Tootfinder

One of the best detailed descriptions of cybersecurity program essentials I’ve seen. From JP Morgan’s #cybersecurity team
https://www.j…

Fortifying the enterprise: 10 actions to take now for AI-ready cyber resilience
By the JPMorganChase Global Technology Leadership Team

"Pass the key, passwords have passed their sell-by date"
#cybersecurity

Pass the key, passwords have passed their sell-by date
: NCSC passes judgment: passkeys pass muster, passwords fail

«Das Cybersecurity-Äquivalent zum Hausschlüssel unter der Matte:
#IT-Experten auf Reddit analysieren fatale Lücken in der #Cybersecurity, die für #Hacker so offensichtlich sind wie ein Haustürschlüssel unte…

Das Cybersecurity-Äquivalent zum Hausschlüssel unter der Matte
IT-Experten auf Reddit analysieren fatale Lücken in der Cybersecurity, die für Hacker so offensichtlich sind wie ein Haustürschlüssel unter der Fußmatte.

RE: #cybersecurity

gcve-eu-kev updated — a CISA KEV and ENISA CNW/EUVD to GCVE BCP-07 converter.
It now also includes a generic RSS/Atom exporter for any GCVE KEV BCP-07 feed.
@…
#cybersecurity

GitHub - gcve-eu/gcve-eu-kev: CISA/ENISA KEV to GCVE BCP-07 Converter.
CISA/ENISA KEV to GCVE BCP-07 Converter. Contribute to gcve-eu/gcve-eu-kev development by creating an account on GitHub.

RE: #cybersecurity

Life is full of paradoxes. We spend countless time discussing threat actors using AI and in 2026 some are still relying on PlugX.
#plugx #cybersecurity #threatintel

For those in the Microsoft Defender ecosystem
#cybersecurity

What's new in Microsoft Defender XDR - Microsoft Defender XDR
Lists the new features and functionality in Microsoft Defender XDR

Here today at @… and very excited about it!
#cybersecurity

"President Trump’s CYBER STRATEGY for America"
The strategy does not explicitly mention Coordinated Vulnerability Disclosure (CVD) or vulnerability disclosure programs.
Basically it's more about offensive posture, infrastructure protection, and technology dominance.
Cybersecurity independence for Europe is no longer optional, it has become a strategic necessity.
#cybersecurity

De hackers hebben de buitgemaakte gegevens vernietigd, echt waar….🤣
#chipsoft #hack #cybersecurity

Chipsoft: Alle door hackers buitgemaakte data zijn vernietigd
Cyberaanval: Bij de cyberaanval stalen de hackers medische gegevens van zorginstellingen. Volgens de getroffen softwareontwikkelaar zijn de data niet gepubliceerd.

"Natürlich ist und bleibt der Mensch als Einfallstor ein Kernproblem. Und auch Signal könnte hier vermutlich noch bessere Sicherheitsmechanismen ermöglichen als jene, die es bislang anbietet. Aber Anbieter können das Problem vor dem Bildschirm nicht lösen, wenn dieses sich nicht für Grundsätze der IT-Sicherheit interessiert." #heise

Another cut in CISA budget for 2027, 707 million less.
#cisa #us #cybersecurity
🔗

RE: #cybersecurity

This guy has a nice set of threat hunting blog posts. He includes detection logic and #ioc when available
https://newtonpaul.com

Deep research on a recent ClickFix campaign from Kirk at Derp.ca. He offered much more analysis of this campaign but I want to highlight two aspects of the identified kill chain: duckdns.org and trycloudflare.com. Blocking those two domains would have stopped this attack. #cybersecurity

SERPENTINE#CLOUD returns: ClickFix lure drops five RATs
Same operator, new delivery chain. ClickFix through Cloudflare tunnels drops five RAT families simultaneously - including Brute Ratel C4 wrapping PureHVNC.

Red Canary’s March Intelligence Insights report is out. They provide detection opportunities for common Windows and MacOS exploits #cybersecurity
https://redcanary.com/blog/threat-inte…

Intelligence Insights: March 2026 | Red Canary
ScreenConnect stays the course, Mac infostealers surge, and Vidar resurfaces in this month’s edition of Intelligence Insights

RE: https://infosec.exchange/@ScumBots/116195646833821026
Come ‘on now?!? Who still doesn’t have *.ngrok.io blocked? Ngrok themselves don’t even recommend using this domain any longer.

RE: https://swecyb.com/@orlysec/116500890115601107
IOCs to hunt for:
Domains / Services
jsonkeeper[.]com
jsonsilo[.]com
api[.]npoint[.]io
pastebin[.]com
*.vercel[.]app

Geoshitties for the win! If you use @… ‘s blocklists you’d have already blocked *.vercel.app which is a key link in the kill chain for this attack described by Microsoft. My advice: block Vercel for everyone in your org except for those that have a business need. #cybersecurity

Developer-targeting campaign using malicious Next.js repositories | Microsoft Security Blog
A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard build workflows. The activity demonstrates how staged command-and-control can hide inside routine development tasks.