Port 22

Time-Triggered Ethernet flaw could have crippled Orion spacecraft

Jessica Lyons HardcastleThe Register

Eggheads show how network flaw could lead to NASA crew pod loss. Key word: Could

Jessica Lyons HardcastleThe Register

Wipermania: Malware Remains a Potent Threat, 10 Years Since 'Shamoon'

Jai Vijayan, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Shocker: EV charging infrastructure is seriously insecure

Brandon VigliaroloThe Register

Modern CISO: More Than a Security Officer

Edge Editors, Dark ReadingDark Reading - Threat Intelligence

Where Can Third-Party Governance and Risk Management Take Us?

Will Lin, Managing Director, Forgepoint CapitalDark Reading - Threat Intelligence

Misconfigurations, Vulnerabilities Found in 95% of Applications

Robert Lemos, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

How Routine Pen Testing Can Reveal the Unseen Flaws in Your Cybersecurity Posture

Caroline Wong, Chief Strategy Officer at CobaltDark Reading - Threat Intelligence

2022 holiday DDoS protection guide

Paul OliveriaMicrosoft Security Blog

Critical RCE Flaw Reported in Spotify's Backstage Software Catalog and Developer Platform

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Google Forks Over $391.5M in Record-Setting US Consumer Privacy Settlement

Dark Reading Staff, Dark ReadingDark Reading - Threat Intelligence

PCSpoof: New Vulnerability Affects Networking Tech Used by Spacecraft and Aircraft

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Yakima Neighborhood Health Services Notice of Data Security Incident

N/ADark Reading - Threat Intelligence

Red Canary Provides First-Ever MITRE Engenuity ATT&CK Evaluations for Managed Services

N/ADark Reading - Threat Intelligence

Top Zeus Botnet Suspect Tank Arrested in Geneva

BrianKrebsKrebs on Security

Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data

Elizabeth Montalbano, Contributor, Dark ReadingDark Reading - Threat Intelligence

Evolving Security for Government Multiclouds

Danny Connelly, CISO Americas, ZscalerDark Reading - Threat Intelligence

44% of Financial Institutions Believe Their Own IT Teams Are the Main Risk to Cloud Security

N/ADark Reading - Threat Intelligence

Authomize Launches Identity Threat Detection and Response Platform to Protect Against Identity-Based Attacks

N/ADark Reading - Threat Intelligence

Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data

N/ADark Reading - Threat Intelligence

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

N/ADark Reading - Threat Intelligence

Bugcrowd Earns CREST Accreditation for Pen Testing

N/ADark Reading - Threat Intelligence

Researchers Reported Critical SQLi and Access Flaws in Zendesk Analytics Service

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Securing the mail

Elizabeth ColesThe Register

Deep Packet Inspection vs. Metadata Analysis of Network Detection & Response (NDR) Solutions

noreply@blogger.com (The Hacker News)The Hackers News

Another Event-Related Spyware App

Bruce SchneierSchneier on Security

Researchers Say China State-backed Hackers Breached a Digital Certificate Authority

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

The Hunt for the Dark Webs Biggest Kingpin, Part 4: Face to Face

Andy GreenbergWired

Mitsubishi Electric GT SoftGOT2000

Advisory DocumentICS-Cert Advisories

DTrack activity targeting Europe and Latin America

Konstantin Zykov, Jornt van der WielSecure List

Country that still uses fax machines wants to lead the world on data standards at G7

Laura DobbersteinThe Register

Data sovereignty and compliance need help

Dave CartwrightThe Register

Google to Pay $391 Million Privacy Fine for Secretly Tracking Users' Location

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Russia-based Pushwoosh tricks US Army and others into running its code for a while

Jessica Lyons HardcastleThe Register

Twitters SMS Two-Factor Authentication Is Melting Down

Lily Hay NewmanWired

Swimlane Introduces Low-Code, Automation Approach to OT Security

Nathan Eddy, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

GitHub sets up private vulnerability reports for public repos to avoid 'naming and shaming'

Jeff BurtThe Register

Researchers Sound Alarm on Dangerous BatLoader Malware Dropper

Jai Vijayan, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Australia Declares War on Cybercrime Syndicates

Dark Reading Staff, Dark ReadingDark Reading - Threat Intelligence

Upcoming Speaking Engagements

Schneier.com WebmasterSchneier on Security

Unpatched Zimbra Platforms Are Probably Compromised, CISA Says

Dark Reading Staff, Dark ReadingDark Reading - Threat Intelligence

Privacy4Cars Secures Fourth Patent to Remove Privacy Information From Vehicles and Create Compliance Logs

N/ADark Reading - Threat Intelligence

Avatier Achieves ISO 27001 Certification for its Information Security Management System

N/ADark Reading - Threat Intelligence

Quantum Cryptography Apocalypse: A Timeline and Action Plan

Konstantinos Karagiannis, Director, Quantum Computing Services, ProtivitiDark Reading - Threat Intelligence

How APIs and Applications Can Live Happily Ever After

Joshua Goldfarb, Fraud Solutions Architect - EMEA and APCJ, F5Dark Reading - Threat Intelligence

A Digital Red Cross

Bruce SchneierSchneier on Security

Another crypto shocker: Major player actually corrects $400m mistake instead of cratering

Laura DobbersteinThe Register

Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

ESET APT Activity Report T2 2022

Jean-Ian BoutinESET

What is an External Penetration Test?

