Port 22

~ 24 Jan 2022 ~

How I hacked my friends PayPal account

Myanmar's military junta seeks ban on VPNs and digital currency

ZTNAs Address Requirements VPNs Cannot. Here's Why.

Australian Prime Minister's WeChat Shanghaied by Chinese patriots

Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' Scams

SOC 2 Trust Services Categories

ICS Cyber Resilience, Active Defense & Safety Series

~ 23 Jan 2022 ~

Emotet Now Using Unconventional IP Address Formats to Evade Detection

High-Severity Rust Programming Bug Could Lead to File, Directory Deletion

CFRipper CloudFormation Security Scanning & Audit Tool

CFRipper CloudFormation Security Scanning & Audit Tool

CFRipper CloudFormation Security Scanning & Audit Tool

Now Is a Good Time to Update Your Recovery Email Addresses

~ 22 Jan 2022 ~

Crypto.com Finally Admits It Lost $30 Million in a Hack

Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on Ukraine

Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure

IT Leaders Consider Security Tech a Part of Business Transformation

~ 21 Jan 2022 ~

Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes

Apple preps fix for Safari's web-history-leaking IndexedDB privacy bug

Friday Squid Blogging: Piglet Squid

Fraud Is On the Rise, and It's Going to Get Worse

REvil Ransomware Gang Arrests Trigger Uncertainty, Concern in Cybercrime Forums

Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks

Arm rages against the insecure chip machine with new Morello architecture

Looking Beyond Biden's Binding Security Directive

Crime Shop Sells Hacked Logins to Other Crime Shops

Celebrating 20 Years of Trustworthy Computing

Week in security with Tony Anscombe

Chinas Olympics App Is Horribly Insecure

Why should I pay for that security option? Hijacking only happens to planes

UK, Australia, to build 'network of liberty that will deter cyber attacks before they happen'

Japan's Supreme Court rules cryptojacking scripts are not malware

Russia's Putin out the idea of a broad cryptocurrency ban

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize Ukraine

~ 20 Jan 2022 ~

Biden Broadens NSA Oversight of National Security Systems

(ISC) Appoints Jon France, CISSP, as Chief Information Security Officer

Researchers Discover Dangerous Firmware-Level Rootkit

Crypto.com now says someone tried to drain $34m from hundreds of accounts

Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software

Automating Response Is a Marathon, Not a Sprint

Red Cross Hit via Third-Party Cyberattack

You're not a fan of Microsoft's Pluton TPM chip? Lenovo won't switch it on by default

Want to use Microsoft's Pluton chip? Up to you say PC makers, but it's opt-in for now

Enterprises Are Sailing Into a Perfect Storm of Cloud Risk

UK mulls making MSPs subject to mandatory security standards where they provide critical infrastructure

Build a stronger cybersecurity team through diversity and training

Privacy is for paedophiles, UK government seems to be saying while spending 500k demonising online chat encryption

4 Ways to Develop Your Team's Cyber Skills

'Now' would be the right time to patch Ubuntu container hosts and ditch 21.04 thanks to heap buffer overflow bug

Cisco's Kenna Security Research Shows the Relative Likelihood of an Organization Being Exploited

San Francisco Police Illegally Spying on Protesters

NortonLifeLock and Avast tie-up falls under UK competition regulator's spotlight

How to know if your email has been hacked

ICONICS and Mitsubishi Electric HMI SCADA

MoonBounce: the dark side of UEFI firmware

Red Cross forced to shutter family reunion service following cyberattack and data leak

Being Threat-Led is the answer. Your ISO certificate wont save you from a breach!

McAfee and FireEye rename themselves Trellix

Singapore gives banks two-week deadline to fix SMS security

Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

A Trip to the Dark Site Leak Sites Analyzed

Uncovering Windows Defender Real-time Protection History with DHParser

SANS DFIR courses - Justify your training

~ 19 Jan 2022 ~

DoNot Hacking Team Targeting Government and Military Entities in South Asia

FireEye & McAfee Enterprise Renamed as Trellix

What Happens to My Organization If APIs Are Compromised?

Nigerian Police Arrest 11 Individuals in BEC Crackdown

New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets

Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

Microsoft: Hackers Exploiting New SolarWinds Serv-U Bug Related to Log4j Attacks

Revamped Community-Based DDoS Defense Tool Improves Filtering

1Password Raises $620M Series C, Now Valued at $6.8B

Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

5 AI and Cybersecurity Predictions for 2022

When Patching Security Flaws, Smarter Trumps Faster

A Bug in iOS 15 Is Leaking User Browsing Activity in Real Time

Vulnerabilities and censorship tools among hot new features in Beijing's Olympics app

Cloud Adoption Widens the Cybersecurity Skills Gap

IRS Will Soon Require Selfies for Online Access

Europes Move Against Google Analytics Is Just the Beginning

LogPoint Releases LogPoint 7, Adding SOAR Capabilities Within SIEM

(ISC) Launches Entry-Level Cybersecurity Course

Preparing For the Next Cybersecurity Epidemic: Deepfakes

US mergers doubled in 2021 so FTC and DoJ seek new guidelines to stop illegal ones

Are Fake COVID Testing Sites Harvesting Data?

Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks

Cyber Threat Protection It All Starts with Visibility

Russian Hackers Heavily Using Malicious Traffic Direction System to Distribute Malware

FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks

~ 18 Jan 2022 ~

DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms

Cloud Identity Startup Permiso Launches With $10M Seed

Microsoft Details Recent Damaging Malware Attacks on Ukrainian Organizations

Ukraine: Recent Cyber Attacks Part of Wider Plot to Sabotage Critical Infrastructure

Researchers Explore Hacking VirusTotal to Find Stolen Credentials

End Users Remain Organizations' Biggest Security Risk

Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says

Kaspersky Announces Takedown Service

Crypto.com acknowledges 'unauthorized activity' on servers, maintains no funds have been lost