Does anyone know of companies or organisations in Europe that fight #cybercrime (causing impact to their operations) and that accept job applications?
Does anyone know of companies or organisations in Europe that fight #cybercrime (causing impact to their operations) and that accept job applications?
tl;dr Block these domains and you’ll have broken several links in this attack’s kill chain:
Webhook[.]site
My-board[.]org
ngrok-free[.]app
rf[.]gd
If you followed @badsamurai ‘s advice and used his block lists, you’d have already blocked a couple of them.
https://www.recordedfuture.com/research/gru-linked-bluedelta-evolves-credential-harvesting #cybersecurity
tl;dr Block these domains and you’ll have broken several links in this attack’s kill chain:
Webhook[.]site
My-board[.]org
ngrok-free[.]app
rf[.]gd
If you followed @badsamurai ‘s advice and used his block lists, you’d have already blocked a couple of them.
https://www.recordedfuture.com/research/gru-linked-bluedelta-evolves-credential-harvesting #cybersecurity
Luxembourg, 2026/01/07 - The GCVE initiative is proud to announce the public launch of db.gcve.eu , a new open and freely accessible vulnerability advisory database. The platform aggregates and correlates vulnerability information from more than 25 public sources, including GCVE GNA (Numbering Authority) sources and other established vulnerability databases.
🔗 For more details - https://gcve.eu/2026/01/07/gcve-db-announce/
🔗 https://db.gcve.eu/
#cve #gcve #cybersecurity #vulnerabilitymanagement #vulnerability
Luxembourg, 2026/01/07 - The GCVE initiative is proud to announce the public launch of db.gcve.eu , a new open and freely accessible vulnerability advisory database. The platform aggregates and correlates vulnerability information from more than 25 public sources, including GCVE GNA (Numbering Authority) sources and other established vulnerability databases.
🔗 For more details - https://gcve.eu/2026/01/07/gcve-db-announce/
🔗 https://db.gcve.eu/
#cve #gcve #cybersecurity #vulnerabilitymanagement #vulnerability
Prediction markets sell themselves as truth engines. Put money on outcomes, strip away noise, and let prices reveal reality. The Venezuela strike exposes the cost of that logic. When someone can profit from a covert military operation before the public knows it happened, markets stop forecasting the future and start rewarding proximity to power. This isn’t information discovery. It’s monetized access.
The political problem is simple and corrosive: greed gets institutionalized. When insiders are encouraged to leak or act early because there’s money on the table, restraint becomes irrational. Journalism delays publication to protect lives. Markets pay you to move first and ask questions never.
The ethical problem runs deeper. Prediction platforms don’t just reflect reality; they reshape incentives inside governments, corporations, and security institutions. They quietly ask every insider: do your job, or place your bet?
And the security problem may be the most dangerous of all. Classified plans, military actions, and diplomatic moves become market signals. Prices move faster than accountability. Risk is no longer mitigated; it’s priced.
Efficient markets are not moral systems. When everything becomes tradable, even secrecy turns into a commodity. And when insiders win, the public doesn’t gain clarity. It absorbs the risk.
TL;DR
🧠 Prediction markets reward access to secrets
⚡ Greed displaces ethics and restraint
🎓 Security decisions become financial signals
🔍 Truth priced by markets is not the same as a public good
#MarketEthics #Politics #Crypto #Power #security #privacy #cloud #infosec #cybersecurity
#curl 8.18.0 has been released. This release fixes 1 medium and 5 low level vulnerabilities:
- CVE-2025-14017: broken TLS options for threaded LDAPS https://curl.se/docs/CVE-2025-14017.html
- CVE-2025-14524: bearer token leak on cross-protocol redirect https://curl.se/docs/CVE-2025-14524.html
- CVE-2025-14819: OpenSSL partial chain store policy bypass https://curl.se/docs/CVE-2025-14819.html
- CVE-2025-15079: libssh global knownhost override https://curl.se/docs/CVE-2025-15079.html
- CVE-2025-15224: libssh key passphrase bypass without agent set https://curl.se/docs/CVE-2025-15224.html
I discovered the last 2 vulnerabilities.
