Port 22

~ 16 Nov 2021 ~

GitHub fixes authorisation vulnerability in the NPM JavaScript package registry

The importance of identity and Microsoft Azure Active Directory resilience

Ghostwriter Looks Like a Purely Russian OpExcept It's Not

Mozilla sprinkles Firefox Relay with Premium fairy dust

Evolving trends in Iranian threat actor activity MSTIC presentation at CyberWarCon 2021

Strategic web compromises in the Middle East with a pinch of Candiru

Not only MSPs: All cloudy firms are in line for UK security law crackdown

Navigating the Complexity of Today's Digital Supply Chain

Wire Fraud Scam Upgraded with Bitcoin

Why I Hate Password Rules

FATEK Automation WinProladder

Mitsubishi Electric GOT products

New Blacksmith Exploit Bypasses Current Rowhammer Attack Defenses

Intel's recent Atom, Celeron, Pentium chips can be lulled into a debug mode, potentially revealing system secrets

If cybercriminals cant see data because its encrypted, they have nothing to steal

China Telecom's US arm sues in last-ditch bid to retain license

Researchers Demonstrate New Way to Detect MITM Phishing Kits in the Wild

Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware

Chinese Communist Party official expelled for mining cryptocurrency

~ 15 Nov 2021 ~

The Troubling Rise of Internet Access Brokers

Immersive Labs Acquires Snap Labs to Power Cyber Simulations With New Depth and Realism

New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks

Trend Micro: 90% of IT Decision Makers Believe Organizations Compromise on Cybersecurity in Favor of Other Goals

MacOS Zero-Day Used in Watering-Hole Attacks

Norton Special Report Reveals Nearly 1 in 2 Gamers Have Experienced a Cyberattack

8 Tips To Keep in Mind for Ransomware Defense

6 Tips To Keep in Mind for Ransomware Defense

FBI Attributes Abuse of Its Email Account to Software 'Misconfiguration'

When the world ends, all that will be left are cockroaches and new Rowhammer attacks: RAM defenses broken again

Name That Toon: Cubicle for Four

SharkBot A New Android Trojan Stealing Banking and Cryptocurrency Accounts

3 Must-Know Technologies to Protect Your Hybrid Workforce

Book Sale: Click Here to Kill Everybody and Data and Goliath

America, when you're done hitting us with the ban hammer, see these on-prem Zoom bugs, says Positive

How Open Systems uses Microsoft tools to improve security maturity

FBI systems compromised to send out fake attack alerts

Email encryption should be a no-brainer, not a brain melter

How to Negotiate With Ransomware Attackers

AI-driven adaptive protection against human-operated ransomware

JupiterOne and Cisco Announce Launch of Secure Cloud Insights

Securing Your Smartphone

How Visibility Became the Lifeblood of SecOps and Business Success

There's something to be said for delayed gratification when Windows 11 is this full of bugs

Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic

FBI spams thousands after 'software misconfiguration'

North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro

How to Tackle SaaS Security Misconfigurations

SANS and TechVets partner to help veterans find their path in cybersecurity

A Visual Summary of SANS Pen Test HackFest Summit 2021

~ 14 Nov 2021 ~

FBI's Email System Hacked to Send Out Fake Cyber Security Alert to Thousands

Upcoming Speaking Engagements

~ 13 Nov 2021 ~

Hoax Email Blast Abused Poor Coding in FBI Website

Someone Snuck a Card Skimmer Into Costco to Nab Shopper Data

~ 12 Nov 2021 ~

MSPAlliance Leadership Council Forms Vendor Council to Address Managed Services Supply Chain Risk

BT to Deploy 'Epidemiological AI' Based on the Spread of Viruses in Humans to Combat Cyberattacks

Ankura Launches Brooklyn Cyber Center

Emerging Security Tools Tackle GraphQL Security

Friday Squid Blogging: Giant Squid Art

Open Source Project Aims to Detect Living-Off-the-Land Attacks

ChaosDB: Infosec bods could pull anyone's plaintext Azure Cosmos DB keys at will from Microsoft admin tools

Follow the Leaders: A Blueprint for Software Security Success

MacOS Zero-Day Used against Hong-Kong Activists

Week in security with Tony Anscombe

How to Hire and Retain Effective Threat Hunters

The Sneaky Way TikTok Is Connecting You to Real-Life Friends

In Appreciation: Alan Paller

Hackers Increasingly Using HTML Smuggling in Malware and Phishing Attacks

AMD reveals an EPYC 50 flaws 23 of them rated High severity. Intel has 25 problems, too

There's no Huawei back now - Biden signs Act that forbids US buyers acquiring kit on naughty list

~ 11 Nov 2021 ~

Philippines gov takes down passport application website amid privacy leak fears

'Lyceum' Threat Group Broadens Focus to ISPs

Abcbot A New Evolving Wormable Botnet Malware Targeting Linux

Google Open Sources ClusterFuzzLite

Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant

How Do I Know It's Time to Consider a SASE Migration?

Dutch newspaper accuses US spy agencies of orchestrating 2016 Booking.com breach

What Happens If Time Gets Hacked

Hackers Targeted Hong Kong Apple Devices in Widespread Attack

Cloud Attack Analysis Unearths Lessons for Security Pros

How to assess and improve the security culture of your business

If even tech leaders struggle with email encryption, are we all doomed?

Third-Party Software Risks Grow, but So Do Solutions

HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks

Palo Alto Networks patches 9.8 severity CVE in popular GlobalProtect product

Insider IP Theft Is Surging and Most Can't Stop It

Advice for Personal Digital Security

WECON PLC Editor

Multiple Data Distribution Service (DDS) Implementations

Siemens SIMATIC WinCC

Siemens Mendix

Siemens Mendix Studio Pro

Siemens SCALANCE W1750D

Siemens Nucleus RTOS-based APOGEE and TALON Products

Siemens NX OBJ Translator

When the alarms go off: 10key steps to take after adata breach

Siemens Climatix POL909

Siemens SENTRON powermanager

Researchers Uncover Hacker-for-Hire Group That's Active Since 2015

Malicious Chrome extensions are bad. But what about nice ones that can be hijacked? This new tool spots them

Ransomware: The ones that got away (with it)