Trojanized Signal and Telegram apps on Google Play delivered spyware - Trojanized Signal and Telegram apps containing the BadBazaar spyware were uploaded onto G... https://www.bleepingcomputer.com/news/security/trojanized-signal-and-telegram-apps-on-google-play-delivered-spyware/ #security #mobile

A Practical Guide to OWASP MASVS v2.0 – Its Evolution and Implementation - What is OWASP MASVS?

The OWASP (Open Worldwide Application Security Project) MASV... https://tech-wreckblog.blogspot.com/2023/08/a-practical-guide-to-owasp-masvs-v20.html

Attacks on Citrix NetScaler systems linked to ransomware actor - A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 r... https://www.bleepingcomputer.com/news/security/attacks-on-citrix-netscaler-systems-linked-to-ransomware-actor/ #security

Cloud Repatriation: The Unforeseen Reversal in Cloud Computing Trends - As cloud computing continues to evolve, an intriguing new trend is emerging – cloud repat... https://tech-wreckblog.blogspot.com/2023/08/cloud-repatriation-unforeseen-reversal.html

BSides Cheltenham 2023 – Simon Gurney – Making Your Own Cool Conference Badges! - Many thanks to BSides Cheltenham for publishing their presenter’s outstanding BSides Chel... https://tech-wreckblog.blogspot.com/2023/08/bsides-cheltenham-2023-simon-gurney.html

What’s New in the NIST Cybersecurity Framework 2.0 Draft? - NIST has released a draft version 2.0 of the Cybersecurity Framework. Here’s what you nee... https://tech-wreckblog.blogspot.com/2023/08/whats-new-in-nist-cybersecurity.html

BSides Cheltenham 2023 – James Bore – Reserving The Right To Be Wrong - Many thanks to BSides Cheltenham for publishing their presenter’s outstanding BSides Chel... https://tech-wreckblog.blogspot.com/2023/08/bsides-cheltenham-2023-james-bore.html

Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection - Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets go... https://www.bleepingcomputer.com/news/security/microsoft-stealthy-flax-typhoon-hackers-use-lolbins-to-evade-detection/ #security

Some rough impressions of Worldcoin - Recently a reader wrote in and asked if I would look at Sam Altman’s Worldcoin, p... https://blog.cryptographyengineering.com/2023/08/21/some-rough-impressions-of-worldcoin/ #cryptocurrency

Sneaky Amazon Google ad leads to Microsoft support scam - A legitimate-looking ad for Amazon in Google search results redirects visitors to a Micro... https://www.bleepingcomputer.com/news/security/sneaky-amazon-google-ad-leads-to-microsoft-support-scam/ #security #google

S3 Ep148: Remembering crypto heroes - Celebrating the true crypto bros. Listen now (full transcript available). https://nakedsecurity.sophos.com/2023/08/17/s3-ep148-remembering-crypto-heroes/ #nakedsecuritypodcast #cybercrime #podcast #hacking #scams

Thousands of Android APKs use compression trick to thwart analysis - Threat actors increasingly distribute malicious Android APKs (packaged app installers) th... https://www.bleepingcomputer.com/news/security/thousands-of-android-apks-use-compression-trick-to-thwart-analysis/ #security

Endpoint Security: The Least Privilege Approach - With endpoints being the primary targets for malicious attacks, adopting a robust securit... https://tech-wreckblog.blogspot.com/2023/08/endpoint-security-least-privilege.html

LockBit’s dirty little secret: ransomware gang is failing to publish victims’ data - The LockBit ransomware gang may be having more than a few headaches right now.

According... https://grahamcluley.com/lockbits-dirty-little-secret-ransomware-gang-is-failing-to-publish-victims-data/ #ransomware #databreach #dataloss #malware #lockbit

Short-lived Certificates finally approved - After more than 10 years, short-lived TLS certificates are finally permitted by the brows... https://tech-wreckblog.blogspot.com/2023/08/short-lived-certificates-finally.html

Discord.io confirms breach after hacker steals data of 760K users - The Discord.io custom invite service has temporarily shut down after suffering a data bre... https://www.bleepingcomputer.com/news/security/discordio-confirms-breach-after-hacker-steals-data-of-760k-users/ #security

Diligere, Equity-Invest Are New Firms of U.K. Con Man - John Clifton Davies, a convicted fraudster estimated to have bilked dozens of tech... https://krebsonsecurity.com/2023/08/diligere-equity-invest-are-new-firms-of-u-k-con-man/ #theinsideknowledge #johncliftondavies #neer-do-wellnews #ardelissolutions #equity-invest #johnbernard #codes2you #diligere

Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone - Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default ... https://www.bleepingcomputer.com/news/microsoft/microsoft-enables-windows-kernel-cve-2023-32019-fix-for-everyone/ #microsoft #security

Cumbria Police accidentally publish officers’ names and salaries online - 'Ello ello ello. What's all this then?

Just days after it was learned that the police ha... https://www.bitdefender.com/blog/hotforsecurity/cumbria-police-accidentally-publish-officers-names-and-salaries-online/ #databreach #guestblog #dataloss #privacy #police

Colorado warns 4 million of data stolen in IBM MOVEit breach - The Colorado Department of Health Care Policy & Financing (HCPF) is alerting more tha... https://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/ #security