Hacker Conference #HOPE Says U.S. #Immigration Crackdown Caused Massive Crash in Ticket Sales

https://www.404media.co/hacker-conference-hope-says-fewer-people-buying-tickets-because-u-s-immigration-crackdown/

#cybersecurity #hacking

Wir haben ein internationales Treffen in Berlin veranstaltet. 26 Teilnehmende aus neun Ländern teilten ihr Wissen zur länderübergreifenden Harmonisierung von Cybersecurity-Labelling-Programmen für digitale Produkte am Verbrauchermarkt.

Mehr Eindrücke findet ihr im Video.

Mit dem IT-Sicherheitskennzeichen bieten wir als BSI ein eigenes, nationales #Cybersecurity Label an, das Hersteller digitaler Geräte und Dienste freiwillig bei uns beantragen können: http://www.bsi.bund.de/it-sik/hersteller

#FTC finalizes order requiring #GoDaddy to secure #hosting services

https://www.bleepingcomputer.com/news/security/ftc-finalizes-order-requiring-godaddy-to-secure-hosting-services/

#cybersecurity #WebHosting

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

https://www.wired.com/story/mysterious-database-logins-governments-social-media/

#cybersecurity #privacy #DataBreach

Unpatched critical bugs in #VersaConcerto lead to auth bypass, RCE

https://www.bleepingcomputer.com/news/security/unpatched-critical-bugs-in-versa-concerto-lead-to-auth-bypass-rce/

#cybersecurity #Versa

"If you attempt to take a screenshot of Signal Desktop when screen security is enabled, nothing will appear. This limitation can be frustrating, but it might look familiar to you if you’ve ever had the audacity to try and take a screenshot of a movie or TV show on Windows. According to Microsoft’s official developer documentation, setting the correct Digital Rights Management (DRM) flag on the application window will ensure that “content won’t show up in Recall or any other screenshot application.” So that’s exactly what Signal Desktop is now doing on Windows 11 by default.

A stylized close-up crop of a movie screenplay that says "INT. COPILOT+ PC MANUFACTURING FACILITY - NIGHT - METALLIC SHELVES in endless rows stretch into the darkness. Two figures crouch in the shadows. ALICE: DRM technology has been consistently used against us. BOB: It won't be the first time we've turned the tables. ALICE: My life has always felt like a movie."

Apps like Signal have essentially no control over what content Recall is able to capture, and implementing “DRM” that works for you (not against you) is the best choice that we had. It’s like a scene in a movie where the villain has switched sides, and you can’t screenshot this one by default either."

https://signal.org/blog/signal-doesnt-recall/

#CyberSecurity #Privacy #DataProtection #Microsoft #Windows #WindowsRecall #Signal #Messaging

Happy Families: new certificates for faster and easier relay management

https://blog.torproject.org/happy-families/

#Tor #cybersecurity #anonymity #privacy #FOSS

Signal Messenger is warning the users of its Windows Desktop version that the privacy of their messages is under threat by Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store almost everything a user does every three seconds. Via @arstechnica@mastodon.social. #Signal #Cybersecurity #Windows #Recall #AI #Tech #Technology https://flip.it/bztLbn

Critical #Samlify #SSO flaw lets attackers log in as admin

https://www.bleepingcomputer.com/news/security/critical-samlify-sso-flaw-lets-attackers-log-in-as-admin/

#cybersecurity

Russian hackers breach orgs to track #aid routes to #Ukraine

https://www.bleepingcomputer.com/news/security/russian-hackers-breach-orgs-to-track-aid-routes-to-ukraine/

#Russia #cybersecurity #politics

#3AM #ransomware uses spoofed #IT calls, #email bombing to breach networks

https://www.bleepingcomputer.com/news/security/3am-ransomware-uses-spoofed-it-calls-email-bombing-to-breach-networks/

#cybersecurity #SocialEngineering

Data-stealing #Chrome extensions impersonate #Fortinet, #YouTube, VPNs

https://www.bleepingcomputer.com/news/security/data-stealing-chrome-extensions-impersonate-fortinet-youtube-vpns/

#VPN #cybersecurity

Trojanized #RVTools push #Bumblebee #malware in #SEO poisoning campaign

https://www.bleepingcomputer.com/news/security/trojanized-rvtools-push-bumblebee-malware-in-seo-poisoning-campaign/

#cybersecurity

#KetteringHealth hit by system-wide outage after #ransomware attack

https://www.bleepingcomputer.com/news/security/kettering-health-hit-by-system-wide-outage-after-ransomware-attack/

#healthcare #cybersecurity

Marks & Spencer faces $402 million profit hit after #cyberattack

https://www.bleepingcomputer.com/news/security/marks-and-spencer-faces-402-million-profit-hit-after-cyberattack/

#MarksAndSpencer #UK #retail #cybersecurity #DataBreach #privacy

"On May 12, Coinbase announced it will join the S&P 500 as its “first and only crypto company”.1a This is the latest change that may see more American investors inadvertently exposed to the cryptocurrency industry via index funds, following MicroStrategy’s entry into the NASDAQ-100 in December 2024.

