Port 22

~ 18 Apr 2023 ~

Military helicopter crash blamed on failure to apply software patch

Be Dazzled by Identity-as-a-Service (IDaaS)

~ 17 Apr 2023 ~

FIN7, Former Conti Gang Members Collaborate on 'Domino' Malware

LockBit crew cooks up half-baked Mac ransomware

lockr Raises $2.5M

Google Issues Emergency Chrome Update for Zero-Day Bug

Chinese Cops Ran Troll Farm and Secret NY Police Station, US Says

NSA's National Centers for Academic Excellent (NCAE) Cyber Games to Hold National Finals on April 22

Pen Testers Need to Hack AI, but Also Question Its Existence

How CISOs Can Craft Better Narratives for the Board

Aloha PoS Restaurant Software Downed by Ransomware Attack

LockBit Ransomware Samples for Apple Macs Hint at New Risks for macOS Users

Protect intellectual property with Govern 365 and Microsoft Purview

Name That Toon: Lucky Charm

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose

New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware

See product news and on-demand sessions from Microsoft Secure

Top 5 Data Security RSAC 2023 Sessions to Attend

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks

What's the Difference Between CSPM & SSPM?

Marketing biz sent 107 million spam emails... to just 437k people

Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites

Tour of the Underground: Master the Art of Dark Web Intelligence Gathering

Swatting as a Service

ICE Records Reveal How Agents Abuse Access to Secret Data

QBot banker delivered through business correspondence

Firmware is on shaky ground let's see what it's made of

Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration

Student requested access to research data. And waited. And waited. And then hacked to get root

New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers

Update now: Google emits emergency fix for zero-day Chrome vulnerability

Your Security Awareness Program Can Do More Than You Think: Fulfilling the Promise of Training for All

What are Sock Puppets in OSINT

~ 15 Apr 2023 ~

Security Roundup: Leak of Top-Secret US Intel Risks a New Wave of Mass Surveillance

Are You Being Tracked by an AirTag? Heres How to Check

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

Montanas Looming TikTok Ban Is a Dangerous Tipping Point

~ 14 Apr 2023 ~

Russia-pushed UN Cybercrime Treaty may rewrite global law. It's ... not great

US extradites Nigerian charged in $6m email fraud scam

Friday Squid Blogging: Colossal Squid

Russian SolarWinds Culprits Launch Fresh Barrage of Espionage Cyberattacks

Why is Juice Jacking Suddenly Back in the News?

Upcoming Speaking Engagements

Why xIoT Devices Are Cyberattackers' Gateway Drug for Lateral Movement

Software-Dependency Data Delivers Security to Developers

Hacking Suicide

Security Is a Revenue Booster, Not a Cost Center

Bugs in Manarium Play-to-Earn Showcase Crypto-Gaming Insecurity

Compatibility mess breaks not one but two Windows password tools

Western Digital Hackers Demand 8-Figure Ransom Payment for Data

SASE Market Worth $5.9B by 2028 Report by MarketsandMarkets

What the Recent Collapse of SVB Means for Privacy

Hunting down BlackLotus Week in security with Tony Anscombe

Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities

Gaining an Advantage in Roulette

Hunting down BlackLotus Week in security with Tony Anscombe

Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen

While Twitter wants to sell its verification, Microsoft will do it for free on LinkedIn

Safety first: 5 cybersecurity tips for freelance bloggers

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

Webinar: Tips from MSSPs to MSSPs Building a Profitable vCISO Practice

Linux kernel logic allowed Spectre attack on 'major cloud provider'

To improve security, consider how the aviation industry stopped blaming pilots

Cybersecurity Jobs: CISO (Japanese)

Cybersecurity Jobs: Blue Teamer (Japanese)

~ 13 Apr 2023 ~

New Mirai Variant Employs Uncommon Tactics to Distribute Malware

Money Ransomware Group Enters Double-Extortion Fray

Why the US Needs Quantum-Safe Cryptography Deployed Now

Remcos RAT Targets Tax Pros to Scurry Off With Workers' Filing Info

~ 14 Apr 2023 ~

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

~ 13 Apr 2023 ~

Pentagon super-leak suspect cuffed: 21-year-old Air National Guardsman

Super-Yacht Specialist Lrssen in Dry Dock After Ransomware Attack

Threat actors strive to cause Tax Day headaches

The Internet Reform Trilemma

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

New Python-Based "Legion" Hacking Tool Emerges on Telegram

The Hacking of ChatGPT Is Just Getting Started

Majority of US IT Pros Told to Keep Quiet About Data Breaches

Legion Malware Marches onto Web Servers to Steal Credentials, Spam Mobile Users

Improve supply chain security and resiliency with Microsoft

How to Define Tier-Zero Assets in Active Directory Security

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

Siemens SIPROTEC 5 Devices

Siemens SCALANCE XCM332

Siemens SCALANCE X-200IRT Devices

Siemens SCALANCE X-200, X-200IRT, and X-300 Switch Families BadAlloc Vulnerabilities

Siemens Polarion ALM

Siemens Path Traversal TIA Portal

Siemens JT Open and JT Utilities

Siemens Industrial Products

Siemens in OPC Foundation Local Discovery Server

Siemens CPCI85 Firmware of SICAM A8000 Devices

Siemens Adaptec maxView Application

Mitsubishi Electric India GC-ENET-COM

Bypassing a Theft Threat Model

Why Shadow APIs are More Dangerous than You Think

Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

Uncommon infection methodspart 2

ChatGPT Security: OpenAI's Bug Bounty Program Offers Up to $20,000 Prizes