BolhaSec
@bolhasec.com
#bolhasec pra ser retweetado
@sushicomabacate.com
@sushicomabacate.com
Notícia da BleepingComputer
"Microsoft Teams to warn of suspicious traffic with external domains" #bolhasec
"Microsoft Teams to warn of suspicious traffic with external domains" #bolhasec
Microsoft Teams to warn of suspicious traffic with external domains
Microsoft is working on a new Teams security feature that will analyze suspicious traffic with external domains to help IT administrators tackle potential security threats.
www.bleepingcomputer.com
December 28, 2025 at 2:30 AM
Notícia da BleepingComputer
"Microsoft Teams to warn of suspicious traffic with external domains" #bolhasec
"Microsoft Teams to warn of suspicious traffic with external domains" #bolhasec
Notícia da BleepingComputer
"Microsoft fixes Windows Task Manager bug affecting performance" #bolhasec
"Microsoft fixes Windows Task Manager bug affecting performance" #bolhasec
Microsoft fixes Windows Task Manager bug affecting performance
Microsoft has resolved a known issue preventing users from quitting the Windows 11 Task Manager after installing the optional Windows 11 KB5067036 update.
www.bleepingcomputer.com
December 28, 2025 at 1:30 AM
Notícia da BleepingComputer
"Microsoft fixes Windows Task Manager bug affecting performance" #bolhasec
"Microsoft fixes Windows Task Manager bug affecting performance" #bolhasec
Notícia da BleepingComputer
"Cellik Android malware builds malicious versions from Google Play apps" #bolhasec
"Cellik Android malware builds malicious versions from Google Play apps" #bolhasec
Cellik Android malware builds malicious versions from Google Play apps
A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app availab...
www.bleepingcomputer.com
December 28, 2025 at 12:30 AM
Notícia da BleepingComputer
"Cellik Android malware builds malicious versions from Google Play apps" #bolhasec
"Cellik Android malware builds malicious versions from Google Play apps" #bolhasec
Notícia da BleepingComputer
"Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations" #bolhasec
"Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations" #bolhasec
Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations
Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation Endga...
www.bleepingcomputer.com
December 27, 2025 at 11:30 PM
Notícia da BleepingComputer
"Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations" #bolhasec
"Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations" #bolhasec
Notícia da SecurityWeek
"Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal" #bolhasec
"Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal" #bolhasec
Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal
Italy’s antitrust authority fined Apple $116 million after determining that one of its privacy features restricted App Store competition.
www.securityweek.com
December 27, 2025 at 10:30 PM
Notícia da SecurityWeek
"Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal" #bolhasec
"Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal" #bolhasec
Notícia da BleepingComputer
"DraftKings warns of account breaches in credential stuffing attacks" #bolhasec
"DraftKings warns of account breaches in credential stuffing attacks" #bolhasec
DraftKings warns of account breaches in credential stuffing attacks
Sports betting giant DraftKings has notified an undisclosed number of customers that their accounts had been hacked in a recent wave of credential stuffing attacks.
www.bleepingcomputer.com
December 27, 2025 at 9:30 PM
Notícia da BleepingComputer
"DraftKings warns of account breaches in credential stuffing attacks" #bolhasec
"DraftKings warns of account breaches in credential stuffing attacks" #bolhasec
Notícia da BleepingComputer
"French telecom giant Orange discloses cyberattack" #bolhasec
"French telecom giant Orange discloses cyberattack" #bolhasec
French telecom giant Orange discloses cyberattack
Orange, a French telecommunications company and one of the world's largest telecom operators, revealed that it detected a breached system on its network on Friday.
www.bleepingcomputer.com
December 27, 2025 at 8:30 PM
Notícia da BleepingComputer
"French telecom giant Orange discloses cyberattack" #bolhasec
"French telecom giant Orange discloses cyberattack" #bolhasec
Notícia da BleepingComputer
"Microsoft rolls out hardware-accelerated BitLocker in Windows 11" #bolhasec
"Microsoft rolls out hardware-accelerated BitLocker in Windows 11" #bolhasec
Microsoft rolls out hardware-accelerated BitLocker in Windows 11
Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU.
