GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Metacurity (metacurity@infosec.exchange)

  1. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Wednesday, 28-May-2025 18:23:32 JST Metacurity Metacurity

    Exclusive: Legal Practice Board of Western Australia confirms Dire Wolf ransomware attack
    https://www.cyberdaily.au/security/12158-exclusive-legal-practice-board-of-western-australia-confirms-dire-wolf-ransomware-attack

    In conversation about 7 hours ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: res.cloudinary.com
      Exclusive: Legal Practice Board of Western Australia confirms Dire Wolf ransomware attack
      from David Hollingworth
      Hacker newcomers claim to have exfiltrated 300 gigabytes of data, including limited contact details and correspondence and bank account information.
  2. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Friday, 16-May-2025 21:56:34 JST Metacurity Metacurity

    This should be much bigger news.

    CrowdStrike discovered that state officials in Rhode Island had been unaware for more than five months that its VPN system, managed by Deloitte, had been hacked. Deloitte didn't know until the hackers asked for a ransom.

    Now, it looks like RI will sue Deloitte.

    https://www.bostonglobe.com/2025/05/15/metro/ribridges-vpn-hack-ri-breach-personal-data-investigation-findings/

    Here is the CrowdStrike report.
    https://admin.ri.gov/sites/g/files/xkgbur536/files/2025-05/RIBridges%20Investigation%20Summary%20FINAL%20-%20External%20Release.pdf

    In conversation about 12 days ago from infosec.exchange permalink

    Attachments


  3. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Thursday, 15-May-2025 20:42:20 JST Metacurity Metacurity

    The Coinbase hack is expected to cost the company up to $400 million, and the company has launched a $20 million reward fund for information leading to the attackers’ arrest and conviction.
    https://www.investing.com/news/stock-market-news/coinbase-discloses-security-breach-expects-impact-of-up-to-400m-4047654

    In conversation about 13 days ago from infosec.exchange permalink

    Attachments


  4. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Wednesday, 07-May-2025 22:37:25 JST Metacurity Metacurity

    Oh goodie...

    Generative AI will surpass cybersecurity in many corporate tech budgets this year

    https://www.geekwire.com/2025/generative-ai-tops-cybersecurity-in-2025-tech-budget-priorities-new-aws-study-finds/

    In conversation about 21 days ago from infosec.exchange permalink
  5. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Tuesday, 06-May-2025 03:28:09 JST Metacurity Metacurity

    "Hackers have targeted GlobalX Air, one of the main airlines the Trump administration is using as part of its deportation efforts, and stolen what they say are flight records and passenger manifests of all of its flights, including those for deportation"
    https://www.404media.co/globalx-airline-for-trumps-deportations-hacked/

    In conversation about 23 days ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: www.404media.co
      GlobalX, Airline for Trump’s Deportations, Hacked
      from @josephfcox
      Hackers say they have obtained what they say are passenger lists for GlobalX flights from January to this month. The data appears to include people who have been deported.
  6. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Tuesday, 29-Apr-2025 20:08:16 JST Metacurity Metacurity

    Oracle engineers caused days-long software outage at U.S. hospitals
    https://www.cnbc.com/2025/04/28/oracle-engineers-caused-days-long-software-outage-at-us-hospitals.html

    In conversation about a month ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: image.cnbcfm.com
      Oracle engineers caused days-long software outage at U.S. hospitals
      from https://www.facebook.com/CNBC
      Oracle engineers triggered a five-day outage at several Community Health Systems hospitals, causing the facilities to temporarily return to paper-based records.
  7. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Wednesday, 23-Apr-2025 21:43:40 JST Metacurity Metacurity

    Really useful advice for these times we suddenly find ourselves in.

    How to hard-lock your iPhone in a hurry
    https://www.cultofmac.com/how-to/how-to-hard-lock-your-iphone-in-a-hurry?utm_source=flipboard&utm_medium=activitypub

    In conversation about a month ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: www.cultofmac.com
      How to hard-lock your iPhone in a hurry
      from David Snow
      If a police officer or federal agent requests or demands your iPhone, hard-lock it before handing it over to protect your private data.
  8. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Friday, 18-Apr-2025 21:33:52 JST Metacurity Metacurity

    Dozens of mobile providers across 35 countries are routing mobile traffic through major Chinese interconnect providers such as China Mobile International, China Telecom Global and China Unicom Global, allowing the Chinese telcos to conduct MITM attacks, track device locations in real time, intercept SMS and voice communications and "silently push spyware or malware onto target devices using signaling-level attacks."

    https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/external/iverify-abusing-data-in-the-middle.pdf

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/358/946/428/172/187/original/872ff2327983b6fd.png

  9. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Wednesday, 16-Apr-2025 21:12:25 JST Metacurity Metacurity

    Oh wow. This just in from a CISA spokesperson:

    “The CVE Program is invaluable to cyber community and a priority of CISA. Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners’ and stakeholders’ patience.”

    In conversation about a month ago from infosec.exchange permalink
  10. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Thursday, 10-Apr-2025 22:12:33 JST Metacurity Metacurity

    Chris Krebs and SentinelOne face a long slog to redress Trump's EO stripping them of their security clearances.

    This is the latest in a string of similar punitive actions against a host of Trump "enemies." As one legal expert told me, “We might as well live in Stalin’s Soviet Union.”

    Check out my latest piece in CSO.

