Port 22

~ 17 Dec 2021 ~

Is Data Security Worthless if the Data Life Cycle Lacks Clarity?

Facebook Bans 7 'Cyber Mercenary' Companies for Spying on 50,000 Users

Over Log4j? VMware has another critical flaw for you to patch

New PseudoManuscrypt Malware Infected Over 35,000 Computers in 2021

How to Prevent Customer Support Help Desk Fraud Using VPN and Other Tools

Facebook locks out 1,500 fake accounts used by cyber-spy firms to snoop on people, alerts 50k potential targets

Mobile App Developers Keep Fraudulent Traffic at Bay with Anti-Fraud API

~ 16 Dec 2021 ~

New Phorpiex Botnet Variant Steals Half a Million Dollars in Cryptocurrency

Why Log4j Mitigation Is Fraught With Challenges

Siemens SINUMERIK Edge

Meta Ousts 7 Surveillance-for-Hire Operations From Its Platforms

Phorpiex Botnet Variant Spread Across 96 Countries

The Next Wave of Log4J Attacks Will Be Brutal

PEGASUS PREDATOR: Cytrox

Pegasus vs. Predator: Dissidents Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

Why ransomware attacks happen out of hours or during the holidays

Log4Shell: The Big Picture

NY Man Pleads Guilty in $20 Million SIM Swap Theft

East Londoners nicked under Computer Misuse Act after NHS vaccine passport app sprouted clump of fake entries

More Log4j News

Dear Congress: It's Complicated. Please Consider This When Crafting New Cybersecurity Legislation

Xylem AquaView

Delta Electronics CNCSoft

Wibu-Systems CodeMeter Runtime

Mitsubishi Electric GX Works2

Mitsubishi Electric FA Engineering Software

Siemens Capital VSTAR

Siemens POWER METER SICAM Q100

Siemens JTTK and JT Utilities

Siemens JT2Go and Teamcenter Visualization

Siemens Siveillance Identity

Siemens Simcenter STAR-CCM+ Viewer

Siemens Healthineers syngo fastView

Siemens JT Utilities and JT Open Toolkit

Siemens Teamcenter Active Workspace

Siemens SiPass Integrated

Siemens JTTK and JT Utilities

PseudoManuscrypt: a mass-scale spyware attack campaign

Move fast, break security: Why CISOs must push back against Agile IT

National Cyber Strategy will lead to BritChip for mobile devices by 2025, claims UK.gov

Japan draws a LINE: web giants must reveal where they store user data

Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips

The Guide to Automating Security Training for Lean Security Teams

New Fileless Malware Uses Windows Registry as Storage to Evade Detection

Facebook expands bug bounty program to include scraping attacks, two years after it was scraped hard

Rise in API-Based Attacks Underscore Investments in New Tools

~ 15 Dec 2021 ~

As CISA tells US govt agencies to squash Log4j bug by Dec 24, fingers start pointing at China, Iran, others

Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft

Companies Must Assess Threats to AI & ML Systems in 2022: Microsoft

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

Dept. of Homeland Security Launches 'Hack DHS' Program

US lawmakers want to put NSO Group, 3 other spyware makers out of business with fresh severe sanctions

Analysis: Log4j Vulnerability Highlights the Value of Defense-in-Depth, Accurate Inventory

Meta Expands Bug-Bounty Program to Include Data Scraping

Cybereason Announces Availability of AI-Driven Cybereason XDR and EDR on Google Cloud Marketplace

Kroll Acquires Security Compass Advisory

What every business leader needs to know about Log4Shell

Privacy and Safety Issues With Facebook's New 'Metaventure'

Google Warns That NSO Hacking Is On Par With Elite Spy Groups

What Are the Pros and Cons of a SASE Architecture?

The final report on NOBELIUMs unprecedented nation-state attack

Why We Need "Developer-First" Application Security

Pen Test Partners: Anyone could view Gumtree users' GPS location by pressing F12

Why Cloud Storage Isn't Immune to Ransomware

Kryptowire Collaborates With Orange and Finds Vulnerabilities in Mobile Devices

The Biggest Deepfake Abuse Site Is Growing in Disturbing Ways

The dirty dozen of Latin America: From Amavaldo to Zumanek

Kaspersky Managed Detection and Response: interesting cases

Kaspersky Security Bulletin 2021. Statistics

Facebook to Pay Hackers for Reporting Data Scraping Bugs and Scraped Datasets

Cynet's MDR Offers Organizations Continuous Security Oversight

Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials

Microsoft closes installer hole abused by Emotet malware, Google splats Chrome bug exploited in the wild

Cisco's Ash Devata on Securing the Hybrid Workforce With Zero Trust

How to Use Phishing Benchmarks Effectively to Assess Your Program

expert-guide-reviewing-SOC2-reports

cloud-security-monitoring-threat-detection-5-day

cloud-security-monitoring-threat-detection-5-day

A Look Into ICS612: ICS Cybersecurity In-Depth: Part 1

~ 14 Dec 2021 ~

Tufin Introduces Security Policy Builder (SPB) App to Marketplace

Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws

Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16

Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware

Propane Gas Distributor Hit With Ransomware

Ransomware Hits Virginia Legislative Agencies

Microsoft Patch Tuesday, December 2021 Edition

Tool Overload & Attack Surface Expansion Plague SOCs

Microsoft Patches Zero-Day Spreading Emotet Malware

Second Log4j Vulnerability (CVE-2021-45046) Discovered New Patch Released

Upcoming Speaking Engagements

You may have cracked serverless development, but its almost certain you havent solved serverless security

Source Code Leaks: The Real Problem Nobody Is Paying Attention To

Popular password manager LastPass to be spun out from LogMeIn

Your guide to mobile digital forensics

MPs charged with analysing Online Safety Bill say end-to-end encryption should be called out as 'specific risk factor'

On the Log4j Vulnerability

Combat Misinformation by Getting Back to Security Basics

5 warning signs your identity has been stolen