Port 22

GSM Traffic and Encryption: A5/1 Stream Cipher

/u/vasiliborodinReddit NetSec

Don't trust the Trusted Platform Module it may leak your VPN server's private key (depending on your configuration)

Thomas ClaburnThe Register

True to its name, Intel CPU flaw ZombieLoad comes shuffling back with new variant

Shaun NicholsThe Register

Don't miss this patch: Bad Intel drivers give hackers a backdoor to the Windows kernel

Shaun NicholsThe Register

Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings

Andy GreenbergWired

Microsoft Patches IE Zero-Day Among 74 Vulnerabilities

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

From AV to oy-vey: McAfee antivirus has security hole of its own

Shaun NicholsThe Register

As 5G Rolls Out, Troubling New Security Flaws Emerge

Lily Hay NewmanWired

Researchers Disclose New Vulnerabilities in Windows Drivers

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Exploiting CVE-2017-8295: Wordpress host header injection / auth bypass

/u/nextgensReddit NetSec

DDoS Attack Targets UK Labour Party Weeks Ahead of Election

Dark Reading StaffDark Reading - Threat Intelligence

Identifying and Arresting Ransomware Criminals

Bruce SchneierSchneier on Security

'Sophisticated' cyber attack on UK Labour Party platforms was probably just a DDoS, says official

Kat HallThe Register

150 infosec bods now know who they're up against thanks to BT Security cc/bcc snafu

Gareth CorfieldThe Register

Can regulations improve cybersecurity? In APAC, opinions vary

Amer OwaidaESET

Can regulations improve cybersecurity? In APAC, opinions vary

Amer OwaidaESET

Is Facebook Secretly Accessing Your iPhone's Camera? Some Users Claimed

noreply@blogger.com (Wang Wei)The Hackers News

GitHub - io12/pwninit: pwninit - automate starting binary exploit challenges

/u/blevy1Reddit NetSec

Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

noreply@blogger.com (Unknown)The Hackers News

Keylogging in Slack via CSS injection

/u/Fletch_to_99Reddit NetSec

Despite Windows BlueKeep exploitation freak-out, no one stepped on the gas with patching, say experts

Shaun NicholsThe Register

Back-2-school hacking: Kaspersky blames pesky script kiddies for rash of DDoS cyber hooliganism

John OatesThe Register

Researchers Find New Approach to Attacking Cloud Infrastructure

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

BrianKrebsKrebs on Security

First BlueKeep attacks prompt fresh warnings

Amer OwaidaESET

First BlueKeep attacks prompt fresh warnings

Amer OwaidaESET

If it sounds too good to be true, it most likely is: Nobody can decrypt the Dharma ransomware

Gareth CorfieldThe Register

Remote Code Execution on Windows UniFi Video Server

/u/securiferaReddit NetSec

Joker's Stash Puts $130M Price Tag on Credit Card Database

Dark Reading StaffDark Reading - Threat Intelligence

Dragon Sector CTF Writeup Looking Glass Challenge

/u/bugszbunnyReddit NetSec

Fooling Voice Assistants with Lasers

Bruce SchneierSchneier on Security

DDoS attacks in Q3 2019

Oleg KupreevSecure List

5 Security Processes You Shouldn't Overlook During M&A

Julie Cullivan Chief Technology and People Officer, Forescout TechnologiesDark Reading - Threat Intelligence

Hackers Breach ZoneAlarm's Forum Site Outdated vBulletin to Blame

noreply@blogger.com (Swati Khandelwal)The Hackers News

Hate hub hacked, Cisco bugs squished, Bluekeep attacks begin, and much, much more

Shaun NicholsThe Register

Creating a pocket pentest platform with P4wnP1: Part 1

/u/Ken_McnuttReddit NetSec

tfsec: Static analysis powered security scanner for your terraform code

/u/digicatReddit NetSec

Abusing HTTP hop-by-hop request headers

/u/FinoobReddit NetSec

Huge Data Leak Doxes Members of Notorious Neo-Nazi Forum

Brian BarrettWired

Analyzing Android's CVE-2019-2215 (/dev/binder UAF)

/u/PM_ME_YOUR_SHELLCODEReddit NetSec

Hack The Box - Jarvis Write-up by 0xRick

/u/Ahm3d_H3shamReddit NetSec

How Do We Bring Equality to Data Ownership and Usage?

Zak JasonWired

Cloudflare CEO Matthew Prince on the Struggles of Policing the Web

Lily Hay NewmanWired

Friday Squid Blogging: 80-Foot Steel Kraken Deliberately Sunk

Bruce SchneierSchneier on Security

How Not to Implement reCAPTCHA

/u/moviuroReddit NetSec

What Keeps NSA Cybersecurity Boss Anne Neuberger Up at Night

Lily Hay NewmanWired

GitHub - AbGuthrie/goquery: Provide a shell like interface by utilizing osquery's distributed API

/u/javutoReddit NetSec

WhatsApp Cofounder Brian Acton on Why Privacy Matters

Boone AshworthWired

Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

Gareth CorfieldThe Register

Week in security with Tony Anscombe

Tom FoltnESET

Week in security with Tony Anscombe

Tom FoltnESET

Crafting an EFI emulator

/u/ranokReddit NetSec

Hospital Cyberattacks Linked to Increase in Heart Attack Mortality

Dark Reading StaffDark Reading - Threat Intelligence

xHelper Malware for Android

Bruce SchneierSchneier on Security

Titanium: the Platinum group strikes again

AMRSecure List

We built network isolation for 1,500 services

/u/digicatReddit NetSec

The One Weird Trick SecureROM Hates POC2019 Slides (Checkra1n)

