Port 22

~ 21 Sep 2021 ~

Detection evasion in CLR and tips on how to detect such attacks

Unpatched High-Severity Vulnerability Affects Apple macOS Computers

Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug

Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffed

Youve trained at the cutting edge, heres how to keep your DFIR skills razor sharp

New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin

Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus?

~ 20 Sep 2021 ~

Does Your Organization Have a Security.txt File?

Open Source Software Projects Up Their Security Game but Face More Attacks

archTIS Acquires Cipherpoint Technology Assets and Customers

Apache OpenOffice can be hijacked by malicious documents, fix still in beta

10 Ways to Avoid Zero-Trust Failure

Google: New Privacy Feature Will Affect 'Billions' of Android Devices

F5 Networks to Buy Threat Stack

Ransomware recovery: Start getting back up before youre even hit

A guide to combatting human-operated ransomware: Part 1

White House Cybersecurity Summit: A Missed Opportunity

Europol Busts Major Crime Ring, Arrests Over 100 Online Fraudsters

A New Wave of Malware Attack Targeting Organizations in South America

Tick, tick, tick TikTok China just limited kids to 40 minutes' use each day

Why a Strong Security Culture?

What You Need to Know about CVE-2021-30860 aka FORCEDENTRY

Introducing the New Version of SANS ICS515 ICS Visibility, Detection, and Response

~ 19 Sep 2021 ~

Google to Auto-Reset Unused Android App Permissions for Billions of Devices

Numando: A New Banking Trojan Targeting Latin American Users

How to Set Up a NAS to Securely Share Files

~ 18 Sep 2021 ~

Former US Intelligence Operatives Admit They Hacked for UAE

Apple and Google Go Further Than Ever to Appease Russia

~ 17 Sep 2021 ~

Yes, of course there's now malware for Windows Subsystem for Linux

Arista, Cisco, Huawei, Juniper Networks, and Nokia Launch New MANRS Equipment Vendor Program to Improve Routing Security Worldwide

CISA to Host Fourth Annual National Cybersecurity Summit

How Should the CSO Work With the Chief Privacy Officer?

Friday Squid Blogging: Rams Horn Squid Shells

Mirai Botnet Exploiting OMIGOD Azure Vulnerability

International Insider Threat: DoJ Fines US Intel Officials Who Aided UAE

Week in security with Tony Anscombe

Week in security with Tony Anscombe

Something phishy: Tech recruiters jabbed by fake COVID-19 Passport scam

IoT 'Nutrition' Labels Aim to Put Security on Display

New Report Examines Top Threats Discussed at Black Hat USA

Infrastructure, Security, and the Need for Visibility

Is it OK to use stolen data? What if it's scientific research in the public interest?

Anonymous Leaked a Bunch of Data From a Right-Wing Web Host

Zero-Click iMessage Exploit

A New App Helps Iranians Hide Messages in Plain Sight

Numando: Count once, code twice

Numando: Count once, code twice

WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure <i>your</i> job

New Malware Targets Windows Subsystem for Linux to Evade Detection

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

~ 16 Sep 2021 ~

Microsoft Warns of Uptick in MSHTML Attacks

HPE Survey Finds 76% of Doctors and Nurses Believe Telehealth Will Dominate Patient Care in Near Future

15% of the Nasdaq 100 Is Highly Susceptible to a Ransomware Attack, New Black Kite Research Finds

Aviation-themed phishing campaign pushed off-the-shelf RATs into inboxes for 5 years

TransUnion to Buy Neustar for $3.1B

FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539

Hack yourself before someone else does it for you

Grappling With Growth, Employee Needs, and Security Amid a Return to Offices

Exploitation of the CVE-2021-40444 vulnerability in MSHTML

Ransomware-hit law firm secures High Court judgment against unknown criminals

Democracy Now: NSO Group Spies Secretly Seized Control of Apple Devices by Exploiting Flaw in Code

Under Pressure: COVID-19 Forced Many Execs to Sideline Cybersecurity

Computer and data scientists should be as highly regarded as 'warriors' says top UK cybergeneral

Siemens RUGGEDCOM ROX

Schneider Electric EcoStruxure and SCADAPack

Summer 2021: Friday Night Funkin, Mneskin and pop it

De-identify, re-identify: Anonymised data's dirty little secret

Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects

It's time to delete that hunter2 password from your Microsoft account, says IT giant

This is AUKUS for China US, UK, Australia reveal defence tech-sharing pact

Third Critical Bug Affects Netgear Smart Switches Details and PoC Released

Partnering within cyber: SANS and the Cyber Resilience Centre for South East England

Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

~ 15 Sep 2021 ~

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

You Can Now Sign-in to Your Microsoft Accounts Without a Password

How Attackers Invest in Cloud-Focused Cybercrime

OWASP Reshuffles Its Top 10 List, Adds New Categories

Customer Care Giant TTEC Hit By Ransomware?

OMIGOD: Azure Users Warned of Critical OMI Vulnerabilities

A Ransomware Recovery Plan That's Solid Gold

ExpressVPN Acquired By Kape Technologies for $936 Million

How Your Printer Is Like Swiss Cheese

Microsoft Patch Tuesday fixes actively exploited zeroday and 85 other flaws

Microsoft Patch Tuesday fixes actively exploited zeroday and 85 other flaws

Microsoft Lets Users Fully Remove Account Passwords

Identifying Computer-Generated Faces

Purchasing Managed Security Services: Strategies for Client References

The passwordless future is here for your Microsoft account

You Can Now Ditch the Password on Your Microsoft Account

ELFant in the Room capa v3

ELFant in the Room capa v3

ELFant in the Room capa v3

Don't Try to Outsmart Cybercriminals. Outnumber Them!

Critical Flaws Discovered in Azure App That Microsoft Secretly Installed on Linux VMs

Ransomware crims saying 'We'll burn your data if you get a negotiator' can't be legally paid off anyway

Ex-US intel, military trio were cyber-mercenaries for UAE, say prosecutors

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company

Microsoft's end-of-summer software security cleanse crushes more than 80 bugs

Microsoft's end-of-summer software security cleanse crushes more than 80 bugs