Microsoft releases a cyberattack simulator - Shall we play a game?
Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents.
This simulator is being released as an open-source project named 'CyberBattleSim' built using a Python-based Open AI Gym interface.
https://www.bleepingcomputer.com/news/security/microsoft-releases-a-cyberattack-simulator-shall-we-play-a-game/
Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents.
This simulator is being released as an open-source project named 'CyberBattleSim' built using a Python-based Open AI Gym interface.
https://www.bleepingcomputer.com/news/security/microsoft-releases-a-cyberattack-simulator-shall-we-play-a-game/
BleepingComputer
Microsoft releases a cyberattack simulator - Shall we play a game?
Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents.
Sintesi riepilogativa delle campagne malevole nella settimana 3-9 aprile 2021
In questa settimana, il CERT-AGID ha riscontrato ed analizzato, nello scenario italiano di suo riferimento, un totale di 19 campagne malevole attive, di cui 2 generiche veicolate anche in Italia e 17 con obiettivi italiani, mettendo così a disposizione dei suoi enti accreditati i relativi 82 indicatori di compromissione (IOC) individuati.
by CERT-AgID - https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-3-9-aprile-2021/
In questa settimana, il CERT-AGID ha riscontrato ed analizzato, nello scenario italiano di suo riferimento, un totale di 19 campagne malevole attive, di cui 2 generiche veicolate anche in Italia e 17 con obiettivi italiani, mettendo così a disposizione dei suoi enti accreditati i relativi 82 indicatori di compromissione (IOC) individuati.
by CERT-AgID - https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-3-9-aprile-2021/
CERT-AGID
Sintesi riepilogativa delle campagne malevole nella settimana 3-9 aprile 2021
In questa settimana, il CERT-AGID ha riscontrato ed analizzato, nello scenario italiano di suo riferimento, un totale di 19 campagne malevole attive, di cui 2 generiche veicolate anche in Italia e 17 con obiettivi italiani, mettendo così a disposizione dei…
There's Another Facebook Phone Number Database Online
https://www.vice.com/amp/en/article/qj8dj5/facebook-phone-number-data-breach-telegram-bot
https://www.vice.com/amp/en/article/qj8dj5/facebook-phone-number-data-breach-telegram-bot
Vice
There's Another Facebook Phone Number Database Online
Analysis by Motherboard and a security researcher indicate the database is separate from the recently reported cache of 500 million accounts.
Cring, il ransomware che sfrutta vulnerabilità delle Fortinet VPN per rubare credenziali
Un’indagine sugli incidenti di sicurezza condotta dagli esperti di Kaspersky ICS CERT ha rivelato una serie di attacchi legati al ransomware Cring che, sfruttando una vulnerabilità (già nota dal 2018 e patchata nel 2019) nei server VPN di Fortigate, hanno colpito in Europa diverse imprese industriali provocando spesso interruzioni temporanee nei relativi processi di produzione.
https://www.cybersecurity360.it/nuove-minacce/ransomware/cring-il-ransomware-che-sfrutta-vulnerabilita-delle-fortinet-vpn-per-rubare-credenziali/
Un’indagine sugli incidenti di sicurezza condotta dagli esperti di Kaspersky ICS CERT ha rivelato una serie di attacchi legati al ransomware Cring che, sfruttando una vulnerabilità (già nota dal 2018 e patchata nel 2019) nei server VPN di Fortigate, hanno colpito in Europa diverse imprese industriali provocando spesso interruzioni temporanee nei relativi processi di produzione.
