Port 22

~ 22 Nov 2021 ~

Crypto Means Cryptography, not Cryptocurrency

Turbine maker Vestas Wind Systems admits to cyber incident, refuses to confirm if ransomware is at play

Nigeria's central bank digital currency is 'same Naira, more possibilities' if you count government snooping

What to do if you receive a data breach notice

Black Friday 2021: How to Have a Scam-Free Shopping Day

A tiny typo in an automated email to thousands of customers turns out to be a big problem for legal

After four bans, TikTok finally passes the Pakistan challenge

New Golang-based Linux Malware Targeting eCommerce Websites

Amazon India execs charged after sellers allegedly use site to smuggle marijuana

Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns

Shopping Safely Online over the Holidays

~ 21 Nov 2021 ~

Facebook Postpones Plans for E2E Encryption in Messenger, Instagram Until 2023

~ 20 Nov 2021 ~

A Canadian Teen Was Arrested in a $36.5M SIM-Swap Heist

RedCurl Corporate Espionage Hackers Return With Updated Hacking Tools

North Korean Hackers Found Behind a Range of Credential Theft Campaigns

~ 19 Nov 2021 ~

US Banks Will Be Required to Report Cyberattacks Within 36 Hours

Friday Squid Blogging: Bigfin Squid Captured on Video

The Zelle Fraud Scam: How it Works, How to Fight Back

3 Takeaways from the Gartner Risk Management Summit

Join us at InfoSec Jupyterthon 2021

Week in security with Tony Anscombe

To Beat Ransomware, Apply Zero Trust to Servers Too

Zero Trust: An Answer to the Ransomware Menace?

New Rowhammer Technique

Iranian Hackers Are Going After US Critical Infrastructure

CYBERWARCON Foreign influence operations grow up

Locked Out of God Mode, Runners Hack Their Treadmills

US Indicts Iranian Nationals for Cyber-Enabled Election Interference

Defending critical infrastructure: The status quo isnt working

11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells

U.S. Charged 2 Iranian Hackers for Threatening Voters During 2020 Presidential Election

Search CT Logs for Misconfigured SSL Certificates

Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure

FBI Issues Flash Alert on Actively Exploited FatPipe VPN Zero-Day Bug

A Simple 5-Step Framework to Minimize the Risk of a Data Breach

Consequence-Driven ICS Risk Management

~ 18 Nov 2021 ~

Cloud Security Startup Lacework Gets a Boost With New $1.3B Funding

Canadian teen nabbed in $36.5M crypto heist possibly the biggest haul yet by a single individual

Microsoft Exchange Server Flaws Now Exploited for BEC Attacks

Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from Victims

Boffins find way to use a standard smartphone to find hidden spy cams

Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 US Presidential Election

How Iran Tried to Undermine the 2020 US Presidential Election

New Side Channel Attacks Re-Enable Serious DNS Cache Poisoning Attacks

North Korean Hacking Group Targets Diplomats, Forgoes Malware

California Pizza Kitchen Suffers Data Breach

Thousands of Firefox users accidentally commit login cookies on GitHub

Addressing the Low-Code Security Elephant in the Room

Microsoft named a Leader in IDC MarketScape for Modern Endpoint Security for Enterprise and Small and Midsize Businesses

Microsoft unpacks comprehensive security at Gartner and Forrester virtual events

US Government declassifies data to foster wouldbe defenders

Iranian targeting of IT sector on the rise

Swarm Intelligence May Be Just the Ticket for Improved Network & Device Security

Whats the biggest threat to your best-laid plans? Events, dear boy. Events

DuckDuckGo Wants to Stop Apps From Tracking You on Android

PerSwaysion Phishing Campaign Continues to Be an Active Threat for Organizations

Amazon's Dark Secret: It Has Failed to Protect Your Data

My bank account was in a shambles: The ordeal of an identity theft victim

Philips IntelliBridge EC 40 and EC 80 Hub

Philips Patient Information Center iX (PIC iX) and Efficia CM Series

Artificial Intelligence and Machine Learning, Cloud Computing, and 5G Will Be the Most Important Technologies in 2022, Says New IEEE Study

GBG Announces It Has Agreed to Acquire Acuant

Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models

How to Build a Security Awareness Training Program that Yields Measurable Results

Singaporean regulator punishes biggest-ever data breach: almost 5.9 million hotel customers' info exposed

~ 17 Nov 2021 ~

Microsoft Warns about 6 Iranian Hacking Groups Turning to Ransomware

Tech CEO Pleads to Wire Fraud in IP Address Scheme

CISA Releases Incident and Vulnerability Response Playbooks to Strengthen Cybersecurity for Federal Civilian Agencies

Sift Acquires Passwordless Authentication Pioneer Keyless to Provide Secure, Frictionless Authentication

Palo Alto Networks Delivers What's Next in Security at Ignite '21

Can I Have XDR Without EDR?

Cyber Conflict Between US and Iran Heats Up

Cybercriminals Contemplate 'Exploit-as-a-Service' Model

Cybercriminals are looking forward to 2022, so you need to plan your response now

5 Things ML Teams Should Know About Privacy and the GDPR

Adopting a Zero Trust approach throughout the lifecycle of data

Is XDR Overhyped?

How to Navigate the Mitigation of Deepfakes

Belarus Linked to Big European Disinformation Campaign

Another Intel Chip Flaw Puts a Slew of Gadgets at Risk

Is Microsoft Stealing Peoples Bookmarks?

UK government publishes guidance on security rules for tech takeovers

You wanna use GCHQ offshoot NCSC's threat intel feeds? Why not, say bosses

Advanced threat predictions for 2022

U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws

Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities

South Korean privacy watchdog apologises for violating privacy while mediating privacy lawsuit

Israel's Candiru Spyware Found Linked to Watering Hole Attacks in U.K and Middle East

On-Demand Webinar: Into the Cryptoverse

Team Cymru Acquires Amplicy

~ 16 Nov 2021 ~

Suppliers, Cloud Providers Can be a Threat to Enterprise Data

Facebook Bans Pakistani and Syrian Hacker Groups for Abusing its Platform

New Global Rackspace Technology Survey Underscores Rapid Pace of Cloud Adoption

Emotet Makes a Comeback

The inside story of ransomware repeatedly masquerading as a popular JS library for Roblox gamers

Cybercriminals Increasingly Employ Crypto-Mixers to Launder Stolen Profits

Lock up your Office macros: Emotet botnet back from the dead with Trickbot links

The Old Ways Arent Working: Lets Rethink OT Security

Protect against phishing with Attack Simulation Training in Microsoft Defender for Office 365

4 Considerations for Improving Cloud Security Hygiene