Study - Technical - LMS-SFC EN) - Cyber Security - News Archive February 2022
Cyber Security - News Archive
February 2022
28.02.2022
- News
from cyber security.
-
Vulnerability Summary for the Week of
February 21, 2022. (to
the original material)
- Broadcom
Software discloses APT actors deploying
Daxin malware in global espionage
campaign. (to
the original material)
- Press
release: National Cyber Security
Directorate (DNSC) calls on users to be
vigilant about the sources of information
they access online. (to
the original material)
- Building
cyber secure Railway Infrastructure. (to
the original material)
-
Ukrainian researcher leaks Conti
ransomware gang data. (to
the original material)
- Take a
dev-centric approach to cloud-native
AppSec testing. (to
the original material)
-
Leveraging mobile networks to threaten
national security. (to
the original material)
-
Cybercrime getting more destructive,
remote workers in the crosshairs. (to
the original material)
- How
prepared are organizations to face
email-based ransomware attacks? (to
the original material)
-
Authorization is bridging the gap between
security and IAM (Identity and Access
Management). (to
the original material)
- CISA and
FBI warn of potential data wiping attacks
spillover. (to
the original material)
- Chinese
cyberspies target govts with their ‘most
advanced’ backdoor. (to
the original material)
- Hackers
to NVIDIA: Remove mining cap or we leak
hardware data. (to
the original material)
- Ukraine
says its 'IT Army' has taken down key
Russian sites. (to
the original material)
-
Insurance giant AON hit by a cyberattack
over the weekend. (to
the original material)
- Toyota
halts production after reported
cyberattack on supplier. (to
the original material)
- Meta:
Ukrainian officials, military targeted by
Ghostwriter hackers. (to
the original material)
- Axis
Communications shares details on
disruptive cyberattack. (to
the original material)
-
Microsoft: Ukraine hit with new FoxBlade
malware hours before invasion. (to
the original material)
- Phishing
attack in Ukraine could be prelude to
disinformation campaign. (to
the original material)
-
Researchers warn of stealthy Chinese
backdoor targeting multiple foreign
agencies. (to
the original material)
-
Companies borrow attack technique to
watermark machine learning models. (to
the original material)
- How to
boost shift-left security in the SDLC (Software
Development Life Cycle). (to
the original material)
- Wiper
malware targets Ukraine as military
conflict extends into cyberspace. (to
the original material)
- Look
beyond external threats to insider
threats. (to
the original material)
- CISA,
FBI advise vigilance as Ukraine conflict
continues. (to
the original material)
- How to
improve signal-to-noise ratio to reduce
alert fatigue. (to
the original material)
- The
H4unt3d hacker on Ukraine crisis and
cybersecurity. (to
the original material)
-
Cyberinsurers key to combating ransomware.
(to
the original material)
- How
Biden’s national security Memo bolsters US
cybersecurity. (to
the original material)
- US
indicts BitConnect founder. (to
the original material)
- Moscow
Exchange downed by cyber-attack. (to
the original material)
-
#MWC2022: Creating trust and safety during
the new technology revolution. (to
the original material)
-
#MWC2022: The Metaverse – "We've gone from
scrolling to strolling". (to
the original material)
- Russian
TV stations hacked. (to
the original material)
-
Dissecting the UK’s new IoT security Bill.
(to
the original material)
-
Rationalizing security awareness training.
(to
the original material)
- #HowTo:
Solve the UK's shortage of cybersecurity
experts. (to
the original material)
- Conti
group suffers massive data breach. (to
the original material)
- Nvidia
appears to brush off ransomware attack. (to
the original material)
- Meta
squeezes Russian state-controlled media
platforms. (to
the original material)
-
SockDetour fileless backdoor targets
U.S.-based defense contractors. (to
the original material)
- DeadBolt
ransomware eyeing ASUSTOR devices. (to
the original material)
- UNC2596
deploys Cuba ransomware via Microsoft
Exchange Server vulnerabilities. (to
the original material)
- Electron
bot leverages Microsoft App Store to
pierce social media accounts. (to
the original material)
- Defense
contractors under attack using new
SockDetour backdoor. (to
the original material)
- Toyota
halts operations at all Japan plants due
to cyberattack. (to
the original material)
- CISA
adds recently disclosed Zimbra bug to its
Exploited Vulnerabilities Catalog. (to
the original material)
- 100
million Samsung Galaxy phones affected
with flawed hardware encryption feature. (to
the original material)
- CISA
warns of high-severity flaws in Schneider
and GE Digital's SCADA software. (to
the original material)
- Reborn
of Emotet: New features of the Botnet and
how to detect it. (to
the original material)
- Experts
create Apple AirTag clone that can bypass
anti-tracking measures. (to
the original material)
-
Quarter of a million lawyer disciplinary
records leak. (to
the original material)
-
Conti ransomware gang leak: 60,000
messages online. (to
the original material)
-
Tech world's Ukraine response
mixes evacuation efforts, ad
bans, free phones, infosec FUD.
(to
the original material)
-
Beware of scams that exploit
people's desire to
contribute to charities for
Ukraine. (to
the original material)
-
#ShieldsUp – Now is the
time to double‑check
cybersecurity processes
and operations. (to
the original material)
-
How to protect
Magento websites. (to
the original
material)
27.02.2022
-
News
from cyber security.
-
Press release: Romania’s National
Cyber Security Directorate (DNSC)
and Bitdefender work together in
support of Ukraine. (to
the original material)
-
2022 may be the year cybercrime
returns its focus to consumers. (to
the original material)
-
Researchers find similarities
between Dridex trojan and Entropy
ransomware. (to
the original material)
-
Nvidia breach seen as ransomware
attack unconnected to Ukraine. (to
the original material)
-
Comparison between a Video Game
reboot vs remake vs remaster. (to
the original material)
-
How to track changes in Google
Docs? (to
the original material)
-
LAPSUS and the terrible, horrible,
no good, very bad ransom day. (to
the original material)
-
Beware of charity scams exploiting
war in Ukraine. (to
the original material)
-
Feds update firms 'Shields Up'
against Russian hackers. (to
the original material)
-
Conti ransomware gang chats leaked
by pro-Ukraine member. (to
the original material)
-
In the Russia-Ukraine conflict,
Anonymous is working quicker than
government red-tape. (to
the original material)
-
Conti ransomware's internal chats
leaked after siding with Russia. (to
the original material)
-
Trojanized PyPI package imitates a
popular Python server library. (to
the original material)
-
California Bar investigates after
confidential discipline records
published online. (to
the original material)
26.02.2022
-
News
from cyber security.
-
CISA releases advisory on
destructive malware targeting
organizations in Ukraine. (to
the original material)
-
7 Steps to take right now to
prepare for cyberattacks by
Russia. (to
the original material)
-
Nvidia confirms it’s investigating
an ‘incident,’ reportedly a
cyberattack. (to
the original material)
-
How to fix Sim not provisioned
error on Android or iPhone? (to
the original material)
-
CISA, FBI to US firms: Prepare for
Ukraine wipers. (to
the original material)
-
SockDetour Backup backdoor targets
US defense contractors. (to
the original material)
-
Belarusian spear phishing campaign
targets Ukraine military. (to
the original material)
-
Chip maker Nvidia investigating
potential cyberattack. (to
the original material)
-
Ukraine recruits "IT Army" to hack
Russian entities, lists 31
targets. (to
the original material)
-
Free Android app lets users detect
Apple AirTag tracking. (to
the original material)
-
Social Media hijacking malware
spreading through Gaming Apps on
Microsoft Store. (to
the original material)
-
JDC Healthcare Management issues
second press release about malware
incident last summer. (to
the original material)
-
Nvidia breached by attackers who
seem shocked by hack-back. (to
the original material)
-
New Chip can prevent hackers from
extracting hidden information from
smart devices. (to
the original material)
-
‘The time is now and the place is
here’: Cyber vendors, volunteers
rush free security to Ukraine. (to
the original material)
25.02.2022
- News
from cyber security.
- CISA
adds four known exploited
vulnerabilities to Catalog. (to
the original material)
-
Mozilla releases security update for
Mozilla VPN. (to
the original material)
- ALERT:
HermeticWiper malware. (to
the original material)
- Press
release: European Commission launches
second call for proposals for Digital
Europe funded projects. (to
the original material)
- New
infosec products of the week: February
25, 2022. (to
the original material)
- Data
leaks and shadow assets greatly exposing
organizations to cyberattacks. (to
the original material)
-
Cybercriminals seeking more than just
ransomware payment. (to
the original material)
-
Devastating breaches apparently still
not enough for organizations to
prioritize endpoint security. (to
the original material)
-
Companies spending $6M on ransomware
mitigation: Is it working? (to
the original material)
- The
impact of API security on how consumers
view brands. (to
the original material)
- NHS
urges orgs to apply security update for
Okta Client RCE bug. (to
the original material)
- Visual
Voice Mail on Android may be vulnerable
to eavesdropping. (to
the original material)
- Jester
Stealer malware adds more capabilities
to entice hackers. (to
the original material)
-
Ukraine links phishing targeting
military to Belarusian hackers. (to
the original material)
- CISA
warns of actively exploited
vulnerabilities in Zabbix servers. (to
the original material)
-
TrickBot malware operation shuts down,
devs move to stealthier malware. (to
the original material)
- GPU
giant Nvidia is investigating a
potential cyberattack. (to
the original material)
-
Ransomware gangs, hackers pick sides
over Russia invading Ukraine. (to
the original material)
-
Ukrainian troops targeted in phishing
attacks by suspected Belarusian APT. (to
the original material)
- Fears
rise of potential russian cyberattacks
on US, allies over sanctions. (to
the original material)
- The
Future of cyber insurance. (to
the original material)
- Conti
gang says it's ready to hit critical
infrastructure in support of Russian
government. (to
the original material)
- EFF
urges FTC to investigate Stalkerware App
Network subject of TechCrunch report. (to
the original material)
-
Hackers Wanted - Ukraine Government
calls up its ‘cybercommunity’. (to
the original material)
-
Ukraine asks for hackers’ help. (to
the original material)
-
Florida arrests 10 men in online
predator sting. (to
the original material)
- CISA
issues MuddyWater warning. (to
the original material)
- UK
announces new measures to tackle online
trolls. (to
the original material)
- How
not to pay a ransomware demand. (to
the original material)
- Four
ways to leverage DevOps for compliance.
(to
the original material)
-
Anonymous hacking group declares “Cyber
War” against Russia. (to
the original material)
-
Massive ransomware attack could cost
Irish health exec €100m. (to
the original material)
- Zenly
bugs exposed users to data loss and
account takeover. (to
the original material)
- Biden
mulls “Massive” cyber strikes on Russia
– report. (to
the original material)
-
Multiple hacking groups targeting ICS/OT
systems. (to
the original material)
-
Russian Sandworm distributes New Cyclops
Blink malware. (to
the original material)
-
Russia-Ukraine War: Phishing, malware
and hacker groups taking sides. (to
the original material)
- New
"SockDetour" fileless, socketless
backdoor targets U.S. defense
contractors. (to
the original material)
- Iran's
MuddyWater hacker group using new
malware in worldwide cyber attacks. (to
the original material)
- Putin
warns Russian critical infrastructure to
brace for potential cyber attacks. (to
the original material)
-
Ukraine seeks volunteers to defend
networks as Russian troops menace Kyiv.
