Port 22

~ 30 Jan 2024 ~

US shorts China's Volt Typhoon crew targeting America's criticals

Jenkins jitters as 45,000 servers still vulnerable to RCE attacks after patch released

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite

Reg story prompts fresh security bulletin, review of Juniper Networks' CVE process

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

NSA Buying Bulk Surveillance Data on Americans without a Warrant

Rockwell Automation LP30/40/50 and BM40 Operator Interface

Rockwell Automation FactoryTalk Service Platform

Rockwell Automation ControlLogix and GuardLogix

Robots Are Fighting Robots in Russia's War in Ukraine

Mitsubishi Electric MELSEC WS Series Ethernet Interface Module

Mitsubishi Electric FA Engineering Software Products

Hitron Systems Security Camera DVR

Emerson Rosemount GC370XA, GC700XA, GC1500XA

ESET takes part in global operation to disrupt the Grandoreiro banking trojan

Top Security Posture Vulnerabilities Revealed

Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations

UK biometrics boss bows out, bemoaning bureaucratic blunders

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws

~ 29 Jan 2024 ~

SolarWinds slams SEC lawsuit against it as 'unprecedented' victim blaming

Join us at InfoSec Jupyterthon 2024

Best practices in moving to cloud native endpoint management

US Lawmakers Tell DOJ to Quit Blindly Funding Predictive Police Tools

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

Microsoft Executives Hacked

493 Companies Share Their SaaS Security Battles Get Insights in this Webinar

Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats

Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang

Cyber: The Swiss army knife of tradecraft

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

Tesla hacks make big bank at Pwn2Own's first automotive-focused event

A Visual Summary of SANS CTI Summit 2024

~ 28 Jan 2024 ~

750 million Indian mobile subscribers' info for sale on dark web

~ 27 Jan 2024 ~

23andMe Failed to Detect Account Intrusions for Months

AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks

Microsoft sheds some light on Russian email heist and how to learn from Redmond's mistakes

~ 26 Jan 2024 ~

Friday Squid Blogging: Footage of Black-Eyed Squid Brooding Her Eggs

Wait, security courses aren't a requirement to graduate with a computer science degree?

Police Arrest Teen Said to Be Linked to Hundreds of Swatting Attacks

The Pentagon Tried to Hide That It Bought Americans' Data Without a Warrant

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Guess the company: Takes your DNA, blames you when criminals steal it, cant spot a cyberattack for 5 months

Blackwood hijacks software updates to deploy NSPX30 Week in security with Tony Anscombe

Akira ransomware gang says it stole passport scans from Lush in 110 GB data heist

Chatbots and Human Conversation

Perfecting the Defense-in-Depth Strategy with Automation

Malicious Ads on Google Target Chinese Users with Fake Messaging Apps

Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs

Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree

Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems

Midnight Blizzard: Guidance for responders on nation-state attack

~ 25 Jan 2024 ~

Trickbot malware scumbag gets five years for infecting hospitals, businesses

Big-Name Targets Push Midnight Blizzard Hacking Spree Back Into the Limelight

Using Google Search to Find Software Can Be Risky

China-backed Hackers Hijack Software Updates to Implant "NSPX30" Spyware

SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks

EquiLend drags systems offline after admitting attacker broke in

Quantum Computing Skeptics

SystemK NVR 504/508/516

Opteev MachineSense FeverWarn

How a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

Cyber Threat Landscape: 7 Key Findings and Upcoming Trends for 2024

Assessing and mitigating supply chain cybersecurity risks

Privacy predictions for 2024

New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

HPE joins the 'our executive email was hacked by Russia' club

Three Common Threats to Your Organizations Data to be Aware of on Data Protection Day

~ 24 Jan 2024 ~

Ring Will Stop Giving Cops a Free Pass on Warrantless Video Requests

US judge rejects spyware developer NSO's attempt to bin Apple's spyware lawsuit

Major IT outage at Europe's largest caravan and RV club makes for not-so-happy campers

How Datawiza uses Microsoft Entra ID to help universities simplify access

Using GoAnywhere MFT for file transfers? Patch now an exploit's out for a critical bug

NSPX30: A sophisticated AitM-enabled implant evolving since 2005

NSPX30: A sophisticated AitM-enabled implant evolving since 2005

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

Poisoning AI Models

Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback

What is Nudge Security and How Does it Work?

Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption

What Microsoft's latest email breach says about this IT security heavyweight

The Unknown Risks of The Software Supply Chain: A Deep-Dive

U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach

COVID-19 test lab accused of exposing 1.3 million patient records to open internet

GCHQ's NCSC warns of 'realistic possibility' AI will help state-backed malware evade detection

Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin

~ 23 Jan 2024 ~

HP CEO Says They Brick Printers That Use Third-Party Ink Because of Hackers

CISA boss swatted: 'While my own experience was certainly harrowing, it was unfortunately not unique'

"Activator" Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets

Accused PII seller faces jail for running underground fraud op

VexTrio: The Uber of Cybercrime - Brokering Malware for 60+ Affiliates

Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub

Side Channels Are Common

Crestron AM-300

APsystems Energy Communication Unit (ECU-C) Power Control Software