Port 22

The SolarWinds Hackers Aren't 'Back.' They Never Went Away

Lily Hay NewmanWired

Blurred Satellite Images Make Rebuilding Palestine Harder

Luiz RomeroWired

Online flashcard sites spill security details of US nuclear weapon bunkers since 2013

Gareth CorfieldThe Register

Week in security with Tony Anscombe

EditorESET

Boss of ATM Skimming Syndicate Arrested in Mexico

BrianKrebsKrebs on Security

Modern SOCs a 'Painful' Challenge Amid Growing Complexity: Report

Dark Reading StaffDark Reading - Threat Intelligence

SolarWinds Attackers Impersonate USAID in Advanced Email Campaign

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

The Misaligned Incentives for Cloud Security

Bruce SchneierSchneier on Security

Plug-ins for Code Editors Pose Developer-Security Threat

Robert Lemos Contributing WriterDark Reading - Threat Intelligence

Researchers Warn of Facefish Backdoor Spreading Linux Rootkits

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

Laura DobbersteinThe Register

Hong Kong recorded phishing surge in 2020 as scum sought to cash in on viral worries

Laura DobbersteinThe Register

SolarWinds Hackers Target Think Tanks With New Backdoor

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

What certification do I need?

N/ASANS ICS

Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

New sophisticated email-based attack from NOBELIUM

Emma JonesMicrosoft Security Blog

WhatsApp's Fight With India Could Have Global Repercussions

Varsha BansalWired

Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices

Dan Perez (noemail@noemail.org)Fire Eye Threat Research

Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices

Dan Perez (noemail@noemail.org)Fire Eye Threat Research

'Have I Been Pwned' Code Base Now Open Source

Dark Reading StaffDark Reading - Threat Intelligence

BazaLoader Attackers Create Fake Movie Streaming Site to Trick Victims

Dark Reading StaffDark Reading - Threat Intelligence

A Never-Before-Seen Wiper Malware Is Hitting Israeli Targets

Dan Goodin, Ars TechnicaWired

DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture

Robert Lemos Contributing WriterDark Reading - Threat Intelligence

Fujitsu pulls ProjectWEB tool offline after apparent supply chain attack sees Japanese infosec agency data stolen

Gareth CorfieldThe Register

The Story of the 2011 RSA Hack

Bruce SchneierSchneier on Security

Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

DarknetDark Net Hackers

Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

DarknetDark Net Hackers

Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

DarknetDark Net Hackers

GENIVI Alliance DLT

Advisory DocumentICS-Cert Advisories

Johnson Controls Sensormatic Electronics VideoEdge

Advisory DocumentICS-Cert Advisories

MesaLabs AmegaView

Advisory DocumentICS-Cert Advisories

Siemens JT2Go and Teamcenter Visualization

Advisory DocumentICS-Cert Advisories

Mitsubishi Electric MELSEC iQ-R Series

Advisory DocumentICS-Cert Advisories

I hacked my friends website after a SIM swap attack

Jake MooreESET

ExtraHop Explains How Advanced Threats Dominate Threat Landscape

Terry Sweeney Contributing EditorDark Reading - Threat Intelligence

Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Hackers Using Fake Foundations to Target Uyghur Minority in China

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model

Thomas ClaburnThe Register

Ethical Phishing The Slippery Slope With Employee Deception

N/ASANS ICS

Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

How user experience is shaping verifiable credentials and identity

Emma JonesMicrosoft Security Blog

Bluetooth bugs could allow attackers to impersonate devices

Amer OwaidaESET

Google Discovers New Rowhammer Attack Technique

Dark Reading StaffDark Reading - Threat Intelligence

Becoming resilient by understanding cybersecurity risks: Part 4navigating current threats

Emma JonesMicrosoft Security Blog

New Disk Wiping Malware Targets Israel

Bruce SchneierSchneier on Security

As Chips Shrink, Rowhammer Attacks Get Harder to Stop

Lily Hay NewmanWired

Devo: SIEM Continues to Evolve with Tech Trends and Emerging Threats

Terry Sweeney Contributing EditorDark Reading - Threat Intelligence

What to do about open source vulnerabilities? Move fast, says Linux Foundation expert

Tim AndersonThe Register

Kaspersky Security Bulletin 2020-2021. EU statistics

KasperskySecure List

Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign

Gareth CorfieldThe Register

New Iranian Threat Actor Using Ransomware, Wipers in Destructive Attacks

Jai Vijayan Contributing WriterDark Reading - Threat Intelligence

Data Wiper Malware Disguised As Ransomware Targets Israeli Entities

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

In-person cybersec training? Yes, its back on the agenda this year

David GordonThe Register

Contract killer: Certified PDFs can be secretly tampered with during the signing process, boffins find

Iain ThomsonThe Register

VMware reveals critical vCenter hole it says needs to be considered at once

Simon SharwoodThe Register

WhatsApp Sues Indian Government Over New Privacy Threatening Internet Law

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Not in Cyber Security? No Problem!

N/ASANS ICS

Home-schooling for cyber professionals

N/ASANS ICS

Google Researchers Discover A New Variant of Rowhammer Attack

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Russian Hydra DarkNet Market Made Over $1.3 Billion in 2020

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Critical RCE Vulnerability Found in VMware vCenter Server Patch Now!

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave

Emma JonesMicrosoft Security Blog

Cloud Compromise Costs Organizations $6.2M Per Year

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Russia Profiting from Massive Hydra Cybercrime Marketplace

Robert Lemos Contributing WriterDark Reading - Threat Intelligence

Rise in Opportunistic Hacks and Info-Sharing Imperil Industrial Networks

Kelly Jackson Higgins Executive Editor at Dark ReadingDark Reading - Threat Intelligence

Snowden was right, rules human rights court as it declares UK spy laws broke ECHR

Gareth CorfieldThe Register

Apple fixes macOS zeroday bug that let malware take secret screenshots

Amer OwaidaESET

MacOS Zero-Day Let Attackers Bypass Privacy Preferences

Dark Reading StaffDark Reading - Threat Intelligence

Brit watchdog shows some teeth over McAfee antivirus auto-renewals

Richard SpeedThe Register

Russian Sentenced to 30 Months for Running Criminal Website

Dark Reading StaffDark Reading - Threat Intelligence

Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises

Keith Lunden (noemail@noemail.org)Fire Eye Threat Research

Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises

Keith Lunden (noemail@noemail.org)Fire Eye Threat Research

Your Network's Smallest Cracks Are Now Its Biggest Threats

Sean Keef Technical Director at Skybox SecurityDark Reading - Threat Intelligence

Datakit Libraries bundled in Luxion KeyShot

Advisory DocumentICS-Cert Advisories

Rockwell Automation Micro800 and MicroLogix 1400

Advisory DocumentICS-Cert Advisories

South Korea plans large scale quantum cryptography adoption, thanks in part to tech partnership with USA

Simon SharwoodThe Register

Businesses Boost Security Budgets. Where Will the Money Go?

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Turn the Tables: Supply Chain Defense Needs Some Offense, Fortinet Says

Terry Sweeney Contributing EditorDark Reading - Threat Intelligence

Evolution of JSWorm ransomware

Fedor Sinitsyn, Yanis ZinchenkoSecure List

Hard cheese: Stilton snap shared via EncroChat leads to drug dealer's downfall

Thomas ClaburnThe Register

Chinas Digital Yuan not aimed at challenging US dollar, says former Peoples Bank governor

Simon SharwoodThe Register

New High-Severity Vulnerability Reported in Pulse Connect Secure VPN

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Apple Issues Patches to Combat Ongoing 0-Day Attacks on macOS, tvOS

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

Apple patches macOS flaw exploited by malware to secretly snap screenshots

Iain ThomsonThe Register

Legacy data protection and modern ransomware? The odds are not in your favor

David GordonThe Register

Resources for accelerating your Zero Trust journey

Emma JonesMicrosoft Security Blog

Icarus moment: Mozilla Thunderbird was saving OpenPGP keys in plaintext after encryption snafu

Gareth CorfieldThe Register

Microsoft recognized as a Leader in The Forrester Wave: Unstructured Data Security Platforms, Q2 2021

Emma JonesMicrosoft Security Blog

Air India Confirms Data of 4.5M Travelers Compromised

Dark Reading StaffDark Reading - Threat Intelligence

Sophos Research Uncovers Widespread Use of TLS By Cybercriminals

Terry Sweeney Contributing EditorDark Reading - Threat Intelligence

AIs and Fake Comments

Bruce SchneierSchneier on Security

Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea

noreply@blogger.com (Ravie Lakshmanan)The Hackers News

As Threat Hunting Matures, Malware Labs Emerge

Tomislav Pericin Chief Software Architect & Co-Founder, ReversingLabsDark Reading - Threat Intelligence

Romcon: How romance fraud targets older people and how to avoid it

Amer OwaidaESET

Apple is happy to diss the desktop it knows who's got the most to lose

Rupert GoodwinsThe Register

Air India admits to data breach impacting 4.5m customers, sat on the news for five weeks

