CVE-2023-26818: Latest blog post on how I found a vulnerability in Telegram's macOS app and was able to bypass TCC, giving me unauthorized access to sensitive user data and recording the user via camera. 🔒 📸 #Cybersecurity #macOS danrevah.github.io/2023/05/15/CVE…

Clandestine communications in cyber-denied environments - Numbers stations and radio in the 21st century (2023) doi.org/10.1080/183353… Open Access article by Tony Ingesson (Tony Ingesson) and Magnus Andersson, published in Journal of Policing Intelligence Counter Terrorism.

This is crazy. An iOS KeePass app was sending the clipboard contents *unencrypted via UDP* to a server. The developer "fixed" it by still sending it via UDP, but this time with fixed key and IV. 🤦‍♂️ The app is simply a credential stealer and probably in violation of some laws.

CVE-2023-28204 (Safari zero-day, may have been actively exploited) - commit e34edaa RegExpGlobalData::performMatch issue leading to OOB read github.com/WebKit/WebKit/…

Foi um privilégio participar deste excelente evento organizado pela PF e Febraban.

Millions of emails intended for US military - including highly sensitive info - have been misdirected to Mali instead, due to people typing .ml in address instead of .mil. This, despite repeated warnings for a decade to double-check address before sending ft.com/content/ab62af…

@noexceptcpp hunting while going to hunt 😂

To everyone who knows me from the popular Naked Security website - sadly, Sophos has closed the site, and I'm leaving the company. But I'm not leaving cybersecurity! Follow me here (and on FB, Insta, LI) for the next part of the journey. Best regards,

Foi um sucesso nosso webinar de lançamento do Relatório Anual da Apura Cyber Intelligence S/A, que tratou dos acontecimentos mais relevantes de 2023, e das expectativas para o próximo ano. Todo o conteúdo apresentado está detalhado no link conteudo.apura.com.br/relatorio-apur…

After infiltrating LockBit's systems, we gathered a lot of information about their criminal activity and those who worked with them. Including their network of 194 hackers or 'affiliates' who we'll be in touch with very soon. Until then, we hope they have a nice day 🙂 #Cronos

Nosso Data Protection Officer, Arthur Oliveira, convida para nossa LIVE dia 11/4, 17h. Descubra como o Brand Monitoring pode proteger sua marca de ameaças online. Esteja preparado para insights valiosos e dicas práticas! #Apura #BrandMonitoring #Live #ProteçãoOnline

Some people asked, so here's a guide for customizing your BSOD

A conscientização sobre os vieses cognitivos pode melhorar significativamente a racionalidade das decisões, especialmente na área de segurança da informação. Mais em: linkedin.com/pulse/vieses-c…

At the 9th Americas Cybercrime Working Group in Brasília: 100+ participants from 35 countries, 3 international orgs, and 15 private partners. Remarks by INTERPOL’s VP for America and Brazil’s Federal Police Director General. Focus: strategies to combat #cybercrime. #INTERPOL #COE

I am excited to share that I have reached 30,000 followers on LinkedIn today! It has been 20 years since I created my account, and I am grateful to be connected with thousands of industry professionals I've had the pleasure of engaging with over the course my 30-year career.

A Apura acaba de lançar um relatório exclusivo que detalha a cronologia completa de um sofisticado ataque que resultou no desvio de milhões de reais no país. linkedin.com/pulse/incident…

The future whispers - not human, not machine, but a shadow born of both. Algorithms rise like invisible rulers, predicting desires before they exist, rendering verdicts before guilt is felt. Choice becomes theater - the script already carved in circuits, and we only act it out.