Port 22

Moody's turns up the heat on 'riskiest' sectors for cyberattacks

Jessica Lyons HardcastleThe Register

New Pegasus Spyware Abuses Identified in Mexico

John Scott-RailtonCitizen Lab

Stenography alert: Backdoor spyware stashed in Microsoft logo

Jeff BurtThe Register

Steganography alert: Backdoor spyware stashed in Microsoft logo

Jeff BurtThe Register

BlackCat malware lashes out at US defense IT contractor

Brandon VigliaroloThe Register

A Visual Summary of SANS Blue Team Summit 2022

N/ASANS ICS

Microsoft Exchange Server Has a Zero-Day Problem

Lily Hay Newman, Dhruv MehrotraWired

Gone in a day: Ethical hackers say it would take mere hours to empty your network

Jessica Lyons HardcastleThe Register

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Katie McCaffertyMicrosoft Security Blog

Worried About the Exchange Zero-Day? Here's What to Do

Dark Reading Staff, Dark ReadingDark Reading - Threat Intelligence

Friday Squid Blogging: Breeding the Oval Squid

Bruce SchneierSchneier on Security

The Challenge of Cracking Irans Internet Blockade

Lily Hay NewmanWired

LA School District Ransomware Attackers Now Threaten to Leak Stolen Data

Becky Bracken, Editor, Dark ReadingDark Reading - Threat Intelligence

The Top 4 Mistakes in Security Programs to Avoid

Chris Kirk, Principal Cybersecurity Consultant, MicrosoftDark Reading - Threat Intelligence

Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here

Jai Vijayan, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Cybercriminals See Allure in BEC Attacks Over Ransomware

Robert Lemos, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack

Dark Reading Staff, Dark ReadingDark Reading - Threat Intelligence

Microsoft: Two New 0-Day Flaws in Exchange Server

BrianKrebsKrebs on Security

Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet

Tara Seals, Managing Editor, News, Dark ReadingDark Reading - Threat Intelligence

SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

Nathan Eddy, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

New Malware Families Found Targeting VMware ESXi Hypervisors

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Security Vulnerabilities in Covert CIA Websites

Bruce SchneierSchneier on Security

ESET Research into new attacks by Lazarus Week in security with Tony Anscombe

EditorESET

With the Software Supply Chain, You Can't Secure What You Don't Measure

Tomislav Pericin, Chief Software Architect & Co-Founder, ReversingLabsDark Reading - Threat Intelligence

Onyxia Raises $5M to Help Companies Proactively Manage Cybersecurity Risks Using AI

N/ADark Reading - Threat Intelligence

Cyber Attacks Against Middle East Governments Hide Malware in Windows logo

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Go Update iOS, Chrome, and HP Computers to Fix Serious Flaws

Kate O'FlahertyWired

New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Why Organisations Need Both EDR and NDR for Complete Network Protection

noreply@blogger.com (The Hacker News)The Hackers News

North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Amazonthemed campaigns of Lazarus in the Netherlands and Belgium

Peter KlnaiESET

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Microsoft warns of North Korean crew posing as LinkedIn recruiters

Laura DobbersteinThe Register

WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Stop us if you've heard this one before: Exchange Server zero-day being actively exploited

Simon SharwoodThe Register

Emulate Shellcode with Radare2

N/ASANS ICS

Ex-eBay execs jailed for cyberstalking web critics

Brandon VigliaroloThe Register

Cyera Survey Finds One in Three Respondents Want to Minimize Cloud Data Risk

N/ADark Reading - Threat Intelligence

Safous Adds Browser Isolation to Its Zero-Trust Network Access Service

N/ADark Reading - Threat Intelligence

Israel Cybersecurity Enterprise (ICE) Teams with CybeReady to Deliver World-Class Security Training

N/ADark Reading - Threat Intelligence

Aunalytics Launches Security Patching Platform as a Service

N/ADark Reading - Threat Intelligence

Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training

N/ADark Reading - Threat Intelligence

YouMail, Inc. and WMC Global Partner to Deliver Voice and SMS Phishing Disruption Services

N/ADark Reading - Threat Intelligence

Organizations Finding the Need for New Approaches on the Cybersecurity Front, CompTIA research reveals

N/ADark Reading - Threat Intelligence

Intel Hardens Confidential Computing With Project Amber Updates

Agam Shah, Contributing WriterDark Reading - Threat Intelligence

Latest Delinea Update Streamlines DevOps Security

N/ADark Reading - Threat Intelligence

KnowBe4 Simplifies Compliance Requirements for Healthcare Privacy

N/ADark Reading - Threat Intelligence

Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch

N/ADark Reading - Threat Intelligence

Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey

N/ADark Reading - Threat Intelligence

How CIA betrayed informants with shoddy front websites built for covert comms

Thomas ClaburnThe Register

Why the US Should Help Secure Mexican Infrastructure and What It Gets in Return

Daron Hartvigsen, Managing Director, StoneTurnDark Reading - Threat Intelligence

Pentagon is far too tight with its security bug bounties

Jessica Lyons HardcastleThe Register

Fake CISO Profiles on LinkedIn Target Fortune 500s

BrianKrebsKrebs on Security

The Country Where You Live Impacts Password Choices

Tara Seals, Managing Editor, News, Dark ReadingDark Reading - Threat Intelligence

Dangerous New Attack Technique Compromising VMware ESXi Hypervisors

Jai Vijayan, Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

3 Reasons Why BEC Scams Work in Real Estate

Kolawole Samuel Adebayo, Contributing WriterDark Reading - Threat Intelligence

How one product manager builds community at Microsoft Security

Christine BarrettMicrosoft Security Blog

ZINC weaponizing open-source software

Katie McCaffertyMicrosoft Security Blog

CSO perspective:Why a strong IAM strategy is key to an organizations cybersecurity approach

Christine BarrettMicrosoft Security Blog

A Matrix Update Will Patch Serious End-to-End Encryption Flaws

Dan Goodin, Ars TechnicaWired

(ISC) Recruits More Than 55,000 Cybersecurity Candidates in First 30 Days of New Programs to Address Workforce Gap

N/ADark Reading - Threat Intelligence

Capital One Phish Showcases Growing Bank-Brand Targeting Trend

Becky Bracken, Editor, Dark ReadingDark Reading - Threat Intelligence

Espionage Group Wields Steganographic Backdoor Against Govs, Stock Exchange

Elizabeth Montalbano, Contributor, Dark ReadingDark Reading - Threat Intelligence

Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data

Becky Bracken, Editor, Dark ReadingDark Reading - Threat Intelligence

Port 22

~ 3 Oct 2022 ~

Moody's turns up the heat on 'riskiest' sectors for cyberattacks

~ 2 Oct 2022 ~

New Pegasus Spyware Abuses Identified in Mexico

Stenography alert: Backdoor spyware stashed in Microsoft logo

Steganography alert: Backdoor spyware stashed in Microsoft logo

BlackCat malware lashes out at US defense IT contractor

A Visual Summary of SANS Blue Team Summit 2022

~ 1 Oct 2022 ~

Microsoft Exchange Server Has a Zero-Day Problem

Gone in a day: Ethical hackers say it would take mere hours to empty your network

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

~ 30 Sep 2022 ~

Worried About the Exchange Zero-Day? Here's What to Do

Friday Squid Blogging: Breeding the Oval Squid

The Challenge of Cracking Irans Internet Blockade

LA School District Ransomware Attackers Now Threaten to Leak Stolen Data

The Top 4 Mistakes in Security Programs to Avoid

Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here

Cybercriminals See Allure in BEC Attacks Over Ransomware

Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack

Microsoft: Two New 0-Day Flaws in Exchange Server

Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet

SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

New Malware Families Found Targeting VMware ESXi Hypervisors

Security Vulnerabilities in Covert CIA Websites

ESET Research into new attacks by Lazarus Week in security with Tony Anscombe

With the Software Supply Chain, You Can't Secure What You Don't Measure

Onyxia Raises $5M to Help Companies Proactively Manage Cybersecurity Risks Using AI

Cyber Attacks Against Middle East Governments Hide Malware in Windows logo

Go Update iOS, Chrome, and HP Computers to Fix Serious Flaws

New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons

Why Organisations Need Both EDR and NDR for Complete Network Protection

North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks

Amazonthemed campaigns of Lazarus in the Netherlands and Belgium

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

Microsoft warns of North Korean crew posing as LinkedIn recruiters

WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation

Stop us if you've heard this one before: Exchange Server zero-day being actively exploited

Emulate Shellcode with Radare2

Ex-eBay execs jailed for cyberstalking web critics

Cyera Survey Finds One in Three Respondents Want to Minimize Cloud Data Risk

Safous Adds Browser Isolation to Its Zero-Trust Network Access Service

Israel Cybersecurity Enterprise (ICE) Teams with CybeReady to Deliver World-Class Security Training

~ 29 Sep 2022 ~

Aunalytics Launches Security Patching Platform as a Service

Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training

YouMail, Inc. and WMC Global Partner to Deliver Voice and SMS Phishing Disruption Services

Organizations Finding the Need for New Approaches on the Cybersecurity Front, CompTIA research reveals

Intel Hardens Confidential Computing With Project Amber Updates

Latest Delinea Update Streamlines DevOps Security

KnowBe4 Simplifies Compliance Requirements for Healthcare Privacy

Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch

Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey

How CIA betrayed informants with shoddy front websites built for covert comms

Why the US Should Help Secure Mexican Infrastructure and What It Gets in Return

Pentagon is far too tight with its security bug bounties

Fake CISO Profiles on LinkedIn Target Fortune 500s

The Country Where You Live Impacts Password Choices

Dangerous New Attack Technique Compromising VMware ESXi Hypervisors

3 Reasons Why BEC Scams Work in Real Estate

How one product manager builds community at Microsoft Security

ZINC weaponizing open-source software

CSO perspective:Why a strong IAM strategy is key to an organizations cybersecurity approach

A Matrix Update Will Patch Serious End-to-End Encryption Flaws

(ISC) Recruits More Than 55,000 Cybersecurity Candidates in First 30 Days of New Programs to Address Workforce Gap

Capital One Phish Showcases Growing Bank-Brand Targeting Trend

Espionage Group Wields Steganographic Backdoor Against Govs, Stock Exchange

Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware

XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data