(to
the original material)
- UK
computer misuse act reformers visit
Parliament. (to
the original material)
-
Cyberwarfare looms as Russia shells,
invades Ukraine. (to
the original material)
- LA:
Spine Diagnostic & Pain Treatment
patient files show up on ransomware
site. (to
the original material)
- Conti
ransomware group threatens retaliatory
attacks on critical infrastructure of
countries that attack Russia. (to
the original material)
-
Dubai-based Gems Education hit
by cyber attack; scope of attack
under investigation. (to
the original material)
-
At least 22 states have consumer
privacy legislation pending –
Will 2022 be the year for more
state privacy laws? (to
the original material)
-
NSW driver’s licence data stolen
in Accellion breach. (to
the original material)
-
Iranian government-sponsored
actors conduct cyber operations
against global government and
commercial networks. (to
the original material)
-
Dallas IT worker erased police
files by accident, didn’t have
enough training, report says. (to
the original material)
-
NZ technology company hacked,
data stolen. (to
the original material)
-
What happens when the dark web
moves on social media. (to
the original material)
-
The past is present: Riffing on
a cybersecurity - appropriate
tune for Black History Month. (to
the original material)
-
Week in security with Tony
Anscombe. (to
the original material)
-
Cyberattacks in Ukraine reaffirm
need for proactive training,
testing and validating. (to
the original material)
-
The Hunt for the Lost Soul:
Unraveling the evolution of the
SoulSearcher malware. (to
the original material)
-
Electron Bot malware is running
rampant in the Microsoft Store,
opening backdoors on victims'
computers. (to
the original material)
-
While the Government talks
possible cyber repercussions on
Russia, Anonymous is beyond that
stage. (to
the original material)
-
TeamTNT: Cryptocriminals target
Linux servers, Kubernetes. (to
the original material)
-
Attackers ran ahead of defenders
on Log4j. (to
the original material)
-
Quantexa’s CEO knows hypergrowth
requires more than money. (to
the original material)
-
Healthcare ransomware: Proactive
risk management is a ‘business
opportunity’. (to
the original material)
-
Popular banking trojan reemerges
in major bank attacks. (to
the original material)
-
Conti ransomware group announces
support for Russian invasion of
Ukraine, threatens retaliation.
(to
the original material)
-
Ukraine claims phishing attempts
targeting military personnel by
cyber espionage group. (to
the original material)
-
Five ways to assess risk as the
Russia-Ukraine conflict heats
up. (to
the original material)
-
Eight security strategies amid
the launched Russia-Ukraine
conflict. (to
the original material)
-
Wiper malware attacks have not
escaped Ukrainian networks. (to
the original material)
-
Ukraine Invasion: What if US
strikes back against Russia? (to
the original material)
-
Ukraine reportedly calls for
volunteer cyberwarriors. (to
the original material)
-
Healthcare entity reports
another big hacking incident.
(to
the original material)
-
Russia-Ukraine updates:
Cybersecurity news amid
conflict. (to
the original material)
-
MuddyWater targets critical
infrastructure in Asia,
Europe. (to
the original material)
-
ISMG Editors: Government
Special. (to
the original material)
-
Sound Off: How can banks
prepare for Russia-Ukraine
crisis? (to
the original material)
-
Russia or Ukraine: Hacking
groups take sides. (to
the original material)
-
Most attackers lose interest
in Log4Shell. (to
the original material)
-
Flurry Finance heist nets
crypto thieves $295k. (to
the original material)
-
Data study reveals predictors
of supply chain attacks in NPM
repositories. (to
the original material)
-
DNA data of sexual assault
victims exposed in breach at
US laboratory. (to
the original material)
-
Report: Ukraine calls for
volunteer hackers to protect
critical infrastructure. (to
the original material)
-
This Week in Security News -
February 25, 2022. (to
the original material)
-
Microsoft Exchange bugs
exploited by ‘Cuba’ ransomware
gang. (to
the original material)
-
6 Cyber-Defense steps to take
now to protect your company. (to
the original material)
-
TrickBot takes a break,
leaving researchers scratching
their heads. (to
the original material)
-
Mass phishing attacks against
Ukrainian citizens reported. (to
the original material)
-
Irish data watchdog calls for
‘objective metrics’ for big
tech regulation. (to
the original material)
-
Clearview AI offers to
eliminate public anonymity and
destroy privacy around the
world for a mere $50 Million.
(to
the original material)
-
Interview With Simon Davis –
RoboForm Password Manager. (to
the original material)
24.02.2022
- News
from cyber security.
- Iranian
government-sponsored MuddyWater actors
conducting malicious cyber operations. (to
the original material)
- Cisco
releases security updates for multiple
products. (to
the original material)
- ALERT:
Sites hosted in Russia that copy the brand
of some Romanian publications. (to
the original material)
-
Cybersecurity News of the Week (24.02.2022).
(to
the original material)
- Tackling
security challenges in 5G networks. (to
the original material)
-
Introducing custom dashboards: Visualize
& analyze your data. (to
the original material)
- In data
privacy we trust: building a strong
information protection strategy in the
hybrid era. (to
the original material)
-
HermeticWiper: New data-wiping malware
hits Ukraine. (to
the original material)
-
Sophisticated new phishing attack
impersonates DocuSign. (to
the original material)
- QakBot
campaign attempts to revive old emails to
gain the upper hand. (to
the original material)
- Data
wiper deployed in cyber-attacks targeting
Ukrainian systems. (to
the original material)
- US
fraudster jailed over $300k business email
compromise scheme. (to
the original material)
-
Zero-day XSS vulnerability in Horde
webmail client can be triggered by file
preview function. (to
the original material)
-
Cyberattackers leverage DocuSign to steal
Microsoft Outlook logins. (to
the original material)
- The Art
of non-boring cybersec training - Podcast.
(to
the original material)
-
Darktrace acquires attack surface
analytics firm Cybersprint. (to
the original material)
-
Researchers link Dridex botnet to emergent
Entropy ransomware. (to
the original material)
- New
tech, same threats for Web 3.0. (to
the original material)
- New
cyber guidelines to safeguard construction
sector. (to
the original material)
- Russia
behind dangerous Cyclops Blink malware. (to
the original material)
- KS:
Hays schools hacked with ransomware. (to
the original material)
- Dr.
Douglas C. Morrow, OD notifies patients of
data security incident. (to
the original material)
- Russian
hackers infect network devices with new
botnet malware. (to
the original material)
- UK: Cop
appears at Hamilton Sheriff Court on trial
over data protection breach. (to
the original material)
- Za:
Absa data leak - more customers affected.
(to
the original material)
- NSA
informs Cisco of vulnerability exposing
Nexus switches to DoS attacks. (to
the original material)
-
Deadbolt ransomware targeting Asustor NAS
devices. (to
the original material)
- New
York plans cybersecurity hub to coordinate
responses. (to
the original material)
- Russia,
Ukraine and the danger of a global
cyberwar. (to
the original material)
-
Destructive 'HermeticWiper' malware
targets computers in Ukraine. (to
the original material)
- New
'Cyclops Blink' malware linked to Russian
state hackers targets firewalls. (to
the original material)
-
Salesforce paid out $12.2 million in bug
bounty rewards to date. (to
the original material)
-
Cyberattacks accompany Russian military
assault on Ukraine. (to
the original material)
- China’s
Pangu Lab published a 50-page report
detailing a piece of Linux malware. (to
the original material)
- Cisco
announced four vulnerabilities in its FXOS
and NX-OS network operating systems. (to
the original material)
- US
winds up national security team dedicated
to Chinese espionage. (to
the original material)
- Anatomy
of suspected top-tier decade-hidden NSA
backdoor. (to
the original material)
-
TrickBot gang likely shifting operations
to switch to new malware. (to
the original material)
- From
Pet systems to cattle farm - What happened
to the data center? (to
the original material)
- Warning
- Deadbolt ransomware targeting ASUSTOR
NAS devices. (to
the original material)
- CISA
alerts on actively exploited flaws in
Zabbix Network Monitoring Platform. (to
the original material)
- US, UK
agencies warn of new Russian botnet built
from hacked firewall devices. (link
material original)
- Scoop:
Top senator warns Putin cyberattacks could
trigger bigger war. (to
the original material)
- Ice
Phishing campaigns targeting blockchain,
Web3 networks. (link
material original)
-
Attackers combing internet to target
exposed MS SQL servers. (link
material original)
- Ukraine
attacked with ‘wiper’ malware. (to
the original material)
- WMATA
(Washington Metropolitan Area Transit
Authority) Twitter account hacked. (to
the original material)
-
Nonprofits form cyber coalition. (to
the original material)
- US and
UK warn of VPNFilter successor “Cyclops
Blink”. (to
the original material)
- Vishing
makes phishing campaigns three-times more
successful. (to
the original material)
- Ofcom
set to crack down on phone fraud. (to
the original material)
- Cyber
attacks on Ukraine: DDoS, new data wiper,
cloned websites, and Cyclops Blink. (to
the original material)
-
Implementing effective ways to exchange
sensitive information using encryption. (to
the original material)
- How
Log4Shell remediation interfered with
organizations’ cybersecurity readiness. (to
the original material)
- How to
keep pace with rising data protection
demands. (to
the original material)
-
Attackers used Dridex to deliver Entropy
ransomware, code resemblance uncovered. (to
the original material)
-
Ransomware wreaked havoc last year,
manufacturing was most targeted. (to
the original material)
- How
mobile app usage data could reveal a
person’s identity. (to
the original material)
- US and
UK expose new malware used by MuddyWater
hackers. (to
the original material)
-
Microsoft Exchange servers hacked to
deploy Cuba ransomware. (to
the original material)
- US
defense contractors hit by stealthy
SockDetour Windows backdoor. (to
the original material)
-
Trickbot comes up with a new set of
tricks. (to
the original material)
-
JupiterOne unveils Starbase for
graph-based security. (to
the original material)
- New
York opens Joint Security Operations
Center in NYC. (to
the original material)
-
TrickBot operators slowly abandon the
botnet and replace it with Emotet. (to
the original material)
-
Ransomware is top attack vector on
critical infrastructure. (to
the original material)
- NIST
seeks information on updating its
Cybersecurity Framework. (to
the original material)
-
Cyberwarfare risks continue as Ukraine
crisis escalates. (to
the original material)
-
HermeticWiper malware deployed in attacks
against Ukraine. (to
the original material)
-
Official website of Russian Parliament,
MoD and Kremlin go offline. (to
the original material)
- US
braces for Russian cyberattacks as Ukraine
conflict escalates. Here's how that might
play out. (to
the original material)
- Ukraine
internet outages spark concerns of broader
blackout. (to
the original material)
-
Notorious TrickBot malware gang shuts down
its botnet infrastructure. (to
the original material)
- New
flaws discovered in Cisco's Network
Operating System for switches. (to
the original material)
- 3 Steps
security leaders can take toward closing
the skills gap. (to
the original material)
- Current
executive guidance for ongoing
cyberattacks in Ukraine. (to
the original material)
- Threat
Advisory: Cyclops Blink. (to
the original material)
- Threat
Advisory: HermeticWiper. (to
the original material)
- Threat
Roundup for February 18 to February 25. (to
the original material)
-
Nobelium returns to the political world
stage. (to
the original material)
- Ukraine
crisis cyber-readiness checklist. (to
the original material)
- 2021
holiday season saw a sharp increase in
eCommerce bot attacks. (to
the original material)
- One in
six endpoints has identity risks. (to
the original material)
-
Microsoft Defender for Cloud now protects
Google Cloud Platform. (to
the original material)
- What do
hackers get by hacking a website? (to
the original material)
-
Cybersecurity Threat Advisory: Heightened
threat activity expected as global
conflicts surge. (to
the original material)
-
Cyberattacks out of Russia + Log4j: How
vulnerable are US organizations? (to
the original material)
- Biden
says US is ‘prepared’ for prospects of
Russian cyberattacks against
infrastructure. (to
the original material)
- US
healthcare organizations warned of cyber
threats related to Russian invasion of
Ukraine. (to
the original material)
- Delinea
CEO Art Gilliland talks rebranding, and
the next phase of access management. (to
the original material)
-
Ransomware may have been a decoy to launch
new wiper malware seen in Ukraine
cyberattacks. (to
the original material)
-
Analysis shows new wiper malware in
Ukraine cyberattack oddly thorough. (to
the original material)
- Why
critical infrastructure leaders should
heed CISA’s latest ransomware advisory. (to
the original material)
- New
malware in Russia-Linked Sandworm's
portfolio. (to
the original material)
- Update:
Asustor - How to eliminate Deadbolt from
NAS devices. (to
the original material)
-
Russia-Ukraine War: Threats facing the
healthcare sector. (to
the original material)
-
TrickBot gang shuts down botnet after
months of inactivity. (to
the original material)
- Global
Cyberattacks: Managing risk in chaotic
times. (to
the original material)
- The
Harsh truths of cybersecurity in 2022,
Part II. (to
the original material)
-
Microsoft App Store sizzling with new
‘Electron Bot’ malware. (to
the original material)
- Web
filtering and compliances for Wi-Fi
providers. (to
the original material)
23.02.2022
- News
from cyber security.