Simon SharwoodThe Register

What To Do When Your Business Is Hacked

noreply@blogger.com (The Hacker News)The Hackers News

Indonesias national health insurance scheme leaks at least a million citizens' records

Simon SharwoodThe Register

Managing Human Risk: Start with the Risks

N/ASANS ICS

Port 22

~ 28 May 2021 ~

The SolarWinds Hackers Aren't 'Back.' They Never Went Away

Blurred Satellite Images Make Rebuilding Palestine Harder

Online flashcard sites spill security details of US nuclear weapon bunkers since 2013

Week in security with Tony Anscombe

Boss of ATM Skimming Syndicate Arrested in Mexico

Modern SOCs a 'Painful' Challenge Amid Growing Complexity: Report

SolarWinds Attackers Impersonate USAID in Advanced Email Campaign

The Misaligned Incentives for Cloud Security

Plug-ins for Code Editors Pose Developer-Security Threat

Researchers Warn of Facefish Backdoor Spreading Linux Rootkits

Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

Hong Kong recorded phishing surge in 2020 as scum sought to cash in on viral worries

SolarWinds Hackers Target Think Tanks With New Backdoor

What certification do I need?

Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices

New sophisticated email-based attack from NOBELIUM

~ 27 May 2021 ~

WhatsApp's Fight With India Could Have Global Repercussions

Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices

Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices

'Have I Been Pwned' Code Base Now Open Source

BazaLoader Attackers Create Fake Movie Streaming Site to Trick Victims

A Never-Before-Seen Wiper Malware Is Hitting Israeli Targets

DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture

Fujitsu pulls ProjectWEB tool offline after apparent supply chain attack sees Japanese infosec agency data stolen

The Story of the 2011 RSA Hack

Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack

GENIVI Alliance DLT

Johnson Controls Sensormatic Electronics VideoEdge

MesaLabs AmegaView

Siemens JT2Go and Teamcenter Visualization

Mitsubishi Electric MELSEC iQ-R Series

I hacked my friends website after a SIM swap attack

ExtraHop Explains How Advanced Threats Dominate Threat Landscape

Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer

Hackers Using Fake Foundations to Target Uyghur Minority in China

Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model

Ethical Phishing The Slippery Slope With Employee Deception

~ 26 May 2021 ~

Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks

How user experience is shaping verifiable credentials and identity

Bluetooth bugs could allow attackers to impersonate devices

Google Discovers New Rowhammer Attack Technique

Becoming resilient by understanding cybersecurity risks: Part 4navigating current threats

New Disk Wiping Malware Targets Israel

As Chips Shrink, Rowhammer Attacks Get Harder to Stop

Devo: SIEM Continues to Evolve with Tech Trends and Emerging Threats

What to do about open source vulnerabilities? Move fast, says Linux Foundation expert

Kaspersky Security Bulletin 2020-2021. EU statistics

Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign

New Iranian Threat Actor Using Ransomware, Wipers in Destructive Attacks

Data Wiper Malware Disguised As Ransomware Targets Israeli Entities

In-person cybersec training? Yes, its back on the agenda this year

Contract killer: Certified PDFs can be secretly tampered with during the signing process, boffins find

VMware reveals critical vCenter hole it says needs to be considered at once

WhatsApp Sues Indian Government Over New Privacy Threatening Internet Law

Not in Cyber Security? No Problem!

Home-schooling for cyber professionals

~ 25 May 2021 ~

Google Researchers Discover A New Variant of Rowhammer Attack

Russian Hydra DarkNet Market Made Over $1.3 Billion in 2020

Critical RCE Vulnerability Found in VMware vCenter Server Patch Now!

Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave

Cloud Compromise Costs Organizations $6.2M Per Year

Russia Profiting from Massive Hydra Cybercrime Marketplace

Rise in Opportunistic Hacks and Info-Sharing Imperil Industrial Networks

Snowden was right, rules human rights court as it declares UK spy laws broke ECHR

Apple fixes macOS zeroday bug that let malware take secret screenshots

MacOS Zero-Day Let Attackers Bypass Privacy Preferences

Brit watchdog shows some teeth over McAfee antivirus auto-renewals

Russian Sentenced to 30 Months for Running Criminal Website

Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises

Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises

Your Network's Smallest Cracks Are Now Its Biggest Threats

Datakit Libraries bundled in Luxion KeyShot

Rockwell Automation Micro800 and MicroLogix 1400