Port 22

~ 17 Jan 2023 ~

Crypto exchanges freeze accounts tied to North Koreas notorious Lazarus Group

Tencent fired 100 people for corruption during 2022

~ 16 Jan 2023 ~

The Dangers of Default Cloud Configurations

Java, .NET Developers Prone to More Frequent Vulnerabilities

Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software

A Secure User Authentication Method Planning is More Important than Ever

Hacked Cellebrite and MSAB Software Released

You Move, They Follow: Uncovering Irans Mobile Legal Intercept System

All the Data Apple Collects About Youand How to Limit It

For password protection, dump LastPass for open source Bitwarden

CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers

Hybrid commerce: Blurring the lines between business and pleasure

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild

China aims to grow local infosec industry by 30 percent a year, to $22 billion by 2025

~ 14 Jan 2023 ~

NSA asks Congress to let it get on with that warrantless data harvesting, again

Upcoming Speaking Engagements

Booklist Review of A Hackers Mind

Russian Ransomware Gang Attack Destabilizes UK Royal Mail

Malware Attack on CircleCI Engineer's Laptop Leads to Recent Security Incident

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

Russians say they can grab software from Intel again

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

~ 13 Jan 2023 ~

Why Mean Time to Repair Is Not Always A Useful Security Metric

Friday Squid Blogging: How to Buy Fresh or Frozen Squid

Norton LifeLock Warns on Password Manager Account Compromises

Malware Comes Standard With This Android TV Box on Amazon

Canadian must pay employer for 'time theft' based on tracking software data

Sneaky New Stealer Woos Corporate Workers Through Fake Zoom Downloads

CircleCI, LastPass, Okta, and Slack: Cyberattackers Pivot to Target Core Enterprise Tools

Cloudflare Wins CISA Contract for Registry and Authoritative Domain Name System (DNS) Services

Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware

Fast-Track Secure Development Using Lite Threat Modeling

APT group trojanizes Telegram app Week in security with Tony Anscombe

Microsoft Defender ASR rules remove icons and apps shortcuts from Taskbar

Threats of Machine-Generated Text

In the Fight Against Scams, Cyber Ambassadors Enter the Chat

Long data privacy notices aren't foolproof, Euro watchdog tells Meta

Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar

WEF's Global Risks Report 2023 Keeps Cybersecurity on the Agenda

Get Unified Cloud and Endpoint Security: Only $1 for 1,000 Assets for all of 2023!

FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations

This cant be a real bomb threat: you've called a modem, not a phone

Euro-cops shut down crypto scam that bilked millions from unwitting punters

Microsoft fumbles zero trust upgrade for some Asian customers

~ 12 Jan 2023 ~

Researchers Find 'Digital Crime Haven' While Investigating Magecart Activity

$20K Buys Insider Access to Telegram Servers, Dark Web Ad Claims

Software Supply Chain Security Needs a Bigger Picture

Darktrace Publishes 2022 Cyberattack Trend Data For Energy, Healthcare & Retail Sectors Globally

New Survey Sheds Light on Why Enterprises Struggle to Thwart API Attacks

Law firm slams SEC for 'blatant fishing expedition' stemming from Hafnium attack

Cloudflare Expands Relationship With Microsoft

SailPoint Acquires SecZetta to Provide Identity Security for Non-Employee Identities

SailPoint Acquires SecZetta to Provide Comprehensive Identity Security for Non-Employee Identities

Critical Cisco SMB Router Flaw Allows Authentication Bypass, PoC Available

Big Prizes, Cash on Offer for Joining 'DDosia' Anti-Ukraine Cyberattack Project

Securing the World's Energy Systems: Where Physical Security and Cybersecurity Must Meet

Kubernetes-Related Security Projects to Watch in 2023

1 in 3 Organizations Do Not Provide Any Cybersecurity Training to Remote Workers Despite a Majority of Employees Having Access to Critical Data

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

Hack the Box Secures $55 Million in Series B Funding Led by Carlyle

Man Sentenced for Role in International Telemarketing Scheme

Hacker Space Rogue to Release Book on Hacking Group L0pht Heavy Industries in February

Over 100 Siemens PLC Models Found Vulnerable to Firmware Takeover

Experian Privacy Vulnerability

Alert: Hackers Actively Exploiting Critical "Control Web Panel" RCE Vulnerability

Hitachi Energy Lumada APM

Sewio RTLS Studio

RONDS Equipment Predictive Maintenance Solution

InHand Networks InRouter

Panasonic Sanyo CCTV Network Camera

SAUTER Controls Nova 200 220 Series (PLC 6)

SAUTER Controls Nova 200 220 Series (PLC 6)

Introducing IPyIDA: A Python plugin for your reverseengineering toolkit

Johnson Controls Metasys

Siemens S7-1500 CPU devices

Siemens Mendix SAML Module

Siemens Mendix SAML Module

Siemens Automation License Manager

Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk

Patch where it Hurts: Effective Vulnerability Management in 2023

VALL-E AI can mimic a persons voice from a three-second snippet

Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System

US think tank says China would probably lose if it tries to invade Taiwan

Use CircleCI? Here Are 3 Steps You Need to Take

Why Analyzing Past Incidents Helps Teams More Than Usual Security Metrics

~ 11 Jan 2023 ~

Royal Mail, cops probe 'cyber incident' that's knackered international mail

Catchpoint Announces Solution to Monitor and Protect Companies From BGP Incidents

Better Phishing, Easy Malicious Implants: How AI Could Change Cyberattacks

Governance in the Cloud Shifts Left

Cyberattack Cancels Classes for Des Moines Public Schools

AI-generated phishing emails just got much more convincing

5 Ways Cybersecurity for Cloud Workloads Will Evolve in 2023

Cyber Jobs of the Future: Sleuth, Bodyguard, 'Immunity' Developer

New Analysis Reveals Raspberry Robin Can be Repurposed by Other Threat Actors

Microsoft fixes Windows database connections it broke in November

German cartel watchdog objects to the way Google processes user data

Infoblox Appoints Scott Harrell to CEO

SecureAuth Announces Seven New Patents for Biobehavioral Credentials for Continuous Authentication, and ID Proofing to Secure Digital Identities

Preparing for the Effects Of Quantum-Centric Supercomputing