- CSIRTs
Maturity: Moving to the next level. (to
the original material)
- New
Sandworm malware Cyclops Blink replaces
VPNFilter. (to
the original material)
- Help Net
Security: Healthcare Cybersecurity Report. (to
the original material)
- Are
separate SIEMs for threat hunting a good
idea? (to
the original material)
- How
configuration assessments help improve cyber
defenses. (to
the original material)
- A
comparison of NDR solutions: Deep packet
inspection (DPI) vs. metadata analysis. (to
the original material)
-
Multi-tool/multi-cloud environments reaching
the limit of their efficacy. (to
the original material)
- Consumers
don’t mind handing out their data for better
user experience. (to
the original material)
- Log4j
remediation took weeks or more for over 50%
of organizations. (to
the original material)
- Hackers
tried to shatter the spine of global supply
chains in 2021. (to
the original material)
- The
Ultimate Guide to computer network basics
and networking concepts. (to
the original material)
- Kaspersky:
Mobile malware attacks significant drop in
2021 but attacks were more sophisticated. (to
the original material)
- Top
Ethereum Mining Software. (to
the original material)
- An
Analysis of a January attack targeting
Iran’s National Media Corporation. (to
the original material)
- Cisco
warns firewall customers of four-day window
for urgent updates. (to
the original material)
- China's
APT10 cyber-spies 'targeted Taiwanese
financial firms'. (to
the original material)
- Samsung
shipped '100 million' phones with flawed
encryption. (to
the original material)
- DeadBolt
ransomware now targets ASUSTOR devices, asks
50 BTC for master key. (to
the original material)
- Nigerian
hacker pleads guilty to stealing payroll
deposits. (to
the original material)
- Ransomware
extortion doesn't stop after paying the
ransom. (to
the original material)
- New
data-wiping malware used in destructive
attacks on Ukraine. (to
the original material)
- Network
hackers focus on selling high-value targets
in the U.S. (to
the original material)
- NSA-linked
Bvp47 Linux backdoor widely undetected for
10 years, (to
the original material)
- Ukrainian
government and banks once again hit by DDoS
attacks. (to
the original material)
- US, UK
link new Cyclops Blink malware to Russian
state hackers. (to
the original material)
- Microsoft
Defender for Cloud can now protect Google
Cloud resources. (to
the original material)
- FTC:
Americans report losing over $5.8 billion to
fraud in 2021. (to
the original material)
- Entropy
ransomware linked to Evil Corp's Dridex
malware. (to
the original material)
- LockBit,
Conti most active ransomware targeting
industrial sector. (to
the original material)
- Microsoft
debuts unified service for multicloud ID
management. (to
the original material)
- Ransomware
trained on manufacturing firms led
cyberattacks in industrial sector. (to
the original material)
- Companies
warned to boost cyber defence in wake of
Ukraine crisis escalation. (to
the original material)
- Malware
authors target rivals with malicious npm
packages. (to
the original material)
- Lose
your keys to your Phantom crypto wallet?
1Password has you covered. (to
the original material)
- These
new hacking groups are striking
industrial, operational tech targets. (to
the original material)
-
Forcepoint One combines zero trust and
SASE under a single umbrella. (to
the original material)
- How to
prepare as Russia-Ukraine situation
escalates. (to
the original material)
-
Cybersecurity and operational resilience
in 2022. (to
the original material)
-
Technology, Progress, and Climate. (to
the original material)
-
Ransomware is not enough - 83 percent of
attacks now feature other extortion
tactics. (to
the original material)
-
Ransomware impacts 80 percent of
enterprises. (to
the original material)
- Data
leaks from exposed credentials rise 50
percent. (to
the original material)
-
FortiGuard Labs reports ransomware
relentless and more destructive. (to
the original material)
- CISA
official floats Zero Trust roadmap for
agencies. (to
the original material)
- Ukraine
organizations hit by new wiper malware. (to
the original material)
- Nearly
two dozen nonprofits form new coalition to
collaborate, amplify good cyber advice. (to
the original material)
- NIST
unveils final telehealth, remote patient
monitoring guidance. (to
the original material)
- US, UK
detail malware tied to Russian hacking
group Sandworm that targets Linux. (to
the original material)
- More
lawsuits filed against QRS, Sea Mar, TTEC
after separate data theft incidents. (to
the original material)
- As
costs tied to ransomware attacks pile,
financial firms lack confidence in backup
strategy. (to
the original material)
- Three
new ICS threat groups discovered, one
primed to disrupt energy targets. (to
the original material)
- A third
of employees admit finding work arounds to
security policies. (to
the original material)
-
Business Email Compromise (BEC)
cyberattacks on the rise in Q4 2021. (to
the original material)
- Cisco
issues field notice to patch its Firepower
firewall software. (to
the original material)
-
Microsoft claims industry’s first native
multi-cloud security offering with
Defender. (to
the original material)
- EU
countries offer cyber-defense assistance
to Ukraine. (to
the original material)
- India’s
Personal Data Privacy Bill: What does it
mean for individuals and businesses? (to
the original material)
- Google
Groups unsubscribe feature abused to
remove members without consent. (to
the original material)
- Creaky
old WannaCry, GandCrab top the ransomware
scene. (to
the original material)
-
Cyberattack hits Ukrainian Government,
banking websites. (to
the original material)
- 5 Held
in Ukraine over phishing scam with 70,000
victims. (to
the original material)
- Proof
of Concept: Is the new age of cyber war
here? (to
the original material)
- Police
seize $22 million from online safe and USB
sticks. (to
the original material)
- Impact
of 'Weaponization of Data' attacks on
healthcare. (to
the original material)
-
Russia's invasion of Ukraine triggers
resiliency reminders. (to
the original material)
- CISA
expanded its known exploited
vulnerabilities Catalog with two critical
flaws. (to
the original material)
- Stay
Protected: Top 7 cybersecurity tips for
photographers in 2022! (to
the original material)
- New
wiper malware targeting Ukraine amid
Russia's military operation. (to
the original material)
- New
data-wiping malware discovered on systems
in Ukraine. (to
the original material)
- CISA
warns of new malware framework used by
Russian 'Sandworm' hacking team. (to
the original material)
- Twitter
accounts sharing video from Ukraine are
being suspended when they’re needed most.
(to
the original material)
-
Vulnerability Spotlight: Buffer overflow
vulnerabilities in Accusoft ImageGear
could lead to code execution. (to
the original material)
- U.S.,
U.K. attribute Cyclops Blink to Sandworm.
(to
the original material)
- Backups
‘no longer effective’ for stopping
ransomware attacks. (to
the original material)
- No
imminent cyber threat to UK from Russia. (to
the original material)
-
Attempted burglary exposes risk of NatWest
customer data in former worker’s home. (to
the original material)
- Dragos
Inc: Ransomware topped ICS and OT threats
in 2021. (to
the original material)
- IBM:
REvil dominated ransomware activity in
2021. (to
the original material)
22.02.2022
- News
from cyber security.
- CISA adds
two known exploited vulnerabilities to
Catalog. (to
the original material)
- How much can
you trust your printer? (to
the original material)
- Carpet
bombing DDoS attacks spiralled in 2021. (to
the original material)
- Employees
are often using devices in seriously risky
ways. (to
the original material)
- Download:
2022 Data Exposure Report. (to
the original material)
- What do
consumers really think about privacy? (to
the original material)
- To shift to
data-driven security decision making: Start
with the right data. (to
the original material)
- What is
pushing financial services institutions to
deploy cloud technologies? (to
the original material)
- Police bust
phishing group that used 40 sites to steal
credit cards. (to
the original material)
- GitHub makes
Advisory Database public to improve software
supply chain security. (to
the original material)
- LiveAction
tackles encryption blindness with new
offering. (to
the original material)
- New offering
from DNSFilter targets shadow IT risks. (to
the original material)
-
Cybersecurity challenges streaming providers
face. (to
the original material)
- Sea Mar
accused of negligence over data breach. (to
the original material)
- Hyper-Growth
linked to higher hacking risk. (to
the original material)
- Cyber-Attack
on expeditors international. (to
the original material)
- How to build
an autonomic Security Operations Center (SOC).
(to
the original material)
- Why
Multi-Factor Authentication isn't enough to
secure enterprises. (to
the original material)
- 4 Actions to
improve DDoS protection. (to
the original material)
- What do
secure email gateways and Olympic judges have
in common? (to
the original material)
- 91% of UK
organizations compromised by an email phishing
attack in 2021. (to
the original material)
- UK Defense
Secretary warns Russia of offensive cyber
capabilities. (to
the original material)
- Meyer breach
impacts US employees' personal information. (to
the original material)
- Devious
phishing method bypasses MFA using remote
access software. (to
the original material)
- Google
Chrome to allow users to add notes to saved
passwords. (to
the original material)
- Vulnerable
Microsoft SQL Servers targeted with Cobalt
Strike. (to
the original material)
- Police bust
phishing group that used 40 sites to steal
credit cards. (to
the original material)
- More orgs
suffered successful phishing attacks in 2021
than in 2020. (to
the original material)
- How
instituting a 'Just Culture' improves
security. (to
the original material)
- Observation
vs. Monitoring: What’s the difference in the
world of cybersecurity. (to
the original material)
- Puttin’
Putin on notice - We will hack Russia back. (to
the original material)
- CryptBot
infostealer distributed by pirated software
websites. (to
the original material)
- OpenSea
phishing attack results in loss of $3 million
in NFTs. (to
the original material)
- Asustor NAS
owners hit by DeadBolt ransomware attack. (to
the original material)
- 9-Year-Old
unpatched email hacking bug uncovered in Horde
Webmail Software. (to
the original material)
- 25 Malicious
JavaScript libraries distributed via official
NPM package repository. (to
the original material)
- Hackers
stole $1.7 million worth of NFTs from users of
OpenSea Marketplace. (to
the original material)
- Chinese
hackers target Taiwan's financial trading
sector with supply chain attack. (to
the original material)
- Password
reset notification scam. (to
the original material)
- Teenage
cybercrime: How to stop kids from taking the
wrong path. (to
the original material)
- Emotet
bounces back at the end of last year following
earlier take down. (to
the original material)
- Consumers
value APIs for convenience but worry about
risks. (to
the original material)
- How to fix
the specialadves WordPress redirect hack. (to
the original material)
- Phishing
scams continue into the Web3 era. (to
the original material)
- With
cryptocurrency crime rising, more startups
come are under regulatory scrutiny. (to
the original material)
- Third-party
vendor Morley reports data theft impacting
521K individuals. (to
the original material)
- US financial
industry ‘uniquely susceptible’ to supply
chain threats. (to
the original material)
- Nearly 80%
of organizations saw an email-based ransomware
attack in 2021. (to
the original material)
- What NIST SP
800-207 means for SaaS security. (to
the original material)
- AirTag clone
bypassed Apple’s tracking-protection features,
claims researcher. (to
the original material)
- Zero-day RCE
flaw among multiple bugs found in Extensis
Portfolio - research. (to
the original material)
- Jaw-dropping
Coinbase security bug allowed users to steal
unlimited cryptocurrency. (to
the original material)
- Xenomorph
malware burrows into Google Play users, no
facehugger required. (to
the original material)
- SMS PVA Part
1: Underground service for cybercriminals. (to
the original material)
- Recent
cyberattacks target open-source Web Servers. (to
the original material)
- Almost
100,000 new mobile banking Trojan strains
detected in 2021. (to
the original material)
- Gartner:
Public sector must target disjointed IT
strategy. (to
the original material)
- UK
organizations swift to chide phishing victims.
(to
the original material)
- As Russia
invades Ukraine, cyber escalation threat
looms. (to
the original material)
- Hacks
causing most big health data breaches so far
in 2022. (to
the original material)
- EU activates
cyber rapid response team amid Ukraine crisis.
(to
the original material)
- Mac
Coinminer uses new technique to hide its
traffic. (to
the original material)
-
'Market-Nuking' Coinbase API bug halted new
trading orders. (to
the original material)
- Sound Off:
What did Colonial Pipeline response get right?
(to
the original material)
- Time to
secure hybrid work for 2022, not 2002. (to
the original material)
- One year
later, Minimally Invasive Surgery of Hawaii
notifies patients of ransomware incident. (to
the original material)
- Mobile
malware attacks dropped in 2021 but
sophistication increased. (to
the original material)
- Airtag
clones can sidestep Apple anti-stalker tech. (to
the original material)
- EncroChat
defendants' lawyers make bid to halt trial. (to
the original material)
- How to secure
your home and office network: The best DNS
blockers and firewalls. (to
the original material)
- Ransomware
victims are paying up. But then the gangs are
coming back for more. (to
the original material)
- Security Think
Tank: Good training is all about context. (to
the original material)
21.02.2022
-
News from cyber security.
-
Vulnerability summary for the Week of
February 14, 2022. (to
the original material)
- 83% of
employees continue accessing old
employer’s accounts. (to
the original material)
- Social
media attacks surged in 2021, financial
institutions targeted the most. (to
the original material)
- ENISA
and CERT-EU publish set of cybersecurity
best practices for public and private
organizations. (to
the original material)
- How
wealth managers leverage behavioral
intelligence tech to thwart client abuse.
(to
the original material)
-
Visibility is key to optimized cloud
infrastructure costs. (to
the original material)
-
Expeditors shuts down global operations
after likely ransomware attack. (to
the original material)
- Revamped
CryptBot malware spread by pirated
software sites. (to
the original material)
- Cookware
giant Meyer discloses cyberattack that
impacted employees. (to
the original material)
- New
Xenomorph Android malware targets
customers of 56 banks. (to
the original material)
- OpenSea
users lose $2 million worth of NFTs in
phishing attack. (to
the original material)
- $3
Million hack of NFTs - ‘And nothing of
value was lost’. (to
the original material)
- How much
is your data worth? (to
the original material)
- Ice
Phishing takes advantage of tectonic shift
to Web3. (to
the original material)
- The Data
security and data backup disconnect. (to
the original material)
- Teen
framed for cybercrime files lawsuit. (to
the original material)
- Nurse
and Marine charged over fake vaccination
card scheme. (to
the original material)
- Maryland
couple conspired to sell nuclear secrets.
(to
the original material)
-
Cybersecurity's image problem. (to
the original material)
-
Ransomware: A constant threat. (to
the original material)
- #HowTo:
Introduce advanced technologies into your
security strategy. (to
the original material)
- Banking
world rocked after leak exposes 18,000
Credit Suisse accounts. (to
the original material)
- Russia
"Pre-positioning" cyber-attacks for
potential invasion. (to
the original material)
- Digital
ad fraud set to hit $68bn in 2022. (to
the original material)
- Hive
ransomware can be decrypted using this
unique method. (to
the original material)
-
CVE-2022-24087: Yet another critical bug
in Adobe Magento. (to
the original material)
- Cracking
the code - Researchers decrypt Hive
ransomware. (to
the original material)
-
Attackers target top UK bank with phishing
campaigns. (to
the original material)
- Is Conti
behind the TrickBot operation? (to
the original material)
-
TunnelVision APT Group exploits Log4Shell.
(to
the original material)
- The
agency that may be able to thwart
ransomware. (to
the original material)
- At
Olympics, cybersecurity worries linger in
background. (to
the original material)
- Credit
Suisse denies wrongdoing after big banking
data leak. (to
the original material)
- The
Kraken Stirs - New botnet under
development. (to
the original material)
- New
android banking trojan spreading via
Google Play Store targets Europeans. (to
the original material)
- Iranian
state broadcaster IRIB hit by destructive
wiper malware. (to
the original material)
- A free
solution to protect your business from 6
biggest cyber threats in 2022. (to
the original material)
- Hackers
exploiting infected Android devices to
register disposable accounts. (to
the original material)
- US to
attack cyber criminals first, ask
questions later – if it protects victims.
(to
the original material)
- Top
chipmakers ignore India's semiconductor
factory subsidies. (to
the original material)
- Coinbase
pays $250K for 'Market-Nuking' security
flaw. (to
the original material)
-
Researchers devise method to decrypt Hive
ransomware-encrypted data. (to
the original material)
- CISA
warns critical infrastructure
organizations of foreign influence
operations. (to
the original material)
- Conti
ransomware 'acquires' TrickBot as it
thrives amid crackdowns. (to
the original material)
- Integer
overflow: How does it occur and how can it
be prevented? (to
the original material)
- How
Chinese, Russian threat actors changed
tactics in 2021. (to
the original material)
- Intel
fixes high-severity vulnerabilities. (to
the original material)
- NIST
proposes model to assess cybersecurity
investment strategies in network security.
(to
the original material)
- CISA
publishes guide with free cybersecurity
tools, resources for incident response. (to
the original material)
- Scam
artists swindle NFTs worth 'millions' in
OpenSea phishing attack. (to
the original material)
- Latest
Mac Coinminer utilizes open-source
binaries and the I2P network. (to
the original material)
-
Introducing Ghostbuster – AWS security
tool protects against dangling elastic IP
takeovers. (to
the original material)
- Payment
card skimming reemerges with an online
twist. (to
the original material)
- As
Russian cybercriminals become emboldened,
US banks prepare for potential attack. (to
the original material)
- 40
percent of incoming emails are potential
threats. (to
the original material)
-
Researchers use Hive ransomware's own
encryption algorithm to find master
decryption key. (to
the original material)
- How to
address the security risks of cloud
migration [Q&A]. (to
the original material)
- The most
expensive data breaches of the 2020s. (to
the original material)
- Open
source code: The next major wave of
cyberattacks. (to
the original material)
- A Key
initiative in 2022 is improving threat
detection and response. (to
the original material)
- Emerging
trends in malware. (to
the original material)
-
Cybercriminals have yet to exploit
Russia-Ukraine tensions. (to
the original material)
- French
speakers blasted by sextortion scams with
no text or links. (to
the original material)
- Luxury
children’s fashion e-commerce site exposes
customers worldwide. (to
the original material)
- Mobile
malware evolution 2021. (to
the original material)
- Hackers
backdoor unpatched Microsoft SQL Database
Servers with Cobalt Strike. (to
the original material)
-
Cybersecurity readiness advised as Russian
threats loom. (to
the original material)
- Lawsuit
filed in health center data exfiltration
breach. (to
the original material)
-
Interview with Aleksey Lapshin – ANY.RUN.
(to
the original material)
- New
consultation on legal direction to
restrict use of Huawei in UK telecoms
networks. (to
the original material)
20.02.2022
- News
from cyber security.
- Project
Zero finds that Linux developers fix
security flaws faster than Apple, Google
or Microsoft. (to
the original material)
- Week in
review: Kali Linux 2022.1 released,
attackers leveraging Microsoft Teams to
spread malware. (to
the original material)
- New
phishing campaign targets Monzo
online-banking customers. (to
the original material)
-
Technical analysis of the DDoS attacks
against Ukrainian websites. (to
the original material)
19.02.2022
-
News
from cyber security.
- CISA
compiles list of free cybersecurity tools
and services. (to
the original material)
- CISA warns
of hybrid operations threat to US critical
infrastructure. (to
the original material)
- Master Key
for Hive ransomware retrieved using a flaw
in its encryption algorithm. (to
the original material)
- Justice
Department appoints first Director of
National Cryptocurrency Enforcement Team. (to
the original material)
- How can
you get cyber security experience without a
job? (to
the original material)
- Intel
fixes high-severity vulnerabilities. (to
the original material)
18.02.2022
-
News
from cyber security.
- CISA
Insights: Foreign influence operations
targeting critical infrastructure. (to
the original material)
- NCSC-NZ
releases advisory on cyber threats related
to Russia-Ukraine tensions. (to
the original material)
- CISA
compiles free cybersecurity services and
tools for network defenders. (to
the original material)
- This Week
in Security News - February 18, 2022. (to
the original material)
- New
infosec products of the week: February 18,
2022. (to
the original material)
-
Ransomware’s savage reign continues as
attacks increase 105%. (to
the original material)
- Even when
warned, businesses ignore critical
vulnerabilities and hope for the best. (to
the original material)
- Software
supply chain security still a pain point. (to
the original material)
- Is higher
security a benefit of database migration to
the cloud? (to
the original material)
- How
hackers could use popular virtual reality
headsets to steal sensitive information. (to
the original material)
- The Week
in Ransomware - February 18th 2022 - Mergers
& Acquisitions. (to
the original material)
- White
House pins Ukraine DDoS attacks on Russian
GRU hackers. (to
the original material)
- New
Golang botnet empties Windows users’
cryptocurrency wallets. (to
the original material)
- Iranian
hackers target VMware Horizon servers with
Log4j exploits. (to
the original material)
- FCC
proposes $45 million fine for health
insurance robocaller. (to
the original material)
- WordPress
force installs UpdraftPlus patch on 3
million sites. (to
the original material)
- Conti
ransomware gang takes over TrickBot malware
operation. (to
the original material)
- Warning:
Popular e-cigarette store hacked to steal
credit cards. (to
the original material)
- Google
Drive flags macOS '.DS_Store' files for
copyright violation. (to
the original material)
- Ukraine
DDoS: 'Cyberattack' or not? (to
the original material)
- Darktrace
artificial intelligence stops cyberattack at
Italian electronics distributor. (to
the original material)
- Dangerous
privilege escalation bugs found in Linux
package manager Snap. (to
the original material)
- Why IT
admins are joining the security team. (to
the original material)
- How to
create a digital workplace governance
program. (to
the original material)
- Poor
offboarding leaves organizations open to
threats. (to
the original material)
- Probation
for medicare fraudster. (to
the original material)
- US goes
after crypto criminals. (to
the original material)
- Carpet
bombing attacks on the rise. (to
the original material)
- UK
Government consults on plans to restrict
Huawei’s involvement in telecoms networks. (to
the original material)
-
Diversifying Cyber: A focus on
neurodiversity and physical disability. (to
the original material)
- Criminal
cryptocurrency transactions will drop by 30%
by 2024 - Here's why. (to
the original material)
- Trickbot
targets 140,000 victims in 14 months. (to
the original material)
- High
severity WordPress plugin (UpDraft Plus) bug
hits three million. (to
the original material)
-
FlexBooker data leak impacts millions of end
customers. (to
the original material)
- NFT
Security and Risks: How secure are your
digital assets? (to
the original material)
- Multiple
vulnerabilities in Adobe Commerce and
Magento could allow for remote code
execution. (to
the original material)
- New
WordPress plugin leaks millions of personal
information; immediate update is suggested.
(to
the original material)
- Master
decryption keys released for multiple
ransomware. (to
the original material)
- Updated
Trickbot now targets technology and
financial firms. (to
the original material)
- U.S.
Cybersecurity Agency publishes list of free
security tools and services. (to
the original material)
- Critical
flaw uncovered in WordPress backup plugin
used by over 3 million sites. (to
the original material)
- Microsoft
warns of 'Ice Phishing' threat on Web3 and
decentralized networks. (to
the original material)
-
PseudoManuscrypt malware spreading the same
way as CryptBot targets Koreans. (to
the original material)
- New Linux
privilege escalation flaw uncovered in Snap
Package Manager. (to
the original material)
- Linux
Snap package tool fixes make-me-root bugs. (to
the original material)
- CISA
publishes list of free security tools for
business protection. (to
the original material)
- Adobe
warns of second critical security hole in
Adobe Commerce, Magento. (to
the original material)
- Microsoft
offers defense against 'ice phishing' crypto
scammers. (to
the original material)
- Taiwan
cracks down on China spying on tech firms. (to
the original material)
- Social
Engineering. (to
the original material)
- Open-Source
vs. Closed-Source Software. (to
the original material)
- How
biometrics are rapidly improving the
Construction Sector? (to
the original material)
- Top Hacking
Techniques. (to
the original material)
- NSA provides
guidance on Cisco device passwords. (to
the original material)
- VMware NSX
Data Center flaw can expose virtual systems to
attacks. (to
the original material)
- Lawyers say
‘unprecedented’ secrecy deprived EncroChat
defendants of fair trials. (to
the original material)
- UK
organizations untroubled by Trickbot surge. (to
the original material)
- Threat
Roundup for February 11 to February 18. (to
the original material)
- The cyber
security challenges facing global retailers. (to
the original material)
- Week in
security with Tony Anscombe. (to
the original material)
- Data Breach
Trends: Global count of known victims
increases. (to
the original material)
- First
National cryptocurrency enforcement team
director named. (to
the original material)
- Cisco's
Email Security Appliances at risk of DoS
Attacks. (to
the original material)
- Massive bot
attack generates 400 million requests in 4
days. (to
the original material)
- ISMG
Editors: Ransomware Trends - The Bad and the
Ugly. (to
the original material)
- Academics
publish method for recovering data encrypted
by the Hive ransomware. (to
the original material)
- Mexican man
pleads guilty to brokering sale of
surveillance devices, WhatsApp hacking tools.