noreply@blogger.com (The Hacker News)The Hackers News

Advanced threat predictions for 2023

GReATSecure List

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Australia to 'stand up and punch back' against cyber crims

Simon SharwoodThe Register

A Visual Summary of SANS Pen Test HackFest Summit 2022

N/ASANS ICS

The Hunt for the FTX Thieves Has Begun

Andy GreenbergWired

Elon Musk Introduces Twitter Mayhem Mode

Dhruv MehrotraWired

LockBit suspect cuffed after ransomware forces emergency services to use pen and paper

Brandon VigliaroloThe Register

Friday Squid Blogging: Squid Purse

Bruce SchneierSchneier on Security

Why Cybersecurity Should Highlight Veteran-Hiring Programs

Fahmida Y. Rashid, Managing Editor, Features, Dark ReadingDark Reading - Threat Intelligence

New Book: A Hackers Mind

Bruce SchneierSchneier on Security

World Cup apps pose a data security, privacy nightmare

Jessica Lyons HardcastleThe Register

Cybersecurity 'Nutrition' Labels Still a Work in Progress

Robert Lemos, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Cookies for MFA Bypass Gain Traction Among Cyberattackers

Robert Lemos, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Knock, Knock: Aiphone Bug Allows Cyberattackers to Literally Open (Physical) Doors

Nathan Eddy, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Port 22

~ 15 Nov 2022 ~

Time-Triggered Ethernet flaw could have crippled Orion spacecraft

Eggheads show how network flaw could lead to NASA crew pod loss. Key word: Could

Wipermania: Malware Remains a Potent Threat, 10 Years Since 'Shamoon'

Shocker: EV charging infrastructure is seriously insecure

Modern CISO: More Than a Security Officer

Where Can Third-Party Governance and Risk Management Take Us?

Misconfigurations, Vulnerabilities Found in 95% of Applications

How Routine Pen Testing Can Reveal the Unseen Flaws in Your Cybersecurity Posture

2022 holiday DDoS protection guide

Critical RCE Flaw Reported in Spotify's Backstage Software Catalog and Developer Platform

Google Forks Over $391.5M in Record-Setting US Consumer Privacy Settlement

PCSpoof: New Vulnerability Affects Networking Tech Used by Spacecraft and Aircraft

Yakima Neighborhood Health Services Notice of Data Security Incident

Red Canary Provides First-Ever MITRE Engenuity ATT&CK Evaluations for Managed Services

Top Zeus Botnet Suspect Tank Arrested in Geneva

Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data

Evolving Security for Government Multiclouds

44% of Financial Institutions Believe Their Own IT Teams Are the Main Risk to Cloud Security

Authomize Launches Identity Threat Detection and Response Platform to Protect Against Identity-Based Attacks

Neosec Introduces Automated Tokenization to Enable Full API Visibility Without Exposure of Sensitive Data

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

Bugcrowd Earns CREST Accreditation for Pen Testing

Researchers Reported Critical SQLi and Access Flaws in Zendesk Analytics Service

Securing the mail

Deep Packet Inspection vs. Metadata Analysis of Network Detection & Response (NDR) Solutions

Another Event-Related Spyware App

Researchers Say China State-backed Hackers Breached a Digital Certificate Authority

The Hunt for the Dark Webs Biggest Kingpin, Part 4: Face to Face

Mitsubishi Electric GT SoftGOT2000

DTrack activity targeting Europe and Latin America

Country that still uses fax machines wants to lead the world on data standards at G7

Data sovereignty and compliance need help

Google to Pay $391 Million Privacy Fine for Secretly Tracking Users' Location

Russia-based Pushwoosh tricks US Army and others into running its code for a while

Twitters SMS Two-Factor Authentication Is Melting Down

~ 14 Nov 2022 ~

Swimlane Introduces Low-Code, Automation Approach to OT Security

GitHub sets up private vulnerability reports for public repos to avoid 'naming and shaming'

Researchers Sound Alarm on Dangerous BatLoader Malware Dropper

Australia Declares War on Cybercrime Syndicates

Upcoming Speaking Engagements

Unpatched Zimbra Platforms Are Probably Compromised, CISA Says

Privacy4Cars Secures Fourth Patent to Remove Privacy Information From Vehicles and Create Compliance Logs

Avatier Achieves ISO 27001 Certification for its Information Security Management System

Quantum Cryptography Apocalypse: A Timeline and Action Plan

How APIs and Applications Can Live Happily Ever After

A Digital Red Cross

Another crypto shocker: Major player actually corrects $400m mistake instead of cratering

Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign

ESET APT Activity Report T2 2022

What is an External Penetration Test?

Advanced threat predictions for 2023

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

Australia to 'stand up and punch back' against cyber crims

A Visual Summary of SANS Pen Test HackFest Summit 2022

~ 13 Nov 2022 ~

The Hunt for the FTX Thieves Has Begun

~ 12 Nov 2022 ~

Elon Musk Introduces Twitter Mayhem Mode

LockBit suspect cuffed after ransomware forces emergency services to use pen and paper

~ 11 Nov 2022 ~

Friday Squid Blogging: Squid Purse

Why Cybersecurity Should Highlight Veteran-Hiring Programs

New Book: A Hackers Mind

World Cup apps pose a data security, privacy nightmare

Cybersecurity 'Nutrition' Labels Still a Work in Progress

Cookies for MFA Bypass Gain Traction Among Cyberattackers

Knock, Knock: Aiphone Bug Allows Cyberattackers to Literally Open (Physical) Doors