Port 22

~ 6 Feb 2023 ~

Ransomware scum launch wave of attacks on critical, but old, VMWare ESXi vuln

~ 5 Feb 2023 ~

Finlands Most-Wanted Hacker Nabbed in France

Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears

~ 4 Feb 2023 ~

Googling for Software Downloads Is Extra Risky Right Now

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

Iran crew stole Charlie Hebdo database, says Microsoft

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT

The Chinese Spy Balloon Shows the Downsides of Spy Balloons

HeadCrab bots pinch 1,000+ Redis servers to mine coins

~ 3 Feb 2023 ~

What CISOs Can Do About Brand Impersonation Scam Sites

Friday Squid Blogging: Studying the Colossal Squid

Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says

Fast-evolving Prilex POS malware can block contactless payments

A Hackers Mind News

Guy accused of wrecking crypto exchange now hauled into court

Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware

How the Cloud Is Shifting CISO Priorities

Key takeaways from ESETs new APT Activity Report Week in security with Tony Anscombe

Congress Has a Lo-Fi Plan to Fix the Classified Documents Mess

Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations

Manipulating Weights in Face-Recognition AI Systems

The Pivot: How MSPs can Turn a Challenge Into a Once-in-a-Decade Opportunity

Another RAC staffer nabbed for storing and sharing road accident data

Atlassian's Jira Software Found Vulnerable to Critical Authentication Vulnerability

LockBit claims responsibility for ION ransomware attack but US/UK hounds are sniffing

New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

Chinese surveillance balloon over US causes fearful gasbagging

CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

MITRE Releases Tool to Design Cyber Resilient Systems

Former Ubiquiti dev pleads guilty in data theft and extortion case

~ 2 Feb 2023 ~

Netflixs US Password-Sharing Crackdown Isnt HappeningYet

Hornetsecurity Combats QR Code Phishing With Launch of New Technology

Korelock Launches IOT Smart Lock Technology Company

Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally

Malvertising attacks are distributing .NET malware loaders

6 Examples of the Evolution of a Scam Site

Rising Firebrick Ostrich BEC Group Launches Industrial-Scale Cyberattacks

Mitigate risk by integrating threat modeling and DevOps processes

Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter

Scores of Redis Servers Infested by Sophisticated Custom-Built Malware

Managing the Governance Model for Software Development in a No-Code Ecosystem

AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites

Cybersecurity Leaders Launch First Attack Matrix for Software Supply Chain Security

ChatGPT May Already Be Used In Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research

New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities

AIs as Computer Hackers

Super Bock says 'cyber' nasty 'disrupting computer services'

Discrepancies Discovered in Vulnerability Severity Ratings

Is that survey real or fake? How to spot a survey scam

Delta Electronics DIAScreen

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000

Baicells Nova

Delta Electronics DVW-W02W2-E2

Delta Electronics DX-2100-L1-CN

Cybersecurity budgets are going up. So why aren't breaches going down?

North Korean Hackers Exploit Unpatched Zimbra Devices in 'No Pineapple' Campaign

Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms

New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

~ 1 Feb 2023 ~

Why CISOs Should Care About Brand Impersonation Scam Sites

Google boosts bounties for open source flaws found via fuzzing

Nearly All Firms Have Ties With Breached Third Parties

CISA to Open Supply Chain Risk Management Office

Greater Incident Complexity, Shift in How Threat Actors Use Stolen Data, Will Drive the Cyber Threat Landscape in 2023, Says Beazley Report

Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC

Inside Killnet: Pro-Russia Hacktivist Group's Support and Influence Grows

~ 2 Feb 2023 ~

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

~ 1 Feb 2023 ~

Microsoft sweeps up after breaking .NET with December security updates

Beating the Odds: 3 Challenges Women Face in the Cybersecurity Industry

Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats

Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover

Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions

Fortra's Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data

KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship

Application Security Must Be Nonnegotiable

ManageEngine Study Finds United States Enterprises Hit by Short-Staffed Security Operations Centers

Google Fi Users Caught Up in T-Mobile Breach

Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry

Passwords Are Terrible (Surprising No One)

Enter the Hunter Satellites Preparing for Space War

Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Hack Corporate Email Accounts

New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices

Less is more: Conquer your digital clutter before it conquers you

Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards

Auditing Kubernetes with Open Source SIEM and XDR

Vista Equity Partners Completes Acquisition of KnowBe4

Attackers abuse Microsofts 'verified publisher' status to steal data

Checkmarx Launches Threat Intelligence for Open Source Packages

Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software

How Can Disrupting DNS Communications Thwart a Malware Attack?

~ 31 Jan 2023 ~

Firmware Flaws Could Spell 'Lights Out' for Servers

Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code

Microsoft upgrades Defender to lock down Linux gear for its own good

Phishers Trick Microsoft Into Granting Them 'Verified' Cloud Partner Status

Poser Hackers Impersonate LockBit in SMB Cyberattacks

Will Cybersecurity Remain Recession-Proof in 2023?

NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America

New Survey Reveals 40% of Companies Experienced a Data Leak in the Past Year

Aura and Nonprofit Cyversity Partner to Support a More Inclusive Cyber Workforce