(to
the original material)
- Thanks, dad:
Jammer used to stop kids going online, wipes
out a town's internet by mistake. (to
the original material)
- Ukraine
cyberattack 2022: Geopolitical cybersecurity.
(to
the original material)
- Iranian
state broadcaster clobbered by ‘Clumsy, Buggy’
code. (to
the original material)
- Red Cross
servers ‘were hacked via unpatched
ManageEngine flaw’. (to
the original material)
- Critical
vulnerabilities in Zabbix Web Frontend allow
authentication bypass, code execution on
servers. (to
the original material)
-
Officials: Russia likely cause of
cyberattacks on Ukraine, but ‘no specific
credible threats to the US homeland’. (to
the original material)
- HHS
outlines threats to electronic health and
medical records, remediation guidance. (to
the original material)
- Former
OCR Director on access rights, HIPAA
enforcement: ‘It’s not about gotcha’. (to
the original material)
- NIST
wants public input on updates to
Cybersecurity Framework, supply chain
security. (to
the original material)
- Banking
customers are overwhelmed by fraud, but
trust their financial institutions. (to
the original material)
- Attackers
abuse poorly regulated top-level domains in
ongoing redirect campaign. (to
the original material)
- Why
cybersecurity professionals burn out. (to
the original material)
- How to
protect against QuickBooks scammers. (to
the original material)
- Not
everyone in medicine is a doctor; Not
everyone in cybersecurity is a coder. (to
the original material)
-
Mainstream Brain-Computer Interfaces Are
Coming - Just Ask Synchron, Neuralink,
Paradromics, and HackerBCI. (to
the original material)
- Copyright
is not a shortcut around the Constitution’s
anonymous speech protections, EFF tells
court. (to
the original material)
17.02.2022
- News
from cyber security.
- NSA
best practices for selecting Cisco
password types. (to
the original material)
-
Cisco releases security updates for
Email Security Appliance. (to
the original material)
-
Drupal releases security updates. (to
the original material)
-
Cybersecurity Week News (17.02.2022). (to
the original material)
- NSA
best practices for selecting Cisco
password types. (to
the original material)
-
Cisco releases security updates for
email security appliance. (to
the original material)
-
Drupal releases security updates. (to
the original material)
- The
countries where you're most likely to
fall victim to cybercrime. (to
the original material)
-
Security concerns are the biggest
barrier to cloud adoption. (to
the original material)
- UK
cybersecurity sector sees record
revenue. (to
the original material)
- W-2
scams: How to defend against this annual
threat. (to
the original material)
-
Healthcare sector saw largest increase
in IoT malware attacks in 2021. (to
the original material)
-
Global security leaders pledge to fix
cyber, from the interpersonal to the
geopolitical. (to
the original material)
- More
than 100 tech companies, cyber
organizations rally around 5 baseline
security standards for IoT devices. (to
the original material)
- DoJ
announces new cyber initiatives,
including new cryptocurrency unit. (to
the original material)
- Vast
majority of IT leaders embrace the
cloud, but 63% say cyberthreats a major
obstacle. (to
the original material)
-
Three ways to get a stalled cloud
migration back on track. (to
the original material)
-
Microsoft bolsters Edge browser security
with enhanced features. (to
the original material)
-
Russian nation-state hackers targeting
US contractors for sensitive defense
information, FBI warns. (to
the original material)
- Port
of LA’s new Cyber Resilience Center aims
to bolster physical and digital supply
chain defenses. (to
the original material)
- Baby
Golang-Based Botnet Already Pulling in
$3K/Month for Operators. (to
the original material)
-
Microsoft Teams targeted with takeover
trojans. (to
the original material)
-
Ukrainian DDoS attacks should put US on
notice - researchers. (to
the original material)
- Kill
cloud risk: Get everybody to stop
fighting over app security - Podcast. (to
the original material)
-
Nigerian police arrest 29 in online
fraud crackdown. (to
the original material)
- DoJ
appoints official in charge of
cryptocurrency-related investigations. (to
the original material)
- 2
Vendor hacking incidents affect over
600,000 individuals. (to
the original material)
-
Experts outline Chinese cyberwarfare
tactics, motivations. (to
the original material)
- The
State of Data Privacy 2022. (to
the original material)
-
Analyzing the popularity of malware-free
cyberattacks. (to
the original material)
-
Aviation attacks tied to single APT -
TA2541. (to
the original material)
-
Cybercrime Markets: The latest movers,
shakers and losers. (to
the original material)
- FBI:
BEC attacks spreading to virtual
meetings. (to
the original material)
- Are
you prepared for 2022's more destructive
ransomware? (to
the original material)
-
Malicious emails can crash Cisco Email
Security Appliances. (to
the original material)
-
Hackers had access to Red Cross network
for 70 days. (to
the original material)
-
Russian cyberspies stole U.S. defense
data in attacks on contractors. (to
the original material)
-
Attackers use Microsoft Teams as launchpad
for malware. (to
the original material)
- How do I
select an API security solution for my
business? (to
the original material)
- Tackling
supply chain security head-on. (to
the original material)
- 28,695
vulnerabilities were disclosed in 2021 – the
highest number on record. (to
the original material)
- Top
threat activities this year. (to
the original material)
- How
challenging is corporate data protection? (to
the original material)
- Key
drivers for the shift to public DNS
resolvers. (to
the original material)
- Quantum
cryptography market to reach $291.9 million
by 2026. (to
the original material)
-
Researchers create exploit for critical
Magento bug, Adobe updates advisory. (to
the original material)
- GitHub
code scanning now finds more security
vulnerabilities. (to
the original material)
- Hackers
can crash Cisco Secure Email gateways using
malicious emails. (to
the original material)
- Hackers
slip into Microsoft Teams chats to
distribute malware. (to
the original material)
- Canada's
major banks go offline in mysterious
hours-long outage. (to
the original material)
- Attackers
hone their playbooks, become more agile. (to
the original material)
- Neustar
Security Services report highlights shifts
in threat landscape amid maturing cybercrime
economy. (to
the original material)
- Russian
actors targeting US defense contractors in
cyber espionage campaign, CISA warns. (to
the original material)
- FBI:
Cybercriminals using virtual meeting
platforms to wage BEC attacks. (to
the original material)
- New
quantum key distribution network resistant
to quantum attacks. (to
the original material)
- Infosec,
CISA partner to provide security resources.
(to
the original material)
- SANS
Institute: Preparing for cyberattacks. (to
the original material)
- The New
realities of ransomware. (to
the original material)
- The
Tripod Foundation of a Database Analytics
Solution for today’s threat landscape. (to
the original material)
- CISA
‘Shields Up’ warning underscores foreign
cyberthreats. (to
the original material)
-
Cybersecurity: The Fourth Battleground. (to
the original material)
- Data
privacy lawsuit could cost Meta $90m. (to
the original material)
- Fertility
clinic hit with ransomware. (to
the original material)
- Phishing
top threat to US healthcare. (to
the original material)
- Over 620
million ransomware attacks detected in 2021.
(to
the original material)
-
Researchers block "Largest Ever" bot attack.
(to
the original material)
- Red Cross
attackers exploited Zoho bug used by China.
(to
the original material)
- Google
working on Privacy Sandbox on Android to
limit user data sharing. (link
material original)
- Phishers
spoof power BI to visualize your credential
data. (to
the original material)
- Iranian
hackers targeting VMware Horizon Log4j flaws
to deploy ransomware. (to
the original material)
- 4 Cloud
Data Security best practices all businesses
should follow today. (to
the original material)
- Attackers
can crash Cisco Email Security Appliances by
sending malicious emails. (to
the original material)
- Another
critical RCE discovered in Adobe Commerce
and Magento Platforms. (to
the original material)
- Google
bringing privacy sandbox to Android to limit
sharing of user data. (to
the original material)
- Getting
your SOC 2 compliance as a SaaS company. (to
the original material)
- This new
tool can retrieve pixelated text from
redacted documents. (to
the original material)
-
Researchers warn of a new Golang-based
botnet under continuous development. (to
the original material)
- Interpol:
Policing model needs to change with
cybercrime. (to
the original material)
- SonicWall
CEO on ransomware: Every good vendor was hit
in past 2 years. (to
the original material)
- UK
cybersecurity revenue up 14% on last year to
£10.1bn. (to
the original material)
- Google
expands Privacy Sandbox to Android. (to
the original material)
- Russia
'stole US defense data' from IT systems. (to
the original material)
- What are
the Pros and Cons of Working in Cyber
Security? (to
the original material)
- Is the
Certified Ethical Hacker (CEH) worth it? (to
the original material)
- How a
Saudi woman’s iPhone revealed hacking around
the world. (to
the original material)
- As Russia
amasses troops, Ukraine battles another
threat: Digital warfare. (to
the original material)
- EFF to
Court: Security research is a fair use. (to
the original material)
16.02.2022
- News
from Cyber Security.
- Mozilla
releases security update for Thunderbird. (to
the original material)
- VMware
releases security updates for multiple
products. (to
the original material)
- Russian
state-sponsored actors target cleared
defense contractor networks. (to
the original material)
- Cambodia
doesn't have the gear for controversial
National Internet Gateway. (to
the original material)
- Singapore
introduces potent anti-scam measures. (to
the original material)
- DDoS
attacks knock Ukrainian government, bank
websites offline. (to
the original material)
- Supply
chain shortages create a cybersecurity
nightmare. (to
the original material)
- How QR
code ease of use has broaden the attack
surface. (to
the original material)
- eBook:
The Ultimate guide to client-side security.
(to
the original material)
- Securing
IoT from the ground up. (to
the original material)
- WAFs (Web
Application Firewall) can’t give
organizations the security they need. (to
the original material)
- Fraud and
scam activity hits all-time high. (to
the original material)
-
Traditional MFA is creating a false sense of
security. (to
the original material)
- The seven
themes driving the future of cybersecurity.
(to
the original material)
- FBI warns
of BEC attackers impersonating CEOs in
virtual meetings. (to
the original material)
- US says
Russian state hackers breached defense
contractors. (to
the original material)
- Red
Cross: State hackers breached our network
using Zoho bug. (to
the original material)
-
Researcher 'reverses' redaction, extracts
words from pixelated image. (to
the original material)
- Open
Source a persistent risk, Log4j
vulnerabilities will linger. (to
the original material)
- Grand
Prix CFO sentenced for identity theft. (to
the original material)
- Lithuania
and Poland issue cyber-attack warnings. (to
the original material)
-
Healthcare data breaches impact 147k
Illinoisans. (to
the original material)
- Cyber-War
exclusion clauses in cyber insurance. (to
the original material)
- Baltimore
conned out of $375k. (to
the original material)
- Why a
fundamental change in cybersecurity is
required. (to
the original material)
- Phishing
emails impersonating LinkedIn surge by 232%
amid 'Great Resignation'. (to
the original material)
- RSA
Advisory Board discuss pressing issues in
cybersecurity. (to
the original material)
- The
Security Challenge of the Century: Security
in the Metaverse. (to
the original material)
- The
Exploitation of cloud services continues in
2022. (to
the original material)
- Three A's
(AppSec) to look for when considering a SAST
(Static Application Security Testing) tool.
