Port 22

~ 9 May 2021 ~

Google Gets Serious About Two-Factor Authentication. Good!

Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down

~ 8 May 2021 ~

The Colonial Pipeline Hack Is a New Extreme for Ransomware

Microsoft Will Soon Kill Flash on Windows 10 for Good

ISPs Funded 8.5 Million Fake Comments Opposing Net Neutrality

Facebook Will Limit Your WhatsApp Features For Not Accepting Privacy Policy

Top 11 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

~ 7 May 2021 ~

Friday Squid Blogging: COVID Relief Funds

Twitter's Tip Jar Privacy Fiasco Was Entirely Avoidable

Russian cyber-spies changed tactics after the UK and US outed their techniques so here's a list of those changes

How North Korean APT Kimsuky Is Evolving Its Tactics

Privacy activist Max Schrems on Microsoft's EU data move: It won't keep the NSA away

LibInjection Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)

LibInjection Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)

LibInjection Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)

Week in security with Tony Anscombe

Teaching Cybersecurity to Children

FBI, NSA, CISA & NCSC Issue Joint Advisory on Russian SVR Activity

Investment Scammer John Davies Reinvents Himself?

4 Major Privacy and Security Updates From Google You Should Know About

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

Cisco HyperFlex web interface has critical flaw that lets attackers get <code>root</code> and execute arbitrary commands

Kids in Hong Kong and other highly surveilled states worry infosec careers are just asking for trouble

New TsuNAME Flaw Could Let Attackers Take Down Authoritative DNS Servers

Google Play to require privacy labels on apps in 2022, almost two years after Apple

New Stealthy Rootkit Infiltrated Networks of High-Profile Organizations

SANS DFIR Stay Sharp Courses - Same quality, less time, targeted skill training

Google will make you use two-step verification to login

~ 6 May 2021 ~

Popular routers found vulnerable to hacker attacks

Troy Hunt: Organizations Make Security Choices Tough for Users

New Techniques Emerge for Abusing Windows Services to Gain System Control

Vulnerability in Snapdragon 855 SoCs could pwn Android modems, allow baddies to snoop on conversations

CISA Publishes Analysis on New 'FiveHands' Ransomware

Cloud-Native Businesses Struggle with Security

The Story of Colossus

Operation TunnelSnake

Fantastic passwords and where your children can find them

Crane horror <i>Reg</i> reader uses his severed finger to unlock Samsung Galaxy phone

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site

Chrome on Windows turns on Intel, AMD chip-level defenses against malicious websites

Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software

JET engine flaws can crash Microsoft's IIS, SQL Server, say Palo Alto researchers

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices

New Spectre Flaws in Intel and AMD CPUs Affect Billions of Computers

SANS ICS Hot Take: Cloud Security Transcript

~ 5 May 2021 ~

How a Former Netflix Exec Built a Brazen Bribery Scheme

Attackers Seek New Strategies to Improve Macros' Effectiveness

21 nails in Exim mail server: Vulnerabilities enable 'full remote unauthenticated code execution', millions of boxes at risk

DDoS attack knocks Belgian government websites offline

DoD Lets Researchers Target All Publicly Accessible Info Systems

New Spectre-Like Attacks

Wanted: The (Elusive) Cybersecurity 'All-Star'

East London council blurts thousands of residents' email addresses in To field blunder

Malicious Office 365 Apps Are the Ultimate Insiders

Twilio's private GitHub repositories cloned by Codecov attacker, cloud comms platform confirms

Ousaban: Private photo collection hidden in a CABinet

What not to expect when you're expecting: Fertility apps may be selling intimate health secrets

New Study Warns of Security Threats Linked to Recycled Phone Numbers

BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide

ALERT New 21Nails Exim Bugs Expose Millions of Email Servers to Hacking

Strong, Secure Passwords Are Key to Helping Reduce Risk to Your Organization

~ 4 May 2021 ~

Apple Releases Urgent Security Patches For ZeroDay Bugs Under Active Attacks

'Millions' of Dell PCs will grant malware, rogue users admin-level access if asked nicely

Newer Generic Top-Level Domains a Security 'Nuisance'

Red Hat open-sources StackRox Kubernetes security product

The Wages of Password Re-use: Your Money or Your Life

Apple Issues Patches for Webkit Security Flaws

Microsoft will soon remove Flash Player from Windows 10 devices

Hundreds of Millions of Dell Computers Potentially Vulnerable to Attack

Raytheon: Supply Chain, Ransomware, Zero Trust Biggest Security Priorities

Tesla Remotely Hacked from a Drone

The UNC2529 Triple Double: A Trifecta Phishing Campaign

The UNC2529 Triple Double: A Trifecta Phishing Campaign

They Told Their Therapists Everything. Hackers Leaked It All

Advantech WISE-PaaS RMM

Delta Electronics CNCSoft ScreenEditor

LuckyMouse Hackers Target Banks, Companies and Governments in 2020

Researchers Uncover Iranian State-Sponsored Ransomware Operation

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

How Should the Service Desk Reset Passwords?

Apple patches iOS, macOS, iPadOS, watchOS, kitchen-sinkOS bugs said to be exploited in the wild

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack

~ 3 May 2021 ~

Dont Buy Into Facebooks Ad-Tracking Pressure on iOS 14.5

A Rust-based Buer Malware Variant Has Been Spotted in the Wild

Researchers Explore Active Directory Attack Vectors

INTERPOL aims to deal a blow to digital piracy

Identifying the Person Behind Bitcoin Fog

Buer Malware Variant Rewritten in Rust Programming Language

Spam and phishing in Q1 2021

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

New Chinese Malware Targeted Russia's Largest Nuclear Submarine Designer

List of Resource Links from SANS New to Cyber Summit 2021

~ 2 May 2021 ~

Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

~ 1 May 2021 ~

A Ransomware Group Hit DC PoliceThen Pivoted to Extortion

~ 30 Apr 2021 ~

Friday Squid Blogging: On Squid Coloration

Ransomware Task Force Publishes Framework to Fight Global Threat

Bill to protect UK against harmful foreign investment becomes law

New Threat Group Carrying Out Aggressive Ransomware Campaign

Happy Friday? Darktrace gets 40 per cent boost on London IPO debut

MITRE Adds MacOS, More Data Types to ATT&CK Framework