Port 22

~ 11 Sep 2023 ~

MGM Resorts shuts down computer systems after 'cybersecurity incident'

Being Flexible Can Improve Your Security Posture

'Steal-It' Campaign Uses OnlyFans Models as Lures

Huge DDoS attack against US financial institution thwarted

Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs

Navigating Rwanda's New Data Protection Law

Attackers Abuse Google Looker Studio to Evade DMARC, Email Security

Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger

Overcoming the Rising Threat of Session Hijacking

Charming Kiten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.

Malice in the mail

How to Prevent API Breaches: A Guide to Robust Security

On Robots Killing People

Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies

AI Chatbots Are Invading Your Local Governmentand Making Everyone Nervous

From Caribbean shores to your devices: analyzing Cuba ransomware

Sponsor with batch-filed whiskers: Ballistic Bobcats scan and strike backdoor

Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows

New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World

Google warns infoseccers: Beware of North Korean spies sliding into your DMs

~ 9 Sep 2023 ~

Mozilla: Your New Car Is a Data Privacy Nightmare

Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play

Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks

~ 8 Sep 2023 ~

Friday Squid Blogging: Glass Squid Video

Critical Security Bug Opens Cisco BroadWorks to Complete Takeover

'Evil Telegram' Spyware Campaign Infects 60K+ Mobile Users

Top US Spies Meet With Privacy Experts Over Surveillance 'Crown Jewel'

Axon's Ethics Board Resigned Over Taser-Armed Drones. Then the Company Bought a Military Drone Maker

U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members

Microsoft, Google Take on Obsolete TLS Protocols

Kenya Initiates Public Sector Digital Skills Training, No Mention of Cybersecurity

Trickbot, Conti Sanctions Affect Top Cybercrime Brass

3 Strategies to Defend Against Resurging Infostealers

Safe delivery

Apple races to patch the latest zero-day iPhone exploit

Protecting Your Microsoft IIS Servers Against Malware Attacks

Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform

LLMs and Tool Use

Evil Telegram doppelganger attacks Chinese users

Will you give X your biometric data? Week in security with Tony Anscombe

North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers

Microsoft, recently busted by Beijing, thinks it's across China's ever-changing cyber-offensive

CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities

Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones

Software Supply Chain Strategies to Parry Dependency Confusion Attacks

Thoma Bravo's 'Practical' Decision to Merge ForgeRock into Ping Identity

FOR509 Always Evolving

Russian infosec boss gets nine years for $100M insider-trading caper using stolen data

~ 7 Sep 2023 ~

US, UK sanction more Russians linked to Trickbot

Microsoft ID Security Gaps That Let Threat Actor Steal Signing Key

North Korean Hackers Target Security Researchers Again

Apple Hit By 2 No-Click Zero-Days in Blastpass Exploit Chain

Rwanda Launches Smart City Investment Program

BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild

Security for Multicloud and Hybrid Cloud Environments

NFL Security Chief: Generative AI Threats a Concern as New Season Kicks Off

US and UK Mount Aggressive Crackdown on Trickbot and Conti Ransomware Gangs

Weaponized Windows Installers Target Graphic Designers in Crypto Heist

How New SEC Rules Can Benefit Cybersecurity Teams

Cloud storage security: Whats new in the threat matrix

3 Ways to Expand Cyber Talent Pool From Splash Pad to Watering Hole

Lawsuit claims Tesla corp data security is far less advanced than its cars

The International Criminal Court Will Now Prosecute Cyberwar Crimes

Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware

Peril vs. Promise: Companies, Developers Worry Over Generative AI Risk

Does Generative AI Comply With Asimov's 3 Laws of Robotics?

If you like to play along with the illusion of privacy, smart devices are a dumb idea

Socomec MOD3GP-SY-120K

Phoenix Contact TC ROUTER and TC CLOUD CLIENT

Facebook Trains Its AI on Your Data. Opting Out May Be Futile

Dover Fueling Solutions MAGLINK LX Console

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024

The Hacker Tool to Get Personal Data from Credit Bureaus

Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks

UK drops 'spy clause' for scanning encrypted messages, admits it's not 'feasible'

Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks

Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach

China reportedly bans iPhones from more government offices

CybeReady Provides Cybersecurity Awareness Month Kits As CISOs Defend Against AI Driven Attacks

The Comedy of Errors That Let China-Backed Hackers Steal Microsofts Signing Key

~ 6 Sep 2023 ~

Coding Tips to Sidestep JavaScript Vulnerabilities

Cybersecurity Builds Trust in Critical Infrastructure

Microsoft: China stole secret key that unlocked US govt email from crash debug dump

IBM Addresses Data Incident for Janssen CarePath Database

IBM Expands Cloud Security and Compliance Center

W3LL Gang Compromises Thousands of Microsoft 365 Accounts

Guy who ran Bitcoins4Less tells Feds he had less than zero laundering protections

AtlasVPN Linux Zero-Day Disconnects Users, Reveals IP Addresses

MinIO Attack Showcases Fresh Corporate Cloud Attack Vector

Russia's 'Fancy Bear' APT Targets Ukrainian Energy Facility

Google's Souped-up Chrome Store Review Process Foiled by Data-Stealer

Coffee Meets Bagel outage caused by cybercriminals deleting data and files

Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw

Securing Your Legacy: Identities, Data, and Processes

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

Meatbag mishaps more menacing than malware? CISOs think so

Overcoming Open Source Vulnerabilities in the Software Supply Chain

How China Demands Tech Firms Reveal Hackable Flaws in Their Products

Three CISOs Share How to Run an Effective SOC

Cryptocurrency Startup Loses Encryption Key for Electronic Wallet