https://www.cybersecurity360.it/nuove-minacce/ransomware/cring-il-ransomware-che-sfrutta-vulnerabilita-delle-fortinet-vpn-per-rubare-credenziali/
Cyber Security 360
Cring, il ransomware che sfrutta vulnerabilità delle Fortinet VPN per rubare credenziali - Cyber Security 360
È stato ribattezzato Cring il ransomware che, sfruttando una vulnerabilità ora corretta dei server VPN Fortigate, è in grado di accedere al file system dei dispositivi attraverso internet e rubare le credenziali di accesso memorizzate in chiaro. Ecco i dettagli…
DNS-over-HTTPS causes more problems than it solves, experts say
DoH doesn't actually prevent ISPs user tracking
DoH creates havoc in the enterprise sector
DoH weakens cyber-security
DoH helps criminals
DoH shouldn't be recommended to dissidents
DoH centralizes DNS traffic at a few DoH resolvers
https://www.zdnet.com/article/dns-over-https-causes-more-problems-than-it-solves-experts-say/
DoH doesn't actually prevent ISPs user tracking
DoH creates havoc in the enterprise sector
DoH weakens cyber-security
DoH helps criminals
DoH shouldn't be recommended to dissidents
DoH centralizes DNS traffic at a few DoH resolvers
https://www.zdnet.com/article/dns-over-https-causes-more-problems-than-it-solves-experts-say/
ZDNET
DNS-over-HTTPS causes more problems than it solves, experts say
Several experts, companies, and national entities have voiced very convincing concerns about DoH and its features.
What can you learn from an IP address?
However, it might still be possible to determine which websites users are visiting by simply looking at the destination IP addresses on the traffic originating from users’ devices, which are visible as a part of the ClientHello of the TLS Handshake.
https://blog.apnic.net/2019/08/23/what-can-you-learn-from-an-ip-address/
However, it might still be possible to determine which websites users are visiting by simply looking at the destination IP addresses on the traffic originating from users’ devices, which are visible as a part of the ClientHello of the TLS Handshake.
https://blog.apnic.net/2019/08/23/what-can-you-learn-from-an-ip-address/
APNIC Blog
What can you learn from an IP address? | APNIC Blog
Guest Post: Researchers examine whether an adversary can deduce websites visited using a set of IP addresses originating from a user’s device.
Clubhouse data leak: 1.3 million scraped user records leaked online for free
Days after scraped data from more than a billion Facebook and LinkedIn profiles, collectively speaking, was put for sale online, it looks like now it’s Clubhouse’s turn. The upstart platform seems to have experienced the same fate, with an SQL database containing 1.3 million scraped Clubhouse user records leaked for free on a popular hacker forum.
The leaked database contains a variety of user-related information from Clubhouse profiles, including:
User ID
Name
Photo URL
Username
Twitter handle
Instagram handle
Number of followers
Number of people followed by the user
Account creation date
Invited by user profile name
https://cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/
Days after scraped data from more than a billion Facebook and LinkedIn profiles, collectively speaking, was put for sale online, it looks like now it’s Clubhouse’s turn. The upstart platform seems to have experienced the same fate, with an SQL database containing 1.3 million scraped Clubhouse user records leaked for free on a popular hacker forum.
The leaked database contains a variety of user-related information from Clubhouse profiles, including:
User ID
Name
Photo URL
Username
Twitter handle
Instagram handle
Number of followers
Number of people followed by the user
Account creation date
Invited by user profile name
https://cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/
Cybernews
Clubhouse data leak: 1.3 million scraped user records leaked online for free
An SQL database containing 1.3 million Clubhouse user records has been leaked for free on a popular hacker forum.
Research Says Facebook’s Ad Algorithm Perpetuates Gender Bias
In fields from software engineering to sales to food delivery, the team ran sets of ads promoting real job openings at roughly equivalent companies requiring roughly the same skills, one for a company whose existing workforce was disproportionately male and one that was disproportionately female. Facebook showed more men the ads for the disproportionately male companies and more women the ads for the disproportionately female companies, even though the job qualifications were the same. The paper concludes that Facebook could very well be violating federal anti-discrimination laws.
https://theintercept.com/2021/04/09/facebook-algorithm-gender-discrimination/
In fields from software engineering to sales to food delivery, the team ran sets of ads promoting real job openings at roughly equivalent companies requiring roughly the same skills, one for a company whose existing workforce was disproportionately male and one that was disproportionately female. Facebook showed more men the ads for the disproportionately male companies and more women the ads for the disproportionately female companies, even though the job qualifications were the same. The paper concludes that Facebook could very well be violating federal anti-discrimination laws.
https://theintercept.com/2021/04/09/facebook-algorithm-gender-discrimination/
The Intercept
Research Says Facebook’s Ad Algorithm Perpetuates Gender Bias
A University of Southern California study provides still more evidence that the company’s ad targeting illegally discriminates.
