Port 22

~ 21 Jan 2022 ~

Fraud Is On the Rise, and It's Going to Get Worse

REvil Ransomware Gang Arrests Trigger Uncertainty, Concern in Cybercrime Forums

Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks

Arm rages against the insecure chip machine with new Morello architecture

Looking Beyond Biden's Binding Security Directive

Crime Shop Sells Hacked Logins to Other Crime Shops

Celebrating 20 Years of Trustworthy Computing

Week in security with Tony Anscombe

Chinas Olympics App Is Horribly Insecure

Why should I pay for that security option? Hijacking only happens to planes

UK, Australia, to build 'network of liberty that will deter cyber attacks before they happen'

Japan's Supreme Court rules cryptojacking scripts are not malware

Russia's Putin out the idea of a broad cryptocurrency ban

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize Ukraine

~ 20 Jan 2022 ~

Biden Broadens NSA Oversight of National Security Systems

(ISC) Appoints Jon France, CISSP, as Chief Information Security Officer

Researchers Discover Dangerous Firmware-Level Rootkit

Crypto.com now says someone tried to drain $34m from hundreds of accounts

Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software

Automating Response Is a Marathon, Not a Sprint

Red Cross Hit via Third-Party Cyberattack

You're not a fan of Microsoft's Pluton TPM chip? Lenovo won't switch it on by default

Want to use Microsoft's Pluton chip? Up to you say PC makers, but it's opt-in for now

Enterprises Are Sailing Into a Perfect Storm of Cloud Risk

UK mulls making MSPs subject to mandatory security standards where they provide critical infrastructure

Build a stronger cybersecurity team through diversity and training

Privacy is for paedophiles, UK government seems to be saying while spending 500k demonising online chat encryption

4 Ways to Develop Your Team's Cyber Skills

'Now' would be the right time to patch Ubuntu container hosts and ditch 21.04 thanks to heap buffer overflow bug

Cisco's Kenna Security Research Shows the Relative Likelihood of an Organization Being Exploited

San Francisco Police Illegally Spying on Protesters

NortonLifeLock and Avast tie-up falls under UK competition regulator's spotlight

How to know if your email has been hacked

ICONICS and Mitsubishi Electric HMI SCADA

MoonBounce: the dark side of UEFI firmware

Red Cross forced to shutter family reunion service following cyberattack and data leak

Being Threat-Led is the answer. Your ISO certificate wont save you from a breach!

McAfee and FireEye rename themselves Trellix

Singapore gives banks two-week deadline to fix SMS security

Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

A Trip to the Dark Site Leak Sites Analyzed

Uncovering Windows Defender Real-time Protection History with DHParser

SANS DFIR courses - Justify your training

~ 19 Jan 2022 ~

DoNot Hacking Team Targeting Government and Military Entities in South Asia

FireEye & McAfee Enterprise Renamed as Trellix

What Happens to My Organization If APIs Are Compromised?

Nigerian Police Arrest 11 Individuals in BEC Crackdown

New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets

Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

Microsoft: Hackers Exploiting New SolarWinds Serv-U Bug Related to Log4j Attacks

Revamped Community-Based DDoS Defense Tool Improves Filtering

1Password Raises $620M Series C, Now Valued at $6.8B

Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

5 AI and Cybersecurity Predictions for 2022

When Patching Security Flaws, Smarter Trumps Faster

A Bug in iOS 15 Is Leaking User Browsing Activity in Real Time

Vulnerabilities and censorship tools among hot new features in Beijing's Olympics app

Cloud Adoption Widens the Cybersecurity Skills Gap

IRS Will Soon Require Selfies for Online Access

Europes Move Against Google Analytics Is Just the Beginning

LogPoint Releases LogPoint 7, Adding SOAR Capabilities Within SIEM

(ISC) Launches Entry-Level Cybersecurity Course

Preparing For the Next Cybersecurity Epidemic: Deepfakes

US mergers doubled in 2021 so FTC and DoJ seek new guidelines to stop illegal ones

Are Fake COVID Testing Sites Harvesting Data?

Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks

Cyber Threat Protection It All Starts with Visibility

Russian Hackers Heavily Using Malicious Traffic Direction System to Distribute Malware

FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks

~ 18 Jan 2022 ~

DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms

Cloud Identity Startup Permiso Launches With $10M Seed

Microsoft Details Recent Damaging Malware Attacks on Ukrainian Organizations

Ukraine: Recent Cyber Attacks Part of Wider Plot to Sabotage Critical Infrastructure

Researchers Explore Hacking VirusTotal to Find Stolen Credentials

End Users Remain Organizations' Biggest Security Risk

Take 'Urgent' Steps to Secure Systems From Damaging Attacks, CISA Says

Kaspersky Announces Takedown Service

Crypto.com acknowledges 'unauthorized activity' on servers, maintains no funds have been lost

Kovrr Translates Cyber Risk into Business Impact with its Quantum Platform

Europol Shuts Down Popular Cybercriminal VPN Service

US Search for Vulnerabilities Drives 10x Increase in Bug Reports

Zero-Click Zoom Vulnerabilities Could Have Exposed Calls

International police shut down 15 server infrastructures as part of VPNLab.net's takedown

Name That Toon: Nowhere to Hide

5 Reasons Why M&A Is the Engine Driving Cybersecurity

More contractor pain: Parasol's sister firms, SJD Accountancy and Nixon Williams, confirm cyberattack

Singapore monetary authority threatens action on bank over widespread phishing scam

UK Government to Launch PR Campaign Undermining End-to-End Encryption

Why global DDoS protection is essential for Anycast networks

Microsoft patches the patch that broke VPNs, Hyper-V, and left servers in boot loops

DoNot Go! Do not respawn!

Cross-country Exposure: Analysis of the MY2022 Olympics app

Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts

Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service

Don't Use Public Wi-Fi Without DNS Filtering

Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors