Port 22

~ 28 Aug 2024 ~

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution

Chinese broadband satellites may be Beijing's flying spying censors, think tank warns

~ 27 Aug 2024 ~

Intel's Software Guard Extensions broken? Don't panic

Volt Typhoon suspected of exploiting Versa SD-WAN bug since June

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

New 0-Day Attacks Linked to Chinas Volt Typhoon

Microsoft security tools questioned for treating employees as threats

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors

CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures

The Present and Future of TV Surveillance

HZ Rat backdoor for macOS attacks users of Chinas DingTalk and WeChat

Old devices, new dangers: The risks of unsupported IoT tech

Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation

~ 26 Aug 2024 ~

Telegram CEO Pavel Durov's Arrest Linked to Sweeping Criminal Investigation

Microsoft mistake blows up admins' inboxes with fake malware alerts

Watchdog warns FBI is sloppy on secure data storage and destruction

Seattle airport 'possible cyberattack' snarls travel yet again

AMD internal data reportedly offered for sale

How Microsoft Entra ID supports US government agencies in meeting identity security requirements

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

Dutch Regulator Fines Uber 290 Million for GDPR Violations in Data Transfers to U.S.

31.5M invoices, contracts, patient consent forms, and more exposed to the internet

US Federal Court Rules Against Geofence Warrants

Cognizant alleges Infosys swiped its trade secrets

Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms

Exploring Android threats and ways to mitigate them | Unlocked 403 cybersecurity podcast (ep.5)

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards

Alleged Karakut ransomware scumbag charged in US

~ 25 Aug 2024 ~

Pavel Durov's Arrest Leaves Telegram Hanging in the Balance

Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules

~ 24 Aug 2024 ~

The US Navy Has Run Out of Pants

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp

~ 23 Aug 2024 ~

Friday Squid Blogging: Self-Healing Materials from Squid Teeth

New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

US sues Georgia Tech over alleged cybersecurity failings as a Pentagon contractor

Local Networks Go Global When Domain Names Collide

Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform

Take a Selfie Using a NY Surveillance Camera

Focus on What Matters Most: Exposure Management and Your Attack Surface

New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

When War Came to Their Country, They Built a Map

PWA phishing on Android and iOS Week in security with Tony Anscombe

Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group

Uniting the brightest minds in security, network and cloud

Surveillance Watch

~ 22 Aug 2024 ~

SolarWinds left critical hardcoded credentials in its Web Help Desk product

A Global Treaty to Fight CybercrimeWithout Combating Mercenary Spyware: Article by Kate Robertson in Lawfare

CrowdStrike deja vu as 'performance issue' leaves systems sluggish

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

Halliburton probes 'an issue' disrupting business ops

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy

New 'ALBeast' Vulnerability Exposes Weakness in AWS Application Load Balancer

Ransomware batters critical industries, but takedowns hint at relief

Rockwell Automation Emulate3D

Rockwell Automation 5015 - AENFTXT

MOBOTIX P3 and Mx6 Cameras

Avtec Outpost 0810

This uni thought it would be a good idea to do a phishing test with a fake Ebola scare

The Facts About Continuous Penetration Testing and Why Its Important

Memory corruption vulnerabilities in Suricata and FreeRDP

NGate Android malware relays NFC traffic to steal cash

Kick off early Octoberfest with an EUC-fest

Cisco calls for United Nations to revisit cyber crime Convention

Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

Foiling bot attacks with AI-powered telemetry

A Visual Summary of SANS DFIR Summit 2024

~ 21 Aug 2024 ~

You probably want to patch this critical GitHub Enterprise Server bug now

Stadiums Are Embracing Face Recognition. Privacy Advocates Say They Should Stick to Sports

110K domains targeted in 'sophisticated' AWS cloud extortion campaign

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

Microsoft again ranked number one in modern endpoint security market share

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

The US Government Wants YouYes, Youto Hunt Down Generative AI Flaws

Russia tells citizens to switch off home surveillance because the Ukrainians are coming

Story of an Undercover CIA Agent who Penetrated Al Qaeda

It's Time To Untangle the SaaS Ball of Yarn

Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details

New macOS Malware TodoSwift Linked to North Korean Hacking Groups

Exploits and vulnerabilities in Q2 2024

How regulatory standards and cyber insurance inform each other

Deadbeat dad faked his own death by hacking government databases

CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

Chipmaker Microchip reveals cyber attack whacked manufacturing capacity

~ 20 Aug 2024 ~

An AWS Configuration Issue Could Expose Thousands of Web Apps

~ 21 Aug 2024 ~

Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys

Czech Mobile Users Targeted in New Banking Credential Theft Scheme

~ 20 Aug 2024 ~

Plane-tracking app admits user passwords, SSNs exposed for over 3 years

Approach to mainframe penetration testing on z/OS