CIRCLE WITH A DOT

Today I learned about flare.io, a company that provides other companies with detailed intel about data leaks affecting them.Here's the catch: Unlike @haveibeenpwned or even intelx, they store everything that they can get their hands on. During a live demo, they proudly pulled up all email/password pairs that they have for a company that is not one of their customers, showed off how it saves not just the combo but everything the infostealer got, including all browser cookies and a screenshot of the personal machine of an affected employee.So many things wrong with this..We just told them which company to look up, no verification at all.Bringing a demo laptop logged in to a "full admin" account that can see all data that they have access to, to a conference standStoring a screenshot of a personal machine from an employee is absolutely not okay.and so much more...When asked about legalities, they claim "it's based on needing to know this information for the companies" and falsely claimed "haveibeenpwned does the same thing, they also sell access to the combos" 🫨Anyway, i sent a GDPR request for my data (and subsequent deletion), let's see what happens.#infosec #insomnihack #privacy

New ransom group blog post!Group name: coinbasecartelPost title: Onyx GraphicsInfo: https://cti.fyi/groups/coinbasecartel.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: coinbasecartelPost title: Tecnocap GroupInfo: https://cti.fyi/groups/coinbasecartel.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: coinbasecartelPost title: VerimatrixInfo: https://cti.fyi/groups/coinbasecartel.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: coinbasecartelPost title: AristonInfo: https://cti.fyi/groups/coinbasecartel.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New ransom group blog post!Group name: coinbasecartelPost title: Petra IndustriesInfo: https://cti.fyi/groups/coinbasecartel.html#ransomware #cti #threatintelligence #cybersecurity #infosec

Aura Data Breach: Vishing Attack Exposes 900,000 Marketing RecordsAura confirmed a data breach affecting 900,000 email records after a vishing attack on an employee allowed the ShinyHunters group to access a legacy marketing tool inherited from a 2021 acquisition.****#cybersecurity #infosec #incident #databreachhttps://beyondmachines.net/event_details/aura-data-breach-vishing-attack-exposes-900000-marketing-records-2-5-2-8-a/gD2P6Ple2L

ASN: AS17621Location: Shanghai, CNAdded: 2026-03-17T16:01#shodansafari #infosec

Cybersecurity entry-level paradox 2026: every job wants experience you can't get without the job. Homelabs + community + networking > LinkedIn applications. Build in public.#Cybersecurity #CareerAdvice #InfosecSource: https://cybersecjobs.com/cybersecurity-jobs/

ASN: AS16276Location: Lille, FRAdded: 2026-03-17T16:10#shodansafari #infosec

Possible Phishing on: ️hxxps[:]//fopkjfvi[.]weebly[.]com/ 🧬 Analysis at: https://urldna.io/scan/69bb6e8f3b77500009a8e3ab#cybersecurity #phishing #infosec #urldna #scam #infosec

Nextcloud Security Scan https://scan.nextcloud.com/ #bot #cybersecurity #infosec

You cannot visually distinguish a phishing site from the real one. Pixel-perfect clones exist.Standard defense: check the URL, hope for the best.WIGGWIGG: shows your avatar, security phrase, and audio signature. Ones you set up. A clone can't show what it's never seen.More at https://wiggwigg.ca/en/security/anti-phishing/#AntiPhishing #InfoSec #PrivacyMatters #ZeroKnowledge #Fediverse

Tout le monde pense reconnaître un site d'hameçonnage. Personne ne le peut vraiment.Les copies sont parfaites : même logo, même formulaire, même interface.WIGGWIGG vous montre trois indicateurs que seul vous connaissez. Un clone ne peut pas les reproduire.https://wiggwigg.ca/fr/securite/anti-hameconnage/#AntiPhishing #InfoSec #PrivacyMatters #Fediverse

Possible Phishing on: ️hxxps[:]//serviceorange7[.]godaddysites[.]com/ 🧬 Analysis at: https://urldna.io/scan/69bab0163b7750000467d63e#cybersecurity #phishing #infosec #urldna #scam #infosec

@rk This has been a successful test of the wrong state. We will now test the desired state.

Critical Unpatched Telnetd Flaw Enables Unauthenticated Root Remote Code ExecutionGNU InetUtils telnetd contains a critical unpatched buffer overflow (CVE-2026-32746) that allow unauthenticated remote code execution.**Another critical and trivial flaw in Telnet. Check if you are using Telnet anywhere in your network. It's urgent. Stop using Telnet and switch to SSH. Naturally, as a first step make sure to isolate the Telnet interface to trusted networks. But that's not a good long term approach, Telnet is inherently a lot less secure than SSH.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-unpatched-telnetd-flaw-enables-unauthenticated-root-remote-code-execution-1-g-5-5-g/gD2P6Ple2L

[CISA-2026:0318] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0318)CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.️ CVE-2025-66376 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-66376)- Name: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Synacor- Product: Zimbra Collaboration Suite (ZCS)- Notes: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories ; https://nvd.nist.gov/vuln/detail/CVE-2025-66376#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260318 #cisa20260318 #cve_2025_66376 #cve202566376

ASN: AS24940Location: Falkenstein, DEAdded: 2026-03-17T16:05#shodansafari #infosec

Possible Phishing on: ️hxxps[:]//htpsshaw[.]weebly[.]com/ 🧬 Analysis at: https://urldna.io/scan/69ba63423b77500008bb997d#cybersecurity #phishing #infosec #urldna #scam #infosec