Port 22

~ 18 May 2021 ~

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps

Free "vCISO Clinic" offers Resource-Constrained InfoSec Leaders a Helping Hand

Experts Reveal Over 150 Ways to Steal Control of 58 Android Stalkerware Apps

70 European and South American Banks Under Attack By Bizarro Banking Malware

~ 17 May 2021 ~

Eufycam Wi-Fi security cameras streamed video feeds from other people's homes

DarkSide Ransomware Variant Targets Disk Partitions

47% of Criminals Buying Exploits Target Microsoft Products

Ransomware's Dangerous New Trick: Double-Encrypting Your Data

DDoS Attacks Up 31% in Q1 2021: Report

How a positive hybrid work culture can help you to mitigate insider risk

Axa insurance offshoots pwned as Ireland reveals second ransomware hit

Try This One Weird Trick Russian Hackers Hate

Correspondence between the Citizen Lab and NSO Group Regarding The Great iPwn

Take action now FluBot malware may be on its way

Is 85% of US Critical Infrastructure in Private Hands?

We'd love to report on the outcome of the CREST exam cheatsheet probe, but UK infosec body won't publish it

Bizarro banking Trojan expands its attacks to Europe

Android stalkerware threatens victims further and exposes snoopers themselves

Name That Toon: Road Trip

Mammoth grab of GP patient data in the UK set to benefit private-sector market access as rules remain unchanged

Apple sent my data to the FBI, says boss of controversial research paper trove Sci-Hub

Apple's Find My Network Can be Abused to Exfiltrate Data From Nearby Devices

Singapore bolsters Bluetooth contact-tracing as new COVID wave sends students and workers home again

Why Password Hygiene Needs a Reboot

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

China signals dissatisfaction with gig economy impact on ride-share drivers

SANS SIFT Update Spring 2021

Coming Soon SANS Cyber Solutions Fest 2021

5 Metrics Start Measuring Vulnerability Management Program

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized

~ 15 May 2021 ~

WhatsApps New Privacy Policy Just Kicked In

~ 14 May 2021 ~

Friday Squid Blogging: Far Side Squid Comic

Verizons 2021 DBIR: Phishing and ransomware threats looming ever larger

Upcoming Speaking Engagements

Rapid7 Source Code Accessed in Supply Chain Attack

Week in security with Tony Anscombe

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Free SANS Cyber Security Summits: Sign up now, learn online, keep your network safe

Tor users, beware: 'Scheme flooding' technique may be used to deanonymize you

Cisco Confirms Plans to Acquire Kenna Security

Hospitals cancel outpatient appointments as Irish health service struck by ransomware

Ransomware Is Getting Ugly

SOC Teams Burdened by Alert Fatigue Explore XDR

The Real Cost of Colonial Pipeline's $5 Million Ransom

Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks

NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro

Security Trends to Follow at RSA Conference 2021

Hackers Using Microsoft Build Engine to Deliver Malware Filelessly

Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal

Cloudflare launches campaign to end the madness of CAPTCHAs

Magecart Hackers Now hide PHP-Based Backdoor In Website Favicons

Big Cybersecurity Tips For Remote Workers Who Use Their Own Tech

Introduction to ICS Security

Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals

Rapid7 Source Code Breached in Codecov Supply-Chain Attack

~ 13 May 2021 ~

Decades-Old Flaws Affect Almost Every Wi-Fi Device

GameStop FOMO Inspires a New Wave of Crypto Pump-and-Dumps

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway report

85% of Data Breaches Involve Human Interaction: Verizon DBIR

European police bust major online investment fraud ring

When AI Becomes the Hacker

New US Executive Order on Cybersecurity

Colonial Pipeline was looking to hire cybersecurity manager before ransomware attack shut down operations

The Best Personal Safety Devices, Apps, and Alarms

Rockwell Automation Connected Components Workbench

Johnson Controls Sensormatic Tyco AI

OPC Foundation UA Products Built with .NET Framework

Oops, says Manchester City Council after thousands of number plates exposed in parking ticket spreadsheet

OPC UA Products Built with the .NET Framework 4.5, 4.0, and 3.5

Can Data Protection Systems Prevent Data At Rest Leakage?

Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged Cards

Security Awareness is Managing Human Risk

Ransomware: Leadership Perspective

When it comes to cybersecurity, there's always time for summer school or winter training

~ 12 May 2021 ~

Apple's Find My network can be abused to leak secrets to the outside world via passing devices

Researchers Unearth 167 Fake iOS & Android Trading Apps

Putting The Spotlight on DarkSide

Happy to pay out to ransomware masterminds? Yup, we thought so

Vulnerable Protocols Leave Firms Open to Further Compromises

1 million risky apps rejected or removed from Apples App Store in 2020

Securing a new world of hybrid work: What to know and what to do

How to secure your hybrid work world with a Zero Trust approach

Hashes, Salts, and Rainbow Tables: Confessions of a Password Cracker

Book Sale: Beyond Fear

Britain to spend 22m influencing Indo-Pacific nations' cybersecurity policies against 'authoritarian regimes'

ESET Research goes to RSA Conference 2021 with two presentations

ESET Research goes to RSA Conference 2021 with record number of presentations

Ransomware world in 2021: who, how and why

Blessed are the cryptographers, labelling them criminal enablers is just foolish

Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks

Beijing twirls ban-hammer at 84 more apps it says need to stop slurping excess data

South Korea orders urgent review of energy infrastructure cybersecurity

Latest Microsoft Windows Updates Patch Dozens of Security Flaws

FOR528: Ransomware for Incident Responders - New DFIR Course Coming Soon

Cut Through the Noise: Ransomware What to Communicate to Your Workforce

Tech industry quietly patches FragAttacks Wi-Fi flaws that leak data, weaken security

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations

~ 11 May 2021 ~

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild

Shining a Light on DARKSIDE Ransomware Operations

Shining a Light on DARKSIDE Ransomware Operations