Port 22

~ 18 Jun 2021 ~

A New Tool Wants to Save Open Source from Supply Chain Hacks

First American Financial Pays Farcical $500K Fine

Peloton Vulnerability Found and Fixed

Poltergeist attack could leave autonomous vehicles blind to obstacles or haunt them with new ones

4 Habits of Highly Effective Security Operators

5 essential things to do before ransomware strikes

Russia bans VyprVPN, Opera VPN services for not complying with blacklist request

SANS DFIR Summit 2021 Top 10 Summit improvements you must know

Computer Security Resources

Google Releases New Framework to Prevent Software Supply Chain Attacks

Google dishes out homemade SLSA, a recipe to thwart software supply-chain attacks

~ 17 Jun 2021 ~

[eBook] 7 Signs You Might Need a New Detection and Response Tool

Update Your Chrome Browser to Patch Yet Another 0-Day Exploit in-the-Wild

Ex-Brave staffer launches GDPR sueball in Germany over tech giants' real-time bidding for ad inventory

Intentional Flaw in GPRS Encryption Algorithm GEA-1

The Cl0p Bust Shows Exactly Why Ransomware Isnt Going Away

One in Five Manufacturing Firms Targeted by Cyberattacks

Carnival Cruise Line Reports Security Breach

Google Launches SLSA, A New Framework for Supply Chain Integrity

Improve your threat detection and response with Microsoft and Wortell

Most health apps engage in unhealthy dataharvesting habits

Tim Cook: Sideloading is a disaster and proposed App Store reforms would harm user privacy and security

Paul van Oorschots Computer Security and the Internet

Schneider Electric Enerlin'X ComX 510

Softing OPC-UA C++ SDK

Advantech WebAccess/SCADA

Black Kingdom ransomware

Rockwell Automation ISaGRAF5 Runtime (Update A)

Biden to Putin: Get your ransomware gangs under control and dont you dare cyber-attack our infrastructure

Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments

South Korea has a huge problem with digital sex crimes against women says Human Rights Watch

A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran

GPRS-era mobile data encryption algorithm GEA/1 was 'weak by design', still lingers in today's phones

Strengthen Your Password Policy With GDPR Compliance

Researchers Uncover 'Process Ghosting' A New Malware Evasion Technique

2021 Verizon Data Breach Incident Report Insights

~ 16 Jun 2021 ~

School teacher accused of pocketing $1m+ in insider trading using tips from Silicon Valley pal

Ransomware Operators' Strategies Evolve as Attacks Rise

Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority

Smoking Out a DARKSIDE Affiliates Supply Chain Software Compromise

Smoking Out a DARKSIDE Affiliates Supply Chain Software Compromise

Biden Tells Putin Critical Infrastructure Sectors 'Off Limits' to Russian Hacking

Security Flaw Discovered In Peloton Equipment

We've found another reason not to use Microsoft's Paint 3D researchers

Ukrainian Police Nab Six Tied to CLOP Ransomware

Cuffed: Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops

Papa don't breach: UK data watchdog fines that other pizza place 10,000 over unsolicited marketing blitz

VPNs and Trust

DuckDuckGos Quest to Prove Online Privacy Is Possible

Ferocious Kitten: 6 years of covert surveillance in Iran

OSINT 101: What is open source intelligence and how is it used?

Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks

Malware Attack on South Korean Entities Was Work of Andariel Group

Alibaba suffers billion-user data leak of usernames and mobile numbers

Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets

Top 5 ICS Incident Response Tabletops and How to Run Them

Slow the Revolving Door of Talent

SANS 2021 Threat Report

Critical ThroughTek Flaw Opens Millions of Connected Cameras to Eavesdropping

~ 15 Jun 2021 ~

Zoll Defibrillator Dashboard would execute contents of random Excel files ordinary users could import

Microsoft Disrupts Large-Scale BEC Campaign Across Web Services

Andariel Group Targets South Korean Entities in New Campaign

Microsoft takes down largescale BEC operation

Afternoon Cyber Tea: Microsofts cybersecurity response to COVID-19

Andrew Appel on New Hampshires Election Audit

How Does One Get Hired by a Top Cybercrime Gang?

Apple Says It's Time to Digitize Your ID, Ready or Not

NCSC chief: Ransomware is more of a threat to Britain than hostile nations' spies

Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities

TimeCache aims to block side-channel cache attacks without hurting performance

Andariel evolves to target South Korea with ransomware

Brit IT firms wound up by court order after fooling folk into paying for 'support' over fake computer errors

The latest REvil ransomware victim? Sol Oriens. Oh, a US nuclear weapons contractor

ThroughTek P2P SDK

Automation Direct CLICK PLC CPU Modules

When security gets physical: Mossad boss hints at less-than-subtle Stuxnet followup

Experts Shed Light On Distinctive Tactics Used by Hades Ransomware

NATO summit communiqu compares repeat cyberattacks to armed attacks and stops short of saying 'one-in, all-in' rule will always apply

Instagram Bug Allowed Anyone to View Private Accounts Without Following Them

Protecting Against Ransomware From the Human Perspective

~ 14 Jun 2021 ~

G7 nations call out Russia for harbouring ransomware crims ahead of Biden-Putin powwow

Ex-NSA leaker Reality Winner released from prison early for 'exemplary' behavior

Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild

Upcoming Speaking Engagements

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

TikTok Can Now Collect Biometric Data

Norton dodges UK courts after telling Brit watchdog it will be nicer to consumers

Vishing: What is it and how do I avoid getting scammed?

We've been shown time and again that strong encryption puts crims behind bars, so why do politicos hate it?

Name That Toon: Sight Unseen

Google Workspace Now Offers Client-side Encryption For Drive and Docs

NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers

Cybersecurity Executive Order 2021: What It Means for Cloud and SaaS Security

The AN0M fake secure chat app may have been too clever for its own good

~ 13 Jun 2021 ~

Chinese Hackers Believed to be Behind SITA, Air India Data Breach

All the New Privacy Features Coming to iOS and macOS

~ 12 Jun 2021 ~

Google Won't Kill the URL After All

What You Should Know About Voil, the Latest Viral Selfie App

As Ransomware Demands Boom, Insurance Keeps Paying Out

~ 11 Jun 2021 ~

Friday Squid Blogging: Fossil of Squid Eating and Being Eaten