J Dubya
LightNews LightNews
bscyber.bsky.social
J Dubya
@bscyber.bsky.social
36 followers 58 following 22 posts
Cybersec geek, blue team, threat prevention is my jam, hate scammers… and I guess I’m a gym rat now.
Posts Replies Media Videos
bscyber.bsky.social
Check your Google account recovery settings today! Better yet, consider using passkeys and enabling 2-Factor Auth.

Google update allows account owners to quickly recover their accounts within a week of a Threat actor raining control. If you act now.

More here: www.forbes.com/sites/daveyw...
Gmail Password Hack Attacks — Google Gives Users 1 Week To Act
Don't wait - Google says you have a week to respond to Gmail password attacks.
www.forbes.com
May 2, 2025 at 10:47 AM
bscyber.bsky.social
One of the most ignored tools by non-technical users that can prevent successful phishing attacks/credential theft.

Many great reasons to use password managers.

To prevent #phishing attacks, use them to identify saved #passwords.

No saved password = not the real website.
April 24, 2025 at 12:12 PM
bscyber.bsky.social
tl;dr enable passkeys authentication

#Google says #Gmail users need to make these security changes now to avoid hacking scams!

#cybersecurity #phishing

apple.news/Az4aI0TeNQe-...
Google says Gmail users need to make these security changes now to avoid hacking scams
Gmail users are being advised to make serious changes to how they access their email accounts in response to ongoing scams. According to Forbes, the tech giant says users are being targeted by scammers through sophisticated phishing attempts that include emails that appear to be from Google.
apple.news
April 24, 2025 at 12:09 PM
Reposted by J Dubya
bleepingcomputer.com
CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks.
CISA: Hackers still exploiting older Ivanti bugs to breach networks
CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks.
www.bleepingcomputer.com
January 23, 2025 at 4:52 PM
bscyber.bsky.social

Get an unexpected package in the mail?

Latest physical mail #scam comes with a QR code inviting recipients to find out so sent it.

The crux: scanning that QR code without mobile threat protection may cost you.

#cybersecurity #phishing

Read: consumer.ftc.gov/consumer-ale...
Scam alert: QR code on an unexpected package
An unexpected package from an unknown sender arrives in your name. You open it and find a note that says it’s a gift, but it doesn't say who sent it. The note also says to scan a QR code to find out w...
consumer.ftc.gov
January 23, 2025 at 6:18 PM
bscyber.bsky.social
Why does this change seem like a really bad idea? #cybersecurity

https://apple.news/AHI6TYoGwTXmjA7Pw10PN8g
Microsoft will automatically keep you signed in to your account starting in February
You’ll need to remember to sign out if you’re using a public computer or use a private browsing window instead.
apple.news
January 21, 2025 at 11:30 PM
bscyber.bsky.social
I’ll just put this reminder out here…. Tips to avoid financial crimes, and loss of your money

https://apple.news/AfTlLmJ3dSWmUqE3X46oUmg
The FBI Tells iPhone Users How to Protect Their Money from Hackers
We all know hacking is perhaps the biggest threat to our digital lives. If you feel you’re never 100% safe or secure from potential cyber scammers, that’s probably because it’s true. Not even major corporations spending millions on cybersecurity are immune from data breaches or paying ransoms.
apple.news
January 19, 2025 at 6:12 PM
bscyber.bsky.social
Currently testing Perplexity Pro for search engine replacement.
Testing ChatGPT premium next.
And with features like tasks for recurring reminders etc, ChatGPT Plus is looking pretty interesting.

Anyone else comparing these two and have suggestions?

https://apple.news/AP02niuQMTTO99ivloaxT6g
ChatGPT can now handle reminders and to-dos
The AI chatbot can now set reminders and perform recurring actions.
apple.news
January 18, 2025 at 10:04 PM
bscyber.bsky.social
Check out this article from @qualys.bsky.social re a recent Microsoft patch, details about the vulnerability, guidance, and mitigation steps in case now isn’t an option.

Well done.

https://blog.qualys.com/product-tech/2025/01/17/how-to-address-cve-2025-21307-without-a-patch-before-the-weekend
How to Address CVE-2025-21307 Without a Patch Before the Weekend | Qualys Security Blog
Microsoft’s January 2025 Patch Tuesday release addresses a critical vulnerability—CVE-2025-21307—in the Windows Reliable Multicast Transport Driver (RMCAST). With a CVSS score of 9.8…
blog.qualys.com
January 18, 2025 at 12:59 PM
bscyber.bsky.social
consumer.ftc.gov/consumer-ale...

Had a couple of these text messages recently. They’re a scam.

Stay vigilant!
Got a text about unpaid tolls? It’s probably a scam
Whether you’ve driven through a toll recently or not, you might’ve gotten a text saying you owe money for unpaid tolls. It’s probably a scam. Scammers are pretending to be tolling agencies from coast ...
consumer.ftc.gov
January 17, 2025 at 5:18 PM
Reposted by J Dubya
happygeek.bsky.social
Morning! By me @forbes.com: Microsoft has confirmed eight zero-days, including three impacting Hyper-V and under 'active exploitation.'

#infosec

www.forbes.com/sites/daveyw...
New Critical Microsoft Windows Warning As 3 Zero-Day Attacks Underway
Microsoft has confirmed that a staggering three zero-day cyberattacks are underway against Windows users—here’s what you need to know.
www.forbes.com
January 15, 2025 at 11:02 AM
Reposted by J Dubya
axcheron.bsky.social
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool #Rsync thehackernews.com/2025/01/goog...
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool
Patches for six Rsync flaws, including critical CVE-2024-12084 (CVSS 9.8), released in v3.4.0. Update now.
thehackernews.com
January 15, 2025 at 1:11 PM
Reposted by J Dubya
happygeek.bsky.social
By me @forbes.com: Unlucky for some, 13 Chrome vulnerabilities have been confirmed. Kickstart that update now, and don't forget to relaunch your browser.

