¯\(°_o)/¯
「 The company echoed the advice of several security firms, telling customers to disable SonicWall VPN services that use the SSL protocol 」
https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
¯\(°_o)/¯
「 The company echoed the advice of several security firms, telling customers to disable SonicWall VPN services that use the SSL protocol 」
https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
O_o
「 According to the research published Tuesday by Cisco Talos, it is possible for an attacker to break into the ControlVault chip and modify the firmware inside, allowing them to steal credentials from the “bank” and to plant malware inside it at a level that remains hidden from anti-virus tools running at the operating system level 」
https://therecord.media/critical-firmware-vulnerability-security-professionals
(⊙_◎)
「 The threat actor claimed yesterday to BleepingComputer that they breached a trillion-dollar company, and were considering just leaking the data rather than attempting to extort them. It is unclear if this company is Google 」
#google #salesforce #databreach #cybersecurity
https://www.bleepingcomputer.com/news/security/google-suffers-data-breach-in-ongoing-salesforce-data-theft-attacks/
¯\_(ツ)_/¯
「 The information stolen includes demographic data, names, addresses, dates of birth, Social Security numbers, health insurance information and other clinical information like health conditions, dialysis lab test results and treatment information 」
#ransomware #databreach #cybersecurity
https://therecord.media/davita-dialysis-company-ransomware-attack-data-breach-notifications
¯\_(ツ)_/¯
「 The information stolen includes demographic data, names, addresses, dates of birth, Social Security numbers, health insurance information and other clinical information like health conditions, dialysis lab test results and treatment information 」
#ransomware #databreach #cybersecurity
https://therecord.media/davita-dialysis-company-ransomware-attack-data-breach-notifications
🪤 Mozilla warns Firefox add-on devs of new phishing attacks • The Register
"At this point, it's safest to assume that most crypto-related Firefox extensions contain malware. Especially those that are new, or have few users. In fact, every such extension should be considered compromised by default and avoided completely. Stay alert."
https://www.theregister.com/2025/08/04/mozilla_add_on_phishing/
Anonymous rivendica il defacement di 100 siti russi sotto #OpRussia: analisi tecnica e impatti
#CyberSecurity
https://insicurezzadigitale.com/anonymous-rivendica-il-defacement-di-100-siti-russi-sotto-oprussia-analisi-tecnica-e-impatti/
Anonymous rivendica il defacement di 100 siti russi sotto #OpRussia: analisi tecnica e impatti
#CyberSecurity
https://insicurezzadigitale.com/anonymous-rivendica-il-defacement-di-100-siti-russi-sotto-oprussia-analisi-tecnica-e-impatti/
"Searches around for a bucket, mop, and towels to clean up all this spilled tea" 🤣
Today's #Cybersecurity newsletter ⬇️
"Searches around for a bucket, mop, and towels to clean up all this spilled tea" 🤣
Today's #Cybersecurity newsletter ⬇️
Android SpyBanker: il malware che devia le chiamate verso gli attaccanti
#CyberSecurity
https://insicurezzadigitale.com/android-spybanker-il-malware-che-devia-le-chiamate-verso-gli-attaccanti/
Android SpyBanker: il malware che devia le chiamate verso gli attaccanti
#CyberSecurity
https://insicurezzadigitale.com/android-spybanker-il-malware-che-devia-le-chiamate-verso-gli-attaccanti/
Malwarebytes on why you should not respond to the obvious smishing texts...
"Why you should never respond
Responding confirms your number is active.
It flags you as someone who reads texts and might engage.
The scammer may sell or share your number.
Some groups build long-term “mark profiles” for future scams. Even though you think you’re only providing them with little to none information, scammers often track who replies, how they reply, and how easily they engage. That data becomes part of a “mark profile”, a digital dossier on you that might include your phone number, the time of response (which suggests your schedule or time zone), and any other information you share.
"
https://www.malwarebytes.com/blog/news/2025/07/that-seemingly-innocent-text-is-probably-a-scam
Malwarebytes on why you should not respond to the obvious smishing texts...
"Why you should never respond
Responding confirms your number is active.
It flags you as someone who reads texts and might engage.
The scammer may sell or share your number.
Some groups build long-term “mark profiles” for future scams. Even though you think you’re only providing them with little to none information, scammers often track who replies, how they reply, and how easily they engage. That data becomes part of a “mark profile”, a digital dossier on you that might include your phone number, the time of response (which suggests your schedule or time zone), and any other information you share.
"
https://www.malwarebytes.com/blog/news/2025/07/that-seemingly-innocent-text-is-probably-a-scam
Japan plans to enhance its surveillance and regulatory measures to prevent foreign interference in elections. https://www.japantimes.co.jp/news/2025/08/02/japan/politics/japan-foreign-election-interference/?utm_medium=Social&utm_source=mastodon #japan #politics #2025upperhouseelection #fakenews #china #russia #elections #masaakitaira #internet #cybersecurity
🔐 A VPN can improve your privacy, or just give you a false sense of it. The EFF’s guide is a solid reminder that choosing a VPN is less about speed or price, and more about who runs it, what they log, and whether they actually deliver the protection they claim.
TL;DR
🧠 VPNs don’t guarantee anonymity
📜 “No logs” claims often lack proof
👤 Your threat model shapes your VPN needs
🔎 Look into ownership and reputation
https://ssd.eff.org/module/choosing-vpn-thats-right-you
#cybersecurity #privacy #vpn #digitalrights #security #privacy #cloud #infosec#EFF @eff
🔐 A VPN can improve your privacy, or just give you a false sense of it. The EFF’s guide is a solid reminder that choosing a VPN is less about speed or price, and more about who runs it, what they log, and whether they actually deliver the protection they claim.
TL;DR
🧠 VPNs don’t guarantee anonymity
📜 “No logs” claims often lack proof
👤 Your threat model shapes your VPN needs
🔎 Look into ownership and reputation
https://ssd.eff.org/module/choosing-vpn-thats-right-you
#cybersecurity #privacy #vpn #digitalrights #security #privacy #cloud #infosec#EFF @eff
"The Dam Seems To Be Breaking" - and not in good ways.
This was a grim but good read from Fred Cohen.
#cybersecurity#GenAI#RiskManagement
https://managementanalytics.substack.com/p/the-dam-seems-to-be-breaking
PDF Link: http://all.net/Analyst/2025-08.pdf
"The Dam Seems To Be Breaking" - and not in good ways.
This was a grim but good read from Fred Cohen.
#cybersecurity#GenAI#RiskManagement
https://managementanalytics.substack.com/p/the-dam-seems-to-be-breaking
PDF Link: http://all.net/Analyst/2025-08.pdf
A space for Bonfire maintainers and contributors to communicate