(to
the original material)
- Finance
Officer jailed after stealing £200,000 from
Charity. (to
the original material)
- CISA puts
Chrome and Magento zero-days on Must-Patch
List. (to
the original material)
- Ukraine
defense and bank networks DDoS-ed. (to
the original material)
-
Vulnerability Spotlight: Vulnerability in
Hancom Office could lead to memory
corruption, code execution. (to
the original material)
- Folding
the impossible into the reality of normal
life. (to
the original material)
- Over a
quarter of businesses have critical
vulnerabilities that could be exploited. (to
the original material)
-
Cybercriminals move fast to exploit zero day
flaws. (to
the original material)
- The
impact of supply chain data breaches
[Q&A]. (to
the original material)
- Q&A:
Ransomware settlements and cyber insurance.
(to
the original material)
- Adobe
patches critical RCE vulnerability in
Magento2. (to
the original material)
- New
identity screening products promise reduced
fraud through behavioral analytics. (to
the original material)
- Nearly
three-quarters of ransomware revenue
generated by Russian strains. (to
the original material)
- Red Cross
reveals actors exploited unpatched Zoho
security flaw in January breach. (to
the original material)
- US
agencies detail two-year Russian campaign
targeting defense contractors. (to
the original material)
- Forcing
‘gotcha’ security adherence can backfire,
leaving financial organizations even more
vulnerable. (to
the original material)
- MFA
fatigue attacks: Users tricked into allowing
device access due to overload of push
notifications. (to
the original material)
- Poisoned
pipelines: Security researcher explores
attack methods in CI (Continuous
Integration) environments. (to
the original material)
- Emergency
Adobe Commerce, Magento patches follow
‘limited’ in-the-wild attacks on vulnerable
deployments. (to
the original material)
- TrickBot
ravages customers of Amazon, PayPal and
other top brands. (to
the original material)
- Massive
LinkedIn phishing, bot attacks feed on the
job-hungry. (to
the original material)
-
High-Severity RCE bug found in popular
Apache Cassandra Database. (to
the original material)
- Critical
VMware bugs open ESXi, Fusion &
Workstation to attackers. (to
the original material)
- Emotet
now spreading through malicious Excel files.
(to
the original material)
- SMS PVA
services' use of infected Android phones
reveals flaws in SMS verification. (to
the original material)
- FBI sees
increase in use of virtual meeting platforms
for BEC scams. (to
the original material)
- Crypto
exchange KLAYswap loses $1.9M after BGP
hijack. (to
the original material)
- Threat
actor adds new Marlin backdoor to Its
arsenal. (to
the original material)
- EU
Privacy Watchdog calls for ban of NSO
Group's spyware. (to
the original material)
- Inside
look at an ugly alleged insider data breach
dispute. (to
the original material)
- Agencies
say Russian hackers targeting defense
contractors. (to
the original material)
- The
Curious case of the fake Ukrainian
ransomware attack. (to
the original material)
- Reports:
GiveSendGo breach involves freedom convoy
donors. (to
the original material)
- Unpatched
Zoho bug exploited in Red Cross attack. (to
the original material)
- Kronos
attack fallout continues with data breach
disclosures. (to
the original material)
- Apache
Cassandra vulnerability puts servers at
risk. (to
the original material)
- BlackCat
ransomware gang claims responsibility for
Swissport attack. (to
the original material)
- Trickbot
has infected 140,000-plus machines since
late 2020. (to
the original material)
- Covid’s
silver lining: The acceleration of the
extended IoT. (to
the original material)
- Solving
the Quantum decryption 'Harvest now, decrypt
later' problem. (to
the original material)
-
High-Severity vulnerability found in Apache
Database System used by major firms. (to
the original material)
-
Cybercriminals have changed tactics. (to
the original material)
- Hybrid
work accelerated fraud; Now, CSOs are taking
a seat at the executive table. (to
the original material)
- FBI, US
Secret Service issue mitigations for
BlackByte ransomware. (to
the original material)
- Moses
Staff hackers targeting Israeli
organizations for cyber espionage. (to
the original material)
- U.S. says
Russian hackers stealing sensitive data from
defense contractors. (to
the original material)
- TrickBot
malware targeted customers of 60
high-profile companies since 2020. (to
the original material)
- VMware
issues security patches for high-severity
flaws affecting multiple products. (to
the original material)
- EU Data
Protection Watchdog calls for ban on
Pegasus-like commercial spyware. (to
the original material)
- Ukraine
crisis: Russian cyberattacks could affect
organizations around the world, so take
action now. (to
the original material)
- Privacy
experts to Federal and State agencies: End
use of facial verification services. (to
the original material)
15.02.2022
- News
from Cyber Security.
- CISA adds
nine known exploited vulnerabilities to
Catalog. (to
the original material)
- FBI and
USSS (United States Secret Service) release
advisory on BlackByte ransomware. (to
the original material)
- Google
releases security updates for Chrome. (to
the original material)
- Kali Linux
2022.1 released: New tools,
kali-linux-everything, visual changes. (to
the original material)
- Qualys
Context XDR: Bringing context to an
organization’s security efforts. (to
the original material)
- Energy, oil
and utility sector most likely to pay ransoms.
(to
the original material)
- Whitepaper:
5 steps to improved MFA adoption. (to
the original material)
- Log4Shell: A
retrospective. (to
the original material)
- The rise of
the super malicious insider: Yes, we need to
worry. (to
the original material)
- The
importance of implementing a zero trust
strategy. (to
the original material)
- Soaring
losses accelerate investments in anti-fraud
tech. (to
the original material)
- CISA tells
agencies to patch actively exploited Chrome,
Magento bugs. (to
the original material)
- Google
almost doubles Linux Kernel, Kubernetes
zero-day rewards. (to
the original material)
- Ukrainian
military agencies, banks hit by DDoS attacks,
defacements. (to
the original material)
- Unskilled
hacker linked to years of attacks on aviation,
transport sectors. (to
the original material)
- BlackCat
(ALPHV) claims Swissport ransomware attack,
leaks data. (to
the original material)
- ShadowPad
has become the RAT of choice for several
state-sponsored Chinese APTs. (to
the original material)
- Trousseau
bolsters its Kubernetes security capabilities
with support for HashiCorp Vault. (to
the original material)
- Oh! Canada -
Truck protest donor PII (Personally
Identifiable Information) hacked. (to
the original material)
- How smarter
identity segmentation can reduce risk. (to
the original material)
- Marine
charged with cyber-stalking. (to
the original material)
- Barclays:
Scams surged in final Quarter of 2021. (to
the original material)
- Crypto
Lender agrees to pay $100m in fines. (to
the original material)
- Three-Fifths
of cyber-attacks in 2021 were malware-free. (to
the original material)
- Ukraine
claims 'Hybrid Warfare' already underway. (to
the original material)
- New version
of MyloBot malware used in sextortion
campaigns. (to
the original material)
-
CVE-2022-0609: Zero-Day bug in Chrome
exploited in the wild. (to
the original material)
- Watch Out!
FritzFrog botnet has gone aggressively wild. (to
the original material)
- Dissecting
the ModifiedElephant APT group and its
campaign. (to
the original material)
- OilRig's new
Marlin backdoor and the Group's Lyceum
Connection. (to
the original material)
-
High-Severity RCE security bug reported in
Apache Cassandra Database Software. (to
the original material)
- Facebook
agrees to pay $90 million to settle decade-old
privacy violation case. (to
the original material)
- Researchers
link ShadowPad malware attacks to Chinese
Ministry and PLA. (to
the original material)
- SafeDNS:
Cloud-based Internet Security and Web
Filtering Solution for MSPs. (to
the original material)
- Experts warn
of hacking group targeting aviation and
defense sectors. (to
the original material)
- New MyloBot
malware variant sends sextortion emails
demanding $2,732 in Bitcoin. (to
the original material)
- New Chrome
zero-day bug under active attack – Update your
browser ASAP! (to
the original material)
- Journalist
won't be prosecuted for pressing 'view
source'. (to
the original material)
- Massive
cyberattack takes Ukraine military, big bank
websites offline. (to
the original material)
- Cambodia
cans critics of its snoopy Internet Gateway,
says every nation has one. (to
the original material)
- VMware
patches vulnerabilities disclosed at Chinese
hacking contest. (to
the original material)
- QNAP extends
security updates for some EOL devices. (to
the original material)
- FBI warns of
BlackByte ransomware attacks on critical
infrastructure. (to
the original material)
- Moxa MXview
vulnerabilities expose Industrial Networks to
attacks. (to
the original material)
- Google
discovers attack exploiting Chrome zero-day
vulnerability. (to
the original material)
- 'Don't Be
Google': The rise of privacy focused startups.
(to
the original material)
- Sophos
discovers new attack targeting Exchange
Servers. (to
the original material)
- Botched
third-party configuration exposes Internet
Society data to web. (to
the original material)
- TA2451
targets aviation and transport sector with
tailored lures. (to
the original material)
- CrowdStrike:
Attackers are moving faster, harder to detect.
(to
the original material)
- China
emerges as leader in vulnerability
exploitation. (to
the original material)
- Ransomware
tied to attacks on critical infrastructure
last year. (to
the original material)
- Questions
linger after IRS’s about‑face on facial
recognition. (to
the original material)
- Over 80
percent of employees admit accessing a
previous employer's data. (to
the original material)
- Internet
Society members' data exposed in breach. (to
the original material)
- New
adversaries add to already crowded threat
landscape. (to
the original material)
- Is your
cybersecurity sassy enough? (to
the original material)
- Why C-Suite
Executives don’t fully understand
cybersecurity. (to
the original material)
- How do I
secure WordPress websites for free? (to
the original material)
- HIPAA
modernization: How to maintain patient privacy
in an age of hyper-connectivity? (to
the original material)
- CaptureRX
faces bankruptcy if $4.75M settlement in
healthcare breach lawsuit is not approved. (to
the original material)
- US Postal
Service emergency records system will expand
to support ransomware, breach response. (to
the original material)
- Linux kernel
patches remote stack overflow bug. (to
the original material)
- Analysis of
Microsoft CVE-2022-21907. (to
the original material)
- New tool can
uncover redacted, pixelated text to reveal
sensitive data. (to
the original material)
- An Origin
Story: Darkode. (to
the original material)
- Cybercrime
group relentlessly targets aviation and
transportation sectors for years. (to
the original material)
- Does the
current global situation and the lifestyle
associated with it affect your memory and
ability to concentrate? (to
the original material)
- 18 years of
Facebook: An amalgamation of socializing
activities, fraud and tracking of users'
activity on the internet. (to
the original material)
- As part of a
data breach, an UK COVID research centre
shared the email addresses of study
participants. (to
the original material)
- Are you a
gamer? Watch out for these cyber threats in
2022! (to
the original material)
- 5 methods
hackers use to get infected with ransomware. (to
the original material)
- Report:
Cyberattack hits Ukrainian defense ministry,
banks. (to
the original material)
- Data leak at
Hong Kong's Harbour Plaza Hotel affects 1.2M.
(to
the original material)
- BlockFi to
pay SEC, state regulators $100M in penalties.
(to
the original material)
- 9 Ransomware
trends: More leaks, higher ransom payments. (to
the original material)
- Enhancing
the cyber resilience of critical
infrastructure. (to
the original material)
- Sound Off:
What does the OMB (Office of Management and
Budget) zero trust strategy get right? (to
the original material)
- How the
world's largest law firm reimagined data
protection. (to
the original material)
- The
Troublemaker CISO: Cloud isn't easy. (to
the original material)
- Cyberattack
affects operations at Slovenian TV channel. (to
the original material)
- CompTIA ISAO
and IT-ISAC urge technology companies to
elevate cybersecurity monitoring, readiness in
response to rising geopolitical tensions. (to
the original material)
- How to make
cybersecurity effective and invisible. (to
the original material)
- Maryland
Bill offers strong privacy protections against
biometric data collection. (to
the original material)
- UN Committee
to begin negotiating new cybercrime treaty
amid disagreement among states over its scope.
(to
the original material)
- Victory!
More lawsuits proceed against Clearview’s face
surveillance. (to
the original material)
- The
unsettling reason why your Help Desk may be
your greatest security vulnerability. (to
the original material)
14.02.2022
- News
from Cyber Security.
