Port 22

~ 31 Mar 2022 ~

Lazarus Trojanized DeFi app for delivering malware

Chrome Zero-Day from North Korea

The Last Cell Tower in Mariupol

Schneider Electric SCADAPack Workbench

Hitachi Energy e-mesh EMS

Fuji Electric Alpha5

Mitsubishi Electric FA Products

Rockwell Automation Logix Controllers

General Electric Renewable Energy MDS Radios

Rockwell Automation Studio 5000 Logix Designer

Expect 'long tail of cyber retaliation' from Russia for sanctions, says ExtraHop CEO

Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework

Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds

Cryptomining groups fight fiercely for cloud resources

New Python-based Ransomware Targeting JupyterLab Web Notebooks

Hackers Increasingly Using 'Browser in a Browser' Technique in Ukraine Related Attacks

UK spy boss warns China hopes Russia will help it take over tech standards

Russia, Iran, Saudi Arabia are top sources of online misinformation

Yale finance director ordered $40m in computers to resell on the sly

~ 30 Mar 2022 ~

Zlib crash-an-app bug finally squashed, 17 years later

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

Zero-Day Vulnerability Discovered in Java Spring Framework

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Device

A Sinister Way to Beat Multifactor Authentication Is on the Rise

CISA, DOE Warn of Attacks on Uninterruptible Power Supply (UPS) Devices

Ubiquiti sues Krebs on Security for defamation

Smart Cities: Secure by Design? It Takes a Village

Cybercriminals Fighting Over Cloud Workloads for Cryptomining

Viasat spills on the Russian attack, warns of continued risks

VMware Horizon platform pummeled by Log4j-fueled attacks

Cloud Security Architecture Needs to Be Strategic, Realistic, and Based on Risk

How Security Complexity Is Being Weaponized

Researchers Used a Decommissioned Satellite to Broadcast Hacker TV

Electric Vehicle DC charging tripped by a wireless hack

Stalking with an Apple Watch

How to Prevent the Next Log4j-Style Zero-Day Vulnerability

Women in tech: Unique insights from a lifelong pursuit of innovation

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread

UK Cyber Security Centre advises review of risk posed by Russian tech

Lapsus$ back? Researchers claim extortion gang attacked software consultancy Globant

Hondas Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

Improve Your Hacking Skills with 9 Python Courses for Just $39

Detailed: Critical hijacking bugs that took months to patch in Microsoft Azure Defender for IoT

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data

~ 29 Mar 2022 ~

Log4j Attacks Continue Unabated Against VMware Horizon Servers

CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices

Mutating Verblecon malware in illicit cryptomining ... so far

Understanding Private 5G LANs in the Enterprise

Precursor Malware is a Early Warning Sign for Ransomware

Private Equity Firm Led by Mnuchin Acquires Mobile Security Vendor Zimperium

Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances

CriticalStart Releases Enhanced Capabilities for Microsoft 365 Defender

Biden Requests Nearly $11B for Federal Cybersecurity Spending

Ransomware driving you to distraction? Heres how to recover

Forcing WhatsApp and iMessage to Work Together Is Doomed to Fail

Cyera Launches From Stealth With $60M to Identify, Secure, and Remediate Cloud Data Security Risks

Mnuchin's private equity firm buys security startup Zimperium for $525m

3 steps to secure your multicloud and hybrid infrastructure with Azure Arc

Ukraine security agency shutters Russian disinformation bot farms

Hackers Gaining Power of Subpoena Via Fake Emergency Data Requests

Exploring the Intersection of Physical Security and Cybersecurity

A Detailed Look at the Conti Ransomware Gang

Stop Tracking Your Loved Ones

Cybercrooks target students with fake job opportunities

Philips e-Alert

Rockwell Automation ISaGRAF

Omron CX-Position

Hitachi Energy LinkOne WebView

Modbus Tools Modbus Slave

Europes quest for energy independence and how cyberrisks come into play

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials

Privid: A Privacy-Preserving Surveillance Video Analytics System

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation

New Malware Loader 'Verblecon' Infects Hacked PCs with Cryptocurrency Miners

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation

IcedID malware, in the hijacked email thread, with the insecure Exchange servers

A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages

New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack

Low-Code/No-Code Tools Are Popular, But Untrusted

~ 28 Mar 2022 ~

Zero-Day Surge Led to More Rapid Exploitation of Bugs in 2021

Triton Malware Still Targeting Energy Firms

New Lapsus$ Hack Documents Make Oktas Response Look More Bizarre

Sophos fixes critical hijack flaw in firewall offering

Google Chrome, Microsoft Edge patched in race against exploitation

The Future of Digital Cash Is Not on the Blockchain

Vodafone Portugal: The Attack on Brand Reputations and Public Confidence Through Cybercrime

China APT group using Russia invasion, COVID-19 in phishing attacks

Security's Life Cycle Isn't the Developers' Life Cycle

Triton malware still a threat to energy sector, FBI warns

The first step to data privacy is admitting you have a problem, Google

Under the hood of Wslinks multilayered virtual machine

Will Chinese giants defy US sanctions on Russia? We asked a ZTE whistleblower

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

Of Cybercriminals and IP Addresses

Okta acknowledges 'mistake' in handling of Lapsus$ attack

'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks

Warnings of Impending Russian Cyberattacks: What to Do Now to Harden Your Systems

Kaspersky, China Telecom, China Mobile named 'threats to US national security'

~ 27 Mar 2022 ~

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

~ 26 Mar 2022 ~

Hunt for Lapsus$ Hackers Leads to a British Teen