Guerre di Rete - #FacebookLeak: molte domande, poche risposte
Oggi si parla di:
- approfondimento su #FacebookLeak
- condanna a 20 anni per satira, conseguenza delle spie infiltrate in Twitter
- Solarwinds: ora l’Nsa vuole più poteri
- Amazon e sindacato
- altro
https://guerredirete.substack.com/p/guerre-di-rete-facebookleak-molte
Oggi si parla di:
- approfondimento su #FacebookLeak
- condanna a 20 anni per satira, conseguenza delle spie infiltrate in Twitter
- Solarwinds: ora l’Nsa vuole più poteri
- Amazon e sindacato
- altro
https://guerredirete.substack.com/p/guerre-di-rete-facebookleak-molte
Guerre di Rete
Guerre di Rete - #FacebookLeak: molte domande, poche risposte
E poi Amazon, Solarwinds e Nsa.
Weak Diffie-Hellman and the Logjam Attack
Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.
https://weakdh.org/
Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.
https://weakdh.org/
DivideAndScan
DivideAndScan is used to efficiently automate port scanning routine by splitting it into 3 phases:
Discover open ports for a bunch of targets.
Run Nmap individually for each target with version grabbing and NSE actions.
Merge the results into a single Nmap report (different formats available)
https://github.com/snovvcrash/DivideAndScan
DivideAndScan is used to efficiently automate port scanning routine by splitting it into 3 phases:
Discover open ports for a bunch of targets.
Run Nmap individually for each target with version grabbing and NSE actions.
Merge the results into a single Nmap report (different formats available)
https://github.com/snovvcrash/DivideAndScan
GitHub
GitHub - snovvcrash/DivideAndScan: Divide full port scan results and use it for targeted Nmap runs
Divide full port scan results and use it for targeted Nmap runs - snovvcrash/DivideAndScan
Occhio, la Cina ci osserva (da molto vicino). Fino a quando?
Come sottolineavamo in quell’occasione, il tema tocca l’Italia, con le tecnologie cinesi presenti anche in varie città. Qualche esempio? Basta visitare la sezione “Storie di successo” del sito di Hikvision, azienda presente in Italia con un ufficio a Vittorio Veneto (Treviso). Qui si trovano casi di utilizzo dei loro prodotti di videosorveglianza nel nostro Paese: la città di Avezzano (L’Aquila), la cattedrale di Santa Maria Nuova a Monreale (Palermo), la clinica privata Villa Margherita nel cuore di Roma e lo storico beach club sul litorale ostiense Marine Village. Su PadovaOggi.it si legge di telecamere Hikvision installate nella città veneta, perfino nel cimitero.
https://formiche.net/2021/04/cina-telecamere-pa-procure/
Come sottolineavamo in quell’occasione, il tema tocca l’Italia, con le tecnologie cinesi presenti anche in varie città. Qualche esempio? Basta visitare la sezione “Storie di successo” del sito di Hikvision, azienda presente in Italia con un ufficio a Vittorio Veneto (Treviso). Qui si trovano casi di utilizzo dei loro prodotti di videosorveglianza nel nostro Paese: la città di Avezzano (L’Aquila), la cattedrale di Santa Maria Nuova a Monreale (Palermo), la clinica privata Villa Margherita nel cuore di Roma e lo storico beach club sul litorale ostiense Marine Village. Su PadovaOggi.it si legge di telecamere Hikvision installate nella città veneta, perfino nel cimitero.