    Trump revokes security clearances for Chris Krebs, SentinelOne in problematic precedent for security vendors

    https://www.csoonline.com/article/3958808/trump-revokes-security-clearances-for-chris-krebs-sentinelone-in-problematic-precedent-for-security-vendors.html

    In conversation about 2 months ago from infosec.exchange permalink
  11. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Thursday, 10-Apr-2025 04:52:17 JST Metacurity Metacurity

    Hackers Breach Berkshire Hathaway’s NetJets, Steal Client Data
    https://www.bloomberg.com/news/articles/2025-04-09/hackers-breach-berkshire-hathaway-s-netjets-steal-client-data?utm_medium=email&utm_source=author_alert&utm_term=250409&utm_campaign=author_22719966

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments


  12. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Wednesday, 26-Mar-2025 21:25:32 JST Metacurity Metacurity

    Exclusive: DOGE staffer, 'Big Balls', provided tech support to cybercrime ring, records show
    https://www.reuters.com/world/us/doge-staffer-big-balls-provided-tech-support-cybercrime-ring-records-show-2025-03-26/

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments


  13. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Monday, 17-Mar-2025 20:16:48 JST Metacurity Metacurity

    The greatest thing of the day - when Microsoft needlessly demanded a PoC video for a vulnerability that analyst Will Dormann discovered and was well-documented, he submitted a 15-minute video that contained a clip from Zoolander, in which the protagonist unveils the "Center for Kids Who Can't Read Good," as well as a punchy techno backing track while wasting the reviewer's time with approximately 14 minutes of inactivity.
    https://www.theregister.com/2025/03/17/microsoft_bug_report_troll/

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: regmedia.co.uk
      Researcher trolls Microsoft over bug disclosure annoyance
      Updated: Maddening techno loop, Zoolander reference, and 14 minutes of time wasted
  14. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Wednesday, 05-Mar-2025 02:20:53 JST Metacurity Metacurity

    Exclusive: Fired US government workers with top security clearances were not given exit briefings, sources say
    https://www.reuters.com/world/us/fired-us-government-workers-with-top-security-clearances-were-not-given-exit-2025-03-04/

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments


  15. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Wednesday, 26-Feb-2025 08:36:26 JST Metacurity Metacurity

    It's all over but the shouting my friends.

    "Within the White House complex, the WiFi permissions — meant to bolster security by prompting users to log in frequently — were recently changed to allow guests to remain logged in for a year, up from seven days, because so many personal devices are newly in use."
    https://www.washingtonpost.com/business/2025/02/25/elon-musk-doge-data-privacy-security/

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments


  16. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Sunday, 02-Feb-2025 09:46:16 JST Metacurity Metacurity

    https://www.wired.com/story/doge-hr-elon-musk-resignation-fork-road-leaked-staff-meeting/

    “One employee expressed concerns that outside actors could send resignation emails on staffers’ behalf by spoofing their email addresses.”

    In conversation about 4 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: media.wired.com
      DOGE Staff Had Questions About the 'Resign' Email. Their New HR Chief Dodged Them
      from Makena Kelly
      "I think the information that you’re going to have about this is available to you right now,” Stephanie Holmes told workers at Elon Musk's DOGE who pressed for detail on offers of “deferred resignation.”
  17. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Saturday, 01-Feb-2025 06:10:33 JST Metacurity Metacurity

    Musk has locked OPM workers out of their computer systems.

    Exclusive: Musk aides lock government workers out of computer systems at US agency, sources say
    https://www.reuters.com/world/us/musk-aides-lock-government-workers-out-computer-systems-us-agency-sources-say-2025-01-31/

    In conversation about 4 months ago from infosec.exchange permalink

    Attachments


  18. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Sunday, 19-Jan-2025 05:59:30 JST Metacurity Metacurity

    "Norway is sounding the alarm after discovering that Russia is no longer only disrupting the Global Navigation Satellite Systems (GNSS) across the border, but also spoofing GPS signals, an attack that can cause significant disruption to commercial aviation."

    "We were spoofed on approaching Kirkenes today”
    https://www.thebarentsobserver.com/news/we-were-spoofed-on-approaching-kirkenes-today/423323

    In conversation about 4 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: image.thebarentsobserver.com
      'We were spoofed on approaching Kirkenes today”
      from Thomas Nilsen
      Norway is sounding the alarm after discovering that Russia is no longer only jamming the Global Navigation Satellite Systems (GNSS) across the border, but also spoofing GPS signals, an attack that can cause significant disruption to commercial aviation.
  19. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Tuesday, 07-Jan-2025 00:45:04 JST Metacurity Metacurity

    Violent Hackers Are Using U-Haul To Dox Targets
    https://www.404media.co/violent-hackers-are-using-u-haul-to-dox-targets/

    In conversation about 5 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: www.404media.co
      Violent Hackers Are Using U-Haul To Dox Targets
      from @josephfcox
      Members of an underground criminal community are targeting U-Haul because of the wealth of non-public information it can hold on targets.
  20. Embed this notice
    Metacurity (metacurity@infosec.exchange)'s status on Thursday, 19-Dec-2024 05:29:02 JST Metacurity Metacurity

    Even though the HOPE (Hackers on Planet Earth) conference is usually slated for every other year, given the success of the 2024 conference, HOPE will take place again next year.

    I just got an email saying HOPE_16 will occur August 15-17, 2025, at St. John's University in Queens, New York City.

    I'm definitely going this time.

    In conversation about 5 months ago from infosec.exchange permalink
  • Before

User actions

    Metacurity

    Metacurity

    Metacurity.com (https://metacurity.com) is the one-stop destination for leading infosec news and cybersecurity developments. Run by infosec writer and columnist Cynthia Brumfield, Metacurity draws from thousands of sources every day to deliver aggregated summaries of the latest infosec developments. If anyone wants to get in touch with me, on or off the record, you can reach me at cynthia [at] digitalcrazytown.com or on Signal via Cynthia.507. Sign up for our free daily emails at https://www.metacurity.com/subscribe. Searchable

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          22589
          Member since
          10 Nov 2022
          Notices
          47
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.