#infosec

www.forbes.com/sites/daveyw...
Chrome 132—Update Now Warning Issued To All Google Browser Users
All Google Chrome browser users have been warned that they should update now as Google confirms 13 new security vulnerabilities. Here's what you need to know.
www.forbes.com
January 15, 2025 at 1:19 PM
bscyber.bsky.social
#Apple Mac users should pay attention to this latest #malware.

https://apple.news/AMTnXCS7IQc2zt96RHol1yg
New macOS malware uses Apple's own code to quietly steal credentials and personal data — how to stay safe
A new strain of Banshee macOS Stealer puts 100 million Apple users at risk of having their credentials stolen.
apple.news
January 11, 2025 at 6:09 PM
Reposted by J Dubya
happygeek.bsky.social
By me @forbes.com: Millions of macOS users might think they are safe from credential-stealing attack, but this excellent analysis from Check Point suggests otherwise.

#infosec

www.forbes.com/sites/daveyw...
100 Million Apple Users Warned About New Credential-Stealing Hack Attack
Security researchers have warned that a new variant of the Banshee credential-stealer is targeting Apple’s 100 million macOS users. Here’s what you need to know.
www.forbes.com
January 10, 2025 at 1:21 PM
Reposted by J Dubya
happygeek.bsky.social
By me @forbes.com: Locked out of your Gmail account by an attacker, all is probably not lost. Maybe.

#infosec

www.forbes.com/sites/daveyw...
Hacked Gmail Account Recovery Not Possible—What You Need To Do
Some Gmail users are finding themselves unable to recover their accounts—here’s what you need to do to ensure you can.
www.forbes.com
January 9, 2025 at 3:20 PM
bscyber.bsky.social
Bad actors use phishing links and to get users to give up their creds. Not new.

-Give your browser configuration a checkup
-Give Check Point’s Harmony Browse a look. This browser extension can block zero day phishing websites

Read more: https://apple.news/AtdYv5FUmRn6X-_F4yBdePw
How to protect yourself from phishing attacks in Chrome and Firefox
Phishing is a form of social engineering where attackers try to get you to reveal your sensitive information through malicious links, SMS, QR codes, and more. Here's how to protect yourself in Chrome and Firefox.
apple.news
January 8, 2025 at 12:22 PM
bscyber.bsky.social
Be careful out there, in cyberspace…

A new Facebook #phishing email is making its rounds. Don’t get caught in the trap.
Bonus: if you think you’ve seen this and clicked on the link, time to reset your password!

#cybersecurity

https://apple.news/A6iKpTP3PQx2WFaxOFQd83A
New Facebook Security Alert—Your Account Is Safe, Your Password Is Not
Rather than save your Facebook account from deletion, this scary attack will steal your password and take it over.
apple.news
January 8, 2025 at 1:42 AM
bscyber.bsky.social
iOS 18.2.1 is released.
Wonder if it will improve battery life at all. Some days I have to charge in the middle of the day.
January 7, 2025 at 1:32 AM
Reposted by J Dubya
tristansnell.bsky.social
Here’s a New Year’s Resolution:

Be on the side that reads books — not the side that bans them.
January 1, 2025 at 7:16 PM
bscyber.bsky.social
It's increasingly more important for businesses to review their phishing and email security controls to try and avoid these types of threats. #Phishing #email #cybersecurity
January 2, 2025 at 2:37 PM
bscyber.bsky.social
Adding passkeys to various websites lately. Finding this isn't very end user friendly.

Example: Adding passkeys to LinkedIn works pretty well (both hardware keys and password mgr) but LinkedIn does not allow me to rename them or label them so I will forget.

This isn't rare. 🙄

#passkey #linkedin
January 2, 2025 at 2:31 PM
Reposted by J Dubya
innovirtuoso.bsky.social
👾 Meet the digital defenders taking down ransomware gangs! Dive into the fascinating world of white-hat hackers protecting our digital lives 💻 #Ransomware #DigitalHeroes innovirtuoso.com/cybersecurit...
Ransomware Hunting Team: A Band of Misfits Combat Cybercrime
Explore the evolving landscape of cybercrime, focusing on ransomware attacks and the innovative strategies employed by Ransomware Hunting Teams.
innovirtuoso.com
December 29, 2024 at 10:01 PM
Reposted by J Dubya
happygeek.bsky.social
This story @forbes.comis now updated with more information from Check Point about a new threat campaign targeting users via Gmail, Calendar, Forms and now Google Drawings as well.

www.forbes.com/sites/daveyw...
New Google Gmail And Calendar Attack Warning For Millions Of Users
As hackers continue to target Google users through both Gmail and Calendar apps, security experts warn of the attack dangers and mitigations.
www.forbes.com
December 18, 2024 at 11:37 AM
Reposted by J Dubya
happygeek.bsky.social
New by me @forbes.com: Are the 2022 LastPass hackers cashing in? The jury is out, but one investigator is convinced they are - to the tune of millions: more than $5 million this week alone.

#infosec

www.forbes.com/sites/daveyw...
LastPass Hackers Allegedly Stole $5 Million This Week—Report
Hackers linked to the 2022 LastPass password hack have allegedly stolen $5 million from users this week. Here’s what you need know.
www.forbes.com
December 18, 2024 at 3:41 PM