Port 22

~ 30 Jul 2021 ~

Experts Uncover Several C&C Servers Linked to WellMess Malware

Several Malicious Typosquatted Python Libraries Found On PyPI Repository

A New Wiper Malware Was Behind Recent Cyberattack On Iranian Train System

~ 29 Jul 2021 ~

Phony Call Centers Tricking Users Into Installing Ransomware and Data-Stealers

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

Leading cybersecurity agencies reveal list of most exploited vulnerabilities of the past 2 years

The Life Cycle of a Breached Database

Attack AI systems in Machine Learning Evasion Competition

Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and more

Spam is Chipotle's secret ingredient: Marketing email hijacked to dish up malware

Upcoming Android privacy changes include ability to blank advertising ID, and 'safety section' in Play store

BazaCall: Phony call centers lead to exfiltration and ransomware

AirDropped Gun Photo Causes Terrorist Scare

Phantom Warships Are Courting Chaos in Conflict Zones

Hitachi ABB Power Grids eSOMS

Wibu-Systems CodeMeter Runtime

APT trends report Q2 2021

Tackling the insider threat to the new hybrid workplace

Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs

Israeli authorities investigate NSO Group over Pegasus spyware abuse claims

Here's a list of the flaws Russia, China, Iran and pals exploit most often, say Five Eyes infosec agencies

'Woefully insufficient': Biden administration's assessment of critical infrastructure protection

Over 100 Taiwanese political figures' messages leaked outta LINE app

New Ransomware Gangs Haron and BlackMatter Emerge on Cybercrime Forums

Best Practices to Thwart Business Email Compromise (BEC) Attacks

New Android Malware Uses VNC to Spy and Steal Passwords from Victims

Top 30 Critical Security Vulnerabilities Most Exploited by Hackers

~ 28 Jul 2021 ~

Security breaches where working from home is involved are costlier, claims IBM report

Most Twitter users havent enabled 2FA yet, report reveals

Iranian state-backed hackers posed as flirty Scouser called Marcy to target workers in defence and aerospace

Zero Trust Adoption Report: How does your organization compare?

8 Security Tools to be Unveiled at Black Hat USA

Booking your next holiday? Watch out for these Airbnb scams

De-anonymization Story

DDoS attacks in Q2 2021

UK's National Cyber Security Centre needs its posh Westminster digs, says Cabinet Office, because of WannaCry

Google revamps bug bounty program

UBEL is the New Oscorp Android Credential Stealing Malware Active in the Wild

Biden warns 'real shooting war' will be sparked by severe cyber attack

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees

Tencent suspends signups to WeChat, citing 'security upgrade' and need to comply with Chinese laws

eBay ex-security boss sent down for 18 months for cyber-stalking, witness tampering

~ 27 Jul 2021 ~

Misconfigured Azure Blob at Raven Hengelsport exposed records of 246,000 anglers and took months to tackle, claim infosec researchers

Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam

Tech biz must tell us about more security breaches, says UK.gov as it ponders lowering report thresholds

Apple releases patch for zeroday flaw in iOS, iPadOS and macOS

A Controversial Tool Calls Out Vulnerabilities Across the Web

Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques

The Shapeshifting Cam Girl Rewriting the Rules of Porn

Compsci student walks off with $50,000 after bug bounty report blows gaping hole in Shopfiy software repos

Hiding Malware in ML Models

KUKA KR C4

Mitsubishi Electric GOT2000 series and GT SoftGOT2000

Geutebrck G-Cam E2 and G-Code

LCDS LAquis SCADA

Delta Electronics DIAScreen

New Bug Could Let Attackers Hijack Zimbra Server by Sending Malicious Email

It takes intuition and skill to find hidden evidence and hunt for elusive threats

Several Bugs Found in 3 Open-Source Software Used by Several Businesses

Hackers Turning to 'Exotic' Programming Languages for Malware Development

SSD belonging to Euro-cloud Scaleway was stolen from back of a truck, then turned up on YouTube

Apple patches zero-day vulnerability in iOS, iPadOS, macOS under active attack

Apple Releases Urgent 0-Day Bug Patch for Mac, iPhone and iPad Devices

~ 26 Jul 2021 ~

You, too, can be a Windows domain controller and do whatever you like, with this one weird WONTFIX trick

PlugwalkJoe Does the Perp Walk

Disrupting Ransomware by Disrupting Bitcoin

Somebody is destined for somewhere hot, and definitely not Coventry

BIMI: A Visual Take on Email Authentication and Security

How to Mitigate Microsoft Windows 10, 11 SeriousSAM Vulnerability

DEF CON offers beginner-level Spot the Fed this year: He'll be on stage giving a keynote

Microsoft Warns of LemonDuck Malware Targeting Windows and Linux Systems

New PetitPotam NTLM Relay Attack Lets Hackers Take Over Windows Domains

~ 24 Jul 2021 ~

Porn Showed Upon on Legit News Sites Thanks to Internet Rot

~ 23 Jul 2021 ~

Friday Squid Blogging: The Evolution of Squid

Week in security with Tony Anscombe

Commercial Location Data Used to Out Priest

Hole blasted in Guntrader: UK firearms sales website's CRM database breached, 111,000 users' info spilled online

Protecting the hybrid workplace through Zero Trust security

Tech support scams subside somewhat, but Millennials and Gen Z think they're bulletproof and suffer

BT tries to crack cyber crime, grabs stake in Safe Security

Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software

Wake up! Identify API Vulnerabilities Proactively, From Code Back to Production

Dutch Police Arrest Two Hackers Tied to "Fraud Family" Cybercrime Ring

Kaseya obtains REvil decryptor, starts sharing it with afflicted customers

Never mind the trolls, Discord hosts 'significant volumes of malware' in its CDN

A Visual Summary of SANS DFIR Summit 2021

~ 22 Jul 2021 ~

Cyber-attacks really ramp up after Halloween so why not start preparing now?

Kaseya Gets Universal Decryptor to Help REvil Ransomware Victims

The Kaseya Ransomware Nightmare Is Almost Over

Microsoft has a workaround for 'HiveNightmare' flaw: Nuke your shadow copies from orbit

How to protect your CAD data files with MIP and HALOCAD

Securing the cloud while Windows burns: Microsoft pops CloudKnox in trolley

A guide to balancing external threats and insider risk

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

Popular WiFi routers still using default passwords making them susceptible to attacks

Nasty Printer Driver Vulnerability

Respect in Security initiative aims to build reporting lines for infosec bods suffering harassment at work, conferences and online

Respect in Security initiative aims to build reporting lines for infosec bods suffering harassment at work, conferences and online

Al Jazeera: How Vulnerable are We to Spying Technology?