Port 22

~ 22 Aug 2022 ~

Metasploit Creator Renames His Startup and IT Discovery Tool Rumble to 'runZero'

Warning over Java libraries and deserialization security weaknesses

For Penetration Security Testing, Alternative Cloud Offers Something Others Don't

Sophos Identifies Potential Tag-Team Ransomware Activity

"As Nasty as Dirty Pipe" 8 Year Old Linux Kernel Vulnerability Uncovered

InQuest: Adding File Detection and Response to the Security Arsenal

Secureworks: How To Distinguish Hype From Reality With AI in SecOps

New 'BianLian' Ransomware Variant on the Rise

Tanium: Taking A Deeper Cut At Converged Endpoint Management

LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data

Microsoft recognized as a Leader in the 2022 Gartner Magic Quadrant for Unified Endpoint Management Tools

Pentera Helps Enterprises Reduce Their Security Exposure

Cisco: All Intelligence is Not Created Equal

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

Identity Security Pain Points and What Can Be Done

How Qualys Reduces Risk and Enables Tool Consolidation

Cyber Signals: Defend against the new ransomware landscape

Meet Borat RAT, a New Unique Triple Threat

Expiring Root Certificates Threaten IoT in the Enterprise

Hyundai Uses Example Keys for Encryption System

Inside the Worlds Biggest Hacker Rickroll

RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering

Zoom patches make-me-root security flaw, patches patch

Hackers Stole Crypto from Bitcoin ATMs by Exploiting Zero-Day Vulnerability

NSO Group CEO steps down, 100 employees let go too

~ 21 Aug 2022 ~

Mimecast: Mitigating Risk Across a Complex Threat Landscape

Banyan Recommends Phased Approach When Introducing Zero Trust

The Low Threshold for Face Recognition in New Delhi

~ 20 Aug 2022 ~

DeepSurface Adds Risk-Based Approach to Vulnerability Management

New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers

The HEAT Is On, Says Menlo Security

Janet Jacksons Rhythm Nation Can Crash Old Hard Drives

PIXM: Stopping Targeted Phishing Attacks With 'Computer Vision'

Intel Adds New Circuit to Chips to Ward Off Motherboard Exploits

NIST Weighs in on AI Risk

~ 19 Aug 2022 ~

Uncovering a ChromeOS remote memory corruption vulnerability

Patch Now: 2 Apple Zero-Days Exploited in Wild

Friday Squid Blogging: The Language of the Jumbo Flying Squid

Cybersecurity Solutions Must Evolve, Says Netography CEO

Ex-HP finance manager jailed after going on $5m spending spree using company plastic

State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims

BlackByte Ransomware Gang Returns With Twitter Presence, Tiered Pricing

Google and Apple both release patches against zeroday vulnerabilities Week in security with Tony Anscombe

Cyber Resiliency Isn't Just About Technology, It's About People

iOS Can Stop VPNs From Working as Expectedand Expose Your Data

Two years on, Apple iOS VPNs still leak IP addresses

The truth about that draft law banning Uncle Sam buying insecure software

~ 18 Aug 2022 ~

Spyware Hunters Are Expanding Their Tool Set

Easing the Cyber-Skills Crisis With Staff Augmentation

China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload

Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip

5 Russia-Linked Groups Target Ukraine in Cyberwar

Hardware-based threat defense against increasingly complex cryptojackers

Keeping the keys to the kingdom secure

Google blocks third record-breaking DDoS attack in as many months

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Which Security Bugs Will Be Exploited? Researchers Create an ML Model to Find Out

Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors

How to Upskill Tech Staff to Meet Cybersecurity Needs

OpenSSF Announces 13 New Members Committed to Strengthening the Security of the Open Source Software Supply Chain

USB Rubber Ducky Attack Tool

How to Use Signal Encrypted Messaging

Mitsubishi Electric Multiple Factory Automation Products (Update A)

The Family That Mined the Pentagon's Data for Profit

A stepbystep guide to enjoy LinkedIn safely

Ransomware attack on UK water company clouded by confusion

Deluge of of entries to Spamhaus blocklists includes 'various household names'

Janet Jackson music video declared a cybersecurity exploit

Google Cloud Adds Curated Detection to Chronicle

~ 17 Aug 2022 ~

Google, Apple squash exploitable browser bugs

Software developer cracks Hyundai car security with Google search

Google Chrome Zero-Day Found Exploited in the Wild

After 7 years, long-term threat DarkTortilla crypter is still evolving

'DarkTortilla' Malware Wraps in Sophistication for High-Volume RAT Infections

When Countries Are Attacked: Making the Case for More Private-Public Cooperation

How to stop the evil lurking in the shadows

'Operation Sugarush' Mounts Concerning Spy Effort on Shipping, Healthcare Industries

The Android 13 Privacy Settings You Should Update Now

China-Backed RedAlpha APT Builds Sprawling Cyber-Espionage Infrastructure

TikTok wants your trust around US midterm elections data

Thoma Bravo Closes $6.9B Acquisition of Identity-Security Vendor SailPoint

ThreatX Raises $30 Million in Series B Funding to Accelerate Growth in Global API Protection Market

AuditBoard Launches Third-Party Risk Management Solution, Empowering Enterprises to Tackle IT Vendor Risk at Scale

7 Smart Ways to Secure Your E-Commerce Site

Black Hat USA 2022 and DEF CON 30

Zoom Exploit on MacOS

Mozilla finds 18 of 25 popular reproductive health apps share your data

Russian military uses Chinese drones and bots in combat, over manufacturers' protests

Developing ICS/OT Engineering Cyber Defense Teams

Microsoft Rolls Out Tamper Protection for Macs

~ 16 Aug 2022 ~

RubyGems now requires multi-factor auth for top package maintainers

SEC says brokerage accounts hijacked for $1.3m pump-and-dump scam

Microsoft Disrupts Russian Group's Multiyear Cyber-Espionage Campaign

DEF CON: A Woman's First Experience

Clop Ransomware Gang Breaches Water Utility, Just Not the Right One

Whack-a-Mole: More Malicious PyPI Packages Spring Up Targeting Discord, Roblox

When Efforts to Contain a Data Breach Backfire

Name That Toon: Vicious Circle

PC store told it can't claim full cyber-crime insurance after social-engineering attack

With Plunge in Value, Cryptocurrency Crimes Decline in 2022