#McLaren #HealthCare says #DataBreach impacts 743,000 patients

https://www.bleepingcomputer.com/news/security/mclaren-health-care-says-data-breach-impacts-743-000-patients/

Tiny keys can secure the strongest door in a well-guarded castle. #Linux #OpenSource #cybersecurity https://cromwell-intl.com/cybersecurity/yubikey/?s=mc

#Steel giant #Nucor confirms hackers stole data in recent breach

https://www.bleepingcomputer.com/news/security/steel-giant-nucor-confirms-hackers-stole-data-in-recent-breach/

Today at the @firstdotorg conference, we’re presenting Draugnet, an open-source, lightweight submission tool designed to make sharing cyber threat intelligence easier.

With @treyka @iglocska

@misp

https://github.com/draugnet/draugnet

Journalists need #encryption - and the #WashingtonPost hack shows why

https://tuta.com/blog/journalists-need-encryption

Guilds offer #cybersecurity warrior badges. If you desire one, learn the laws of the lands along all the trade routes. https://cromwell-intl.com/cybersecurity/isc2-ccsp/standards-and-regulations.html?s=mc

This dumb password rule is from BMW ConnectedDrive.

Although the prompt suggests good things, after many failed attempts to
set a new password, it turns out you can ONLY use the special characters
shown in the prompt

https://dumbpasswordrules.com/sites/bmw-connecteddrive/

#CoinMarketCap briefly hacked to drain #crypto wallets via fake #Web3 popup

https://www.bleepingcomputer.com/news/security/coinmarketcap-briefly-hacked-to-drain-crypto-wallets-via-fake-web3-popup/

#Oxford City Council suffers breach exposing two decades of data

https://www.bleepingcomputer.com/news/security/oxford-city-council-suffers-breach-exposing-two-decades-of-data/

You can cipher your scrolls into secret tongues and then store them in a remote redoubt. #cloud #cybersecurity https://cromwell-intl.com/cybersecurity/ec2-secure-storage.html?s=mc

Russian hackers bypass #Gmail #MFA using stolen app #passwords

https://www.bleepingcomputer.com/news/security/russian-hackers-bypass-gmail-mfa-using-stolen-app-passwords/

#WordPress #Motors theme flaw mass-exploited to hijack admin accounts

https://www.bleepingcomputer.com/news/security/wordpress-motors-theme-flaw-mass-exploited-to-hijack-admin-accounts/

Salt Typhoon, a China-linked group, is exploiting router flaws to spy on global telecoms, warns a joint FBI and Canada cyber advisory.

Read: https://hackread.com/salt-typhoon-targets-telecoms-router-flaws-fbi-canada/

A wise #cybersecurity warrior tries to see his own defenses through the eyes of the enemy. https://cromwell-intl.com/cybersecurity/attack-study/attacker-perspective.html?s=mc

China-linked #LapDogs campaign has been active since 2023, dropping the #ShortLeash backdoor and using hacked routers to hide espionage and data theft.

Read: https://hackread.com/china-lapdogs-drops-shortleash-backdoor-fake-certs/

It's not just about protecting data *from* AI; it's about protecting the AI itself! NIST is working on new guidance because AI systems have unique risks, like their actual "brains" (models) or training data getting swiped. Wild, right? #AI #Cybersecurity
https://archive.is/LYHCa

Following the US strikes on Iranian nuclear facilities, the Department of Homeland Security has warned of retaliation in the form of cyber attacks.

#Technology #cybersecurity #News

https://www.thenationalnews.com/future/technology/2025/06/23/us-braces-for-cyber-attacks-by-pro-iranian-hacktivists/

Boldly executed military attacks have demonstrated significant weaknesses in even the most formidable nations – forcing aggressive states to rapidly reassess their strategies for power projection. With traditional military capabilities proving insufficient against nimble adversaries, the appeal of cyber offensive operations as an asymmetric tool is stronger than ever.

I explore how the shifting warfare in the Ukraine-Russia and Israel-Iran wars are driving global powers to look towards increasing respective offensive cyber capabilities. This poses new challenges and opportunities for cybersecurity professionals. Discover what it means for the future of cybersecurity and global cyber defense.

#Cybersecurity #CyberWarfare #NationStateThreats #InfoSec #Geopolitics #Technology #CriticalInfrastructure

Video: https://www.youtube.com/watch?v=IDPR9UdioII

Full Article: https://open.substack.com/pub/matthewrosenquist/p/successful-military-attacks-are-driving

State of (in)security - Week 25, 2025

The week of June 16-23, 2025 saw 16 vulnerability advisories and 17 security incidents affecting approximately 9.7 million individuals, with major ransomware attacks hitting organizations like Aflac Insurance and Tonga's Ministry of Health. Critical vulnerabilities are actively exploited in WordPress themes, TP-Link routers, and multiple enterprise systems.

**AI integrations require rock-solid tenant isolation at every layer of the system, and experimental AI features need extra security safeguards and logging to track data access patterns. As a user, be cautious with AI features, understand exactly what data your favorite AI can access, don't over-share because AI implementations are far from well understood and controlled - even when the developer has only the best intentions.**
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-25-2025-k-9-6-v-6/gD2P6Ple2L