Port 22

~ 24 Aug 2022 ~

Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

Acronis' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $30 Billion by 2023

Attacker snags account details from streaming service Plex

Why Empathy Is the Key to Better Threat Modeling

CyberRatings.org Announces New Web Browser Test Results for 2022

Report: Financial Institutions Are Overwhelmed When Facing Growing Firmware Security and Supply Chain Threats

Guide: How Service Providers can Deliver vCISO Services at Scale

Hackers Using Fake DDoS Protection Pages to Distribute Malware

Mudge Files Whistleblower Complaint against Twitter

The Privacy Flaw Threatening US Democracy

Ransomware updates & 1-day exploits

Researchers Warn of AiTM Attack Targeting Google G-Suite Enterprise Users

Lloyd's to exclude certain nation-state attacks from cyber insurance policies

GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software

~ 23 Aug 2022 ~

The Twitter Whistleblower Reports Most Damning Allegation

Twitter savaged by former security boss Mudge in whistleblower complaint

DevSecOps Gains Traction but Security Still Lags

Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market

Smartphone gyroscopes threaten air-gapped systems, researcher finds

Mudge Blows Whistle on Alleged Twitter Security Nightmare

Proofpoint Introduces a Smarter Way to Stay Compliant with New Intelligent Compliance Platform

Facing the New Security Challenges That Come With Cloud

Secure Code Warrior Spotlights the Importance of Developer Security Skills with 2nd Annual Devlympics Competition

One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious

A multidimensional approach to journalism security

Coalfire Federal Among First Authorized to Conduct CMMC Assessments

Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts

Apathy Is Your Company's Biggest Cybersecurity Vulnerability Here's How to Combat It

XCSSET Malware Updates with Python 3 to Target macOS Monterey Users

Meta Takes Offensive Posture With Privacy Red Team

Novant Health Notifies Patients of Potential Data Privacy Incident

The Rise of Data Exfiltration and Why It Is a Greater Risk Than Ransomware

Charming Kitten APT Wields New Scraper to Steal Email Inboxes

Suspected Iranian Hackers Targeted Several Israeli Organizations for Espionage

Signal Phone Numbers Exposed in Twilio Hack

ARC Informatique PcVue

Delta Industrial Automation DIALink

mySCADA myPRO

Measuresoft ScadaPro Server

Measuresoft ScadaPro Server and Client

Hitachi Energy RTU500

Is your personal data all over the internet? 7steps to cleaning up your online presence

New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data

CISA Warns of Active Exploitation of Palo Alto Networks' PAN-OS Vulnerability

Microsoft finds critical hole in operating system that for once isn't Windows

If you haven't patched Zimbra holes by now, assume you're toast

~ 22 Aug 2022 ~

Fake DDoS Protection Alerts Distribute Dangerous RAT

Novant Health admits leak of 1.3m patients' info to Facebook

Hiding a phishing attack behind the AWS cloud

Metasploit Creator Renames His Startup and IT Discovery Tool Rumble to 'runZero'

Warning over Java libraries and deserialization security weaknesses

For Penetration Security Testing, Alternative Cloud Offers Something Others Don't

Sophos Identifies Potential Tag-Team Ransomware Activity

"As Nasty as Dirty Pipe" 8 Year Old Linux Kernel Vulnerability Uncovered

InQuest: Adding File Detection and Response to the Security Arsenal

Secureworks: How To Distinguish Hype From Reality With AI in SecOps

New 'BianLian' Ransomware Variant on the Rise

Tanium: Taking A Deeper Cut At Converged Endpoint Management

LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data

Microsoft recognized as a Leader in the 2022 Gartner Magic Quadrant for Unified Endpoint Management Tools

Pentera Helps Enterprises Reduce Their Security Exposure

Cisco: All Intelligence is Not Created Equal

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

Identity Security Pain Points and What Can Be Done

How Qualys Reduces Risk and Enables Tool Consolidation

Cyber Signals: Defend against the new ransomware landscape

Meet Borat RAT, a New Unique Triple Threat

Expiring Root Certificates Threaten IoT in the Enterprise

Hyundai Uses Example Keys for Encryption System

Inside the Worlds Biggest Hacker Rickroll

RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering

Zoom patches make-me-root security flaw, patches patch

Hackers Stole Crypto from Bitcoin ATMs by Exploiting Zero-Day Vulnerability

NSO Group CEO steps down, 100 employees let go too

~ 21 Aug 2022 ~

Mimecast: Mitigating Risk Across a Complex Threat Landscape

Banyan Recommends Phased Approach When Introducing Zero Trust

The Low Threshold for Face Recognition in New Delhi

~ 20 Aug 2022 ~

DeepSurface Adds Risk-Based Approach to Vulnerability Management

New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers

The HEAT Is On, Says Menlo Security

Janet Jacksons Rhythm Nation Can Crash Old Hard Drives

PIXM: Stopping Targeted Phishing Attacks With 'Computer Vision'

Intel Adds New Circuit to Chips to Ward Off Motherboard Exploits

NIST Weighs in on AI Risk

~ 19 Aug 2022 ~

Uncovering a ChromeOS remote memory corruption vulnerability

Patch Now: 2 Apple Zero-Days Exploited in Wild

Friday Squid Blogging: The Language of the Jumbo Flying Squid

Cybersecurity Solutions Must Evolve, Says Netography CEO

Ex-HP finance manager jailed after going on $5m spending spree using company plastic

State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims

BlackByte Ransomware Gang Returns With Twitter Presence, Tiered Pricing

Google and Apple both release patches against zeroday vulnerabilities Week in security with Tony Anscombe

Cyber Resiliency Isn't Just About Technology, It's About People

iOS Can Stop VPNs From Working as Expectedand Expose Your Data

Two years on, Apple iOS VPNs still leak IP addresses

The truth about that draft law banning Uncle Sam buying insecure software

~ 18 Aug 2022 ~

Spyware Hunters Are Expanding Their Tool Set

Easing the Cyber-Skills Crisis With Staff Augmentation

China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload

Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip