Port 22

~ 17 Nov 2022 ~

Revelstoke Upgrades SOAR Platform With Augmented Automation, Case Management, and User Interface Capabilities

Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign

Failures in Twitters Two-Factor Authentication System

FBI-Wanted Leader of the Notorious Zeus Botnet Gang Arrested in Geneva

Red Lion Crimson

Cradlepoint IBR600

100 Apps, Endless Security Checks

Notorious Emotet botnet returns after a few months off

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices

Iranian Hackers Compromised a U.S. Federal Agencys Network Using Log4Shell Exploit

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

~ 16 Nov 2022 ~

Iranian cyberspies exploited Log4j to break into a US govt network

China-Based Billbug APT Infiltrates Certificate Authority

MITRE Engenuity Launches Evaluations for Security Service Providers

The Future of Cybersecurity Recruiting: Lessons on What Employers Want and What Students Need

Are We Ready for AI-Generated Code?

Germany says nein to Qatari World Cup spyware, err, apps

BoostSecurity Emerges From Stealth With SaaS DevSecOps Platform

WASP malware stings Python developers

New Ransomware Data Is In: What's Happening and How to Fight Back

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

Disneyland Malware Team: Its a Puny World After All

Ukraine's 'IT Army' Stops 1,300 Cyberattacks in 8 Months of War

Thousands of Amazon RDS Snapshots Are Leaking Corporate PII

Vectra Unveils Global Managed Detection and Response (MDR) Services With Game-Changing Attack Signal Intelligence

Token tactics: How to prevent, detect, and respond to cloud token theft

BitSight Enhances Its Third-Party Risk Management Platform to Help Organizations Respond to Major Vulnerabilities

Palo Alto Networks Announces PAN-OS 11.0 Nova to Help Keep Organizations One Step Ahead of Zero-Day Threats

Cymulate Survey Finds Consolidation Is Happening, but Only 20% Cite Cost As the Reason

Telehealth Sites Put Addiction Patient Data at Risk

Cybersecurity Best Practice Is Critical for Winning the New Space Race

What Is Top of Mind for CISOs Right Now?

Cloud vendors should take some responsibility for stolen compute, says Canalys CEO

Viakoo Announces Strategic Alliance With Nozomi Networks to Deliver Agentless, End-to-End IoT Security at Scale

More Than 1,000 New Cybersecurity Apprentices Joined Workforce in Past 12 Months

Researchers Discover Hundreds of Amazon RDS Instances Leaking Users' Personal Data

7 Reasons to Choose an MDR Provider

Russian Software Company Pretending to Be American

Open banking: Tell me what you buy, and Ill tell you who you are

Swiss bankers warn: Three quarters of retail Bitcoin investors lose money

Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers

Google to Roll Out Privacy Sandbox Beta on Android 13 by Early 2023

Boosting telcos 5G cyber resilience

Get Ahead of the Five Most Dangerous New Attack Techniques

~ 15 Nov 2022 ~

Time-Triggered Ethernet flaw could have crippled Orion spacecraft

Eggheads show how network flaw could lead to NASA crew pod loss. Key word: Could

Wipermania: Malware Remains a Potent Threat, 10 Years Since 'Shamoon'

Shocker: EV charging infrastructure is seriously insecure

Modern CISO: More Than a Security Officer

Where Can Third-Party Governance and Risk Management Take Us?

Misconfigurations, Vulnerabilities Found in 95% of Applications

How Routine Pen Testing Can Reveal the Unseen Flaws in Your Cybersecurity Posture

2022 holiday DDoS protection guide

Critical RCE Flaw Reported in Spotify's Backstage Software Catalog and Developer Platform

Google Forks Over $391.5M in Record-Setting US Consumer Privacy Settlement

PCSpoof: New Vulnerability Affects Networking Tech Used by Spacecraft and Aircraft

Yakima Neighborhood Health Services Notice of Data Security Incident

Red Canary Provides First-Ever MITRE Engenuity ATT&CK Evaluations for Managed Services

Top Zeus Botnet Suspect Tank Arrested in Geneva

Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data

Evolving Security for Government Multiclouds

44% of Financial Institutions Believe Their Own IT Teams Are the Main Risk to Cloud Security

Authomize Launches Identity Threat Detection and Response Platform to Protect Against Identity-Based Attacks

Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

Bugcrowd Earns CREST Accreditation for Pen Testing

Researchers Reported Critical SQLi and Access Flaws in Zendesk Analytics Service

Securing the mail

Deep Packet Inspection vs. Metadata Analysis of Network Detection & Response (NDR) Solutions

Another Event-Related Spyware App

Researchers Say China State-backed Hackers Breached a Digital Certificate Authority

The Hunt for the Dark Webs Biggest Kingpin, Part 4: Face to Face

Mitsubishi Electric GT SoftGOT2000

DTrack activity targeting Europe and Latin America

Country that still uses fax machines wants to lead the world on data standards at G7

Data sovereignty and compliance need help

Google to Pay $391 Million Privacy Fine for Secretly Tracking Users' Location

Russia-based Pushwoosh tricks US Army and others into running its code for a while

Twitters SMS Two-Factor Authentication Is Melting Down

~ 14 Nov 2022 ~

Swimlane Introduces Low-Code, Automation Approach to OT Security

GitHub sets up private vulnerability reports for public repos to avoid 'naming and shaming'

Researchers Sound Alarm on Dangerous BatLoader Malware Dropper

Australia Declares War on Cybercrime Syndicates

New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders

Upcoming Speaking Engagements

Unpatched Zimbra Platforms Are Probably Compromised, CISA Says

Privacy4Cars Secures Fourth Patent to Remove Privacy Information From Vehicles and Create Compliance Logs

Avatier Achieves ISO 27001 Certification for its Information Security Management System

Quantum Cryptography Apocalypse: A Timeline and Action Plan

How APIs and Applications Can Live Happily Ever After

A Digital Red Cross

Another crypto shocker: Major player actually corrects $400m mistake instead of cratering

Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign

ESET APT Activity Report T2 2022

What is an External Penetration Test?

Advanced threat predictions for 2023

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

Australia to 'stand up and punch back' against cyber crims

A Visual Summary of SANS Pen Test HackFest Summit 2022