The safest option is obvious, don't try to access its contents, but if you absolutely had to, what steps would you take to minimize/contain any potential harm to your device/network?

Link goes to https://tfl.gov.uk/campaign/cyber-security-incident?cid=email_FINAL_TFLU369_Security_update-CTA_text_website

Got this email today. It seems someone is getting fired in the IT department...

5G in Australia or Malaysia - who did it better?

During my trip to Malaysia, I noticed a Huawei store—something that’s become rare in Australia. While Huawei phones aren’t banned, they’re hard to find due to the lack of Google services and Australia’s reliance on those seevices.

But it got me thinking: Australia has excluded Huawei from its 5G infrastructure, whereas Malaysia has taken a different approach by considering Huawei’s involvement in its 5G rollout. How do you view these differing tech strategies?

Tags for federation:

@cybersecurity
@austech

#infosec

Security researchers have found a vulnerability in a key air transport security system that allowed unauthorized individuals to potentially bypass airport security screenings and gain access to aircraft cockpits.

The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.

Findings undercut pledges of NSO Group and Intgellexa their wares won't be abused.

The APT33 Iranian hacking group has used new Tickler malware to backdoor the networks of organizations in the government, defense, satellite, oil and gas sectors in the United States and the United Arab Emirates.

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

Google has more than doubled payouts for Google Chrome security flaws reported through its Vulnerability Reward Program, with the maximum possible reward for a single bug now exceeding $250,000.

The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity.

International sanctions, IT isolation, and shifting attitudes to ethical hacking have bug bounty programs on the rise in Russia, with zero-day acquisition companies potentially poised to profit.

Vulnerability is easy to exploit and allows attackers to remotely execute commands.