someone wants you to see. It's wedding season after all. Better yet, it arrives from a name you recognize: a colleague, a client, a friend. That is the whole trick. The social-invite phish is engineered to look like the least threatening thing in your inbox, and it is precisely that disguise that carries it past the layered defenses a corporate security team spends its budget on. We have tracked this technique in enterprise browsers continuously for more than two years — from early 2024 through last week — and while the consumer press treats it as a personal-inbox nuisance, what we see is a credential-and-OTP harvester wearing a costume built to flank the enterprise stack.
·pixmsecurity.com·
Your Credentials are Invited: How Corporate Cyber Defenses are Flanked by Paperless Post Phish
Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
Anthropic says Claude Fable 5 won't be accessible via Claude subscriptions after July 7, but it's not a permanent change, and the company expects the model to return outside the usage-based plan soon.
·bleepingcomputer.com·
Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
Claude Fable relaunch disappoints users with nerfed performance
Claude Fable relaunch disappoints users with nerfed performance
Claude Fable, the company's most powerful model, is now available to all users, but early impressions are disappointing, as it appears to be nowhere near the original release.
·bleepingcomputer.com·
Claude Fable relaunch disappoints users with nerfed performance
FBI Seizes NetNut Proxy Platform, Popa Botnet
FBI Seizes NetNut Proxy Platform, Popa Botnet
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly…
·krebsonsecurity.com·
FBI Seizes NetNut Proxy Platform, Popa Botnet
Catan and Mouse
Catan and Mouse
What do board games and cybersecurity have in common? Pattern recognition. Strategy. Adaptation. In this week’s Threat Source Bill explores why curiosity may be a defender’s most valuable skill.
·blog.talosintelligence.com·
Catan and Mouse
Remus Stealer: A New, Not-So-New Infostealer
Remus Stealer: A New, Not-So-New Infostealer
In this post, we explore the emergence of Remus Stealer, analyzing its structural and behavioral similarities to the infamous Lumma malware.
·flashpoint.io·
Remus Stealer: A New, Not-So-New Infostealer
Hacker russi dietro l’attacco a Jaguar Land Rover: nuovo capitolo della guerra ibrida
Hacker russi dietro l’attacco a Jaguar Land Rover: nuovo capitolo della guerra ibrida
Le indagini, relative al cyber attacco a Jaguar Land Rover dello scorso settembre, che aveva causato paralisi operativa, portano ad hacker russi, ancora da stabilire se legati a Vladimir Putin. Ecco cosa è stato scoperto dell'incidente cyber più grave di sempre, costato danni pari a 1,9 miliardi di sterline, quanto il Pil di un Paese
·cybersecurity360.it·
Hacker russi dietro l’attacco a Jaguar Land Rover: nuovo capitolo della guerra ibrida
Google loses final appeal to overturn €4.1 billion EU fine
Google loses final appeal to overturn €4.1 billion EU fine
Court of Justice of the European Union (CJEU) has dismissed Google's final appeal against a €4.1 billion ($4.7 billion) antitrust fine over the company's use of Android to promote its Chrome browser and search service.
·bleepingcomputer.com·
Google loses final appeal to overturn €4.1 billion EU fine
Fable 5 torna online, ma con più filtri e più controllo pubblico
Fable 5 torna online, ma con più filtri e più controllo pubblico
Anthropic ha riattivato Fable 5 dopo lo stop imposto da Washington. Il modello rientra con nuove misure di sicurezza, limiti più severi sulle richieste sensibili e un precedente che pesa sui prossimi rilasci dei frontier model
·cybersecurity360.it·
Fable 5 torna online, ma con più filtri e più controllo pubblico
Microsoft fixes bug that removed Copilot button in Outlook
Microsoft fixes bug that removed Copilot button in Outlook
Microsoft has fixed a known issue causing the Copilot Chat or Copilot buttons in Classic Outlook to disappear for Windows users with the Copilot Chat (Basic) license.
·bleepingcomputer.com·
Microsoft fixes bug that removed Copilot button in Outlook
Opera rolls out Paste Protect feature to fight ClickFix attacks
Opera rolls out Paste Protect feature to fight ClickFix attacks
Opera has introduced Paste Protect, a security feature designed to block ClickFix-style attacks that trick users into executing malicious commands through social engineering.
·bleepingcomputer.com·
Opera rolls out Paste Protect feature to fight ClickFix attacks
CISA: Microsoft SharePoint RCE flaw now actively exploited
CISA: Microsoft SharePoint RCE flaw now actively exploited
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution vulnerability patched in May.
·bleepingcomputer.com·
CISA: Microsoft SharePoint RCE flaw now actively exploited
Alleged Scattered Spider hacker extradited to the United States
Alleged Scattered Spider hacker extradited to the United States
A dual United States and Estonian citizen has been extradited to the U.S. to face charges alleging he was a member of the Scattered Spider hacking collective.
·bleepingcomputer.com·
Alleged Scattered Spider hacker extradited to the United States