lemmydev2

Most of us learned to design circuits with schematics. But if you get to a certain level of complexity, schematics are a pain. Modern designers — especially for digital circuits …read more

The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. [...]

OpenBSD 7.7, the 58th release of the security-focused operating system, was officially launched on April 28, 2025. This release substantially improves multiple areas, including performance optimization, hardware support, and security enhancements. The new version features notable performance improvements, particularly on ARM64 architecture, where the PMAP teardown has been optimized by skipping TLB flushes, resulting in […] The post OpenBSD 7.7 Released with Significant Performance & Security Enhancements appeared first on Cyber Security News.

In response to the concerning rise of “violence-as-a-service” (VaaS) and the exploitation of youth by organized crime, Europol has announced the formation of a new Operational Task Force (OTF), codenamed GRIMM.  This multinational initiative, led by Sweden, brings together law enforcement agencies from Belgium, Denmark, Finland, France, Germany, the Netherlands, and Norway. Europol provides operational […] The post Europol Creates Operational Taskforce to Tackle Violence-as-a-Service appeared first on Cyber Security News.

A former Disney employee has been sentenced to three years in prison for computer fraud and identity theft.

Reddit called it an "improper and highly unethical experiment" and said it did not know it was happening.

In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities (44%) affected enterprise solutions, which is up from 37% in 2023, according to Google Threat Intelligence Group researchers. “Zero-day vulnerabilities in security software and appliances were a high-value target in 2024. We identified 20 security and networking vulnerabilities, which was over 60% of all … More → The post 44% of the zero-days exploited in 2024 were in enterprise solutions appeared first on Help Net Security.

A significant vulnerability in the Linux kernel’s Virtual Socket (vsock) implementation, designated as CVE-2025-21756, has been identified that could allow local attackers to escalate privileges to root level.  Security researchers have confirmed that this flaw, which received a CVSS v3.1 Base Score of 7.8 (HIGH), can be reliably exploited on affected systems. Critical Linux Kernel […] The post Critical Linux Kernel Vulnerability Exposes Systems to Privilege Escalation Attacks appeared first on Cyber Security News.

arXiv:2504.14235v2 Announce Type: replace Abstract: Cyber threats have become increasingly prevalent and sophisticated. Prior work has extracted actionable cyber threat intelligence (CTI), such as indicators of compromise, tactics, techniques, and procedures (TTPs), or threat feeds from various sources: open source data (e.g., social networks), internal intelligence (e.g., log data), and ``first-hand'' communications from cybercriminals (e.g., underground forums, chats, darknet websites). However, "first-hand" data sources remain underutilized because it is difficult to access or scrape their data. In this work, we analyze (i) 6.6 million posts, (ii) 3.4 million messages, and (iii) 120,000 darknet websites. We combine NLP tools to address several challenges in analyzing such data. First, even on dedicated platforms, only some content is CTI-relevant, requiring effective filtering. Second, "first-hand" data can be CTI-relevant from a technical or strategic viewpoint. We demonstrate how to organize content along this distinction. Third, we describe the topics discussed and how "first-hand" data sources differ from each other. According to our filtering, 20% of our sample is CTI-relevant. Most of the CTI-relevant data focuses on strategic rather than technical discussions. Credit card-related crime is the most prevalent topic on darknet websites. On underground forums and chat channels, account and subscription selling is discussed most. Topic diversity is higher on[...]

Automation and structured collaboration have a strong, positive influence on the efficiency of vulnerability management, according to Seemplicity. However, manual processes, unstructured workflows, and excessive noise from vulnerability scanning tools continue to slow remediation efforts, leading to delays and security risks. Despite advancements in automation, a significant portion of vulnerability management remains manual, increasing operational inefficiencies and contributing to alert fatigue. “This year’s data makes it clear that security teams aren’t short on tools or … More → The post Investing in security? It’s not helping you fix what matters faster appeared first on Help Net Security.

British defence firms have reportedly warned staff not to connect their phones to Chinese-made EVsMobile phones and desktop computers are longstanding targets for cyber spies – but how vulnerable are electric cars?On Monday the i newspaper claimed that British defence firms working for the UK government have warned staff against connecting or pairing their phones with Chinese-made electric cars, due to fears that Beijing could extract sensitive data from the devices. Continue reading...

Cloudflare says it mitigated 20.5 million DDoS attacks in the first quarter of 2025. This is a 358% increase compared to the same time last year. Their Q1 2025 DDoS report highlights a rise in the number and size of attacks, including some of the largest ever recorded. Map of top 10 most attacked industries in Q1 2025 (Source: Cloudflare) Massive multi-vector attacks One-third of the attacks, about 6.6 million, directly targeted Cloudflare’s own network … More → The post DDoS attacks jump 358% compared to last year appeared first on Help Net Security.