Port 22

~ 7 Oct 2021 ~

FontOnLake: Previously unknown malware family targeting Linux

FontOnLake: Previously unknown malware family targeting Linux

State-sponsored Chinese crims targeted India with tax and COVID phishing

Code Execution Bug Affects Yamale Python Package Used by Over 200 Projects

Penetration Testing Your AWS Environment - A CTO's Guide

New U.S. Government Initiative Holds Contractors Accountable for Cybersecurity

Apple Requires Devs to Make it Easy for Users to Delete 3rd-Party App Accounts

Securing Your Family in Today's Digital World

How to Banish SOC Analyst Burnout

A Visual Summary of SANS Threat Hunting Summit 2021

What the CEO Saw: Colonial Pipeline, Accellion Execs Share Cyberattack War Stories

~ 6 Oct 2021 ~

Twitch Suffers Massive 125GB Data and Source Code Leak Due to Server Misconfiguration

Cyber Security WEBINAR How to Ace Your InfoSec Board Deck

Swimlane Releases Low-Code Security Automation Platform

Space ISAC and NY Metro InfraGard Members Alliance Announce Collaboration to Advance the Mission of Cybersecurity in Space

5-Year Breach May Have Exposed Billions of Text Messages

MacOS Security: What Security Teams Should Know

Aerospace, Telecommunications Companies Victims of Stealthy Iranian Cyber-Espionage Campaign

How to Determine the Best Managed Cybersecurity Model for You

Are you making good progress with Kubernetes? Cybercriminals are progressing faster

Why Not Sharing Is Caring When It Comes to Cybersecurity

Google to turn on 2FA by default for 150 million users, 2 million YouTubers

Google to turn on 2FA by default for 150 million users, 2 million YouTubers

Amazon's Twitch Streaming Service Hacked, Sensitive Data Leaked

Running an Apache web server? You probably need to patch it. Now

Running a recent Apache web server version? You probably need to patch it. Now

Microsofts 5 guiding principles for decentralized identities

A Devastating Twitch Hack Sends Streamers Reeling

Optiv Rebrands as Cyber Advisory & Solutions Leader

Things that are not PogChamp: Twitch appearing to have its source code, streamer payout data leaked

Syniverse Hack

A Culture of Unity Is Key to Solving the Cyber Challenge

Element celebrates The Great Facebook Outage with a Signal bridge for Matrix

To the moon and hack: Fake SafeMoon app drops malware to spy on you

To the moon and hack: Fake SafeMoon app drops malware to spy on you

Iranian Hackers Abuse Dropbox in Cyberattacks Against Aerospace and Telecom Firms

Google to turn on 2-factor authentication by default for 150 million users

Google to auto-enroll 150m users, 2m YouTubers with two-factor authentication

Multiple Critical Flaws Discovered in Honeywell Experion PKS and ACE Controllers

~ 5 Oct 2021 ~

Mandiant Tackles Ransomware and Breaches With New Tools

Misconfigured Apache Airflow Platforms Threaten Organizations

Mandia Alerted NSA on FireEye's SolarWinds Breach

Google to Enable Two-Factor Authentication for 150M Users

Google to Enable Two-Factor Authentication for 150M More Users

Loss of Intellectual Property, Customer Data Pose Greatest Business Risks

Why Access Control Has Become an Important Front in the War Against Cybercrime

Practical tips on how to use application security testing and testing standards

CVE Data Is Often Misinterpreted: Here's What to Look For

Telegraph newspaper bares 10TB of subscriber data and server logs to world+dog

How to Get Your Family to Actually Use a Password Manager

Mitsubishi Electric GOT and Tension Controller

Emerson WirelessHART Gateway

Moxa MXview Network Management Software

Honeywell Experion PKS and ACE Controllers

Medtronic MiniMed MMT-500/MMT-503 Remote Controllers (Update A)

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

UEFI threats moving to the ESP: Introducing ESPecter bootkit

UEFI threats moving to the ESP: Introducing ESPecter bootkit

Apache Warns of Zero-Day Exploit in the Wild Patch You Web Servers Now!

New Study Links Seemingly Disparate Malware Attacks to Chinese Hackers

Ransomware Hackers Who Attacked Over 100 Companies Arrested in Ukraine

~ 4 Oct 2021 ~

Facebook Is Down

Windows 11 Available: What Security Pros Should Know

One Identity Acquires OneLogin to Boost Identity Security Portfolio

Why Facebook, Instagram, and WhatsApp All Went Down Today

Windows 11 offers chip to cloud protection to meet the new security challenges of hybrid work

New Atom Silo Ransomware Group Targets Confluence Servers

Law Enforcement Agencies Seize $375K in Ukraine Ransomware Bust

Lawsuit claims hospital ransomware infection cost baby her life

What Happened to Facebook, Instagram, & WhatsApp?

CISA Kicks Off Cybersecurity Awareness Month

Mandiant Confirms Name Change from FireEye, Inc. to Mandiant, Inc.

#BeCyberSmart: When we learn together, were more secure together

UK's 5bn National Cyber Force HQ to be sited in Lancashire beside Defence Secretary's constituency

Ukrainian cops cuff two over $150m ransomware gang allegations, seize $1.3m in cryptocurrency

Cheating on Tests

Name That Edge Toon: Mobile Monoliths

Top 5 Skills Modern SOC Teams Need to Succeed

Sir Tim Berners-Lee and the BBC stage a very British coup to rescue our data from Facebook and friends

Firewalls? Pfft it's no match for my mighty spares-bin PC

Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems

Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services

A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

The Shortfalls of Mean Time Metrics in Cybersecurity

The NEW ICS418 Course: Step Up, Step Over, In Place - ICS Security Essentials for Managers

~ 3 Oct 2021 ~

A Simple Bug Is Leaving AirTag Users Vulnerable to an Attack

~ 2 Oct 2021 ~

Help Might Finally Be on the Way to Fight SIM-Swap Attacks

~ 1 Oct 2021 ~

Friday Squid Blogging: Squid Game

Internet Archive's 2046 Wayforward Machine says Google will cease to exist

Companies Face Issues as Let's Encrypt Root Certificate Expires

Sure, you can do Kubernetes at scale. But can you do it securely too?

Why Windows Print Spooler Remains a Big Attack Target

That 'anti-NSO Pegasus spyware' download is actually a Trojan so don't touch it

4.6M Neiman Marcus Online Customers Alerted to Data Breach

Week in security with Tony Anscombe

Week in security with Tony Anscombe

CISA and Girls Who Code Partner to Create Career Pathways for Young Women

FCC Proposal Targets SIM Swapping, Port-Out Fraud

A Death Due to Ransomware

It's Time to Rethink Identity and Authentication