https://formiche.net/2021/04/cina-telecamere-pa-procure/
Formiche.net
Occhio, la Cina ci osserva (da molto vicino). Fino a quando? - Formiche.net
Termoscanner a Palazzo Chigi e telecamere nelle Procure: la tecnologia cinese avanza nella pubblica amministrazione italiana
Lo smart working cambia la comunicazione aziendale: tra sicurezza e informalità
E con l'aumentare dell’utilizzo di questi strumenti cresce anche il “peso specifico” delle informazioni che gli utenti si scambiano online in modo istantaneo, portando ancora una volta al centro dell’attenzione il tema della sicurezza e dell'accessibilità dei dati (dell’azienda e dei propri clienti).
https://www.ilsole24ore.com/art/lo-smart-working-cambia-comunicazione-aziendale-sicurezza-e-informalita-ADfi3wOB
E con l'aumentare dell’utilizzo di questi strumenti cresce anche il “peso specifico” delle informazioni che gli utenti si scambiano online in modo istantaneo, portando ancora una volta al centro dell’attenzione il tema della sicurezza e dell'accessibilità dei dati (dell’azienda e dei propri clienti).
https://www.ilsole24ore.com/art/lo-smart-working-cambia-comunicazione-aziendale-sicurezza-e-informalita-ADfi3wOB
Il Sole 24 ORE
Lo smart working cambia la comunicazione aziendale: tra sicurezza e informalità
Occorre ridisegnare i modelli utilizzati fino a oggi affinché possano rendere davvero più efficace ed efficiente il lavoro da remoto
Use the DuckDuckGo Extension to Block FLoC, Google’s New Tracking Method in Chrome
If you're a Google Chrome user, you might be surprised to learn that you could have been entered automatically into Google's new tracking method called Federated Learning of Cohorts (FLoC).
https://spreadprivacy.com/block-floc-with-duckduckgo/
If you're a Google Chrome user, you might be surprised to learn that you could have been entered automatically into Google's new tracking method called Federated Learning of Cohorts (FLoC).
https://spreadprivacy.com/block-floc-with-duckduckgo/
Spread Privacy
Use the DuckDuckGo Extension to Block FLoC, Google’s New Tracking Method in Chrome
Google has created a new tracking mechanism called FLoC, put it in Chrome, and automatically turned it on for millions of users. It's bad for privacy, which is why we're now blocking it in the DuckDuckGo extension.
Blackout Hits Iran Nuclear Site in What Appears to Be Israeli Sabotage
Some Iranian experts dismissed initial speculation that a cyberattack could have caused the power loss. The Natanz complex has its own power grid, multiple backup systems and layers of security protection intended to stop such an attack from abruptly shutting down its system.
https://www.nytimes.com/2021/04/11/world/middleeast/iran-nuclear-natanz.html
Some Iranian experts dismissed initial speculation that a cyberattack could have caused the power loss. The Natanz complex has its own power grid, multiple backup systems and layers of security protection intended to stop such an attack from abruptly shutting down its system.
https://www.nytimes.com/2021/04/11/world/middleeast/iran-nuclear-natanz.html
NY Times
Blackout Hits Iran Nuclear Site in What Appears to Be Israeli Sabotage
The power failure was described by Iran as “nuclear terrorism” as talks were underway in Vienna to restore the 2015 nuclear deal.
Scam Alert: LinkedIn Users Hit by Malware From Fake Job Offers
Researchers in the Threat Response Unit (TRU) of security provider eSentire broke the news that a hacking group is targeting professionals with fake job offers through LinkedIn. The emails draw on each victim’s profile to create a convincing, personalized offer. My profile says I’m a Lead Analyst at PCMag. Had I been a target, the email would have contained an attachment called “Lead Analyst – position.”
https://www.pcmag.com/news/scam-alert-linkedin-users-hit-by-malware-from-fake-job-offers
Researchers in the Threat Response Unit (TRU) of security provider eSentire broke the news that a hacking group is targeting professionals with fake job offers through LinkedIn. The emails draw on each victim’s profile to create a convincing, personalized offer. My profile says I’m a Lead Analyst at PCMag. Had I been a target, the email would have contained an attachment called “Lead Analyst – position.”
https://www.pcmag.com/news/scam-alert-linkedin-users-hit-by-malware-from-fake-job-offers
PCMAG
Scam Alert: LinkedIn Users Hit by Malware From Fake Job Offers
With rampant unemployment ongoing, a job offer through LinkedIn can seem like a godsend. Watch out, though, as some offers aren’t what they seem.
This media is not supported in your browser
VIEW IN TELEGRAM
self-driving vending machine
Richard Stallman chiede scusa e la comunità del software libero lo riabbraccia
Richard Stallman chiede scusa alla comunità del software libero. Accompagnata dalla dichiarazione della Free Software Foundation (FSF) che spiega la scelta di riammetterlo in consiglio, la lettera del padre fondatore del movimento del software libero inviata a Repubblica fa ammenda dei comportamenti passati ma senza rinunciare alla difesa del suo vecchio amico Marvin Minsky, il pioniere dell'Intelligenza Artificiale.
https://www.repubblica.it/tecnologia/sicurezza/2021/04/13/news/richard_stallman_chiede_scusa_e_la_comunita_del_software_libero_lo_riaccoglie-296302661/?ref=RHVS-VS-I270678117-P9-S2-T1
Richard Stallman chiede scusa alla comunità del software libero. Accompagnata dalla dichiarazione della Free Software Foundation (FSF) che spiega la scelta di riammetterlo in consiglio, la lettera del padre fondatore del movimento del software libero inviata a Repubblica fa ammenda dei comportamenti passati ma senza rinunciare alla difesa del suo vecchio amico Marvin Minsky, il pioniere dell'Intelligenza Artificiale.
https://www.repubblica.it/tecnologia/sicurezza/2021/04/13/news/richard_stallman_chiede_scusa_e_la_comunita_del_software_libero_lo_riaccoglie-296302661/?ref=RHVS-VS-I270678117-P9-S2-T1
la Repubblica
Richard Stallman chiede scusa e la comunità del software libero lo riabbraccia
Dopo le accuse di essere misogino e transfobico, in una lettera inviata a Repubblica il guru del software libero fa ammenda, spiega le sue posizioni, e chiede …
Fatti sentire sul #chatcontrol!
ATTENZIONE CITTADINI EUROPEI! PARTECIPATE ALLA CONSULTAZIONE ONLINE FINO AL 15 APRILE!
La Commissione UE sta elaborando una normativa per consentire la scansione di TUTTE le attività online, incluse email e messaggistica.
https://pirati.io/2021/04/fatti-sentire-sul-chatcontrol/
ATTENZIONE CITTADINI EUROPEI! PARTECIPATE ALLA CONSULTAZIONE ONLINE FINO AL 15 APRILE!
La Commissione UE sta elaborando una normativa per consentire la scansione di TUTTE le attività online, incluse email e messaggistica.
https://pirati.io/2021/04/fatti-sentire-sul-chatcontrol/
NAME:WRECK vulnerabilities impact millions of smart and industrial devices
Called NAME:WRECK, the vulnerabilities have been discovered by enterprise IoT security firm Forescout as part of its internal research program named Project Memoria — which the company describes as “an initiative that aims at providing the cybersecurity community with the largest study on the security of TCP/IP stacks.”
https://therecord.media/namewreck-vulnerabilities-impact-millions-of-smart-and-industrial-devices/
Called NAME:WRECK, the vulnerabilities have been discovered by enterprise IoT security firm Forescout as part of its internal research program named Project Memoria — which the company describes as “an initiative that aims at providing the cybersecurity community with the largest study on the security of TCP/IP stacks.”
https://therecord.media/namewreck-vulnerabilities-impact-millions-of-smart-and-industrial-devices/
The Record by Recorded Future
NAME:WRECK vulnerabilities impact millions of smart and industrial devices
Security researchers have found a new set of vulnerabilities that impact hundreds of millions of servers, smart devices, and industrial equipment.