Port 22

~ 7 May 2021 ~

SANS DFIR Stay Sharp Courses - Same quality, less time, targeted skill training

Google will make you use two-step verification to login

~ 6 May 2021 ~

Popular routers found vulnerable to hacker attacks

Troy Hunt: Organizations Make Security Choices Tough for Users

New Techniques Emerge for Abusing Windows Services to Gain System Control

Vulnerability in Snapdragon 855 SoCs could pwn Android modems, allow baddies to snoop on conversations

CISA Publishes Analysis on New 'FiveHands' Ransomware

Cloud-Native Businesses Struggle with Security

The Story of Colossus

Operation TunnelSnake

Fantastic passwords and where your children can find them

Crane horror <i>Reg</i> reader uses his severed finger to unlock Samsung Galaxy phone

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site

Chrome on Windows turns on Intel, AMD chip-level defenses against malicious websites

Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software

JET engine flaws can crash Microsoft's IIS, SQL Server, say Palo Alto researchers

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices

New Spectre Flaws in Intel and AMD CPUs Affect Billions of Computers

SANS ICS Hot Take: Cloud Security Transcript

~ 5 May 2021 ~

How a Former Netflix Exec Built a Brazen Bribery Scheme

Attackers Seek New Strategies to Improve Macros' Effectiveness

21 nails in Exim mail server: Vulnerabilities enable 'full remote unauthenticated code execution', millions of boxes at risk

DDoS attack knocks Belgian government websites offline

DoD Lets Researchers Target All Publicly Accessible Info Systems

New Spectre-Like Attacks

Wanted: The (Elusive) Cybersecurity 'All-Star'

East London council blurts thousands of residents' email addresses in To field blunder

Malicious Office 365 Apps Are the Ultimate Insiders

Twilio's private GitHub repositories cloned by Codecov attacker, cloud comms platform confirms

Ousaban: Private photo collection hidden in a CABinet

What not to expect when you're expecting: Fertility apps may be selling intimate health secrets

New Study Warns of Security Threats Linked to Recycled Phone Numbers

BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide

ALERT New 21Nails Exim Bugs Expose Millions of Email Servers to Hacking

Strong, Secure Passwords Are Key to Helping Reduce Risk to Your Organization

~ 4 May 2021 ~

Apple Releases Urgent Security Patches For ZeroDay Bugs Under Active Attacks

'Millions' of Dell PCs will grant malware, rogue users admin-level access if asked nicely

Newer Generic Top-Level Domains a Security 'Nuisance'

Red Hat open-sources StackRox Kubernetes security product

The Wages of Password Re-use: Your Money or Your Life

Apple Issues Patches for Webkit Security Flaws

Microsoft will soon remove Flash Player from Windows 10 devices

Hundreds of Millions of Dell Computers Potentially Vulnerable to Attack

Raytheon: Supply Chain, Ransomware, Zero Trust Biggest Security Priorities

Tesla Remotely Hacked from a Drone

The UNC2529 Triple Double: A Trifecta Phishing Campaign

The UNC2529 Triple Double: A Trifecta Phishing Campaign

They Told Their Therapists Everything. Hackers Leaked It All

Advantech WISE-PaaS RMM

Delta Electronics CNCSoft ScreenEditor

LuckyMouse Hackers Target Banks, Companies and Governments in 2020

Researchers Uncover Iranian State-Sponsored Ransomware Operation

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

How Should the Service Desk Reset Passwords?

Apple patches iOS, macOS, iPadOS, watchOS, kitchen-sinkOS bugs said to be exploited in the wild

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack

~ 3 May 2021 ~

Dont Buy Into Facebooks Ad-Tracking Pressure on iOS 14.5

A Rust-based Buer Malware Variant Has Been Spotted in the Wild

Researchers Explore Active Directory Attack Vectors

INTERPOL aims to deal a blow to digital piracy

Identifying the Person Behind Bitcoin Fog

Buer Malware Variant Rewritten in Rust Programming Language

Spam and phishing in Q1 2021

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

New Chinese Malware Targeted Russia's Largest Nuclear Submarine Designer

List of Resource Links from SANS New to Cyber Summit 2021

~ 2 May 2021 ~

Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

~ 1 May 2021 ~

A Ransomware Group Hit DC PoliceThen Pivoted to Extortion

~ 30 Apr 2021 ~

Friday Squid Blogging: On Squid Coloration

Ransomware Task Force Publishes Framework to Fight Global Threat

Bill to protect UK against harmful foreign investment becomes law

New Threat Group Carrying Out Aggressive Ransomware Campaign

Happy Friday? Darktrace gets 40 per cent boost on London IPO debut

MITRE Adds MacOS, More Data Types to ATT&CK Framework

Week in security with Tony Anscombe

Serious MacOS Vulnerability Patched

Google's Grand Plan to Eradicate Cookies Is Crumbling

7 Modern-Day Cybersecurity Realities

A New Slack channel for Cybersecurity Leaders Outside of the Fortune 2000

Microsoft Finds 'BadAlloc' Flaws Affecting Wide-Range of IoT and OT Devices

Australia proposes teaching cyber-security to five-year-old kids

More Opportunities to Become a SANS Cloud Ace

Passwordstate Warns of Ongoing Phishing Attacks Following Data Breach

~ 29 Apr 2021 ~

Stealthy Linux backdoor malware spotted after three years of minding your business

BadAlloc: Microsoft looked at memory allocation code in tons of devices and found this one common security flaw

UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat

UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat

FBI teams up with Have I Been Pwned to alert Emotet victims

'BadAlloc' Flaws Could Threaten IoT and OT Devices: Microsoft

Adobe Open Sources Tool for Anomaly Research

Vivaldi update unleashes the 'Cookie Crumbler' to simply block any services asking for consent (sites may break)

Task Force Seeks to Disrupt Ransomware Payments

Billions in data protection lawsuits rides on Google's last-ditch UK Supreme Court defence for Safari Workaround sueball

Identifying People Through Lack of Cell Phone Use

Texas Instruments SimpleLink

Cassia Networks Access Controller

Johnson Controls Exacq Technologies exacqVision

Multiple RTOS

48 ways you can avoid file-scrambling, data-stealing miscreants or so says the Ransomware Task Force

An Ambitious Plan to Tackle Ransomware Faces Long Odds