Lightnews — Scholar-powered news

Reposted by Metaluxo Information Security

The Register

@theregister.com

‘An attacker's playground:’ Crims exploit GoAnywhere perfect-10 bug

Researchers say tens of thousands of instances remain publicly reachable Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra's GoAnywhere managed file transfer (MFT), and chastised the vendor for a lack of transparency.…

dlvr.it

September 26, 2025 at 2:37 PM

Reposted by Metaluxo Information Security

InfoSec

@infosec.skyfleet.blue

Fortra GoAnywhere Vulnerability Exploited as 0-Day Before Patch

cybersecuritynews.com

September 26, 2025 at 2:16 PM

Reposted by Metaluxo Information Security

Manuel Bissey

@mbissey.bsky.social

🧠 AI is transforming healthcare—and so are the threats. Experts warn of rising AI-powered cyberattacks targeting medical systems. Proactive defense is now critical. #HealthTechSecurity 🏥 #SecureAI 🤖

Healthcare organizations are at a turning point with AI - Help Net Security

Only 29% of healthcare executives say they are prepared for AI-powered threats despite 41% believing they will happen.

buff.ly

June 5, 2025 at 8:05 AM

Metaluxo Information Security

@metaluxo.com

Yandex and Meta de-anonymise users in Android. However, this works only if the browser doesn't block such WebRTC connections and the user has their native apps installed. Unfortunately, most users have both requirements in place.

arstechnica.com/security/202...

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers

Abuse allows Meta and Yandex to attach persistent identifiers to detailed browsing histories.

arstechnica.com

June 4, 2025 at 10:52 AM

Reposted by Metaluxo Information Security

InfoSec

@infosec.skyfleet.blue

UK CyberEM Command to spearhead new era of armed conflict

: Government details latest initiative following announcement last week

www.theregister.com

June 4, 2025 at 9:47 AM

Reposted by Metaluxo Information Security

InfoSec

@infosec.skyfleet.blue

Cartier disclosed a data breach following a cyber attack

Luxury-goods conglomerate Cartier disclosed a data breach that exposed customer information after a cyberattack.

securityaffairs.com

June 4, 2025 at 9:52 AM

Reposted by Metaluxo Information Security

InfoSec

@infosec.skyfleet.blue

Independent tests show why orgs should use third-party cloud security services

AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions.

cyberscoop.com

April 2, 2025 at 2:12 PM

Reposted by Metaluxo Information Security

Lawfare

@lawfaremedia.org

On Lawfare Daily, @nkorpett.bsky.social spoke to @agawande.bsky.social, the former head of global health at USAID, about what USAID did, the consequences of the Trump administration destroying it, and why public health is so important to U.S. national security. youtu.be/wcxksLqS_sM

April 2, 2025 at 1:38 PM

Reposted by Metaluxo Information Security

InfoSec

@infosec.skyfleet.blue

Counterfeit Android devices found preloaded With Triada malware

A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, allowing threat actors to steal data as soon as they are set up.

www.bleepingcomputer.com

April 2, 2025 at 2:12 PM

Reposted by Metaluxo Information Security

Ninja Owl

@ninjaowl.ai

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

February 26, 2025 at 10:24 AM

Reposted by Metaluxo Information Security

InfoSec

@infosec.skyfleet.blue

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms(Facebook, Instagram).

securityaffairs.com

February 26, 2025 at 10:30 AM

Reposted by Metaluxo Information Security

InfoSec

@infosec.skyfleet.blue

Apple Security Update Fixed Actively Exploited Zero-day Vulnerability Affected iOS, macOS and More

cybersecuritynews.com

January 28, 2025 at 7:58 AM

Reposted by Metaluxo Information Security

Tuta

@tuta.com

"If anyone wants to do business in [the] EU, they have to comply with the rules," Christel Schaldemose. 👏 At Tuta, we too believe that Big Tech must comply with EU regulation.
We commend these efforts by EU lawmakers to ensure the digital privacy of EU citizens.

🖇️ www.politico.eu/article/parl...

Don’t go soft on US Big Tech, European Parliament urges

Resist potential Trump pressure to soften rules that rein in U.S. tech giants, lawmakers tell Commission.

www.politico.eu

January 25, 2025 at 4:18 PM

Metaluxo Information Security

@metaluxo.com

If you're in the AWS ecosystem you might consider the new Incident Response Service.

Nevertheless, having a solid Incident response procedure is critical to react in an orderly way when a #cybersecurity incident happens.

December 4, 2024 at 8:10 PM

Reposted by Metaluxo Information Security

Cybersecurity News

@cybersecuritynews.bsky.social

In the cloud, effective IAM should align to zero-trust principles, www.computerweekly.com/opinion/In-t...

In the cloud, effective IAM should align to zero-trust principles | Computer Weekly

The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware

www.computerweekly.com

December 1, 2024 at 3:41 PM

Reposted by Metaluxo Information Security

Eric Capuano

@eric.zip

The point of this list is to promote orgs that give back to the community. Please support their mission by following the whole pack 🫶

go.bsky.app/NMbiTUL

November 29, 2024 at 6:40 PM

Reposted by Metaluxo Information Security

Cybersecurity News

@cybersecuritynews.bsky.social

#BlackFriday #CyberMonday The FBI released a new warning for online shoppers, www.forbes.com/sites/zakdof...

FBI Warns Chrome, Safari And Edge Users—Do Not Buy From These Websites

FBI warns Black Friday shoppers as threats surge 89%—here’s what you need to do.

www.forbes.com

November 29, 2024 at 2:50 PM

Reposted by Metaluxo Information Security

Cybersecurity News

@cybersecuritynews.bsky.social

#UnitedStates Kansas City Man Charged for Hacking Computer Systems of Health Clubs, cybersecuritynews.com/hacking-comp...

Kansas City Man Charged for Hacking Computer Systems of Health Clubs

Kansas City man has been indicted on federal charges for allegedly hacking into the computer systems of a health club chain.

cybersecuritynews.com

November 26, 2024 at 6:09 PM

Reposted by Metaluxo Information Security

Cybersecurity News

@cybersecuritynews.bsky.social

The U.S. has seized the cybercrime website 'PopeyeTools' and unsealed charges against three of its administrators, Abdul Ghaffar, Abdul Sami, and Javed Mirza, for selling stolen data, www.bleepingcomputer.com/news/legal/u...

US seizes PopeyeTools cybercrime marketplace, charges administrators

The U.S. has seized the cybercrime website 'PopeyeTools' and unsealed charges against three of its administrators, Abdul Ghaffar, Abdul Sami, and Javed Mirza, for selling stolen data.

www.bleepingcomputer.com

November 23, 2024 at 2:06 PM

Reposted by Metaluxo Information Security

Cybersecurity News

@cybersecuritynews.bsky.social

U.S. prosecutors unveiled criminal charges on Wednesday against five alleged members of Scattered Spider, a loose-knit community of hackers suspected of breaking into dozens of U.S. companies to steal confidential information and cryptocurrency, www.reuters.com/technology/c...