Port 22

~ 31 Aug 2021 ~

Dont use singlefactor authentication, warns CISA

Microsoft a Leader in 2021 Gartner Magic Quadrant for Unified Endpoint Management Tools

Leaked Guntrader firearms data file shared. Worst case scenario? Criminals plot UK gun owners' home addresses in Google Earth

More Military Cryptanalytics, Part III

Sensormatic Electronics KT-1

No Access: LGBTIQ Website Censorship in Six Countries

Tidak Ada Akses: Penyensoran Situs LGBTIQ di Enam Negara

Vaccine passports: Is your personal data in safe hands?

Drowning in cybersecurity info? Make a dash to Security SOS Week 2021

Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms

Researchers Propose Machine Learning-based Bluetooth Authentication Scheme

Bangkok Airways hit by LockBit ransomware attack, loses lotsa data after refusing to pay

~ 30 Aug 2021 ~

CISA Adds Single-Factor Authentication to the List of Bad Practices

Boffins find if you torture AMD Zen+, Zen 2 CPUs enough, they are vulnerable to Meltdown-like attack

New Microsoft Exchange 'ProxyToken' Flaw Lets Attackers Reconfigure Mailboxes

Karkinos Beginner Friendly Penetration Testing Tool

Karkinos Beginner Friendly Penetration Testing Tool

Karkinos Beginner Friendly Penetration Testing Tool

How to prepare for CMMC compliance as a defense industrial base supplier using the Microsoft cloud

Excellent Write-up of the SolarWinds Security Breach

How Does MTA-STS Improve Your Email Security?

~ 29 Aug 2021 ~

6 Things You Need to Do to Prevent Getting Hacked

Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses

~ 28 Aug 2021 ~

California Man Stole 620,000 iCloud Photos in Search of Nudes

LockFile Ransomware Bypasses Protection Using Intermittent File Encryption

Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

~ 27 Aug 2021 ~

Explosion in Geofence Warrants Threatens Privacy Nationwide

Microsoft warns of widespread open redirection phishing attack which Defender can block, coincidentally

Friday Squid Blogging: Tentacle Doorknob

Slap on wrist for NCC Group over CREST exam-cheating scandal as infosec org agrees to rewrite NDAs and more

Week in security with Tony Anscombe

Details of the Recent T-Mobile Breach

Beyond the pandemic: Why are data breach costs at an alltime high?

Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years

Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

Azure's now-fixed Cosmos DB flaw could have been exploited to read, write any database

Critical Cosmos Database Flaw Affected Thousands of Microsoft Azure Customers

~ 26 Aug 2021 ~

A Bad Solar Storm Could Cause an 'Internet Apocalypse'

Widespread credential phishing campaign abuses open redirector links

Man impersonates Apple support, steals 620,000 photos from iCloud accounts

Interesting Privilege Escalation Vulnerability

Johnson Controls Controlled Electronic Management Systems CEM Systems AC2000

Annke Network Video Recorder

Delta Electronics DIAEnergie

Delta Electronics DOPSoft

Surveillance tech company sues Police Digital Service over 'flawed' scoring of bids on 18m contract

Big tech proud as punch about cameos in Joe Biden's security theatre

Atlassian warns of critical Confluence flaw

The Increased Liability of Local In-home Propagation

F5 Releases Critical Security Patches for BIG-IP and BIG-IQ Devices

Israeli firm Bright Data named as enabler of Philippines government DDOS attacks on opposition groups

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access

VMware Issues Patches to Fix New Flaws Affecting Multiple Products

~ 25 Aug 2021 ~

Critical Flaw Discovered in Cisco APIC for Switches Patch Released

Man Robbed of 16 Bitcoin Sues Young Thieves Parents

The Stealthy iPhone Hacks That Apple Still Can't Stop

ProxyLogon flaw, evil emails, SQL injections used to open backdoors on Windows boxes

Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

Cybersecuritys next fight: How to protect employees from online harassment

Surveillance of the Internet Backbone

Preventing your Cloud 'Secrets' from Public Exposure: An IDE plugin solution

Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions

B.Braun Infusomat Pumps Could Let Attackers Remotely Alter Medication Dosages

New SideWalk Backdoor Targets U.S-based Computer Retail Business

~ 24 Aug 2021 ~

Fake Apple rep amasses 620,000+ stolen iCloud pics, vids in hunt for images of nude women to trade

Microsoft Power Apps misconfiguration exposes millions of records

The SideWalk may be as dangerous as the CROSSWALK

Proofpoint wins $14m from ex-VP and French email security rival in IP theft court battle

Hackers Could Up Medication Doses Through Infusion Pump Flaws

Hitachi ABB Power Grids TropOS

Hitachi ABB Power Grids Utility Retail Operations and CSB Products

Delta Electronics TPEditor

: Zero-Click NSO Group

Triada Trojan in WhatsApp MOD

From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits

Chinese auto-maker accused of altering data after fatal autonomous car accident

Modified Version of WhatsApp for Android Spotted Installing Triada Trojan

Bahraini Activists Targeted Using a New iPhone Zero-Day Exploit From NSO Group

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc

38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations

~ 23 Aug 2021 ~

Poly Network says it's got pretty much all of that $610m in stolen crypto-coins back

Razer to fix Windows installer that grants admin powers if you plug in a mouse

38 million records exposed by misconfigured Microsoft Power Apps. Redmond's advice? RTFM

Worried ransomware merchants know more about file storage than you do? You should be

How Vodafone Global Security Director creates an inclusive and secure workplace

38M Records Exposed OnlineIncluding Contact-Tracing Info

Gaming-related cyberthreats in 2020 and 2021

Navigating Vendor Risk Management as IT Professionals

Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems

Facebook sat on report that reveals most-shared post for months was questionable COVID story

~ 22 Aug 2021 ~

Microsoft Exchange Under Attack With ProxyShell Flaws; Over 1900 Servers Hacked!

~ 21 Aug 2021 ~

Hackers Stole Over $90M From Japan's Liquid Crypto Exchange

~ 20 Aug 2021 ~

Friday Squid Blogging: On Squid Brains

Google Docs Scams Still Pose a Threat

Apples Photo-Scanning Plan Sparks Outcry From Policy Groups

Week in security with Tony Anscombe

Hackers swipe almost $100 million from major cryptocurrency exchange

More on Apples iPhone Backdoor

Cloud load balancer snafu leads to 3D printer user printing on a stranger's kit