www.bleepingcomputer.com
December 27, 2025 at 7:30 PM
Notícia da BleepingComputer
"Microsoft rolls out hardware-accelerated BitLocker in Windows 11" #bolhasec
"Microsoft rolls out hardware-accelerated BitLocker in Windows 11" #bolhasec
Notícia da SecurityWeek
"Logitech Confirms Data Breach Following Designation as Oracle Hack Victim" #bolhasec
"Logitech Confirms Data Breach Following Designation as Oracle Hack Victim" #bolhasec
Logitech Confirms Data Breach Following Designation as Oracle Hack Victim
Logitech disclosed a data breach shortly after it was named as a victim of the recent Oracle’s E-Business Suite (EBS) hack.
www.securityweek.com
December 27, 2025 at 6:30 PM
Notícia da SecurityWeek
"Logitech Confirms Data Breach Following Designation as Oracle Hack Victim" #bolhasec
"Logitech Confirms Data Breach Following Designation as Oracle Hack Victim" #bolhasec
Notícia da BleepingComputer
"Microsoft releases Windows 10 KB5071546 extended security update" #bolhasec
"Microsoft releases Windows 10 KB5071546 extended security update" #bolhasec
Microsoft releases Windows 10 KB5071546 extended security update
Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws.
www.bleepingcomputer.com
December 27, 2025 at 5:30 PM
Notícia da BleepingComputer
"Microsoft releases Windows 10 KB5071546 extended security update" #bolhasec
"Microsoft releases Windows 10 KB5071546 extended security update" #bolhasec
Notícia da BleepingComputer
"xAI's Grok 4.1 rolls out with improved quality and speed for free" #bolhasec
"xAI's Grok 4.1 rolls out with improved quality and speed for free" #bolhasec
xAI's Grok 4.1 rolls out with improved quality and speed for free
Elon Musk-owned xAI has started rolling out Grok 4.1, which is an upgrade to the existing Grok 4 model, and it delivers some incremental improvements.
www.bleepingcomputer.com
December 27, 2025 at 4:30 PM
Notícia da BleepingComputer
"xAI's Grok 4.1 rolls out with improved quality and speed for free" #bolhasec
"xAI's Grok 4.1 rolls out with improved quality and speed for free" #bolhasec
Notícia da BleepingComputer
"Ongoing SoundCloud issue blocks VPN users with 403 server error" #bolhasec
"Ongoing SoundCloud issue blocks VPN users with 403 server error" #bolhasec
Ongoing SoundCloud issue blocks VPN users with 403 server error
Users accessing the SoundCloud audio streaming platform through a virtual private network (VPN) connection are denied access to the service and see a 403 'forbidden' error.
www.bleepingcomputer.com
December 27, 2025 at 3:30 PM
Notícia da BleepingComputer
"Ongoing SoundCloud issue blocks VPN users with 403 server error" #bolhasec
"Ongoing SoundCloud issue blocks VPN users with 403 server error" #bolhasec
Notícia da SecurityWeek
"2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches" #bolhasec
"2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches" #bolhasec
2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches
In fresh filings, Landmark Admin and Young Consulting say data breaches back in 2024 impacted more people than initially estimated.
www.securityweek.com
December 27, 2025 at 2:30 PM
Notícia da SecurityWeek
"2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches" #bolhasec
"2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches" #bolhasec
Reposted by BolhaSec
Notícia da SecurityWeek
"Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking" #bolhasec
"Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking" #bolhasec
Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking
Five predictions that will shape the cybersecurity landscape in 2026. Several structural shifts are becoming impossible to ignore.
www.securityweek.com
December 27, 2025 at 1:30 PM
Notícia da SecurityWeek
"Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking" #bolhasec
"Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking" #bolhasec
Notícia da BleepingComputer
"FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024" #bolhasec
"FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024" #bolhasec
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024
A new report by the Financial Crimes Enforcement Network (FinCEN) shows that ransomware activity peaked in 2023 before falling in 2024, following a series of law enforcement actions targeting the ALPH...
www.bleepingcomputer.com
December 27, 2025 at 12:30 PM
Notícia da BleepingComputer
"FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024" #bolhasec
"FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024" #bolhasec
Notícia da SecurityWeek
"React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability" #bolhasec
"React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability" #bolhasec
React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability
Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code execution.
www.securityweek.com
December 27, 2025 at 11:30 AM
Notícia da SecurityWeek
"React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability" #bolhasec
"React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability" #bolhasec
Notícia da BleepingComputer
"New password spraying attacks target Cisco, PAN VPN gateways" #bolhasec
"New password spraying attacks target Cisco, PAN VPN gateways" #bolhasec
New password spraying attacks target Cisco, PAN VPN gateways
An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN.
