Port 22

~ 3 Aug 2021 ~

Russia tells UN it wants vast expansion of cybercrime offenses, plus network backdoors, online censorship

Do you have a grip on the lifecycle security of your AWS-deployed applications?

How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel

UK's Ministry of Defence coughs up bug bounties for public-facing web pentesting

France Cracked Down on Googles Ad Tech. Whats Next?

Paragon: Yet Another Cyberweapons Arms Manufacturer

Shopping for execs: ID management biz Okta poaches Google's veep of engineering to run product dev activities

Swisslog Healthcare Translogic PTS

Chinese Hackers Target Major Southeast Asian Telecom Companies

Research finds attack groups working for 'Chinese state interests' lurking in SE Asian telco networks since 2017

~ 2 Aug 2021 ~

Credit-card-stealing, backdoored packages found in Python's PyPI library hub

Nuisance call-blocking firm fined 170,000 for making almost 200,000 nuisance calls

New Normal Demands New Security Leadership Structure

The European Space Agency Launches Hackable Satellite

PwnedPiper vulns have potential to turn Swisslog's PTS hospital products into Swiss cheese, says Armis

Hospitals Still Use Pneumatic Tubesand They Can Be Hacked

On course for a good hacking

Huawei to America: You're not taking cyber-security seriously until you let China vouch for us

Zoom agrees to pay subscribers $25 to put its security SNAFUs behind it

PwnedPiper PTS Security Flaws Threaten 80% of Hospitals in the U.S.

New APT Hacking Group Targets Microsoft IIS Servers with ASP.NET Exploits

PyPI Python Package Repository Patches Critical Supply Chain Flaw

Solarmarker InfoStealer Malware Once Again Making its Way Into the Wild

~ 1 Aug 2021 ~

A Guide to RCS, and Why It Makes Texting So Much Better

~ 31 Jul 2021 ~

The Top 30 Cybersecurity Bugs Include Plenty of Usual Suspects

Sysadmins: Why not simply verify there's no backdoor in every program you install, and thus avoid any cyber-drama?

~ 30 Jul 2021 ~

Friday Squid Blogging: Squid Skin Is Naturally Anti-microbial

I Am Parting With My Crypto Library

Here's 30 servers Russian intelligence uses to fling malware at the West, beams RiskIQ

Week in security with Tony Anscombe

The Privacy Battle That Apple Isnt Fighting

Storing Encrypted Photos in Googles Cloud

Watch out for these scams, targeting Amazons customers

Malware and Trojans, but there's only one horse the boss man wants to hear about

We can't believe people use browsers to manage their passwords, says maker of password management tools

Experts Uncover Several C&C Servers Linked to WellMess Malware

Several Malicious Typosquatted Python Libraries Found On PyPI Repository

A New Wiper Malware Was Behind Recent Cyberattack On Iranian Train System

~ 29 Jul 2021 ~

Phony Call Centers Tricking Users Into Installing Ransomware and Data-Stealers

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

Leading cybersecurity agencies reveal list of most exploited vulnerabilities of the past 2 years

The Life Cycle of a Breached Database

Attack AI systems in Machine Learning Evasion Competition

Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and more

Spam is Chipotle's secret ingredient: Marketing email hijacked to dish up malware

Upcoming Android privacy changes include ability to blank advertising ID, and 'safety section' in Play store

BazaCall: Phony call centers lead to exfiltration and ransomware

AirDropped Gun Photo Causes Terrorist Scare

Phantom Warships Are Courting Chaos in Conflict Zones

Hitachi ABB Power Grids eSOMS

Wibu-Systems CodeMeter Runtime

APT trends report Q2 2021

Tackling the insider threat to the new hybrid workplace

Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs

Israeli authorities investigate NSO Group over Pegasus spyware abuse claims

Here's a list of the flaws Russia, China, Iran and pals exploit most often, say Five Eyes infosec agencies

'Woefully insufficient': Biden administration's assessment of critical infrastructure protection

Over 100 Taiwanese political figures' messages leaked outta LINE app

New Ransomware Gangs Haron and BlackMatter Emerge on Cybercrime Forums

Best Practices to Thwart Business Email Compromise (BEC) Attacks

New Android Malware Uses VNC to Spy and Steal Passwords from Victims

Top 30 Critical Security Vulnerabilities Most Exploited by Hackers

~ 28 Jul 2021 ~

Security breaches where working from home is involved are costlier, claims IBM report

Most Twitter users havent enabled 2FA yet, report reveals

Iranian state-backed hackers posed as flirty Scouser called Marcy to target workers in defence and aerospace

Zero Trust Adoption Report: How does your organization compare?

8 Security Tools to be Unveiled at Black Hat USA

Booking your next holiday? Watch out for these Airbnb scams

De-anonymization Story

DDoS attacks in Q2 2021

UK's National Cyber Security Centre needs its posh Westminster digs, says Cabinet Office, because of WannaCry

Google revamps bug bounty program

UBEL is the New Oscorp Android Credential Stealing Malware Active in the Wild

Biden warns 'real shooting war' will be sparked by severe cyber attack

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees

Tencent suspends signups to WeChat, citing 'security upgrade' and need to comply with Chinese laws

eBay ex-security boss sent down for 18 months for cyber-stalking, witness tampering

~ 27 Jul 2021 ~

Misconfigured Azure Blob at Raven Hengelsport exposed records of 246,000 anglers and took months to tackle, claim infosec researchers

Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam

Tech biz must tell us about more security breaches, says UK.gov as it ponders lowering report thresholds

Apple releases patch for zeroday flaw in iOS, iPadOS and macOS

A Controversial Tool Calls Out Vulnerabilities Across the Web

Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques

The Shapeshifting Cam Girl Rewriting the Rules of Porn

Compsci student walks off with $50,000 after bug bounty report blows gaping hole in Shopfiy software repos

Hiding Malware in ML Models

KUKA KR C4

Mitsubishi Electric GOT2000 series and GT SoftGOT2000

Geutebrck G-Cam E2 and G-Code

LCDS LAquis SCADA

Delta Electronics DIAScreen

New Bug Could Let Attackers Hijack Zimbra Server by Sending Malicious Email

It takes intuition and skill to find hidden evidence and hunt for elusive threats

Several Bugs Found in 3 Open-Source Software Used by Several Businesses

Hackers Turning to 'Exotic' Programming Languages for Malware Development

SSD belonging to Euro-cloud Scaleway was stolen from back of a truck, then turned up on YouTube

Apple patches zero-day vulnerability in iOS, iPadOS, macOS under active attack

Apple Releases Urgent 0-Day Bug Patch for Mac, iPhone and iPad Devices

~ 26 Jul 2021 ~

You, too, can be a Windows domain controller and do whatever you like, with this one weird WONTFIX trick