Port 22

~ 14 Oct 2022 ~

Friday Squid Blogging: On Squid Ink

Microsoft Secures Azure Enclaves With Hardware Guards

FYI: Microsoft Office 365 Message Encryption relies on insecure block cipher

Store credit card numbers in a debug log, lose millions of accounts. Cost? $1.9m

New Prestige ransomware impacts organizations in Ukraine and Poland

New Prestige ransomware impacts organizations in Ukraine and Poland

Apple's Constant Battles Against Zero-Day Exploits

Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows

Researchers Reveal Detail for Windows Zero-Day Vulnerability Patched Last Month

Upcoming Speaking Engagements

Fast Fashion Retailer Data Breach Draws $1.9M Fine

Microsoft 365 Message Encryption Can Leak Sensitive Info

Acuity Reports Increase in Cyber Liability Insurance Claims as Cybercrime Skyrockets

Regulating DAOs

Care and Feeding of the SOC's Most Powerful Tool: Your Brain

New Chinese Cyberespionage Group Targeting IT Service Providers and Telcos

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts

Just how critical is data sovereignty?

How To Build a Career as a Freelance Cybersecurity Analyst From Scratch

ESET research into POLONIUMs arsenal Week in security with Tony Anscombe

LockBit 3.0 malware forced NHS tech supplier to shut down hosted sites

Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack

PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks

India set to extend deadline for absurd infosec reporting requirements

Mormon Church IT ransacked, data stolen by 'state-sponsored' cyber-thieves

GIAC Introduces Industry-First Cloud Forensic Responder (GCFR) Certification

Juice Technology Receives ISO Certification for Charging Station Cyber Security

ControlMap Announces the Launch of the Trust Portal, Creating Transparency in Cybersecurity Compliance

~ 13 Oct 2022 ~

Quarter of Healthcare Ransomware Victims Forced to Halt Operations

Armis Now Available on Google Cloud Marketplace

Google Cloud Advances Partnerships with 20-Plus Software Companies Focused on Digital Sovereignty and Cybersecurity

HSBC and Silent Eight Expand Machine Learning Partnership

Nexusguard Research Shows Total Number of DDoS Attacks Increased during First Half of 2022 While Maximum Attack Size Decreased Compared to Second Half of 2021

Banks face their 'darkest hour' as malware steps up, maker of antivirus says

Resistant AI and ComplyAdvantage Launch AI Transaction Monitoring Solution To Combat Fraud and Money Laundering

Newly Introduced HackerOne Assets Goes Beyond Attack Surface Management To Close Security Gaps

Comprehensive Network Visibility Is Imperative for Zero-Trust Maturity

Novel npm Timing Attack Allows Corporate Targeting

Feature-Rich 'Alchimist' Cyberattack Framework Targets Windows, Mac, Linux Environments

Tanium Benchmark Sets New Standard for Tracking and Improving Security and Operational Metrics

QAKBOT Attacks Spike Amid Concerning Cybercriminal Collaborations

DFIN DealMaker Meter: Surge in 'Dark Data' Represents Growing Danger for Corporations

Orange Bank Deploys Real-Time Sanctions Screening with SAS and Neterium

Nudge Security Launches Platform With Humans in Mind

The Playbook for Human-Operated Ransomware

What You Need for a Strong Security Posture

The $1 Billion Alex Jones Effect

Cyberattackers Spoof Google Translate in Unique Phishing Tactic

Microsoft named a Leader in the 2022 Gartner Magic Quadrant for Security Information and Event Management

Microsoft named a Leader in the 2022 Gartner Magic Quadrant for Security Information and Event Management

State of Security Data Management 2022 Report Reveals Overconfidence Masks a Pervasive Data Problem

Attackers Use Automation to Speed from Exploit to Compromise According to Lacework Labs Cloud Threat Report

What the Uber Breach Verdict Means for CISOs in the US

Insurer Medibank hit by targeted cyberattack

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

New Timing Attack Against NPM Registry API Could Expose Private Packages

Does the OWASP Top 10 Still Matter?

Digital License Plates

Celsius Exchange Data Dump Is a Gift to Crypto Sleuthsand Thieves

Siemens LOGO!

Siemens Industrial Edge Management

Siemens Solid Edge

Siemens SIMATIC S7-1200 and S7-1500 CPU Families

Hitachi Energy Lumada Asset Performance Management Prognostic Model Executor Service

Siemens Desigo PXM Devices

Siemens Nucleus RTOS FTP Server

Siemens TCP Event Service of SCALANCE And RUGGEDCOM Devices

Siemens SICAM P850 and P855 Devices

Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization

Life in pursuit of answers: Inthe words of Ada Yonath

Get ready to defend your data against cyber warfare

Financial watchdogs want to know what traders are talking about on WhatsApp

Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

Modified WhatsApp App Caught Infecting Android Devices with Malware

Scanning phones to detect child abuse evidence is harmful, 'magical' thinking

Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers

Prison inmate accused of orchestrating $11M fraud using cell cellphone

~ 12 Oct 2022 ~

US election workers slammed with phishing, malware-stuffed emails

Thoma Bravo to Acquire ForgeRock in $2.3B Deal

Hospital giant's IT still poorly a week after suspected ransomware infection

WhatsApp Users Beware: Dangerous Mobile Trojan Being Distributed via Malicious Mod

KnowBe4 to Be Acquired for $4.6B by Private Equity Firm Vista

Airborne Drones Are Dropping Cyber-Spy Exploits in the Wild

Key Takeaways From Omdia's IGA Market Radar

Microsoft tries to Ignite interest in DevOps cloud security tweaks

Cyolo Receives Investment from IBM Ventures for Zero Trust Secure Access Platform

Android Leaks Wi-Fi Traffic Even When VPN Protection Features Are On

E-Commerce Losses to Online Payment Fraud to Exceed $48B Globally in 2023, as Fraud Incursions Evolve

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less

5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less

5 Signs That It's Time to Invest in Data Loss Prevention

Hackers Using Vishing to Trick Victims into Installing Android Banking Malware

Scribe Platform: End-to-end Software Supply Chain Security

Google Rolling Out Passkey Passwordless Login Support to Android and Chrome

Beachhead Solutions Adds Windows Security Management to the BeachheadSecure Platform

Refund Fraud-as-a-Service Ads on Hacker Forums Increase by 60%

Vectra Advances Security AI to Deliver Attack Signal Intelligence, Empowering Security Teams to Investigate and Respond to Attacks in Real Time

Cloud Data Breaches Are Running Rampant. What Are the Common Characteristics?