BolhaSec
@bolhasec.com
#bolhasec pra ser retweetado
@sushicomabacate.com
@sushicomabacate.com
Notícia da SecurityWeek
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims
More than 1.6 Tb of data allegedly stolen from Cox was made public by the hackers.
www.securityweek.com
December 16, 2025 at 10:30 PM
Notícia da SecurityWeek
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
Notícia da BleepingComputer
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
CISA gives govt agencies 7 days to patch new Fortinet flaw
CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet's FortiWeb web application firewall, which was exploited in zero-day attacks.
www.bleepingcomputer.com
December 16, 2025 at 9:30 PM
Notícia da BleepingComputer
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
Notícia da BleepingComputer
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
Microsoft: Windows 11 23H2 Home and Pro reach end of support
Microsoft has reminded customers today that systems running Home and Pro editions of Windows 11 23H2 have stopped receiving security updates.
www.bleepingcomputer.com
December 16, 2025 at 8:30 PM
Notícia da BleepingComputer
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
Notícia da BleepingComputer
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
Predator spyware uses new infection vector for zero-click attacks
The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed "Aladdin" that compromised specific targets when simply viewing a malicious advertisemen...
www.bleepingcomputer.com
December 16, 2025 at 7:30 PM
Notícia da BleepingComputer
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
Notícia da BleepingComputer
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
www.bleepingcomputer.com
December 16, 2025 at 6:30 PM
Notícia da BleepingComputer
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
Notícia da SecurityWeek
"Third DraftKings Hacker Pleads Guilty" #bolhasec
"Third DraftKings Hacker Pleads Guilty" #bolhasec
Third DraftKings Hacker Pleads Guilty
Nathan Austad pled guilty to launching a credential stuffing attack against the DraftKings betting website in November 2022.
www.securityweek.com
December 16, 2025 at 4:30 PM
Notícia da SecurityWeek
"Third DraftKings Hacker Pleads Guilty" #bolhasec
"Third DraftKings Hacker Pleads Guilty" #bolhasec
Notícia da SecurityWeek
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
Fluent Bit Vulnerabilities Expose Cloud Services to Takeover
Five vulnerabilities in the popular Fluent Bit open source tool could allow attackers to take over cloud environments, Oligo Security warns.
www.securityweek.com
December 16, 2025 at 3:30 PM
Notícia da SecurityWeek
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
Notícia da SecurityWeek
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
High-Severity Vulnerabilities Patched by Ivanti and Zoom
Enterprise software firms Ivanti and Zoom announced patches for multiple vulnerabilities in their products, including high-severity issues.
www.securityweek.com
December 16, 2025 at 2:30 PM
Notícia da SecurityWeek
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
Notícia da SecurityWeek
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
Ransomware Attack Disrupts Local Emergency Alert System Across US
A ransomware attack targeting a third-party emergency alert system used across the US has resulted in a data breach and disruptions.
www.securityweek.com
December 16, 2025 at 1:30 PM
Notícia da SecurityWeek
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
Notícia da SecurityWeek
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
Trump Signs Executive Order to Block State AI Regulations
President Trump signed an executive order aimed at blocking states from crafting their own regulations for artificial intelligence (AI).
www.securityweek.com
December 16, 2025 at 12:30 PM
Notícia da SecurityWeek
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
Notícia da BleepingComputer
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
F5 says hackers stole undisclosed BIG-IP flaws, source code
U.S. cybersecurity company F5 disclosed that nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code.
www.bleepingcomputer.com
December 16, 2025 at 2:30 AM
Notícia da BleepingComputer
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
Notícia da SecurityWeek
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City
Hackers working for Russian intelligence attacked an American engineering company this fall, cybersecurity services firm Artic Wolf says.
www.securityweek.com
December 16, 2025 at 1:30 AM
Notícia da SecurityWeek
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
Notícia da BleepingComputer
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
Hacker steals over $120 million from Balancer DeFi crypto protocol
The Balancer Protocol announced that hackers had targeted its v2 pools, with losses reportedly estimated to be more than $128 million.
www.bleepingcomputer.com
December 16, 2025 at 12:30 AM
Notícia da BleepingComputer
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
Notícia da BleepingComputer
"Cloudflare hit by outage affecting global network services" #bolhasec
"Cloudflare hit by outage affecting global network services" #bolhasec
Cloudflare hit by outage affecting Global Network services
Cloudflare is investigating an outage affecting its global network services, with users encountering "internal server error" messages when attempting to access affected websites and online platforms.
www.bleepingcomputer.com
December 15, 2025 at 11:30 PM
Notícia da BleepingComputer
"Cloudflare hit by outage affecting global network services" #bolhasec
"Cloudflare hit by outage affecting global network services" #bolhasec
Notícia da BleepingComputer
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
Maintaining enterprise IT hygiene using Wazuh SIEM/XDR
Poor IT hygiene, such as unused accounts, outdated software, and risky extensions, creates hidden exposure in your infrastructure. Wazuh, the open-source XDR and SIEM, shows how continuous inventory m...
www.bleepingcomputer.com
December 15, 2025 at 10:30 PM
Notícia da BleepingComputer
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
Notícia da BleepingComputer
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
Russia blocks FaceTime and Snapchat for alleged use by terrorists
Russian telecommunications watchdog Roskomnadzor has blocked access to Apple's FaceTime video conferencing platform and the Snapchat instant messaging service, claiming they're being used to coordinat...
www.bleepingcomputer.com
December 15, 2025 at 9:30 PM
Notícia da BleepingComputer
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
Notícia da BleepingComputer
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec
AI is accelerating cyberattacks. Is your network prepared?
AI-driven attacks now automate reconnaissance, generate malware variants, and evade detection at a speed that overwhelms traditional defenses. Corelight explains how network detection and response (ND...
www.bleepingcomputer.com
December 15, 2025 at 8:30 PM
Notícia da BleepingComputer
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec
Notícia da SecurityWeek
"Spanish Airline Iberia Notifies Customers of Data Breach" #bolhasec
"Spanish Airline Iberia Notifies Customers of Data Breach" #bolhasec
Spanish Airline Iberia Notifies Customers of Data Breach
Spanish airline Iberia is notifying customers that their personal information was compromised after one of its suppliers was hacked.
www.securityweek.com
December 15, 2025 at 7:30 PM
Notícia da SecurityWeek
"Spanish Airline Iberia Notifies Customers of Data Breach" #bolhasec
"Spanish Airline Iberia Notifies Customers of Data Breach" #bolhasec
Notícia da SecurityWeek
"Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks" #bolhasec
"Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks" #bolhasec
Chinese APT Uses 'Airstalk' Malware in Supply Chain Attacks
A suspected Chinese state-sponsored threat actor has been deploying an AirWatch API-abusing malware family in supply chain attacks.
www.securityweek.com
December 15, 2025 at 6:30 PM
Notícia da SecurityWeek
"Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks" #bolhasec
"Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks" #bolhasec
Notícia da SecurityWeek
"The Cybersecurity Information Sharing Act Faces Expiration" #bolhasec
"The Cybersecurity Information Sharing Act Faces Expiration" #bolhasec
The Cybersecurity Information Sharing Act Faces Expiration
The Cybersecurity Information Sharing Act faces expiration in Sept. 2025. Will Congress renew CISA, reform it, or risk leaving threat sharing in limbo?
www.securityweek.com
December 15, 2025 at 5:30 PM
Notícia da SecurityWeek
"The Cybersecurity Information Sharing Act Faces Expiration" #bolhasec
"The Cybersecurity Information Sharing Act Faces Expiration" #bolhasec
Notícia da BleepingComputer
"Pennsylvania AG confirms data breach after INC Ransom attack" #bolhasec
"Pennsylvania AG confirms data breach after INC Ransom attack" #bolhasec
Pennsylvania AG confirms data breach after INC Ransom attack
The office of Pennsylvania's attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information.
www.bleepingcomputer.com
December 15, 2025 at 4:30 PM
Notícia da BleepingComputer
"Pennsylvania AG confirms data breach after INC Ransom attack" #bolhasec
"Pennsylvania AG confirms data breach after INC Ransom attack" #bolhasec
Notícia da SecurityWeek
"New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages" #bolhasec
"New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages" #bolhasec
New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages
New Android banking trojan Sturnus is designed to target secure messaging applications such as WhatsApp, Telegram, and Signal
www.securityweek.com
December 15, 2025 at 3:30 PM
Notícia da SecurityWeek
"New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages" #bolhasec
"New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages" #bolhasec
Notícia da SecurityWeek
"Lumia Security Raises $18 Million for AI Security and Governance" #bolhasec
"Lumia Security Raises $18 Million for AI Security and Governance" #bolhasec
Lumia Security Raises $18 Million for AI Security and Governance
AI security firm Lumia Security has raised $18 million in seed funding and has appointed former NSA director Michael Rogers to its board.
www.securityweek.com
December 15, 2025 at 2:30 PM
Notícia da SecurityWeek
"Lumia Security Raises $18 Million for AI Security and Governance" #bolhasec
"Lumia Security Raises $18 Million for AI Security and Governance" #bolhasec
Notícia da BleepingComputer
"Critical Erlang/OTP SSH RCE bug now has public exploits, patch now" #bolhasec
"Critical Erlang/OTP SSH RCE bug now has public exploits, patch now" #bolhasec
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices.
www.bleepingcomputer.com
December 15, 2025 at 1:30 PM
Notícia da BleepingComputer
"Critical Erlang/OTP SSH RCE bug now has public exploits, patch now" #bolhasec
"Critical Erlang/OTP SSH RCE bug now has public exploits, patch now" #bolhasec
Notícia da SecurityWeek
"Widespread Exploitation of XWiki Vulnerability Observed" #bolhasec
"Widespread Exploitation of XWiki Vulnerability Observed" #bolhasec
Widespread Exploitation of XWiki Vulnerability Observed
Threat actors started exploiting a critical XWiki vulnerability en masse within two weeks of the bug being reported as exploited in the wild.
www.securityweek.com
December 15, 2025 at 12:30 PM
Notícia da SecurityWeek
"Widespread Exploitation of XWiki Vulnerability Observed" #bolhasec
"Widespread Exploitation of XWiki Vulnerability Observed" #bolhasec