Aggregator

Шифрование диска превратилось из защиты в ловушку для ничего не подозревающих пользователей.

Ping Identity announced “Identity for AI,” a new solution designed to secure the world of AI agents. As organizations embrace agentic AI to boost productivity and commerce, Ping Identity is redefining how enterprises enable this new class of autonomous digital identities, delivering visibility, access control, governance, and privilege oversight to build trust into every interaction. Identity for AI will help enterprises engage the agentic commerce channel, secure the autonomous workforce, and protect against adversarial AI … More →

The post Ping Identity offers protection against adversarial AI threats appeared first on Help Net Security.

Learn the Business, Be Intentional, Find a Mentor and Build Non-Technical Skills
New to cybersecurity? Start by learning how organizations work - their people, processes and priorities - before diving deep into technical stacks. Understanding how to translate technical findings into business risk differentiates a professional from a technician.

DOJ: Suspects Hit 5 Firms, Including 3 in Healthcare, Netted $1.3M in Ransom Money
Three former employees of two cybersecurity firms stand accused of using BlackCat ransomware in a conspiracy to extort five U.S. companies, including three in the healthcare sector. One of the victim companies paid nearly $1.3 million to the attackers, U.S. federal prosecutors said.

DHS Plans to Expand SAVE Database Use to Raise Privacy, Accuracy, Security Concerns
A Department of Homeland Security move to broaden an immigration verification database into a voter verification tool could expose sensitive information to security threats. Critics caution it accelerates a pattern of data being repurposed by the Trump administration for surveillance.

Chinese Hackers Target European Diplomats With LNK File Flaw
Chinese nation-state hackers are exploiting a Windows vulnerability to hack European diplomatic outposts, say security researchers - but operating system giant Microsoft says the flaw doesn't merit a patch. Hackers used a flaw already compromised by North Korea and Russia.

Funding Round Led by Goldman Sachs Boosts Valuation to $6.1 Billion
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. Cyber exposure management firm Armis dipped its toe in the market Wednesday, announcing a pre-IPO funding round of $435 million that boosted the company's valuation to $6.1 billion.

ClickFix attacks have evolved to feature videos that guide victims through the self-infection process, a timer to pressure targets into taking risky actions, and automatic  detection of the operating system to provide the correct commands. [...]

Cloudflare Stream provides a unified platform for video storage, encoding, and delivery. We are now enabling developers to seamlessly extract audio from videos.

We’re excited to announce the open sourcing of tokio-quiche, our async QUIC library built on quiche and tokio. Relied upon in our services such as iCloud Private Relay and our next-generation Oxy-based proxies, tokio-quiche handles millions of HTTP/3 requests per second with low latency and high throughput.

In the ever-evolving landscape of cyber threats, a new ransomware strain, Midnight, has emerged, echoing the notorious tactics of its predecessor, Babuk. First detected by Gen researchers, Midnight blends familiar ransomware mechanics with novel cryptographic modifications—some of which unintentionally open the door to file recovery. This represents a rare opportunity for victims to reclaim their […]

The post Critical Bug in Midnight Ransomware Tool Unlocks File Recovery appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SonicWall, a global cybersecurity company, confirmed that state-sponsored hackers were behind a recent incident involving unauthorized access to firewall backup files. The breach began in early September, when the company detected suspicious activity involving the download of backup firewall configuration files stored in a cloud environment. Upon discovery, SonicWall quickly activated its incident response plan, […]

The post SonicWall Confirms State-Sponsored Hackers Behind the Massive Firewall Backup Breach appeared first on Cyber Security News.

图片：2025年10月28日，特朗普与高市早苗在东京出席欢迎仪式。美日当天签署稀土与关键矿产供应链合作协议，

据朝鲜官方媒体报道，由俄国防部副部长率领的俄军事代表团于周三抵达朝鲜。此前，首尔方面评估认为，平壤似乎正在准备向乌战争增派兵力。

A critical remote code execution (RCE) flaw in three official extensions for Anthropic’s Claude Desktop. These vulnerabilities, affecting the Chrome, iMessage, and Apple Notes connectors, stem from unsanitized command injection and carry a high severity score of CVSS 8.9. Published and promoted directly by Anthropic at the top of their extension marketplace, the flaws could […]

The post Critical RCE Vulnerabilities in Claude Desktop Let Attackers Execute Malicious Code appeared first on Cyber Security News.

Team Cymru announced RADAR, a new real-time discovery module designed to give threat analysts visibility into all internet-facing infrastructure, whether known or unknown, without waiting on asset inventories, third-party scans, or compliance-oriented tools. “Our RADAR solution is about giving defenders the power to investigate external infrastructure in real time — their own or anyone else’s – and take action immediately,” said Joe Sander, CEO, Team Cymru. Cyber threat analysts and intelligence teams often face a … More →

The post Team Cymru RADAR investigates external infrastructure in real time appeared first on Help Net Security.

中国载人航天工程办公室发布消息，神舟二十号载人飞船疑似遭空间微小碎片撞击，正在进行影响分析和风险评估。为确保航天员生命健康安全和任务圆满成功，经研究决定，原计划 11 月 5 日实施的神舟二十号返回任务将推迟进行。官网没有提供更多信息，如疑似撞击点和损坏程度，也没有给出新返回日期的时间表。神舟二十号于 2025 年 4月 24 日发射升空，三名宇航员陈冬、陈中瑞和王杰已完成天宫空间站在轨 6 个月任务，11 月 4 日将空间站的控制权移交给新抵达的神舟二十一号乘组，原计划 11 月 5 日返回。

Он пролетел 129 км и даже сбросил десант. Пилоты больше не нужны?

Cisco has released security updates to patch a critical vulnerability in the Unified Contact Center Express (UCCX) software, which could enable attackers to execute commands with root privileges. [...]

Proofpoint Threat Research has identified a previously unknown Iranian threat actor, dubbed UNK_SmudgedSerpent, that conducted sophisticated phishing campaigns against academics and foreign policy experts between June and August 2025. The group employed credential harvesting techniques, sophisticated social engineering, and remote management tools to infiltrate targets, revealing a complex web of overlapping tactics reminiscent of established […]

The post Iranian Hackers Exploit RMM Tools to Target Academics and Foreign-Policy Experts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.