-
Adobe releases security updates for
Commerce and Magento Open Source. (to
the original material)
-
Vulnerability summary for the Week of
February 7, 2022. (to
the original material)
-
Joint Publication – Boosting your
organisation’s cyber resilience. (to
the original material)
- PCI
SSC and the National Cybersecurity
Alliance issue bulletin to highlight
ransomware threat. (to
the original material)
-
Democratizing security with Open XDR.
(to
the original material)
- Open
banking innovation: A race between
developers and cybercriminals. (to
the original material)
-
Using mobile networks for cyber
attacks as part of a warfare strategy.
(to
the original material)
- The
importance of implementing security
scanning in the software development
lifecycle. (to
the original material)
-
Online fraud skyrocketing: Gaming,
streaming, social media, travel and
ecommerce hit the most. (to
the original material)
- What
is fueling digital anxiety when
working remotely? (to
the original material)
-
Encryption management solutions market
to grow steadily by 2025. (to
the original material)
- Kali
Linux 2022.1 released with 6 new
tools, SSH wide compat, and more. (to
the original material)
-
Google Chrome emergency update fixes
zero-day exploited in attacks. (to
the original material)
-
Ukraine says it’s targeted by ‘massive
wave of hybrid warfare’. (to
the original material)
-
Sports brand Mizuno hit with
ransomware attack delaying orders. (to
the original material)
- FTC
warns VoIP providers: Share your
robocall info or get sued. (to
the original material)
- QNAP
extends critical updates for some
unsupported NAS devices. (to
the original material)
- FBI:
BlackByte ransomware breached US
critical infrastructure. (to
the original material)
-
Emergency Magento update fixes
zero-day bug exploited in attacks. (to
the original material)
-
Software supply chain attacks hit
three out of five companies in 2021. (to
the original material)
- NIST
releases software, IoT, and consumer
cybersecurity labeling guidance. (to
the original material)
- The
Hunt for Log4j. (to
the original material)
- Zoom
Hot-Mic bug: Is China listening? (to
the original material)
-
Securing remote workers with
Firewall-as-a-Service. (to
the original material)
-
Quantum Encryption: The Basics. (to
the original material)
-
Securing the UK's operators of
essential services against
cyber-attacks. (to
the original material)
- As
Nation-State and cybercrime threats
conflate, should CISOs be worried? (to
the original material)
-
Three-Quarters of ransomware payments
linked to Russia. (to
the original material)
-
Editorial: Only the Good die young (Q1
2022 issue). (to
the original material)
-
Interview: Tackling evolving cyber
challenges in financial services. (to
the original material)
-
#HowTo: Meet the cyber jobs challenge.
(to
the original material)
-
Local authority sets aside £380k for
cyber-attack recovery. (to
the original material)
-
Google: Vendors accelerate bug fixes
to just 52 days. (to
the original material)
-
Trustpilot sues immigration biz for
alleged fake reviews. (to
the original material)
- 5
Ways to avoid heartbreak from
Valentine’s Day hacks. (to
the original material)
- Data
breach at Morley companies. (to
the original material)
-
Threat actors still love a romance
scam. (to
the original material)
-
CVE-2022-24086: Zero-Day in Adobe
Commerce and Magento platforms. (to
the original material)
- San
Francisco 49ers hit by ransomware. (to
the original material)
- CISA
says 'Shields Up' as Russia-Ukraine
tensions escalate. (to
the original material)
-
Fallout from REvil arrests shakes up
ransomware landscape. (to
the original material)
- From
the back office to the till:
Cybersecurity challenges facing global
retailers. (to
the original material)
-
Record number of vulnerabilities
disclosed in 2021. (to
the original material)
- SSU:
Russia-linked actors are targeting
Ukraine with ‘massive wave of hybrid
warfare’. (to
the original material)
-
BlackByte ransomware breached at least
3 US critical infrastructure
organizations. (to
the original material)
- For
signs of cryptocurrency laundering,
look closely at Moscow firms, report
says. (to
the original material)
-
FortiGuard Labs threat research
report. (to
the original material)
- Team
Xecuter hacker gets 40 months in
prison for Nintendo Switch hacks. (to
the original material)
- NFT
buyers beware: Journey of a crypto
scammer and how to stop them. (to
the original material)
-
Asian cloud service providers face
threats from CoinStomp Cryptominer. (to
the original material)
-
TrickBot uses Metaprogramming in
BazarBackdoor malware. (to
the original material)
-
Ransomware becomes deadlier, Conti
makes the most money. (to
the original material)
-
Sensitive addresses among more than
500,000 leaked from NSW (New South
Wales) Government database. (to
the original material)
-
Cyberattack on Harbour Plaza hotels in
Hong Kong exposes personal data of
more than 1.2 million guests. (to
the original material)
-
Spanish police arrest SIM swappers who
stole money from victims bank
accounts. (to
the original material)
-
Critical security flaws reported in
Moxa MXview Network Management
Software. (to
the original material)
-
Spot the irony: India's Reserve
Bank says outsourcing and
offshoring are risky. (to
the original material)
-
DHS creates cybersecurity review
board. (to
the original material)
-
How email threats are evolving. (to
the original material)
-
Feds say goodbye to ‘information
sharing,’ hello to ‘operational
collaboration’. (to
the original material)
-
New SEC cybersecurity rules for
private equity firms could bring
learning curve. (to
the original material)
-
Russian cooperation in ransomware
could ‘fully cease’ amid Ukraine
row. (to
the original material)
-
The need for a zero trust edge
strategy. (to
the original material)
-
NFT (Non-Fungible Tokens) lure
used to distribute BitRAT. (to
the original material)
-
7 Best practices for social media
security and privacy. (to
the original material)
-
KlaySwap crypto users lose funds
after BGP hijack. (to
the original material)
-
The Security implications of
Coinbase's Super Bowl Ad. (to
the original material)
-
CISA warns orgs to prep for
potential Russian cyberattacks. (to
the original material)
-
CaptureRx, Inmediata breaches:
Proposed settlements reached. (to
the original material)
-
Why ransomware groups such as
BlackCat are turning to Rust. (to
the original material)
-
Russia shutters 3 carding markets,
including Trump's dumps. (to
the original material)
-
How to put the Sec into DevSecOps.
(to
the original material)
-
Ransomware is only increasing: Is
your organization protected? (to
the original material)
-
You need decentralized
cybersecurity to match
decentralized attacks. (to
the original material)
-
Access Controls can stop a breach
before it occurs. (to
the original material)
-
Ransomware proceeds: $400 million
routed to Russia in 2021. (to
the original material)
-
BlackByte ransomware hits San
Francisco 49ers' IT systems. (to
the original material)
13.02.2022
- News
from Cyber Security.
- NFL's San
Francisco 49ers hit by Blackbyte ransomware
attack. (to
the original material)
- San
Francisco 49ers confirm ransomware attack. (to
the original material)
- Chrome
could soon give you greater control over
bothersome compromised password warnings. (to
the original material)
- Microsoft
Defender will soon block Windows password
theft. (to
the original material)
- Bridging
the security gap in the software development
life cycle. (to
the original material)
12.02.2022 - News from Cyber Security.
- CISA
says to urgently patch actively exploited
SeriousSAM/ HiveNightmare flaw affecting
Windows 11. (to
the original material)
-
Missouri will not charge reporter that
governor accused of hacking. (to
the original material)
- Data
breach exposes booking details of 19
million customers. (to
the original material)
- Do you
need math for cyber security? (to
the original material)
- What is
Adware? (to
the original material)
-
SentinelOne: India-linked threat actor
involved in spying, planting evidence. (to
the original material)
-
Facebook exposes 'god mode' token that
could siphon data. (to
the original material)
11.02.2022
- News
from Cyber Security.
- CISA adds one
known exploited vulnerability to Catalog. (to
the original material)
- Apple
releases security updates for multiple products.
(to
the original material)
- This Week in
Security News - February 11, 2022. (to
the original material)
- New infosec
products of the week: February 11, 2022. (to
the original material)
- Why identity
and access management strategies need a booster.
(to
the original material)
- Apple fixes
actively exploited iOS, macOS zero-day
(CVE-2022-22620). (to
the original material)
- Cloud
security training is pivotal as demand for cloud
services explode. (to
the original material)
- Log4j
exploitation risk is not as high as first
thought, cyber MGA says. (to
the original material)
- The most
common cyber gaps threatening supply chain
security. (to
the original material)
- How to
prepare your organization for this year’s
cybersecurity incidents. (to
the original material)
- AI can spot
biometric spoofing attacks with ease. (to
the original material)
- Execs
concerned about failing to deliver working
arrangements that meet employee expectations. (to
the original material)
- Organizations
and the cloud: How they use it and how they
secure it. (to
the original material)
- The Week in
Ransomware - February 11th 2022 - Maze, Egregor
decryptors. (to
the original material)
- Croatian
phone carrier data breach impacts 200,000
clients. (to
the original material)
- CISA orders
federal agencies to update iPhones until Feb
25th. (to
the original material)
- Google
Project Zero: Vendors are now quicker at fixing
zero-days. (to
the original material)
- CISA urges
orgs to patch actively exploited Windows
SeriousSAM bug. (to
the original material)
- Microsoft
fixes Defender flaw letting hackers bypass
antivirus scans. (to
the original material)
- Microsoft
starts killing off WMIC in Windows, will thwart
attacks. (to
the original material)
- Hacking group
'ModifiedElephant' evaded discovery for a
decade. (to
the original material)
- Apple patches
new zero-day exploited to hack iPhones, iPads,
Macs. (to
the original material)
- Qbot, Lokibot
malware switch back to Windows Regsvr32
delivery. (to
the original material)
- CISA warns
about 15 actively exploited vulnerabilities. (to
the original material)
- Vulnerability
Spotlight: Vulnerabilities in Moxa MXView could
allow attacker to view sensitive information,
bypass login. (to
the original material)
- Threat
Roundup for February 4 to February 11. (to
the original material)
- Beers with
Talos, Ep. #116: Let's wade into the MuddyWater
filled with Vipers. (to
the original material)
- Week in
security with Tony Anscombe. (to
the original material)
- When love
hurts: Watch out for romance scams this
Valentine’s Day. (to
the original material)
- How to choose
a security plugin that’s right for your website.
(to
the original material)
- The challenge
of managing and securing IoT devices in the
enterprise [Q&A]. (to
the original material)
- Q&A with
10-time Channel Chief, Neal Bradbury. (to
the original material)
- Cybrary CEO
talks botched job description that went viral,
and what the company actually meant to say. (to
the original material)
- $1.13M
settlement proposed in Inmediata Health in
lawsuit over 2019 data breach. (to
the original material)
- Senators want
to require public companies to detail cyber
expertise of their boards. (to
the original material)
- Security
awareness training is always ongoing, experts
say. The financial industry is no exception. (to
the original material)
- How cyber
insurers view the Ukraine situation. (to
the original material)
- Hackers
planted fake digital evidence on devices of
Indian activists and lawyers. (to
the original material)
- Senators: CIA
has secret program that collects American data.
(to
the original material)
-
Vulnerabilities found by Google researchers in
2021 got patched on average in 52 days. (to
the original material)
- Google
Project Zero hails dramatic acceleration in
security bug remediation. (to
the original material)
- Nintendo
Switch hacker sent behind bars, owes video game
giant further $4.5m. (to
the original material)
- Tool trio
released to protect JavaScript applications from
malicious NPM packages. (to
the original material)
- Critical
MQTT-related bugs open industrial networks to
RCE via Moxa. (to
the original material)
- Apple emits
emergency fix for exploited-in-the-wild WebKit
vulnerability. (to
the original material)
- US govt: Here
are another 15 security bugs under attack right
now. (to
the original material)
- Ransomware
crew dumps stolen Optionis files online. (to
the original material)
- Spanish cops
bust SIM swap fraud gang. (to
the original material)
- Former NFL
player gets five years for healthcare fraud. (to
the original material)
- Half of
global emails were spam in 2021. (to
the original material)
- 3 Cultural
obstacles to successful DevSecOps
implementation. (to
the original material)
- Can
high-security workers keep their mobile devices
(and themselves) safe? (to
the original material)
- Immediata
agrees $1.125m data breach settlement. (to
the original material)
- Marketing
firm exposes lead data. (to
the original material)
- Prison for
Nintendo pirate. (to
the original material)
- We need
answers about the CIA’s mass surveillance. (to
the original material)
10.02.2022
- News
from Cyber Security.
