Microsoft identified multiple vulnerabilities in the open-source platform OpenVPN, integrated into millions of devices worldwide, which could be exploited to create an attack chain allowing remote code execution (RCE) and local privilege escalation (LPE). msft.it/6014llDIQ

📢A new report on National Cybersecurity Governance in Ukraine is now available, providing a comprehensive overview of how legal frameworks shape the national cybersecurity strategies: ccdcoe.org/library/public… #research #ukraine #cybersecuritygovernance

Threat Actors’ Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts 🌟 Analysis & reporting completed by Renzon, Tornado & Maxime Thiebaut 🎵 Audio: Available on Spotify, Apple, YouTube and more! 📚 Report: thedfirreport.com/2024/08/12/thr…

Señores Davivienda, me llegó un mensaje indicando brindar mi opinión, pero no tengo servicios con ustedes, por si es de su interés investigar comparto el link recibido https[:]//l.ma[.]sv/QQnUMDX #Davivienda Banco Davivienda

#alertadeseguridad 📢 Explotación de RCE en Protocolo TCP/IP de Windows.🚨 Desde el equipo #ColCERT compartimos análisis y el impacto para Colombia y la Región. Consultar en 📲 colcert.gov.co/800/w3-article… #MásPreparados #MásResilientes

#alertadeseguridad 📢 Vulnerabilidad Crítica en Microsoft 365 Copilot 🔎 El equipo #colCERT comparte implicaciones y riesgos.📝 Descargar Alerta:👉colcert.gov.co/800/w3-article… #MásPreparados #MinTIC #MásResilientes

Sweden’s domestic intelligence agency has uncovered that Iranian government-backed hackers were responsible for a cyberattack last year, aimed at provoking social division in Sweden. therecord.media/sweden-says-ir…

I recently co-authored a Unit 42 blog about a unique IR case in which a threat actor’s custom EDR bypass (using #BYOVD) exposed their toolkit, methods, and even identity. Check out how we unmasked them through an opsec slip-up! #dfir unit42.paloaltonetworks.com/edr-bypass-ext…

El #colCERT comparte #alertadeseguridad 🛑sobre amenaza del #Ransomware Ymir y RustyStealer que impacta al país. 📢Sigue las recomendaciones para evitar ser víctima de esta amenza.🔐 🔗colcert.gov.co/800/w3-article… #MásPreparados #MinisterioTIC #MásResilientes

Russian cyberspies target Android users with new spyware - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

¡Haciendo realidad legados de país hasta mis últimos días al frente del Ministerio TIC! Hoy inauguramos el Centro de Operaciones de Ciberseguridad de Colombia (SOC) del COLCERT: ✅ Presta servicios gratuitos a entidades públicas y privadas ante amenazas como softwares

In the last quarter of 2024, Microsoft Threat Intelligence observed developments in the ransomware ecosystem that researchers and defenders should watch for in 2025. 🧵

Just fyi, DeepSeek collects your IP, keystroke patterns, device info, etc etc, and stores it in China, where all that data is vulnerable to arbitrary requisition from the 🇨🇳 State. From their own privacy policy:

🚨 Spyware Alert! Citizen Lab reports Australia, Canada, Denmark & more may be using Paragon's Graphite spyware—the same tool used to target journalists & activists via WhatsApp. ⚠️ 90+ journalists targeted ⚠️ iPhones & Androids hacked 🔗 Full story: thehackernews.com/2025/03/six-go…

Want to test the SANS SEC565 free workshop lab by Jean on prem using LUDUS then check out this repo by Aleem Ladha... Once again an awesome contribution Aleem 🔥 github.com/aleemladha/SAN…

Twitter (X) Hit by Data Leak of 2.8 Billion Users; Allegedly an Insider Job hackread.com/twitter-x-of-2…

🚨X (Twitter): 2.8 Billion Users Compromised (?) A threat actor known as "ThinkingOne" claims that 400GB of information on 2,873,410,842 Twitter (X) users was leaked in January 2025. The first thing that comes to mind is: - Woah, this is massive The second thing that comes to

🚨🚨🚨 Massive X data breach: 2.8B user profiles leaked, allegedly by a disgruntled ex-employee during layoffs. 400GB of data hits Breach Forums. Insider threat or tall tale? X stays silent. #DataBreach

📢 I partnered with 13Cubed for another giveaway! 🎁 Their Investigating macOS Endpoints course just launched, and one person from X will win the new course! Course content includes: - Introduction to macOS - macOS Logs - macOS File Systems - macOS Core Forensic Artifacts

🚨 Akira ransomware is hitting SonicWall SSL VPNs—some fully patched. Researchers suspect a zero-day or credential abuse. Attacks surged in late July. Org? Disable SSL VPN until further notice. Full details ↓ thehackernews.com/2025/08/akira-…