caretaker

@[email protected]
3 Followers
73 Following
332 Posts
Infosec | ISMS | HTB & THM | ethical hacking
caretakerSep 29, 2025
CCCSep 27, 2025
Wir laden dazu ein, das Programm auf den Bühnen mit Vorträgen und den #39C3 mit Musik, Kunst und Punk zu bereichern. Macht mit! Die Deadline für Einreichungen für das Bühnenprogramm ist der 24. Oktober https://www.ccc.de/de/updates/2025/39c3-calls
CCC | Vorträge, Musik, Kunst, Punk: Macht mit beim 39. Chaos Communication Congress!

Der Chaos Computer Club ist eine galaktische Gemeinschaft von Lebewesen für Informationsfreiheit und Technikfolgenabschätzung.

caretakerSep 29, 2025
OWASP FoundationSep 29, 2025
Final day to register!
Hackers Gambit 2025 is now FREE 💥
₹1,10,000+ Prize Pool
2000+ players
Qualifiers Oct 10–12 (Online)
Finals Oct 30–31 (In-person)
Register now: https://unstop.com/o/j7E3ecI
caretakerSep 23, 2025
Zack WhittakerSep 22, 2025

For TechCrunch, I wrote about Unit 221B, a cybersecurity company that's recently made a name for itself by tracking today's top English-speaking hacking groups, including Scattered Spider, and helping to disrupt their operations. Now the company has raised $5 million to focus on the threat.

https://techcrunch.com/2025/09/22/unit-221b-raises-5-million-to-help-track-and-disrupt-todays-top-hacking-groups/

Unit 221B raises $5M to help track and disrupt today’s top hacking groups | TechCrunch

The seed funding raise will help Unit 221B expand its threat intelligence platform, which tracks the English-speaking youth hacking phenomenon.

TechCrunch
caretakerSep 23, 2025
Brian ClarkSep 21, 2025

Zensec has a good article on the Akira ransomware group's tactics taken directly from their DFIR experience on 16+ incidents. A few key take-aways:

- Initial Access: Please, please please patch your Internet-facing VPN and firewall devices including your Sonicwall, Cisco ASA and Watchguard devices.
- Patch our Veeam software. They used vulnerable Veeam installs to perform privilege escalation
- Block access to Anydesk.com and remotedesktop.google.com if you don't use those services

#cybersecurity #ransomware
https://zensec.co.uk/blog/unmasking-akira-the-ransomware-tactics-you-cant-afford-to-ignore/

Unmasking Akira: The ransomware tactics you can’t afford to ignore - Zensec

If you are reading this because you have experienced a ransomware incident and are unsure how to deal with it, contact Zensec immediately.

Zensec
caretakerSep 21, 2025
Dissent Doe  Sep 21, 2025

NEW: When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on

Others seem to have interpreted their "goodbye" message differently than I had. Were they lying or did people just not understand a significant statement in their message?

And while headlines focus on them hitting a bank, I think we need to take a closer look at their attacks on the aviation sector.

https://databreaches.net/2025/09/21/when-goodbye-isnt-the-end-scattered-lapsus-hunters-hack-on/

#databreach #ScatteredSpider #ShinyHunters #LAPSUS$ #CollinsAerospace #airlines #airports

When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on – DataBreaches.Net

“Goodbye isn't the end. It's the beginning of what happens next.” -- Joshua Shaw Reading the news, I see some headlines suggesting that "Scattered LAPSUS$ Hunte

DataBreaches.Net
caretakerSep 21, 2025
Show threadKevin BeaumontSep 21, 2025

The Guardian have a look inside the crisis at Jaguar Land Rover.

There's no new information, other than sources at the company saying they don't realistically know when they will be able to restart production.

https://www.theguardian.com/business/2025/sep/20/jaguar-land-rover-hack-factories-cybersecurity-jlr

caretakerSep 20, 2025
Show threadKevin BeaumontSep 20, 2025

If any journalists want a list of top impacted airports to check: https://infosec.exchange/@nieldk/115237394885804514

BBC have Dublin and Cork added.

PhreakByte (@[email protected])

@cirriustech @[email protected] here are the “top ten” airports using vMUSE. See any you recognize in Europe as listed in current incident ;) 1. London Heathrow (LHR) 2. Glasgow Airport (GLA) 3. Berlin Schönefeld (SXF) 4. Dublin Airport (DUB) 5. Cork Airport (ORK) 6. Cologne Bonn Airport (CGN) 7. Mazatlán International Airport (Mexico) 8. Zihuatanejo International Airport (Mexico) 9. Monterrey International Airport (Mexico) 10. Velana International Airport (Maldiverne)

Infosec Exchange
caretakerSep 20, 2025
Simon WillisonSep 20, 2025
Leaked memo from Amazon that warns existing H1B holders to avoid travel back into the USA after the September 21st deadline - their lawyers evaluated the new executive order as not just affecting new applications https://www.businessinsider.com/read-memos-sent-big-tech-trump-h-1b-changes-2025-9
caretakerSep 18, 2025
heise onlineSep 18, 2025

Linkedin will auch Deine Daten für seine KI

Ab November stehen alle Nutzerdaten auf Linkedin zum Training Künstlicher Intelligenzen zur Verfügung – außer, die Nutzer widersprechen.

https://www.heise.de/news/Linkedin-will-auch-Deine-Daten-fuer-seine-KI-10662110.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Datenschutz #Entertainment #GenerativeAI #LinkedIn #Microsoft #Werbebranche #SocialMedia #Wirtschaft #news

Linkedin will auch Deine Daten für seine KI

Ab November stehen alle Nutzerdaten auf Linkedin zum Training Künstlicher Intelligenzen zur Verfügung – außer, die Nutzer widersprechen.

heise online
caretakerSep 14, 2025
Kevin BeaumontSep 14, 2025

For privacy researchers, this thread is interesting. iOS allow apps to make network requests after push notifications.

Instagram (and others) appear to be using this to profile devices, eg retrieve device uptime without their customer opening Instagram.

This one probably needs more eyes on it. https://mastodon.social/@mysk/115204746326765802