From high-profile data breaches to emerging vulnerabilities, this week's newsletter delves into the cybersecurity landscape, giving you the knowledge to stay informed and vigilant.
#Cybersecurity #DataBreach #Vulnerability #Malware #InfoSec
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-14-cd7
Building a strong security culture is key to IT success. Join the discussion on strategies and real-life lessons to protect your business. Share your insights! #SecurityCulture #CyberSecurity #DigitalTransformationLeadership #ITRiskManagement #EmployeeTraining #SecurityAwareness #TechDebate #SecurityInnovation
https://medium.com/@sanjay.mohindroo66/building-a-strong-security-culture-within-your-organization-ded57d231b45
“Unless you are using #GPG, email is not end-to-end encrypted, & the contents of a message can be intercepted & read at many points, including on Google’s email servers,” said Eva Galperin, director of #cybersecurity at the Electronic Frontier Foundation.
#NationalSecurity experts have expressed alarm over the #Trump admin’s denial that the leaked #Signal chat contained #classified information.
"With an expected downgrade to the status of electoral autocracy, the US will share its label with Turkey, Hungary, Iraq, India, and Russia. This makes Big Tech's data collection, storage, control over, or any use of that data an even more urgent issue around the world."
Information about the UK #cybersecurity Bill coming out today:
Missing:
* Protections for encryption
* Explicit discussion of #digitalsovereignty and the need to transition to #opensource #foss
* Safeguards against future self inflicted cybersecurity disasters through hiding vulnerabilities leading to incidents like WannaCry
@openrightsgroup will be making the case for these changes
Watch Sachin Bhakar's session "Open Source Security by Design: Standards & Policies" at #FOSSASIASummit2025 to explore how security-first design principles, standards, and policies can strengthen open-source software from the ground up.
Click here https://youtu.be/2dH3AU02MFo?si=XoPM8809mg5Xym8S to watch on the FOSSASIA YouTube channel
XYZ 0.2.22 is released today - https://ivarch.com/programs/xyz.shtml
This release adds a check that all directories in the path have appropriate permissions, and extends the range of utility functions available to extensions.
XYZ is a lightweight #CyberSecurity tool for administrators to check a GNU/Linux or BSD system for common faults that could cause sensitive information or interfaces to be exposed, such as service accounts without a password, SSH private keys or GPG secret keys without passphrases, or lax permissions on configuration files.
XYZ uses the resources of the Codeberg platform - https://codeberg.org - for free software development.
Welcome to this week's roundup of some of the most interesting cybersecurity updates. Subscribe for a concise perspective on the latest threats and protective measures in the field.
#Cybersecurity #DataBreach #Vulnerability #Ransomware #Infosec
https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-13-bf4
I was not expecting this to arrive so quickly, but it’s here and I already have #Rayhunter installed on it. Going to take it out for a drive this evening.
I think this has some value above and beyond catching stingrays because of what it collects when recording. :)
SignalGate Is Driving the Most US Downloads of Signal Ever
https://www.wired.com/story/signalgate-is-driving-the-most-us-downloads-of-signal-ever/
#ycombinator #encryption #privacy #donald_trump #security #cybersecurity #government #end_to_end_encryption #politics #signal
Excellent recap from MSNBC:
"Military plans group chat scandal fits pattern of Trump's embarrassing weakness on information security."
Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit 
Teilen erbeten 
als PDF:
https://cryptpad.digitalcourage.de/file/#/2/file/NdmBgSYkRCto8B+JmJkE9mQ4/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
So this is what I was dancing about last night - DomainTools Investigations researchers uncovered nearly 900 connected domains spoofing defense and aerospace firms involved in the Ukraine conflict.
Keep in mind that just because an application is open source doesn't mean it's safer. If nobody checks its code for bugs or malware, it could be worse than other software.
----
We have so many questions that are making us feel a bit uneasy: 
In what ways can you be certain that a particular open-source software solution is secure?
What factors do individuals with an IT background consider when making decisions about open source software safety?
Certain open source software solutions have extensive code bases. Consequently, it would require a significant investment of time to verify the absence of bugs or malicious code. 
That said, even those who can understand code may not always have the time or energy to investigate every piece of software they install. So what are their criteria for endorsing a particular piece of software that they haven't analysed its code? 
And what tips do you have for people who aren't developers, to help them make the best choices when they can't understand the code? Who can they trust?
A comprehensive guide that blends technical expertise with strategic foresight, offering practical frameworks and real-world insights for leaders aiming to harness AI’s full potential. # AI #TechLeadership #Innovation #DigitalTransformation #AITech #DataDriven #FutureThinking #CyberSecurity #CustomerEngagement #EmergingTech
https://medium.com/@sanjay.mohindroo66/unlocking-the-impact-potential-of-ai-161209b53a8d
#CyberSecurity what would happen if I block all connections to the US on a Mac ? 
Google to buy cybersecurity firm Wiz for $32B US in company's biggest ever deal
Google's parent company, Alphabet, has struck a deal to buy cybersecurity firm Wiz for $32 billion US in what would be the tech giant's biggest-ever acquisition, a move which comes at the same time it's facing a potential breakup of its internet empire.
#business #technology #cybersecurity #acquisition #News
https://www.cbc.ca/news/business/google-acquires-wiz-1.7487381?cmp=rss
Google to buy cybersecurity firm Wiz for $32B US in company's biggest ever deal
Google's parent company, Alphabet, has struck a deal to buy cybersecurity firm Wiz for $32 billion US in what would be the tech giant's biggest-ever acquisition, a move which comes at the same time it's facing a potential breakup of its internet empire.
#business #technology #cybersecurity #acquisition #News
https://www.cbc.ca/news/business/google-acquires-wiz-1.7487381?cmp=rss
Wenn ich am gleichen Tag gleich zwei billige Test-Phishing-Emails bekomme (Organisation nutzt Webex gar nicht) - halten die mich dann für blöd oder wollen die sicherstellen, dass wirklich niemand darauf reinfällt, damit sie ihre Statistik verbessern können? ("Sehen Sie, unser Training wirkt Wunder, die Menschen erkennen Phishing jetzt schon viel besser.") 
#cybersecurity
Hacker News 
