Port 22

~ 7 Dec 2022 ~

Mitigate threats with the new threat matrix for Kubernetes

Piiano Equips Developers to Stop Sensitive Data Breaches

3 xIoT Attacks Companies Aren't Prepared For

San Francisco Rolls Back Its Plan for Killer Robots

Cybersecurity Resilience Emerges as Top Priority as 62% of Companies Say Security Incidents Impacted Business Operations

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

How XDR Helps Protect Critical Infrastructure

Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities

The Decoupling Principle

Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier

Taiwan bans state-owned devices from running Chinese platform TikTok

Zerobot Weaponizes Numerous Flaws in Slew of IoT Devices

For Cyberattackers, Popular EDR Tools Can Turn into Destructive Data Wipers

Fantasy a new Agrius wiper deployed through a supplychain attack

Microsoft Alerts Cryptocurrency Industry of Targeted Cyber Attacks

Microsoft: (Cyber) winter is coming as DDoS attack disrupts Russian bank

Amnesty International Canada claims attack by China-backed forces

New Go-based Zerobot Botnet Exploiting Dozen of IoT Vulnerabilities to Expand its Network

South Pacific vacations may be wrecked by ransomware

Shift to Memory-Safe Languages Gains Momentum

~ 6 Dec 2022 ~

ASM Can Fill Gaps While Working to Implement SBOM

Rackspace confirms ransomware attack behind days-long email outage

Cambridge Centre for Risk Studies and Kivu Release Benchmark of Cost-Effective Responses to Cybercrime

Google Chrome Flaw Added to CISA Patch List

Russia Readies Winter Cyberattacks As Troops Retreat From Ukraine

What Will It Take to Secure Critical Infrastructure?

Name That Edge Toon: Not Your Average Bear

DEV-0139 launches targeted attacks against the cryptocurrency industry

Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks

Intellicene Brand Launches After Completion of Acquisition by Volaris Group

Iranian State Hackers Targeting Key Figures in Activism, Journalism, and Politics

Want to detect Cobalt Strike on the network? Look to process memory

Hardening Identities With Phish-Resistant MFA

Applying the OODA Loop to Cybersecurity and Secure Access Service Edge

Russian Actors Use Compromised Healthcare Networks Against Ukrainian Orgs

AlgoSec Acquires Prevasio To Disrupt Agentless Cloud Security Market

Machine Learning Models: A Dangerous New Attack Vector

KmsdBot botnet is down after operator sends typo in command

The Invasive Reach of 'Digital-by-Default' Immigration

Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide

Understanding NIST CSF to assess your organization's Ransomware readiness

CryWiper Data Wiper Targeting Russian Sites

Telcom and BPO Companies Under Attack by SIM Swapping Hackers

How to secure application identities at developmental speed

Main phishing and scamming trends and techniques

Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware

TSA to expand facial recognition across America

Four suspects cuffed, face extradition over tax refund scam plot

Dont Miss the 2022 SANS Holiday Hack Challenge Now Open for Free Play

~ 5 Dec 2022 ~

Gunfire at electrical grid kills power for 45,000 in North Carolina

Google warns stolen Android keys used to sign info-stealing malware

Wiper, Disguised as Fake Ransomware, Targets Russian Orgs

Hive Social Buzzing With Security Flaws, Analysts Warn

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Cybersecurity Should Focus on Managing Risk

Cyberattack Shuts Down French Hospital

The New External Attack Surface: 3 Elements Every Organization Should Monitor

Palo Alto Networks Announces Medical IoT Security to Protect Connected Devices Critical to Patient Care

OpenSSF Membership Exceeds 100, With Many New Members Dedicated to Securing Open Source Software

Infostealer Malware Market Booms, as MFA Fatigue Sets In

The Privacy War Is Coming

Ransomware Professionalization Grows as RaaS Takes Hold

Malware Authors Inadvertently Take Down Own Botnet

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware

CAPTCHA

When Being Attractive Gets Risky - How Does Your Attack Surface Look to an Attacker?

SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars

Tractors vs. threat actors: How to hack a farm

North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps

Securing Application Identities in 2023

If one sheep leaps over the ditch

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

Remuneration coming for TrustCor customers impacted by CA revocation

Rackspace customers rage as email outage continues and migrations create migraines

~ 3 Dec 2022 ~

Chinas Police State Targets Zero-Covid Protesters

Rackspace rocked by security incident that has taken out some hosted Exchange services

Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability

US Air Force reveals B-21 Raider stealth bomber that'll fly the unfriendly skies

~ 2 Dec 2022 ~

Concern Over DDoS Attacks Falls Despite Rise in Incidents

Medibank prognosis gets worse after more stolen data leaked

SiriusXM, MyHyundai Car Apps Showcase Next-Gen Car Hacking

Friday Squid Blogging: Legend of the Indiana Oil-Pit Squid

FBI warns about Cuba, no, not that one the ransomware gang

Existential Risk and the Fermi Paradox

Newsroom Sues NSO Group for Pegasus Spyware Compromise

Android Phone Makers' Encryption Keys Stolen and Used in Malware

Where Advanced Cyberttackers Are Heading Next: Disruptive Hits, New Tech

SOC Turns to Homegrown Machine Learning to Catch Cyber-Intruders

A Risky Business: Choosing the Right Methodology

ScarCruft updates its toolset Week in security with Tony Anscombe

Hackers Sign Android Malware Apps with Compromised Platform Certificates

CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs

The Value of Old Systems

LastPass Security Breach

Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQL

Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers

Domain aging gang CashRewindo picks vintage sites to push malvertising

What the CISA Reporting Rule Means for Your IT Security Protocol

Mozilla, Microsoft drop TrustCor as root certificate authority