Port 22

~ 30 Aug 2021 ~

Excellent Write-up of the SolarWinds Security Breach

How Does MTA-STS Improve Your Email Security?

~ 29 Aug 2021 ~

6 Things You Need to Do to Prevent Getting Hacked

Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses

~ 28 Aug 2021 ~

California Man Stole 620,000 iCloud Photos in Search of Nudes

LockFile Ransomware Bypasses Protection Using Intermittent File Encryption

Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

~ 27 Aug 2021 ~

Explosion in Geofence Warrants Threatens Privacy Nationwide

Microsoft warns of widespread open redirection phishing attack which Defender can block, coincidentally

Friday Squid Blogging: Tentacle Doorknob

Slap on wrist for NCC Group over CREST exam-cheating scandal as infosec org agrees to rewrite NDAs and more

Week in security with Tony Anscombe

Details of the Recent T-Mobile Breach

Beyond the pandemic: Why are data breach costs at an alltime high?

Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years

Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

Azure's now-fixed Cosmos DB flaw could have been exploited to read, write any database

Critical Cosmos Database Flaw Affected Thousands of Microsoft Azure Customers

~ 26 Aug 2021 ~

A Bad Solar Storm Could Cause an 'Internet Apocalypse'

Widespread credential phishing campaign abuses open redirector links

Man impersonates Apple support, steals 620,000 photos from iCloud accounts

Interesting Privilege Escalation Vulnerability

Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000

Annke Network Video Recorder

Delta Electronics DIAEnergie

Delta Electronics DOPSoft

Surveillance tech company sues Police Digital Service over 'flawed' scoring of bids on 18m contract

Big tech proud as punch about cameos in Joe Biden's security theatre

Atlassian warns of critical Confluence flaw

The Increased Liability of Local In-home Propagation

F5 Releases Critical Security Patches for BIG-IP and BIG-IQ Devices

Israeli firm Bright Data named as enabler of Philippines government DDOS attacks on opposition groups

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access

VMware Issues Patches to Fix New Flaws Affecting Multiple Products

~ 25 Aug 2021 ~

Critical Flaw Discovered in Cisco APIC for Switches Patch Released

Man Robbed of 16 Bitcoin Sues Young Thieves Parents

The Stealthy iPhone Hacks That Apple Still Can't Stop

ProxyLogon flaw, evil emails, SQL injections used to open backdoors on Windows boxes

Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

Cybersecuritys next fight: How to protect employees from online harassment

Surveillance of the Internet Backbone

Preventing your Cloud 'Secrets' from Public Exposure: An IDE plugin solution

Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions

B.Braun Infusomat Pumps Could Let Attackers Remotely Alter Medication Dosages

New SideWalk Backdoor Targets U.S-based Computer Retail Business

~ 24 Aug 2021 ~

Fake Apple rep amasses 620,000+ stolen iCloud pics, vids in hunt for images of nude women to trade

Microsoft Power Apps misconfiguration exposes millions of records

The SideWalk may be as dangerous as the CROSSWALK

Proofpoint wins $14m from ex-VP and French email security rival in IP theft court battle

Hackers Could Up Medication Doses Through Infusion Pump Flaws

Hitachi ABB Power Grids TropOS

Hitachi ABB Power Grids Utility Retail Operations and CSB Products

Delta Electronics TPEditor

: Zero-Click NSO Group

Triada Trojan in WhatsApp MOD

From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits

Chinese auto-maker accused of altering data after fatal autonomous car accident

Modified Version of WhatsApp for Android Spotted Installing Triada Trojan

Bahraini Activists Targeted Using a New iPhone Zero-Day Exploit From NSO Group

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc

38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations

~ 23 Aug 2021 ~

Poly Network says it's got pretty much all of that $610m in stolen crypto-coins back

Razer to fix Windows installer that grants admin powers if you plug in a mouse

38 million records exposed by misconfigured Microsoft Power Apps. Redmond's advice? RTFM

Worried ransomware merchants know more about file storage than you do? You should be

How Vodafone Global Security Director creates an inclusive and secure workplace

38M Records Exposed OnlineIncluding Contact-Tracing Info

Gaming-related cyberthreats in 2020 and 2021

Navigating Vendor Risk Management as IT Professionals

Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems

Facebook sat on report that reveals most-shared post for months was questionable COVID story

~ 22 Aug 2021 ~

Microsoft Exchange Under Attack With ProxyShell Flaws; Over 1900 Servers Hacked!

~ 21 Aug 2021 ~

Hackers Stole Over $90M From Japan's Liquid Crypto Exchange

~ 20 Aug 2021 ~

Friday Squid Blogging: On Squid Brains

Google Docs Scams Still Pose a Threat

Apples Photo-Scanning Plan Sparks Outcry From Policy Groups

Week in security with Tony Anscombe

Hackers swipe almost $100 million from major cryptocurrency exchange

More on Apples iPhone Backdoor

Cloud load balancer snafu leads to 3D printer user printing on a stranger's kit

Cloud load balancer snafu leads to 3D printer user printing on a stranger's kit

UK's Surveillance Camera Commissioner grills Hikvision on China human rights abuses

Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups

Cybercrime Group Asking Insiders for Help in Planting Ransomware

Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways

~ 19 Aug 2021 ~

Critical Flaw Found in Older Cisco Small Business Routers Won't Be Fixed

Apple's bright idea for CSAM scanning could start 'persecution on a global basis' 90+ civil rights groups

How to proactively defend against Mozi IoT botnet

Wanted: Disgruntled Employees to Deploy Ransomware

Automating security assessments using Cloud Katana

Buyout of British defence supplier Ultra Electronics paused by UK.gov over competition concerns

T-Mobile Data Breach

AVEVA SuiteLink Server

Are you, the customer, the one paying the ransomware demand?

Researchers Find New Evidence Linking Diavol Ransomware to TrickBot Gang

After reportedly dragging its feet, BlackBerry admits, yes, QNX in cars, equipment suffers from BadAlloc bug

~ 18 Aug 2021 ~

OK, so you stole $600m-plus from us, how about you be our Chief Security Advisor, Poly Network asks thief

China Aims Its Propaganda Firehose at the BBC