GrapheneOS is leaving France due to government pressure for encryption backdoors 🇫🇷

The move highlights risks to end-to-end encryption and user privacy when authorities demand access to secure data 🔒
Open-source privacy projects may face similar pressures globally 🌐

@GrapheneOS

🔗 https://proton.me/blog/grapheneos-france

#TechNews #Privacy #Security #OpenSource #Encryption #CyberSecurity #DataProtection #DigitalRights #UserRights #Anonymity #Internet #SecurityTech #WebFreedom #E2EE #Android #GrapheneOS #France

🔐 Let's Encrypt to Cut Certificate Lifetimes to 45 Days by 2028 // Linuxiac

｢ Shorter certificate lifetimes are intended to limit the impact of compromised keys and improve the effectiveness of revocation mechanisms. Alongside this shift, the authorization reuse period, the window during which previously validated domain control can be reused, will decrease from 30 days to just 7 hours ｣

https://linuxiac.com/lets-encrypt-to-cut-certificate-lifetimes-to-45-days-by-2028/

#letsencrypt #certificates #ssl #cybersecurity

Ohh I like this... Aikdo has presented a more detailed analysis of the early steps for the Shai Hulud 2.0 worm.

Attempting to map what steps the original threat actor took to gain a foothold. Useful stuff IMHO

https://www.aikido.dev/blog/shai-hulud-2-0-unknown-wonderer-supply-chain-attack

#Infosec #Cybersecurity #ThreatIntel

🆕 blog! “Responsible Disclosure: Joiners, Movers, and Leavers in NHS BSA”

Many many years ago, I did some work for the NHS. As part of that, I was given access to certain GitHub organisations so that I could contribute to various projects. Once I left that job my access was revoked.

Mostly.

A few weeks ago, I received…

👀 Read more: https://shkspr.mobi/blog/2025/12/responsible-disclosure-joiners-movers-and-leavers-in-nhs-bsa/
⸻
#CyberSecurity #github #nhs #ResponsibleDisclosure

La fine di Cryptomixer: come Europol ha svuotato la lavatrice da 1,3 miliardi in criptovalute
#CyberSecurity
https://insicurezzadigitale.com/la-fine-di-cryptomixer-come-europol-ha-svuotato-la-lavatrice-da-13-miliardi-in-criptovalute/

Van #AI tot quantumtechnologie: elke trend brengt nieuwe kansen, maar ook nieuwe uitdagingen met zich mee.

Het SURF Tech Trends-rapport 2026 gaat over de technologieën die de komende jaren bepalend zijn in onderwijs en onderzoek. In dit artikel lees je meer over de 5 belangrijkste cybersecuritytrends.

Ontdek de trends: https://sec.surf.nl/tech-trends-en-cybersecurity-technologieen-waar-je-niet-omheen-kunt/

#cybersecurity

Lockenv – Simple encrypted secrets storage for Git

https://github.com/illarion/lockenv

#HackerNews #Lockenv #Encrypted #Secrets #Git #Storage #OpenSource #Cybersecurity

Announcing the #Rust Foundation Maintainers Fund

https://rustfoundation.org/media/announcing-the-rust-foundation-maintainers-fund/

#cybersecurity

Don’t let MFA lull you into complacency. Advanced phishing kits can still slip through.

Before the Thanksgiving holiday, one of our customers alerted us to an Evilginx MITM phishing campaign targeting university students and SSO portals. At least 18 American institutions were targeted.

We tested several approaches for large-scale detection, including analyzing web server fingerprints and HTTP artifacts. However, this proved challenging because Evilginx operates as a proxy between the victim’s browser and the legitimate login page, making its behavior and content nearly indistinguishable from the real site. In the end, we mostly relied on DNS for confirmation and classification.

Here is a short blog about the campaign and actor, including involved domains and IPs.

https://blogs.infoblox.com/threat-intelligence/dns-uncovers-infrastructure-used-in-sso-attacks/

#InfobloxThreatIntel #dns #evilginx #threatintel #threatintelligence #infosec #cybersecurity #cybercrime #infoblox #phishing #mitm #aitm #sso #mfa #university #students #proxy #login

Era ora! Microsoft corregge vulnerabilità di Windows sfruttata da 8 anni

📌 Link all'articolo : https://www.redhotcyber.com/post/era-ora-microsoft-corregge-vulnerabilita-di-windows-sfruttata-da-8-anni/

#redhotcyber #news #microsoft #windows #vulnerabilita #cybersecurity #hacking #malware #sicurezzainformatica

How I removed the friction of putting my Mac to sleep using Keyboard Maestro and Stream Deck, followed by the tech angles of having a house recarpeted. To cleanse your palate, we have @bart to cover the latest #cybersecurity news you need to know.

https://www.podfeet.com/blog/2025/12/nc-1074/

„Brickstorm“-Hintertür in VMware vSphere: Warnung vor Angriff aus China

Die CISA und die NSA warnen vor einem hochentwickelten Angriff auf Technik von VMware, mit dem sich Akteure aus China einen dauerhaften Zugang sichern könnten.

https://www.heise.de/news/Brickstorm-Hintertuer-in-VMware-vSphere-Warnung-vor-Angriff-aus-China-11103648.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Cybersecurity #IT #VMware #news

GrapheneOS is leaving France due to government pressure for encryption backdoors 🇫🇷

The move highlights risks to end-to-end encryption and user privacy when authorities demand access to secure data 🔒
Open-source privacy projects may face similar pressures globally 🌐

@GrapheneOS

🔗 https://proton.me/blog/grapheneos-france

#TechNews #Privacy #Security #OpenSource #Encryption #CyberSecurity #DataProtection #DigitalRights #UserRights #Anonymity #Internet #SecurityTech #WebFreedom #E2EE #Android #GrapheneOS #France

You're curious how the past editions of #osco turned out? We've got you covered! 🙌🏻

🎉 This was #osco25! Check out our recap: https://2025.opensecurityconference.org/conference/recapitulation/
💜 Gain impressions from all conferences: https://opensecurityconference.org/about/past-conferences/
✅ Save the dates for #osco26 on November 5-8, 2026! 😉

#CyberSecurity #Security #InfoSec #AppSec #ProductSecurity #OTsecurity #OpenSpace [lisi]

Festnahmen in den USA nach Löschorgie staatlicher Daten während der Kündigung

Zwei 34-Jährige in den USA haben für Cyberangriffe im Gefängnis gesessen und trotzdem Zugriff auf staatliche Daten bekommen. Ihre Kündigung lief aus dem Ruder.

https://www.heise.de/news/Festnahmen-in-den-USA-nach-Loeschorgie-staatlicher-Daten-waehrend-der-Kuendigung-11102684.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Arbeitswelt #Cybersecurity #Datenbanken #IT #Recht #Wirtschaft #news

🔐 Today’s headlines make one thing clear: cybersecurity has become profoundly social.

📚In this context, I recommend our Open Access chapter: Social Cybersecurity from Technology to a Human-Centered Approach https://brill.com/display/title/65157

#Cybersecurity #Disinformation #AI #OpenAccess

A Critical Design Flaws in Microsoft Azure API Management Threatens Organizations
#CyberSecurity
https://securebulletin.com/a-critical-design-flaws-in-microsoft-azure-api-management-threatens-organizations/

No deep dives this week from @bart, but we’ve got some follow-ups, action alerts, worthy warnings, and even some good Notable News for you in Security Bits.

https://www.podfeet.com/blog/2025/12/sb-2025-12-06/

#CyberSecurity

🔐 Let's Encrypt to Cut Certificate Lifetimes to 45 Days by 2028 // Linuxiac

｢ Shorter certificate lifetimes are intended to limit the impact of compromised keys and improve the effectiveness of revocation mechanisms. Alongside this shift, the authorization reuse period, the window during which previously validated domain control can be reused, will decrease from 30 days to just 7 hours ｣

https://linuxiac.com/lets-encrypt-to-cut-certificate-lifetimes-to-45-days-by-2028/

#letsencrypt #certificates #ssl #cybersecurity