Port 22

~ 6 Jan 2022 ~

Omron CX-One

Fernhill SCADA

IDEC PLCs

North Korean Hackers Start New Year with Attacks on Russian Foreign Ministry

NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance

New Trick Could Let Malware Fake iPhone Shutdown to Spy on Users Secretly

~ 5 Jan 2022 ~

You better have patched those Log4j holes or we'll see what a judge has to say FTC

VMware Patches Important Bug Affecting ESXi, Workstation and Fusion Products

New Attack Campaign Exploits Microsoft Signature Verification

Google Releases New Chrome Update to Patch Dozens of New Browser Vulnerabilities

NY AG: 1.1M Online Consumer Accounts Found Compromised in Credential-Stuffing Attacks

FTC: Companies Could Face Legal Action for Failing to Patch Log4j

US Army journal's top paper from 2021 says Taiwan should destroy TSMC if China invades

Which Cloud Strategy Is Right For My Organization's Security Needs?

Why We Need To Reframe the False-Positive Problem

Remember Norton 360's bundled cryptominer? Irritated folk realise Ethereum app is tricky to delete

Putting Ransomware Gangs Out of Business With AI

The World Is Increasingly Controlled and Transformed by Algorithms

More Russian Cyber Operations against Ukraine

Windows giant seeks Pluton-ic relationship with chip maker: AMD first out of the gates with Microsoft's security processor

Hackers Are Exploiting a Flaw Microsoft Fixed 9 Years Ago

5 ways hackers steal passwords (and how to stop them)

CredNinja Test Credential Validity of Dumped Credentials or Hashes

CredNinja Test Credential Validity of Dumped Credentials or Hashes

CredNinja Test Credential Validity of Dumped Credentials or Hashes

How ransomware gangs went pro

Researchers Uncover Hacker Group Behind Organized Financial-Theft Operation

New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification

~ 4 Jan 2022 ~

CrowdStrike Incorporates Intel CPU Telemetry into Falcon Sensor

Hackers Target Real Estate Websites with Skimmer in Latest Supply Chain Attack

McMenamins Breach Affected 23 Years of Employee Data

Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells

Google Buys Siemplify to Get Ahead in Cloud Security

Microsoft Warns of Continued Attacks Exploiting Apache Log4j Vulnerabilities

Mobile Application Security: 2021's Breaches

SlimPay fined 180k after 12 million customers' bank data publicly accessible for 5 years

What you need to know about how cryptography impacts your security strategy

Vinnie Liu Has a Mission: Keeping People Safe Online and Offline

Why CIOs Should Report to CISOs

Log4j Remediation Rules Now Available for WhiteSource Renovate and Enterprise

Palo Alto Networks Appoints Helmut Reisinger to Leadership Team

John Edwards takes the reins at the UK's data protection watchdog

Instagram and teens: A quick guide for parents to keep their kids safe

SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts

Researchers Detail New HomeKit 'doorLock' Bug Affecting Apple iOS

~ 3 Jan 2022 ~

Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware

CISOs Plan What to Buy With Funds From the Infrastructure Bill

Florida's Broward Health Confirms October 2021 Breach

Pathr.ai Reaffirms Position as Privacy-Centric Solution for Retailers with Spatial Intelligence Platform

Log4j Highlights Need for Better Handle on Software Dependencies

Name That Edge Toon: In Your Face!

Creating the Next Generation of Secure Developers

6 Ways to Delete Yourself From the Internet

Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022

Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations

Are Medical Devices at Risk of Ransomware Attacks?

~ 2 Jan 2022 ~

Microsoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service

~ 31 Dec 2021 ~

Friday Squid Blogging: Deep-Dwelling Squid

Adding Resiliency to BGP Avoids Network Outages, Data Loss

Apple AirTags Are Being Used to Track People and Cars

~ 30 Dec 2021 ~

Getting Started With Threat-Informed Security Programs

Zero Trust and Access: Protecting the Keys to the Kingdom

In the Fight Against Cybercrime, Takedowns Are Only Temporary

22 cybersecurity statistics to know for 2022

New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping Attacks

Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution

~ 29 Dec 2021 ~

Happy 12th Birthday, KrebsOnSecurity.com!

assetfinder Find Related Domains and Subdomains

assetfinder Find Related Domains and Subdomains

assetfinder Find Related Domains and Subdomains

Why Cyber Due Diligence Is Essential to the M&A Process

7 Steps for Navigating a Zero-Trust Journey

Ongoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics

~ 28 Dec 2021 ~

The Log4j Flaw Will Take Years to be Fully Addressed

New Apache Log4j Update Released to Patch Newly Discovered Vulnerability

After Google's Landmark Settlement, How Ad Networks Should Tackle Child Privacy

AV-Comparatives Reveals Results of Long-Term Tests of 19 Leading Endpoint Security Solutions

An Adaptive Security Strategy Is Critical for Stopping Advanced Attacks

A Year in Microsoft Bugs: The Most Critical, Overlooked & Hard to Patch

Experts Detail Logging Tool of DanderSpritz Framework Used by Equation Group Hackers

~ 27 Dec 2021 ~

How Do I Reduce the Risk of An Insider Threat?

The CISO as Sustaining Force: Helping InfoSec Staff Beat Burnout

6 Security-Tech Innovations We're Excited to See in 2022

2021 in review: The biggest cybersecurity stories of the year

PECB Certified Lead Ethical Hacker: Take Your Career to the Next Level

New Android Malware Targeting Brazil's ItaUnibanco Bank Customers

Garrett Walk-Through Metal Detectors Can Be Hacked Remotely

'Spider-Man: No Way Home' Pirated Downloads Contain Crypto-Mining Malware

New Android Malware Targeting Brazil's ItaUnibanco Bank Customers

~ 24 Dec 2021 ~

Friday Squid Blogging: Squid-Headed Statue Appears in Dallas

Log4j: A CISO's Practical Advice

The Worst Hacks of 2021

Four years: thats how long Azures App Service had a source code leak bug

Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security

New Ransomware Variants Flourish Amid Law Enforcement Actions

New BLISTER Malware Using Code Signing Certificates to Evade Detection

~ 23 Dec 2021 ~

The Future of Work Has Changed, and Your Security Mindset Needs to Follow

7 of the Most Impactful Cybersecurity Incidents of 2021

Moxa MGate Protocol Gateways

Johnson Controls exacq Enterprise Manager