Port 22

~ 13 Apr 2022 ~

Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware

Taiwan, China square off over chip tech espionage laws

Microsoft Patch Tuesday, April 2022 Edition

Enemybot botnet uses Gafgyt source code with a sprinkling of Mirai

Identifying a Vulnerability in the SAP Software Supply Chain

Privacy and Security Analysis of the IATA Travel Pass Android App

Innovation and the Roots of Progress

Privacy and Security Analysis of the IATA Travel Pass Explained

Git for Windows issues update to fix running-someone-elses-code vuln

Russian Cyberattack against Ukrainian Power Grid Prevented

Russia Is Leaking Data Like a Sieve

Emotet modules and recent attacks

Webinar: How The Right XDR Can Be a Game-Changer for Lean Security Teams

Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers

Investment firm KKR buys Barracuda Networks

Huawei reportedly furloughs Russian staff and stops taking orders

Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware

Microsoft's huge Patch Tuesday includes fix for bug under attack

Intertrust Adds Security for IoT Devices in Zero-Trust Architectures to Intertrust Platform

Datto to be Acquired by Kaseya for $6.2 Billion

Criminal IP Cybersecurity Search Engine Launches First Beta Test

United States Leads Seizure of One of the Worlds Largest Hacker Forums and Arrests Administrator

FBI, Europol Seize RaidForums Hacker Forum and Arrest Admin

~ 12 Apr 2022 ~

Stolen-data market RaidForums taken down in domain seizure

Microsoft Plans Windows Auto-Update Service for Enterprises

Microsoft Patches Windows Flaw Under Attack and Reported by NSA

Russian Group Sandworm Foiled in Attempt to Disrupt Ukraine Power Grid

Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities

Cross-Regional Disaster Recovery with Elasticsearch

AWS fixes local file vuln on internal credential access for Relational Database Service

How Do I Conduct a Resilience Review?

Hardware-assisted security poised for growth, says Intel

RaidForums Gets Raided, Alleged Admin Arrested

80% of Software Codebases Contain at Least One Vulnerability

Can we solve the zero-day threat once and for all? No, but heres what we can do

Industrial cybersecurity group gathers lobbying force

Tarrask malware uses scheduled tasks for defense evasion

Russia's Sandworm Hackers Attempted a Third Blackout in Ukraine

John Oliver on Data Brokers

OpenSSH takes aim at 'capture now, decrypt later' quantum attacks

Building a Cybersecurity Mesh Architecture in the Real World

DuckDuckGos Privacy Browser Finally Lands on Desktop

Critical bug allows attacker to remotely control medical robot

Valmet DNA

Mitsubishi Electric MELSEC-Q Series C Controller Module

Inductive Automation Ignition

Mitsubishi Electric GT25-WLAN

Aethon TUG Home Base Server

Industroyer2: Industroyer reloaded

The State of Stalkerware in 2021

Singapore to license pentesters and managed infosec operators

Using AI to automate the Red Team

Defending the Endpoint with AI

HCL and HP named in unflattering audit of Indias biometric ID system

Critical LFI Vulnerability Reported in Hashnode Blogging Platform

Finding Attack Paths in Cloud Environments

EU Officials Reportedly Targeted with Israeli Pegasus Spyware

NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation

Google Sues Scammer for Running 'Puppy Fraud Scheme' Website

~ 11 Apr 2022 ~

Google, GitHub Collaboration Focuses on Securing Code Build Processes

European officials reportedly targeted by NSO spyware

Former DHS Acting IT Chief Convicted in Software, Database Theft Scheme

In Appreciation: Mike Murray

Over 16,500 Sites Hacked to Distribute Malware via Web Redirect Service

Imprivata Acquires SecureLink to Deliver a Single-Vendor Platform to Manage and Secure All Enterprise and Third-Party Digital Identities

SafeGuard Cyber Provides Security Advice for Defending Against Browser-in-the-Browser (BitB) Attacks

Attackers exploit Spring4Shell flaw to let loose the Mirai botnet

10 Signs of a Good Security Leader

There are few guarantees when it comes to ransomware, except that youre a target

Learn the latest cybersecurity techniques at the Microsoft Security Summit

Identity access management has a new price: $6.9 billion

Double-Your-Crypto Scams Share Crypto Scam Host

Creating a Security Culture Where People Can Admit Mistakes

Going Passwordless? Here Are 6 Steps to Get Started

De-anonymizing Bitcoin

Google Play pulls sneaky data-harvesting apps with 46m+ downloads

The Tricky Aftermath of Source Code Leaks

Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild

Building an Internal Red Team? Go Purple First

~ 10 Apr 2022 ~

Microsoft's New Autopatch Feature to Help Businesses Keep Their Systems Up-to-Date

~ 9 Apr 2022 ~

TSAs Terrorist Watch List Comes for Amtrak Passengers

Finnish govt websites knocked down as Ukraine President addresses MPs

~ 8 Apr 2022 ~

Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware

Friday Squid Blogging: Do Squid Have Emotions?

Google Removes Dangerous Banking Malware From Play Store

Microsoft Sinkholes Russian Hacking Group's Domains Targeting Ukraine

Microsoft dogs Strontium domains to stop attacks on Ukraine

BakerHostetler Launches 2022 Data Security Incident Response Report Resilience And Perseverance

Software-as-a-Service Rules the Cloud

How Russia's Invasion Triggered a US Crackdown on Its Hackers

Zero days are for life, not just for Christmas. Heres how to deal with them

ByteChek Founder AJ Yawn Brings Discipline to Everything He Does

Security Nihilism Is Putting Your Company and Its Employees at Risk

Week in security with Tony Anscombe

WatchGuard Didn't Explicitly Disclose a Flaw Exploited by Hackers

AirTags Are Used for Stalking Far More than Previously Reported

Chinese Hacker Groups Continue to Target Indian Power Grid Assets

Researchers Connect BlackCat Ransomware with Past BlackMatter Malware Activity

China accused of cyberattacks on Indian power grid

Ukrainian FIN7 Hacker Gets 5-Year Sentence in the United States