Port 22

~ 23 Aug 2021 ~

Worried ransomware merchants know more about file storage than you do? You should be

How Vodafone Global Security Director creates an inclusive and secure workplace

38M Records Exposed OnlineIncluding Contact-Tracing Info

Gaming-related cyberthreats in 2020 and 2021

Navigating Vendor Risk Management as IT Professionals

Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems

Facebook sat on report that reveals most-shared post for months was questionable COVID story

~ 22 Aug 2021 ~

Microsoft Exchange Under Attack With ProxyShell Flaws; Over 1900 Servers Hacked!

~ 21 Aug 2021 ~

Hackers Stole Over $90M From Japan's Liquid Crypto Exchange

~ 20 Aug 2021 ~

Friday Squid Blogging: On Squid Brains

Google Docs Scams Still Pose a Threat

Apples Photo-Scanning Plan Sparks Outcry From Policy Groups

Week in security with Tony Anscombe

Hackers swipe almost $100 million from major cryptocurrency exchange

More on Apples iPhone Backdoor

Cloud load balancer snafu leads to 3D printer user printing on a stranger's kit

Cloud load balancer snafu leads to 3D printer user printing on a stranger's kit

UK's Surveillance Camera Commissioner grills Hikvision on China human rights abuses

Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups

Cybercrime Group Asking Insiders for Help in Planting Ransomware

Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways

~ 19 Aug 2021 ~

Critical Flaw Found in Older Cisco Small Business Routers Won't Be Fixed

Apple's bright idea for CSAM scanning could start 'persecution on a global basis' 90+ civil rights groups

How to proactively defend against Mozi IoT botnet

Wanted: Disgruntled Employees to Deploy Ransomware

Automating security assessments using Cloud Katana

Buyout of British defence supplier Ultra Electronics paused by UK.gov over competition concerns

T-Mobile Data Breach

AVEVA SuiteLink Server

Are you, the customer, the one paying the ransomware demand?

Researchers Find New Evidence Linking Diavol Ransomware to TrickBot Gang

After reportedly dragging its feet, BlackBerry admits, yes, QNX in cars, equipment suffers from BadAlloc bug

~ 18 Aug 2021 ~

OK, so you stole $600m-plus from us, how about you be our Chief Security Advisor, Poly Network asks thief

China Aims Its Propaganda Firehose at the BBC

The T-Mobile Data Breach Is Much Worse Than It Had to Be

Apples NeuralHash Algorithm Has Been Reverse-Engineered

Researchers find high-severity command injection vuln in Fortinet's web app firewall

T-Mobile: Breach Exposed SSN/DOB of 40M+ People

Trend-spotting email techniques: How modern phishing emails hide in plain sight

Migrating content from traditional SIEMs to Azure Sentinel

Health authorities in 40 countries targeted by COVID19 vaccine scammers

Detecting Embedded Content in OOXML Documents

Detecting Embedded Content in OOXML Documents

Apple Engraving Censorship Explained

Engrave Danger: An Analysis of Apple Engraving Censorship across Six Regions

Un-carrier? Definitely Unsecure: T-Mobile US admits 48m customers' details stolen after downplaying reports

Tetris: Chinese Espionage Tool

Critical ThroughTek SDK Bug Could Let Attackers Spy On Millions of IoT Devices

BadAlloc Flaw Affects BlackBerry QNX Used in Millions of Cars and Medical Devices

China orders annual security reviews for all critical information infrastructure operators

Iranian Hackers Target Several Israeli Organizations With Supply-Chain Attacks

Does a VPN Protect You from Hackers?

NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware

SEC760 Prep Quiz Answers

Got What It Takes For SEC760? Check Out this Short Quiz (Updated!)

~ 17 Aug 2021 ~

Apple says its CSAM scan code can be verified by researchers. Corellium starts throwing out dollar bills

Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF

Microsoft and NIST collaborate on EO to drive Zero Trust adoption

Nearly 2 million records from terrorist watchlist exposed online

If you haven't updated your ThroughTek DVR since 2018 do so now, warns Mandiant as critical vuln surfaces

The cloud changes the game for cybersecurity incident response heres how to master the new rules

British defence supplier Ultra Electronics to be sold for 2.6bn to US-controlled firm

Millions of Web Camera and Baby Monitor Feeds Are Exposed

Mandiant Discloses Critical Vulnerability Affecting Millions of IoT Devices

Mandiant Discloses Critical Vulnerability Affecting Millions of IoT Devices

Blackbaud firm that paid off crooks after 2020 ransomware attack fails to get California privacy law claim dropped

ThroughTek Kalay P2P SDK

Advantech WebAccess/NMS

xArrow SCADA

Dumpster diving is a filthy business

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan

Pakistan's tax office services go dark after migration project goes awry

~ 16 Aug 2021 ~

T-Mobile Investigating Claims of Massive Data Breach

Multiple Flaws Affecting Realtek Wi-Fi SDKs Impact Nearly a Million IoT Devices

The T-Mobile Data Breach Is One You Cant Ignore

Remote code execution flaws lurk in countless routers, IoT gear, cameras using Realtek Wi-Fi module SDKs

T-Mobile US probes claims of 100m stolen customer records up for sale on dark web

Dallas cops lost 8TB of criminal case data during bungled migration, says the DA... four months

Apple's iPhone computer vision has the potential to preserve privacy but also break it completely

Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks

Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks

New AdLoad Variant Bypasses Apple's Security Defenses to Target macOS Systems

Dozens of STARTTLS Related Flaws Found Affecting Popular Email Clients

Dozens of STARTTLS Related Flaws Found Affecting Popular Email Clients

Level Up Your Cyber Career with SANS #LevelUp

Instructor Spotlight: Jean-Franois Maes

New AdLoad Variant Bypasses Apple's Security Defenses to Target macOS Systems

~ 15 Aug 2021 ~

New Glowworm Attack Recovers Device's Sound from Its LED Power Indicator

How to Send Messages That Automatically Disappear

~ 14 Aug 2021 ~

Upcoming Speaking Engagements

Hacker Steals $610M of Cryptocurrencyand Returns Most of It

I was offered $500k as a thank-you bounty for pilfering $600m from Poly Network, says crypto-thief

New Glowworm Attack Recovers Device's Sound from Its LED Power Indicator

Learn Ethical Hacking From Scratch 18 Online Courses for Just $43

Learn Ethical Hacking From Scratch 18 Online Courses for Just $43

Facebook Adds End-to-End Encryption for Audio and Video Calls in Messenger