Their joy was likely tempered when, only two days later on May 14, they had to announce a data breach that exposed customer data including names, addresses, phone numbers, email addresses, images of government ID documents, account balance and transaction data, and masked social security and bank account numbers. Although leaks like this typically lead to an uptick in phishing attempts, where scammers use the private information to contact customers and more convincingly impersonate Coinbase employees, the leak of account balance data and customer addresses is also particularly concerning given the recent spike in violent attacks and kidnappings targeting wealthy crypto holders.

Crypto security researchers have been warning for months about Coinbase’s evidently poor security practices and lack of attention to customer complaints, and describing hacks in which victims reported being scammed by attackers who seemed to have access to private Coinbase data. In February, zachxbt wrote: “Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make these changes and set a good example but they have chosen to do little to nothing.”

According to Coinbase, the data thieves bribed some members of Coinbase’s poorly paid offshore customer support team, who they described as “rogue overseas support agents”, who are reportedly earning less than $5,000 annually."

https://www.citationneeded.news/issue-84/

#CyberSecurity #Coinbase #Crypto #Cryptocurrencies #Hacking #DataLeaks #DataProtection

"The Trump administration will not seek the removal of Israeli tech firm NSO Group from a Commerce Department trade blacklist that has significantly dented the company’s financial fortunes, U.S. officials said this week.

Nor is the White House planning to rescind a Biden-era executive order that effectively bars the company from selling its controversial Pegasus spyware to the U.S. government, said the officials, who like others spoke on the condition of anonymity to discuss a sensitive matter.

The administration’s plans are a rebuff to NSO Group, which is in Washington this week on a rehabilitation tour, in hopes of being removed from the Commerce Department’s Entity List, which bars it from receiving U.S. technology. The list is sort of a scarlet letter in the business world because of the reputational harm it confers. Since the 2021 listing, NSO Group has faced significant financial hardship.

The statements to The Washington Post come amid speculation that the Trump administration might rescind or modify the executive order. President Donald Trump has revoked dozens of President Joe Biden’s orders and has others under review."

https://www.washingtonpost.com/national-security/2025/05/20/nso-group-pegasus-trump-eo/
#CyberSecurity #NSOGroup #NSO #Pegasus #Spyware #Surveillance #USA #Trump

#KDE is finally getting a native #VirtualMachine manager called "#Karton"

https://www.neowin.net/news/kde-is-finally-getting-a-native-virtual-machine-manager-called-karton/

#Linux #FOSS #cybersecurity #VM

#Coinbase #DataBreach Will ‘Lead to People Dying,’ #TechCrunch Founder Says

https://decrypt.co/321076/coinbase-data-breach-will-lead-to-people-dying-techcrunch-founder-says

#cybersecurity #privacy #crypto

#KrebsOnSecurity Hit With Near-Record 6.3 Tbps #DDoS

https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/

#cybersecurity #cybercrime

Mobile carrier #Cellcom confirms #cyberattack behind extended outages

https://www.bleepingcomputer.com/news/security/mobile-carrier-cellcom-confirms-cyberattack-behind-extended-outages/

#cybersecurity #telecom

Premium #WordPress '#Motors' theme vulnerable to admin takeover attacks

https://www.bleepingcomputer.com/news/security/premium-wordpress-motors-theme-vulnerable-to-admin-takeover-attacks/

#cybersecurity

#VanHelsing #ransomware builder leaked on hacking forum

https://www.bleepingcomputer.com/news/security/vanhelsing-ransomware-builder-leaked-on-hacking-forum/

#cybersecurity #cybercrime

#Windows11’s most important new feature is post-quantum #cryptography. Here’s why.

https://arstechnica.com/security/2025/05/heres-how-windows-11-aims-to-make-the-world-safe-in-the-post-quantum-era/

#PQE #cybersecurity #Microsoft

#SKTelecom says #malware breach lasted 3 years, impacted 27 million numbers

https://www.bleepingcomputer.com/news/security/sk-telecom-says-malware-breach-lasted-3-years-impacted-27-million-numbers/

#cybersecurity #privacy #telecom #SouthKorea