Tootfinder

I will be at #ICANN86 this coming week in Seville, Spain, speaking on a panel about #cybersecurity and #InternetResilience , moderating a session in the

Deep research on a recent ClickFix campaign from Kirk at Derp.ca. He offered much more analysis of this campaign but I want to highlight two aspects of the identified kill chain: duckdns.org and trycloudflare.com. Blocking those two domains would have stopped this attack. #cybersecurity

SERPENTINE#CLOUD returns: ClickFix lure drops five RATs
Same operator, new delivery chain. ClickFix through Cloudflare tunnels drops five RAT families simultaneously - including Brute Ratel C4 wrapping PureHVNC.

Another cut in CISA budget for 2027, 707 million less.
#cisa #us #cybersecurity
🔗

«Das Cybersecurity-Äquivalent zum Hausschlüssel unter der Matte:
#IT-Experten auf Reddit analysieren fatale Lücken in der #Cybersecurity, die für #Hacker so offensichtlich sind wie ein Haustürschlüssel unte…

Das Cybersecurity-Äquivalent zum Hausschlüssel unter der Matte
IT-Experten auf Reddit analysieren fatale Lücken in der Cybersecurity, die für Hacker so offensichtlich sind wie ein Haustürschlüssel unter der Fußmatte.

De hackers hebben de buitgemaakte gegevens vernietigd, echt waar….🤣
#chipsoft #hack #cybersecurity

Chipsoft: Alle door hackers buitgemaakte data zijn vernietigd
Cyberaanval: Bij de cyberaanval stalen de hackers medische gegevens van zorginstellingen. Volgens de getroffen softwareontwikkelaar zijn de data niet gepubliceerd.

RE: https://swecyb.com/@orlysec/116500890115601107
IOCs to hunt for:
Domains / Services
jsonkeeper[.]com
jsonsilo[.]com
api[.]npoint[.]io
pastebin[.]com
*.vercel[.]app

"Natürlich ist und bleibt der Mensch als Einfallstor ein Kernproblem. Und auch Signal könnte hier vermutlich noch bessere Sicherheitsmechanismen ermöglichen als jene, die es bislang anbietet. Aber Anbieter können das Problem vor dem Bildschirm nicht lösen, wenn dieses sich nicht für Grundsätze der IT-Sicherheit interessiert." #heise

"Pass the key, passwords have passed their sell-by date"
#cybersecurity

Pass the key, passwords have passed their sell-by date
: NCSC passes judgment: passkeys pass muster, passwords fail

One of the best detailed descriptions of cybersecurity program essentials I’ve seen. From JP Morgan’s #cybersecurity team
https://www.j…

Fortifying the enterprise: 10 actions to take now for AI-ready cyber resilience
By the JPMorganChase Global Technology Leadership Team

gcve-eu-kev updated — a CISA KEV and ENISA CNW/EUVD to GCVE BCP-07 converter.
It now also includes a generic RSS/Atom exporter for any GCVE KEV BCP-07 feed.
@…
#cybersecurity

GitHub - gcve-eu/gcve-eu-kev: CISA/ENISA KEV to GCVE BCP-07 Converter.
CISA/ENISA KEV to GCVE BCP-07 Converter. Contribute to gcve-eu/gcve-eu-kev development by creating an account on GitHub.

Life is full of paradoxes. We spend countless time discussing threat actors using AI and in 2026 some are still relying on PlugX.
#plugx #cybersecurity #threatintel

Red Canary’s March Intelligence Insights report is out. They provide detection opportunities for common Windows and MacOS exploits #cybersecurity
https://redcanary.com/blog/threat-inte…

Intelligence Insights: March 2026 | Red Canary
ScreenConnect stays the course, Mac infostealers surge, and Vidar resurfaces in this month’s edition of Intelligence Insights

RE: #cybersecurity

RE: #cybersecurity

RE: #cybersecurity

For those in the Microsoft Defender ecosystem
#cybersecurity

What's new in Microsoft Defender XDR - Microsoft Defender XDR
Lists the new features and functionality in Microsoft Defender XDR

Here today at @… and very excited about it!
#cybersecurity

RE: #cybersecurity

This guy has a nice set of threat hunting blog posts. He includes detection logic and #ioc when available
https://newtonpaul.com

RE: https://infosec.exchange/@ScumBots/116195646833821026
Come ‘on now?!? Who still doesn’t have *.ngrok.io blocked? Ngrok themselves don’t even recommend using this domain any longer.