Port 22

~ 5 Apr 2022 ~

Feds slay dark-web souk Hydra: Servers and $25m in crypto-coins seized

Microsoft Details New Security Features for Windows 11

Developers Increasingly Prioritize Secure Coding

New WatchGuard Threat Lab Report Shows Network Attacks at Highest Point Over Last Three Years

US State Department opens cyberspace policy bureau

'Human Behavior' Security Startup Nets $7M in Seed

Shutdown of Russia's Hydra Market Disrupts a Crypto-Crime ATM

The Record: The rise of high-tech despotism

How IP Data Can Help Security Professionals Protect Their Networks

Name That Edge Toon: In Deep Water

What We Can Learn From Lapsus$ Techniques

GitHub prevents leaks by scanning for secrets in pushed code

New security features for Windows 11 will help protect hybrid work

Cooler heads needed in heated E2EE debate, says think tank

FIN7 Morphs into a Broader, More Dangerous Cybercrime Group

How to Prepare for Cyber Threats During the Russian Invasion of Ukraine

Hackers Using Fake Police Data Requests against Tech Companies

NFTs Are a Privacy and Security Nightmare

LifePoint Informatics Patient Portal

Rockwell Automation ISaGRAF

Johnson Controls Metasys

:

PEACE THROUGH PEGASUS: Jordanian Human Rights Defenders and Journalists Hacked with Pegasus Spyware

Were going on Tor

Battling Cybersecurity Risk: How to Start Somewhere, Right Now

FIN7 Hackers Leveraging Password Reuse and Software Supply Chain Attacks

Testing, testing, testing: Why Red Teaming is a must for every CISO

Bank had no firewall license, intrusion or phishing protection guess the rest

Germany Shuts Down Russian Hydra DarkNet Market; Seize $25 Million in Bitcoin

Is API Security on Your Radar?

Researchers Trace Widespread Espionage Attacks Back to Chinese 'Cicada' Hackers

Hackers Breach Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams

Mailchimp: Crook stole cryptocurrency clients' mailing-list subscriber info

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965

CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability

~ 4 Apr 2022 ~

State Department Announces Bureau of Cyberspace and Digital Policy

Qualys Delivers Multi-Vector EDR 2.0 with Enhanced Prioritization to Quickly Surface the Most Critical Incidents

Citrix Modernizes Security to Accommodate Hybrid Work

Apple Gift Card Scammers Sentenced for Role in $1.5M Fraud

Millions of Installations Potentially Vulnerable to Spring Framework Flaw

Mandiant shareholder sues to block $5.4b Google deal

How Do I Decide Whether to Buy or Build in Security?

Beware of These 5 Tax Scams

Welcome to the Age of Zero Trust

Microsoft CRSP shares the ways human behavior affects compromise recovery

Borat RAT: Multiple threat of ransomware, DDoS and spyware

Spring4Shell (CVE-2022-22965): details and mitigations

Cybersecurity Mesh: IT's Answer to Cloud Security

Wyze Camera Vulnerability

How Explosions Actually Kill

Emma Sleep Company admits checkout cyber attack

Researchers Uncover New Android Spyware With C2 Server Linked to Turla Hackers

Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware

Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles

A Look Into ICS612: ICS Cybersecurity In-Depth: Part 2

Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums

Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers

~ 3 Apr 2022 ~

Blockchains Have a Bridge Problem, and Hackers Know It

~ 2 Apr 2022 ~

Crooks use fake emergency data requests to get personal info out of Big Tech report

Fake Cops Scammed Apple and Meta to Get User Data

~ 1 Apr 2022 ~

A Comprehensive Backup Strategy Includes SaaS Data, Source Code

15-Year-Old Bug in PEAR PHP Repository Could've Enabled Supply Chain Attacks

Apple's Zero-Day Woes Continue

British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group

Friday Squid Blogging: Squid Migration and Climate Change

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts

GitLab issues critical update after hard-coding passwords into accounts

NSA Employee Indicted for Sending Classified Data Outside the Agency

Week in security with Tony Anscombe

What You Need to Know About PCI DSS 4.0's New Requirements

More Than Ever, Security Matters

More charged in UK Lapsus$ investigation

Bypassing Two-Factor Authentication

Russia Inches Toward Its Splinternet Dream

Google: Russian credential thieves target NATO, Eastern European military

Cybersecurity survival tips for small businesses: 2022 edition

Modem-wiping malware caused Viasat satellite broadband outage

Defending the endpoint with AI

Russian Wiper Malware Responsible for Recent Cyberattack on Viasat KA-SAT Modems

National Security Agency employee indicted for leaking top secret info

Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code

Results Overview: 2022 MITRE ATT&CK Evaluation Wizard Spider and Sandworm Edition

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit

North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto

~ 31 Mar 2022 ~

Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks

Spring Fixes Zero-Day Vulnerability in Framework and Spring Boot

Apple emits macOS, iOS, iPadOS patches for 'exploited' security bugs

Ransomware: Should Companies Ever Pay Up?

Companies Going to Greater Lengths to Hire Cybersecurity Staff

Microsoft protects against human-operated ransomware across the full attack chain in the 2022 MITRE Engenuity ATT&CK Evaluations

Global BEC Crackdown Nets 65 Suspects

Apple Issues Patches for 2 Actively Exploited Zero-Days in iPhone, iPad and Mac Devices

U.S. Cyber Command Adds APUS as Member in Newly Formed Academic Network

3 strategies to launch an effective data governance plan

Patch now: RCE Spring4shell hits Java Spring framework

Protecting Your Organization Against a New Class of Cyber Threats: HEAT

Nvidia DGX systems prone to side channel, covert attacks

Nation-State Hackers Ramp Up Ukraine War-Themed Attacks