/u/SpecterDevReddit NetSec

Surveillance kit slinger accused of slapping 'Made in America' on Chinese gear, selling it to the US government

Shaun NicholsThe Register

What do you get when you allegedly mix Wireshark, a gumshoe child molester, and a court PC? A judge facing hacking charges

Shaun NicholsThe Register

Same-Origin Policy And Cross-Origin Resource Sharing (CORS) Intro

/u/jrkjared3Reddit NetSec

Two Former Twitter Employees Caught Spying On Users For Saudi Arabia

noreply@blogger.com (Swati Khandelwal)The Hackers News

Philips Tasy EMR (Update A)

Advisory DocumentICS-Cert Advisories

Why Many People Got Mysterious Valentines Day Texts Today

Louise MatsakisWired

This may shock you but Adobe is shipping insecure software. No, it's not Flash this time. Nope, not Acrobat, either

Thomas ClaburnThe Register

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

BrianKrebsKrebs on Security

Port 22

~ 12 Nov 2019 ~

GSM Traffic and Encryption: A5/1 Stream Cipher

Don't trust the Trusted Platform Module it may leak your VPN server's private key (depending on your configuration)

True to its name, Intel CPU flaw ZombieLoad comes shuffling back with new variant

Don't miss this patch: Bad Intel drivers give hackers a backdoor to the Windows kernel

Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings

Microsoft Patches IE Zero-Day Among 74 Vulnerabilities

From AV to oy-vey: McAfee antivirus has security hole of its own

As 5G Rolls Out, Troubling New Security Flaws Emerge

Researchers Disclose New Vulnerabilities in Windows Drivers

Exploiting CVE-2017-8295: Wordpress host header injection / auth bypass

DDoS Attack Targets UK Labour Party Weeks Ahead of Election

Identifying and Arresting Ransomware Criminals

'Sophisticated' cyber attack on UK Labour Party platforms was probably just a DDoS, says official

150 infosec bods now know who they're up against thanks to BT Security cc/bcc snafu

Can regulations improve cybersecurity? In APAC, opinions vary

Can regulations improve cybersecurity? In APAC, opinions vary

Is Facebook Secretly Accessing Your iPhone's Camera? Some Users Claimed

GitHub - io12/pwninit: pwninit - automate starting binary exploit challenges

~ 11 Nov 2019 ~

Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

Keylogging in Slack via CSS injection

Despite Windows BlueKeep exploitation freak-out, no one stepped on the gas with patching, say experts

Back-2-school hacking: Kaspersky blames pesky script kiddies for rash of DDoS cyber hooliganism

Researchers Find New Approach to Attacking Cloud Infrastructure

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

First BlueKeep attacks prompt fresh warnings

First BlueKeep attacks prompt fresh warnings

If it sounds too good to be true, it most likely is: Nobody can decrypt the Dharma ransomware

Remote Code Execution on Windows UniFi Video Server

Joker's Stash Puts $130M Price Tag on Credit Card Database

Dragon Sector CTF Writeup Looking Glass Challenge

Fooling Voice Assistants with Lasers

DDoS attacks in Q3 2019

5 Security Processes You Shouldn't Overlook During M&A

Hackers Breach ZoneAlarm's Forum Site Outdated vBulletin to Blame

Hate hub hacked, Cisco bugs squished, Bluekeep attacks begin, and much, much more

~ 10 Nov 2019 ~

Creating a pocket pentest platform with P4wnP1: Part 1

tfsec: Static analysis powered security scanner for your terraform code

Abusing HTTP hop-by-hop request headers

~ 9 Nov 2019 ~

Huge Data Leak Doxes Members of Notorious Neo-Nazi Forum

Analyzing Android's CVE-2019-2215 (/dev/binder UAF)

Hack The Box - Jarvis Write-up by 0xRick

How Do We Bring Equality to Data Ownership and Usage?

~ 8 Nov 2019 ~

Cloudflare CEO Matthew Prince on the Struggles of Policing the Web

Friday Squid Blogging: 80-Foot Steel Kraken Deliberately Sunk

How Not to Implement reCAPTCHA

What Keeps NSA Cybersecurity Boss Anne Neuberger Up at Night

GitHub - AbGuthrie/goquery: Provide a shell like interface by utilizing osquery's distributed API

WhatsApp Cofounder Brian Acton on Why Privacy Matters

Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

Week in security with Tony Anscombe

Week in security with Tony Anscombe

Crafting an EFI emulator

Hospital Cyberattacks Linked to Increase in Heart Attack Mortality

xHelper Malware for Android

Titanium: the Platinum group strikes again

We built network isolation for 1,500 services

The One Weird Trick SecureROM Hates POC2019 Slides (Checkra1n)

Surveillance kit slinger accused of slapping 'Made in America' on Chinese gear, selling it to the US government

What do you get when you allegedly mix Wireshark, a gumshoe child molester, and a court PC? A judge facing hacking charges

Same-Origin Policy And Cross-Origin Resource Sharing (CORS) Intro

~ 7 Nov 2019 ~

Two Former Twitter Employees Caught Spying On Users For Saudi Arabia

Philips Tasy EMR (Update A)

Why Many People Got Mysterious Valentines Day Texts Today

This may shock you but Adobe is shipping insecure software. No, it's not Flash this time. Nope, not Acrobat, either

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks