Port 22

~ 15 Dec 2021 ~

Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft

Companies Must Assess Threats to AI & ML Systems in 2022: Microsoft

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

Dept. of Homeland Security Launches 'Hack DHS' Program

US lawmakers want to put NSO Group, 3 other spyware makers out of business with fresh severe sanctions

Analysis: Log4j Vulnerability Highlights the Value of Defense-in-Depth, Accurate Inventory

Meta Expands Bug-Bounty Program to Include Data Scraping

Cybereason Announces Availability of AI-Driven Cybereason XDR and EDR on Google Cloud Marketplace

Kroll Acquires Security Compass Advisory

What every business leader needs to know about Log4Shell

Privacy and Safety Issues With Facebook's New 'Metaventure'

Google Warns That NSO Hacking Is On Par With Elite Spy Groups

What Are the Pros and Cons of a SASE Architecture?

The final report on NOBELIUMs unprecedented nation-state attack

Why We Need "Developer-First" Application Security

Pen Test Partners: Anyone could view Gumtree users' GPS location by pressing F12

Why Cloud Storage Isn't Immune to Ransomware

Kryptowire Collaborates With Orange and Finds Vulnerabilities in Mobile Devices

The Biggest Deepfake Abuse Site Is Growing in Disturbing Ways

The dirty dozen of Latin America: From Amavaldo to Zumanek

Kaspersky Managed Detection and Response: interesting cases

Kaspersky Security Bulletin 2021. Statistics

Facebook to Pay Hackers for Reporting Data Scraping Bugs and Scraped Datasets

Cynet's MDR Offers Organizations Continuous Security Oversight

Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials

Microsoft closes installer hole abused by Emotet malware, Google splats Chrome bug exploited in the wild

Cisco's Ash Devata on Securing the Hybrid Workforce With Zero Trust

How to Use Phishing Benchmarks Effectively to Assess Your Program

expert-guide-reviewing-SOC2-reports

cloud-security-monitoring-threat-detection-5-day

cloud-security-monitoring-threat-detection-5-day

A Look Into ICS612: ICS Cybersecurity In-Depth: Part 1

~ 14 Dec 2021 ~

Tufin Introduces Security Policy Builder (SPB) App to Marketplace

Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws

Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16

Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware

Propane Gas Distributor Hit With Ransomware

Ransomware Hits Virginia Legislative Agencies

Microsoft Patch Tuesday, December 2021 Edition

Tool Overload & Attack Surface Expansion Plague SOCs

Microsoft Patches Zero-Day Spreading Emotet Malware

Second Log4j Vulnerability (CVE-2021-45046) Discovered New Patch Released

Upcoming Speaking Engagements

You may have cracked serverless development, but its almost certain you havent solved serverless security

Source Code Leaks: The Real Problem Nobody Is Paying Attention To

Popular password manager LastPass to be spun out from LogMeIn

Your guide to mobile digital forensics

MPs charged with analysing Online Safety Bill say end-to-end encryption should be called out as 'specific risk factor'

On the Log4j Vulnerability

Combat Misinformation by Getting Back to Security Basics

5 warning signs your identity has been stolen

Advantech R-SeeNet

Schneider Electric Rack PDU

Owowa: the add-on that turns your OWA into a credential stealer and remote access panel

Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware

How Extended Security Posture Management Optimizes Your Security Stack

Inside Irelands Public Healthcare Ransomware Scare

The Log4J Vulnerability Will Haunt the Internet for Years

XDR: What It Is, What It Isn't

SANS Top 10 Most Popular Free Resources

~ 13 Dec 2021 ~

Ransomware Affiliate Arrested in Romania; 51 Stolen Data Brokers Arrested in Ukraine

Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums

Why Classifying Ransomware as a National Security Threat Matters

Log4j RCE latest: In case you hadn't noticed, this is Really Very Bad, exploited in the wild, needs urgent patching

How Do I Find My Servers With the Log4j Vulnerability?

Volvo Confirms R&D Data Stolen in Breach

Latest Apple iOS Update Patches Remote Jailbreak Exploit for iPhones

Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'

40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j

Bug-Bounty Programs Shift Focus to Most Critical Flaws

Update Google Chrome to Patch New Zero-Day Exploit Detected in the Wild

Log4Shell vulnerability: What we know so far

Name That Toon: Modern-Day Frosty

When disaster strikes, data recovery really is a race against time

Darktrace Reports Information Technology and Communications Sector Most Targeted by Cyberattackers in 2021

Kaspersky Opens Doors to New Transparency Center in North America

Is VPOTUS Bluetooth-phobic or sensible? The answer's pretty clear

2 Website Threats to Address for the Holiday Shopping Rush

Timekeeping biz Kronos hit by ransomware and warns customers to engage biz continuity plans

CVE-2021-44228 vulnerability in Apache Log4j library

NSO Groups Pegasus Spyware Used Against US State Department Officials

Identity Authentication Access Market Set to Hit $28.9B in 2021

Ooh, an update. Let's install it. What could possibly go wro-

Karakurt: A New Emerging Data Theft and Cyber Extortion Hacking Group

Top 3 SaaS Security Threats for 2022

Microsoft Details Building Blocks of Widely Active Qakbot Banking Trojan

What do you need to know about the log4j (Log4Shell) vulnerability?

~ 12 Dec 2021 ~

Apache Log4j Vulnerability Log4Shell Widely Under Active Attack

How to Guard Against Smishing Attacks on Your Phone

Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation

~ 11 Dec 2021 ~

US Wins Appeal to Extradite Julian Assange

What to Do While Waiting for the Log4J Updates

~ 10 Dec 2021 ~

Friday Squid Blogging: The Far Side Squid Comic

Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool

NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls

Irish Health Service ransomware attack happened after one staffer opened malware-ridden email

Russian National Sentenced for Role in Kelihos Botnet

Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk