Port 22

Colonial Pipeline attack: Hacking the physical world

Cameron CampESET

Australian Police hiring digital evidence retrieval specialists. You need to be a very good boy and have paws to get the gig

Laura DobbersteinThe Register

DarkSide Ransomware Gang Extorted $90 Million from Several Victims in 9 Months

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

The Microsoft Authenticator extension in the Chrome store wasn't actually made by Microsoft. Oops, Google

Katyanna QuachThe Register

The Microsoft Authenticator extension in the Chrome store wasn't actually made by Microsoft. Oops, Google

Katyanna QuachThe Register

Mozilla Begins Rolling Out 'Site Isolation' Security Feature to Firefox Browser

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

New Zealand hospitals infected by ransomware, cancel some surgeries

Laura DobbersteinThe Register

A Simple 1-Click Compromised Password Reset Feature Coming to Chrome Browser

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Android 12 Will Let You Fine-Tune Permissions for Apps

Lily Hay NewmanWired

Us? Pwn SolarWinds? With our reputation? Russian spy chief makes laughable denial of supply chain attack

Gareth CorfieldThe Register

How Attackers Weigh the Pros and Cons of BEC Techniques

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Business-intelligence-company-turned-Bitcoin-addict MicroStrategy grabs another $10m crypto-coin fix

Lindsay ClarkThe Register

Scams target families of missing persons, FBI warns

Amer OwaidaESET

Mitigate OT security threats with these best practices

Emma JonesMicrosoft Security Blog

Adding a Russian Keyboard to Protect against Ransomware

Bruce SchneierSchneier on Security

The UK loves cybersecurity so much, it's going to regulate managed service providers' infosec practices in law

Gareth CorfieldThe Register

Splunk to Acquire TruStar for Data Management

Dark Reading StaffDark Reading - Threat Intelligence

1Password unsheathes Rusty key, hopes to unlock Linux Desktop world

Richard SpeedThe Register

FBI's IC3 Logs 1M Complaints in 14 Months

Dark Reading StaffDark Reading - Threat Intelligence

Researchers Create Covert Channel Over Apple AirTag Network

Robert Lemos Contributing WriterDark Reading - Threat Intelligence

Emerson Rosemount X-STREAM

Advisory DocumentICS-Cert Advisories

Cisco Plans to Create 'Premium' SecureX Offering With Kenna Security Features

Kelly Jackson Higgins Executive Editor at Dark ReadingDark Reading - Threat Intelligence

Latest phones are great at thwarting Wi-Fi tracking. Other devices, not so much study

Thomas ClaburnThe Register

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Free "vCISO Clinic" offers Resource-Constrained InfoSec Leaders a Helping Hand

noreply@blogger.com (The Hacker News)The Hackers News

Experts Reveal Over 150 Ways to Steal Control of 58 Android Stalkerware Apps

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

70 European and South American Banks Under Attack By Bizarro Banking Malware

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Eufycam Wi-Fi security cameras streamed video feeds from other people's homes

Iain ThomsonThe Register

DarkSide Ransomware Variant Targets Disk Partitions

Dark Reading StaffDark Reading - Threat Intelligence

47% of Criminals Buying Exploits Target Microsoft Products

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Ransomware's Dangerous New Trick: Double-Encrypting Your Data

Lily Hay NewmanWired

DDoS Attacks Up 31% in Q1 2021: Report

Dark Reading StaffDark Reading - Threat Intelligence

How a positive hybrid work culture can help you to mitigate insider risk

Emma JonesMicrosoft Security Blog

Axa insurance offshoots pwned as Ireland reveals second ransomware hit

Gareth CorfieldThe Register

Try This One Weird Trick Russian Hackers Hate

BrianKrebsKrebs on Security

Correspondence between the Citizen Lab and NSO Group Regarding The Great iPwn

Miles KenyonCitizen Lab

Take action now FluBot malware may be on its way

Tony AnscombeESET

Is 85% of US Critical Infrastructure in Private Hands?

Bruce SchneierSchneier on Security

We'd love to report on the outcome of the CREST exam cheatsheet probe, but UK infosec body won't publish it

Gareth CorfieldThe Register

Bizarro banking Trojan expands its attacks to Europe

GReATSecure List

Android stalkerware threatens victims further and exposes snoopers themselves

Lukas StefankoESET

Name That Toon: Road Trip

John Klossner CartoonistDark Reading - Threat Intelligence

Mammoth grab of GP patient data in the UK set to benefit private-sector market access as rules remain unchanged

Lindsay ClarkThe Register

Apple sent my data to the FBI, says boss of controversial research paper trove Sci-Hub

Simon SharwoodThe Register

Apple's Find My Network Can be Abused to Exfiltrate Data From Nearby Devices

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Singapore bolsters Bluetooth contact-tracing as new COVID wave sends students and workers home again

Laura DobbersteinThe Register

Why Password Hygiene Needs a Reboot

noreply@blogger.com (The Hacker News)The Hackers News

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

China signals dissatisfaction with gig economy impact on ride-share drivers

Simon SharwoodThe Register

SANS SIFT Update Spring 2021

N/ASANS ICS

Coming Soon SANS Cyber Solutions Fest 2021

N/ASANS ICS

5 Metrics Start Measuring Vulnerability Management Program

N/ASANS ICS

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

WhatsApps New Privacy Policy Just Kicked In

Lily Hay NewmanWired

Friday Squid Blogging: Far Side Squid Comic

Bruce SchneierSchneier on Security

Verizons 2021 DBIR: Phishing and ransomware threats looming ever larger

Amer OwaidaESET

Upcoming Speaking Engagements

Schneier.com WebmasterSchneier on Security

Rapid7 Source Code Accessed in Supply Chain Attack

Dark Reading StaffDark Reading - Threat Intelligence

Week in security with Tony Anscombe

EditorESET

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

BrianKrebsKrebs on Security

Free SANS Cyber Security Summits: Sign up now, learn online, keep your network safe

David GordonThe Register

Tor users, beware: 'Scheme flooding' technique may be used to deanonymize you

Thomas ClaburnThe Register

Cisco Confirms Plans to Acquire Kenna Security

Dark Reading StaffDark Reading - Threat Intelligence

Hospitals cancel outpatient appointments as Irish health service struck by ransomware

Gareth CorfieldThe Register

Ransomware Is Getting Ugly

Bruce SchneierSchneier on Security

SOC Teams Burdened by Alert Fatigue Explore XDR

Joan Goodchild Staff EditorDark Reading - Threat Intelligence

The Real Cost of Colonial Pipeline's $5 Million Ransom

Lily Hay NewmanWired

Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks

Robert Lemos Contributing WriterDark Reading - Threat Intelligence

NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro

Gareth CorfieldThe Register

Security Trends to Follow at RSA Conference 2021

Yonit Wiseman Associate at YL VenturesDark Reading - Threat Intelligence

Hackers Using Microsoft Build Engine to Deliver Malware Filelessly

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Cloudflare launches campaign to end the madness of CAPTCHAs

Simon SharwoodThe Register

Magecart Hackers Now hide PHP-Based Backdoor In Website Favicons

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Big Cybersecurity Tips For Remote Workers Who Use Their Own Tech

noreply@blogger.com (The Hacker News)The Hackers News

Introduction to ICS Security

N/ASANS ICS

Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Rapid7 Source Code Breached in Codecov Supply-Chain Attack

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Decades-Old Flaws Affect Almost Every Wi-Fi Device

Lily Hay NewmanWired

GameStop FOMO Inspires a New Wave of Crypto Pump-and-Dumps

Cecilia D'AnastasioWired

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway report

Gareth CorfieldThe Register

85% of Data Breaches Involve Human Interaction: Verizon DBIR

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

European police bust major online investment fraud ring

Amer OwaidaESET

When AI Becomes the Hacker

Kelly Jackson Higgins Executive Editor at Dark ReadingDark Reading - Threat Intelligence

New US Executive Order on Cybersecurity

Bruce SchneierSchneier on Security

Colonial Pipeline was looking to hire cybersecurity manager before ransomware attack shut down operations

Gareth CorfieldThe Register

The Best Personal Safety Devices, Apps, and Alarms

Medea GiordanoWired

Rockwell Automation Connected Components Workbench

Advisory DocumentICS-Cert Advisories

Johnson Controls Sensormatic Tyco AI

Advisory DocumentICS-Cert Advisories

OPC Foundation UA Products Built with .NET Framework

Advisory DocumentICS-Cert Advisories

Oops, says Manchester City Council after thousands of number plates exposed in parking ticket spreadsheet

Gareth CorfieldThe Register

OPC UA Products Built with the .NET Framework 4.5, 4.0, and 3.5

Advisory DocumentICS-Cert Advisories

Can Data Protection Systems Prevent Data At Rest Leakage?

noreply@blogger.com (The Hacker News)The Hackers News

Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged Cards

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Security Awareness is Managing Human Risk

N/ASANS ICS

Ransomware: Leadership Perspective

N/ASANS ICS

When it comes to cybersecurity, there's always time for summer school or winter training

David GordonThe Register

Apple's Find My network can be abused to leak secrets to the outside world via passing devices

Thomas ClaburnThe Register

Researchers Unearth 167 Fake iOS & Android Trading Apps

Dark Reading StaffDark Reading - Threat Intelligence

Putting The Spotlight on DarkSide

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Port 22

~ 19 May 2021 ~

Colonial Pipeline attack: Hacking the physical world

Australian Police hiring digital evidence retrieval specialists. You need to be a very good boy and have paws to get the gig

DarkSide Ransomware Gang Extorted $90 Million from Several Victims in 9 Months

The Microsoft Authenticator extension in the Chrome store wasn't actually made by Microsoft. Oops, Google

The Microsoft Authenticator extension in the Chrome store wasn't actually made by Microsoft. Oops, Google

Mozilla Begins Rolling Out 'Site Isolation' Security Feature to Firefox Browser

New Zealand hospitals infected by ransomware, cancel some surgeries

A Simple 1-Click Compromised Password Reset Feature Coming to Chrome Browser

~ 18 May 2021 ~

Android 12 Will Let You Fine-Tune Permissions for Apps

Us? Pwn SolarWinds? With our reputation? Russian spy chief makes laughable denial of supply chain attack

How Attackers Weigh the Pros and Cons of BEC Techniques

Business-intelligence-company-turned-Bitcoin-addict MicroStrategy grabs another $10m crypto-coin fix

Scams target families of missing persons, FBI warns

Mitigate OT security threats with these best practices

Adding a Russian Keyboard to Protect against Ransomware

The UK loves cybersecurity so much, it's going to regulate managed service providers' infosec practices in law

Splunk to Acquire TruStar for Data Management

1Password unsheathes Rusty key, hopes to unlock Linux Desktop world

FBI's IC3 Logs 1M Complaints in 14 Months

Researchers Create Covert Channel Over Apple AirTag Network

Emerson Rosemount X-STREAM

Cisco Plans to Create 'Premium' SecureX Offering With Kenna Security Features

Latest phones are great at thwarting Wi-Fi tracking. Other devices, not so much study

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps

Free "vCISO Clinic" offers Resource-Constrained InfoSec Leaders a Helping Hand

Experts Reveal Over 150 Ways to Steal Control of 58 Android Stalkerware Apps

70 European and South American Banks Under Attack By Bizarro Banking Malware

~ 17 May 2021 ~

Eufycam Wi-Fi security cameras streamed video feeds from other people's homes

DarkSide Ransomware Variant Targets Disk Partitions

47% of Criminals Buying Exploits Target Microsoft Products

Ransomware's Dangerous New Trick: Double-Encrypting Your Data

DDoS Attacks Up 31% in Q1 2021: Report

How a positive hybrid work culture can help you to mitigate insider risk

Axa insurance offshoots pwned as Ireland reveals second ransomware hit

Try This One Weird Trick Russian Hackers Hate

Correspondence between the Citizen Lab and NSO Group Regarding The Great iPwn

Take action now FluBot malware may be on its way

Is 85% of US Critical Infrastructure in Private Hands?

We'd love to report on the outcome of the CREST exam cheatsheet probe, but UK infosec body won't publish it

Bizarro banking Trojan expands its attacks to Europe

Android stalkerware threatens victims further and exposes snoopers themselves

Name That Toon: Road Trip

Mammoth grab of GP patient data in the UK set to benefit private-sector market access as rules remain unchanged

Apple sent my data to the FBI, says boss of controversial research paper trove Sci-Hub

Apple's Find My Network Can be Abused to Exfiltrate Data From Nearby Devices

Singapore bolsters Bluetooth contact-tracing as new COVID wave sends students and workers home again

Why Password Hygiene Needs a Reboot

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

China signals dissatisfaction with gig economy impact on ride-share drivers

SANS SIFT Update Spring 2021

Coming Soon SANS Cyber Solutions Fest 2021

5 Metrics Start Measuring Vulnerability Management Program

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized

~ 15 May 2021 ~

WhatsApps New Privacy Policy Just Kicked In

~ 14 May 2021 ~

Friday Squid Blogging: Far Side Squid Comic

Verizons 2021 DBIR: Phishing and ransomware threats looming ever larger

Upcoming Speaking Engagements

Rapid7 Source Code Accessed in Supply Chain Attack

Week in security with Tony Anscombe

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Free SANS Cyber Security Summits: Sign up now, learn online, keep your network safe

Tor users, beware: 'Scheme flooding' technique may be used to deanonymize you

Cisco Confirms Plans to Acquire Kenna Security

Hospitals cancel outpatient appointments as Irish health service struck by ransomware

Ransomware Is Getting Ugly

SOC Teams Burdened by Alert Fatigue Explore XDR

The Real Cost of Colonial Pipeline's $5 Million Ransom

Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks

NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro

Security Trends to Follow at RSA Conference 2021

Hackers Using Microsoft Build Engine to Deliver Malware Filelessly

Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal

Cloudflare launches campaign to end the madness of CAPTCHAs

Magecart Hackers Now hide PHP-Based Backdoor In Website Favicons