Within five minutes of requesting a new certificate from #letsencrypt, a total of 50 different IPs hit my zero-traffic-other-than-me web server.

Thanks to Certificate Transparency it's never been easier to get your honeypot discovered!

#cybersecurity #infosec

Try the Last Internet Kermit Server

Link: https://changelog.complete.org/archives/10555-try-the-last-internet-kermit-server
Discussion: https://news.ycombinator.com/item?id=37009329

Ransomware gangs continue to prioritize targeting VMware ESXi servers, with almost every active ransomware gang creating custom Linux encryptors for this purpose.

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-4th-2023-targeting-vmware-esxi/

🌩️ Unleash the Storm in the Cloud! Join us on our #DEFCON livestream with Matt Johansen, Andrew Martin, and Moses Frost for a captivating journey into #cloudhacking! 🌩️

In this session, these experts will embark on a deep dive into the #cloud. From identifying misconfigurations to infiltrating cloud-based environments, our speakers will demonstrate cutting-edge techniques to explore the uncharted territories of #cloudsecurity. Get ready to conquer the cloud in this #BFLive session on Aug. 11! https://bfx.social/3rK2jxS

The privacy-focused search engine Brave Search has finally introduced its own, independent image and video search capabilities, breaking free from relying on Bing and Google for media search.

https://www.bleepingcomputer.com/news/security/brave-search-adds-private-image-and-video-search-capability/

Cult of the Dead Cow, 39 years of #hacking and #hacktivism in defense of the common good, human rights and fun.

cDc will headline #DefCon releasing a framework and distributed network for apps that fully encrypt files, messages and even social networking.

https://www.washingtonpost.com/technology/2023/08/02/encryption-dead-cow-cult-apps-def-con/?pwapi_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZWFzb24iOiJnaWZ0IiwibmJmIjoxNjkwOTQ4ODAwLCJpc3MiOiJzdWJzY3JpcHRpb25zIiwiZXhwIjoxNjkyMzMxMTk5LCJpYXQiOjE2OTA5NDg4MDAsImp0aSI6IjliNmFkMzM2LTVkYzktNGY4NC05MzNkLWNiY2VjZWFlMzhhMSIsInVybCI6Imh0dHBzOi8vd3d3Lndhc2hpbmd0b25wb3N0LmNvbS90ZWNobm9sb2d5LzIwMjMvMDgvMDIvZW5jcnlwdGlvbi1kZWFkLWNvdy1jdWx0LWFwcHMtZGVmLWNvbi8ifQ.8FP1yys24DImIzzmc7jSkI-eHEcGWKUQ5UO70--eoi0

"firefox only has a 3% market share"

bruh that's 150 million people

🔒 Technical Report: Hidden Dangers of .zip Domains 🔍

#cybersecurity #phishing #malware #TLDs #onlinefraud

Introduction:
Google's introduction of new top-level domains, including ".zip," has lifted limitations on TLD registrations. However, cybercriminals have capitalized on this opportunity to deceive users and conduct phishing attacks.

Cybersecurity Risks with .zip Domains:
👉 Cybercriminals misuse .zip domains, impersonating reputable IT firms, like Microsoft and Google, to trick users into downloading malware.
👉 A "file archiver in the browser" phishing kit exploits .zip domains, luring users into executing malicious files and stealing credentials.
👉 "chatgpt5[.]zip" is employed to deceive users and lead them to malicious sites, complicating phishing detection efforts.
👉 Popular office software suite filenames are being used in successful phishing attempts with .zip domains, posing risks to sensitive information exposure.

Recommendations:

Conclusion:
Businesses and individuals must be aware of the risks associated with .zip domains and take necessary precautions to safeguard against phishing and online fraud.

Source: https://cybersecuritynews.com/dangers-of-zip-domains/