www.bleepingcomputer.com
December 27, 2025 at 2:30 AM
Notícia da BleepingComputer
"New password spraying attacks target Cisco, PAN VPN gateways" #bolhasec
"New password spraying attacks target Cisco, PAN VPN gateways" #bolhasec
Notícia da BleepingComputer
"New WrtHug campaign hijacks thousands of end-of-life ASUS routers" #bolhasec
"New WrtHug campaign hijacks thousands of end-of-life ASUS routers" #bolhasec
New WrtHug campaign hijacks thousands of end-of-life ASUS routers
Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called Operation WrtHug that exploits six vulnerabilities.
www.bleepingcomputer.com
December 27, 2025 at 12:30 AM
Notícia da BleepingComputer
"New WrtHug campaign hijacks thousands of end-of-life ASUS routers" #bolhasec
"New WrtHug campaign hijacks thousands of end-of-life ASUS routers" #bolhasec
Notícia da BleepingComputer
"MongoDB warns admins to patch severe RCE flaw immediately" #bolhasec
"MongoDB warns admins to patch severe RCE flaw immediately" #bolhasec
MongoDB warns admins to patch severe vulnerability immediately
MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that may be exploited by unauthenticated attackers remotely.
www.bleepingcomputer.com
December 26, 2025 at 11:30 PM
Notícia da BleepingComputer
"MongoDB warns admins to patch severe RCE flaw immediately" #bolhasec
"MongoDB warns admins to patch severe RCE flaw immediately" #bolhasec
Notícia da SecurityWeek
"Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency" #bolhasec
"Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency" #bolhasec
Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency
ENISA 2025 Threat Landscape report shows that a significant percentage of the attacks aimed at the EU over the past year targeted OT.
www.securityweek.com
December 26, 2025 at 10:30 PM
Notícia da SecurityWeek
"Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency" #bolhasec
"Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency" #bolhasec
Notícia da SecurityWeek
"Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises" #bolhasec
"Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises" #bolhasec
Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises
The potential risks of mobile apps to enterprises include data exposure, compliance violations, reputational damage, and financial costs.
www.securityweek.com
December 26, 2025 at 9:30 PM
Notícia da SecurityWeek
"Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises" #bolhasec
"Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises" #bolhasec
Notícia da BleepingComputer
"Sandworm hackers use data wipers to disrupt Ukraine's grain sector" #bolhasec
"Sandworm hackers use data wipers to disrupt Ukraine's grain sector" #bolhasec
Sandworm hackers use data wipers to disrupt Ukraine's grain sector
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine's education, government, and the grain sector, the country's main revenue sou...
www.bleepingcomputer.com
December 26, 2025 at 7:30 PM
Notícia da BleepingComputer
"Sandworm hackers use data wipers to disrupt Ukraine's grain sector" #bolhasec
"Sandworm hackers use data wipers to disrupt Ukraine's grain sector" #bolhasec
Notícia da BleepingComputer
"Google fixes two Android zero days exploited in attacks, 107 flaws" #bolhasec
"Google fixes two Android zero days exploited in attacks, 107 flaws" #bolhasec
Google fixes two Android zero days exploited in attacks, 107 flaws
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks.
www.bleepingcomputer.com
December 26, 2025 at 6:30 PM
Notícia da BleepingComputer
"Google fixes two Android zero days exploited in attacks, 107 flaws" #bolhasec
"Google fixes two Android zero days exploited in attacks, 107 flaws" #bolhasec
Notícia da BleepingComputer
"Google won’t fix new ASCII smuggling attack in Gemini" #bolhasec
"Google won’t fix new ASCII smuggling attack in Gemini" #bolhasec
Google won’t fix new ASCII smuggling attack in Gemini
Google has decided not to fix a new ASCII smuggling attack in Gemini that could be used to trick the AI assistant into providing users with fake information, alter the model's behavior, and silently p...
www.bleepingcomputer.com
December 26, 2025 at 4:30 PM
Notícia da BleepingComputer
"Google won’t fix new ASCII smuggling attack in Gemini" #bolhasec
"Google won’t fix new ASCII smuggling attack in Gemini" #bolhasec