Download curl 8.18.0 from https://curl.se/download.html
#vulnerabilityresearch #vulnerability #cybersecurity #infosec
#curl 8.18.0 has been released. This release fixes 1 medium and 5 low level vulnerabilities:
- CVE-2025-14017: broken TLS options for threaded LDAPS https://curl.se/docs/CVE-2025-14017.html
- CVE-2025-14524: bearer token leak on cross-protocol redirect https://curl.se/docs/CVE-2025-14524.html
- CVE-2025-14819: OpenSSL partial chain store policy bypass https://curl.se/docs/CVE-2025-14819.html
- CVE-2025-15079: libssh global knownhost override https://curl.se/docs/CVE-2025-15079.html
- CVE-2025-15224: libssh key passphrase bypass without agent set https://curl.se/docs/CVE-2025-15224.html
I discovered the last 2 vulnerabilities.
Download curl 8.18.0 from https://curl.se/download.html
#vulnerabilityresearch #vulnerability #cybersecurity #infosec
Prediction markets sell themselves as truth engines. Put money on outcomes, strip away noise, and let prices reveal reality. The Venezuela strike exposes the cost of that logic. When someone can profit from a covert military operation before the public knows it happened, markets stop forecasting the future and start rewarding proximity to power. This isn’t information discovery. It’s monetized access.
The political problem is simple and corrosive: greed gets institutionalized. When insiders are encouraged to leak or act early because there’s money on the table, restraint becomes irrational. Journalism delays publication to protect lives. Markets pay you to move first and ask questions never.
The ethical problem runs deeper. Prediction platforms don’t just reflect reality; they reshape incentives inside governments, corporations, and security institutions. They quietly ask every insider: do your job, or place your bet?
And the security problem may be the most dangerous of all. Classified plans, military actions, and diplomatic moves become market signals. Prices move faster than accountability. Risk is no longer mitigated; it’s priced.
Efficient markets are not moral systems. When everything becomes tradable, even secrecy turns into a commodity. And when insiders win, the public doesn’t gain clarity. It absorbs the risk.
TL;DR
🧠 Prediction markets reward access to secrets
⚡ Greed displaces ethics and restraint
🎓 Security decisions become financial signals
🔍 Truth priced by markets is not the same as a public good
#MarketEthics #Politics #Crypto #Power #security #privacy #cloud #infosec #cybersecurity
#cybersecurity question: I read recently on here of someone implementing a policy to explicitly reject AI-generated cybersecurity vulnerability reports. Does anyone know who it was? I'm struggling to find a reference...
What links #Trump and #Cybersecurity? Simple: you cannot have a dependent relationship on US Tech if you want to object to #Trump and his policies. If Cybersecurity includes evading threats of a US off switch, then we have to establish what #Digitalsovereignty entails.
Today, the UK watches and remains as quiet as possible regarding #Trump and his dismantling of the international rule of law. Tomorrow, Parliament will debate the #Cybersecurity and Resilience Bill at second reading. https://bills.parliament.uk/bills/4035/stages
I think that every philosopher of science should publish on their web page the transcripts of the last ten times they actually talked to experimenters.
I can imagine the Karl Popper version:
Experimentalist: So what we’re trying to do here is…
Popper: Stop right there. You’re doing it wrong.
<experimentalist does not speak further>
Same goes for software methodologists, it goes without saying. Right?
Right?
@marick ooh, oooh, now do #cybersecurity!
Transparent and Open BCP Development Process for GCVE
We have formalized the BCP development process to provide full visibility into our progress. Our goal is to ensure that everyone can track the evolution of each standard and understand exactly how to get involved.
Participation is entirely open: there are no membership requirements or fees. We welcome contributions from anyone interested in the process.
Transparent and Open BCP Development Process for GCVE
We have formalized the BCP development process to provide full visibility into our progress. Our goal is to ensure that everyone can track the evolution of each standard and understand exactly how to get involved.
Participation is entirely open: there are no membership requirements or fees. We welcome contributions from anyone interested in the process.