- CISA adds
15 known exploited vulnerabilities to
Catalog. (to
the original material)
- Why
security concerns drive customers towards
public DNS resolvers. (to
the original material)
-
Cybersecurity Week News (10.02.2022). (to
the original material)
- Tips to
mitigate public-key cryptography risk in a
quantum computing world. (to
the original material)
- Why the
C-suite should focus on understanding
cybersecurity and investing appropriately. (to
the original material)
- Low code
applications are essential for cybersecurity
development in applications. (to
the original material)
- Zero
trust adoption will continue to mature. (to
the original material)
-
Ransomware attacks, and ransom payments, are
rampant among critical infrastructure
organizations. (to
the original material)
- Cloud
migrations are taking longer, and require
bigger budgets than expected. (to
the original material)
- Qbot,
Lokibot malware switch back to Windows
Regsvr32 delivery. (to
the original material)
- FTC says
Americans lost $547 million to romance scams
in 2021. (to
the original material)
- FritzFrog
botnet grows 10x, hits healthcare, edu, and
govt systems. (to
the original material)
- Spain
dismantles SIM swapping group who emptied
bank accounts. (to
the original material)
- Russian
threat actors targeting infrastructure. (to
the original material)
-
Californian College attacked with
ransomware. (to
the original material)
- The
Cyber-Threat in 2022: Where you keep your
data will make or break the success of an
attack. (to
the original material)
- ICO (Information
Commissioner's Office - UK) hit by 2650%
rise in email attacks. (to
the original material)
- Almost
$1.3bn paid to ransomware actors since 2020. (to
the original material)
- CISOs
reveal biggest challenges for security teams.
(to
the original material)
- FBI: SIM
swapping attacks have surged five-fold. (to
the original material)
- New
ransomware warning for critical infrastructure
providers. (to
the original material)
- Threat
actors exploit Windows Service Regsvr32 to
deliver malware. (to
the original material)
- Donation
site for Ottawa truckers’ ‘Freedom Convoy’
protest exposed donors’ data. (to
the original material)
- Georgia
voter info posted online after software
company breach. (to
the original material)
- Be careful!
Phishing kits bypassing MFA are growing in
popularity. (to
the original material)
- Charming
Kitten adds new malware to its arsenal. (to
the original material)
- Linux
malware attacks are on the rise, and
businesses aren't ready for it. (to
the original material)
- White Tur
borrows techniques from APTs. (to
the original material)
- FritzFrog
P2P botnet attacking healthcare, education and
government sectors. (to
the original material)
- Covid does
not spread to computers. (to
the original material)
- CISA, FBI,
NSA issue advisory on severe increase in
ransomware attacks. (to
the original material)
- Use Zoom on
a Mac? You might want to check your microphone
settings. (to
the original material)
- Swipe left:
Snoops use dating apps to hook sources, says
Australian Five Eyes boss. (to
the original material)
- A Guide
about internet data. (to
the original material)
-
Cybersecurity most advanced fields. (to
the original material)
- What is
Kali Linux? (to
the original material)
- IC3
received more than 1,900 complaints related to
SIM swapping. (to
the original material)
- The Future
of Cyber Security. (to
the original material)
- The SASE
conversation in 2022, a resolution for the
future. (to
the original material)
- New
vulnerabilities can allow hackers to remotely
crash Siemens PLCs. (to
the original material)
- Critical
code execution flaws patched in 'PHP
Everywhere' WordPress plugin. (to
the original material)
- Ransomware
targeted 14 of 16 U.S. critical infrastructure
sectors in 2021. (to
the original material)
- University
project cataloged 1,100 ransomware attacks on
critical infrastructure. (to
the original material)
- Web Skimmer
injected into hundreds of Magento-Powered
Stores. (to
the original material)
- QR Codes:
How fraudsters can exploit them to steal
money. (to
the original material)
- Hidden in
plain sight: How the dark web is spilling onto
social media. (to
the original material)
- Top 10
security tips to keep your WordPress site
healthy. (to
the original material)
- Navigating
the complexities of securely transmitting
digital documents. (to
the original material)
- Increase in
API use leads to security concerns. (to
the original material)
- Cape
Privacy propelled by VC funding and guidance.
(to
the original material)
- Ransomware
2022: What to expect, how to fight back. (to
the original material)
- Senators
look to address privacy, new technology in
renewed push to modernize HIPAA. (to
the original material)
- Is security
awareness training effective in the finance
industry as employees work from home? (to
the original material)
- So-called
‘red lines’ increasingly crossed by ransomware
groups in critical infrastructure attacks. (to
the original material)
-
Cryptocurrency firm MakerDAO offers record
$10m in newly launched bug bounty program. (to
the original material)
- Ransomware
surge prompts joint NCSC, CISA warning to
safeguard systems. (to
the original material)
- Dependency
confusion tops the PortSwigger annual web
hacking list for 2021. (to
the original material)
- SAP patches
severe ‘ICMAD’ Bugs. (to
the original material)
- Losses from
romance scams hit a record $547 million in
2021, FTC says. (to
the original material)
- Ransomware
victims paid more than $600 million to
cybercriminals in 2021. (to
the original material)
- Decryption
keys released for 3 defunct ransomware
strains. (to
the original material)
- Sri Lanka
to use India-developed digital identity
framework. (to
the original material)
- CERTs urge
patching of Google Chrome, Android flaws. (to
the original material)
- Google
lauds 2FA results - So why do people HATE it?.
(to
the original material)
- France
rules that using Google Analytics violates
GDPR data protection Law. (to
the original material)
- Apple says
WebKit zero-day hitting iOS, macOS devices. (to
the original material)
- Gambling
with our privacy: New report shows the reality
of surveillance advertising. (to
the original material)
- Phishing
tests are a useful exercise, but don’t overdo
it. (to
the original material)
- Key
Senators have voted for The Anti-Encryption
EARN IT Act. (to
the original material)
09.02.2022
- News
from Cyber Security.
- 2021 trends show
increased globalized threat of ransomware. (to
the original material)
- End of 2021 witnessed
an explosion of RDP brute-force attacks. (to
the original material)
- 2021 was the most
prolific year on record for data breaches. (to
the original material)
- How cybercriminals
are using malware to target Linux-based operating
systems. (to
the original material)
- Why security
strategies need a new perspective. (to
the original material)
- 78% of organizations
expect to produce or consume SBOMs (Software Bill of
Materials) in 2022. (to
the original material)
- Organizations still
struggling to use APIs effectively. (to
the original material)
- Preventing software
security vulnerabilities with automation. (to
the original material)
- Digital signature
market to reach $7.1 billion by 2025. (to
the original material)
- FBI warns of
criminals escalating SIM swap attacks to steal millions.
(to
the original material)
- Molerats hackers
deploy new malware in highly evasive campaign. (to
the original material)
- SMEs avoid cloud
payroll solutions over security concerns. (to
the original material)
- Linux-based systems
targeted with ransomware and cryptojacking. (to
the original material)
- Cyberattacks related
to JavaScript NPM rise sharply. (to
the original material)
- Cybersecurity
Acronyms: Making sense of the alphabet soup. (to
the original material)
- What’s with the
shared VBA code between Transparent Tribe and other
threat actors? (to
the original material)
- Why 2022 will be a
down year in cyber venture funding that will result in
some startup casualties. (to
the original material)
- Cyber-attack at
Vodafone Portugal knocks mobile network services
offline. (to
the original material)
- FTC set to ramp up
privacy and security rule-making activity in 2022. (to
the original material)
- MoleRats APT flaunts
new trojan in latest cyberespionage campaign. (to
the original material)
- Ex-Gumshoe Nabs
cybercrooks with FBI tactics. (to
the original material)
- Brute-forcing
passwords, ProxyLogon exploits were some of 2021's most
popular attack methods. (to
the original material)
- Lazarus hackers target defense industry with fake Lockheed Martin job offers. (to the original material)
- ESET Threat Report T3
2021. (to
the original material)
- Bust of
cryptocurrency couple shows money laundering risks. (to
the original material)
- Linux-based clouds an
open door for attackers, says VMware. (to
the original material)
- Ransomware ever more
sophisticated and impactful, warns NCSC. (to
the original material)
- Protecting
cryptocurrencies and NFTs - What's old is new. (to
the original material)
- Poland’s Defense
Minister appointed an army general to head a new cyber
defense force. (to
the original material)
- Computer Forensics. (to
the original material)
- How to find a network
security key. (to
the original material)
- Why you need remote
data backup? (to
the original material)
- U.S. arrests two and
seizes $3.6 billion cryptocurrency stolen in 2016
Bitfinex hack. (to
the original material)
- Guide: Alert overload
and handling for lean IT security teams. (to
the original material)
- Iranian hackers using
new Marlin backdoor in 'Out to Sea' espionage campaign.
(to
the original material)
- Russian APT hackers
used Covid-19 lures to target european diplomats. (to
the original material)
- StellarParticle
campaign - New undetected malware revealed after two
years. (to
the original material)
- Zerodium offers huge
money for zero-day exploits. (to
the original material)
- The Pirate Bay clones
target millions of users with malware and malicious ads.
(to
the original material)
- UK Foreign Office
calls in ‘urgent support’ after cyber incident. (to
the original material)
- Medusa joins hands
with Flubot. (to
the original material)
- BlackCat is the new
avatar of BlackMatter/DarkSide, claims the gang. (to
the original material)
- Fifth of young women
in UK were cyber-flashed in past year. (to
the original material)
- Greater IT connection
means greater ransomware risk on the mainframe. (to
the original material)
- Romance fraud losses
increased by 91% during Covid-19. (to
the original material)
- Disruption 3.0 but
scams 1.0. (to
the original material)
- Interview:
Cyber-Threats at the Beijing Winter Olympics. (to
the original material)
- UK Foreign Office
subjected to "Serious Cybersecurity Incident". (to
the original material)
- Home workers more
likely to be concerned about security. (to
the original material)
- PHP Everywhere RCE
flaws threaten thousands of WordPress sites. (to
the original material)
- Wave of MageCart
attacks target hundreds of outdated Magento sites. (to
the original material)
- CISA warns admins to
patch maximum severity SAP vulnerability. (to
the original material)
- Ransomware dev
releases Egregor, Maze master decryption keys. (to
the original material)
- Meta and Chime sue
Nigerians behind Facebook, Instagram phishing. (to
the original material)
- Fake Windows 11
upgrade installers infect you with RedLine malware. (to
the original material)
- Russia cracks down on
4 dark web marketplaces for stolen credit cards. (to
the original material)
- Critical RCE flaws in
'PHP Everywhere' plugin affect thousands of WordPress
sites. (to
the original material)
- UK, US, Australia
issue joint advisory: Ransomware on the loose, critical
national infrastructure affected. (to
the original material)
- Kevin Mitnick on
Dumpster Diving, phone phreaking, and computer hacking.
(to
the original material)
- US banks warned of
possible cyberattacks amid Russia-Ukraine tensions. (to
the original material)
- Covid-19 news fuels
rise in domain-related cybercrime, preying on fear
factor. (to
the original material)
- Microsoft will block
macros by default from internet downloads. (to
the original material)
- IT leaders report
lack of visibility into supply chain, widespread
incidents of compromise. (to
the original material)
- Tricky botnet
reemerges, new and improved, to target banking apps. (to
the original material)
- Ukraine dismantles
social media bot farm spreading “panic”. (to
the original material)
- FBI: $68 million lost
to SIM swapping attacks in 2021. (to
the original material)
- Best browser for
privacy 2022: Secure web browsing. (to
the original material)
- Robots have no place
filtering creative content, EFF tells U.S. Copyright
Office. (to
the original material)
- Activists, Writers,
and Security Experts all oppose the EARN IT Act. (to
the original material)
- Victory! ID.me to
drop facial recognition requirement for Government
services. (to
the original material)
- What the Duck? Why an
EU proposal to require "QWACs" will hurt internet
security. (to
the original material)
- 3 Tips for facing the
harsh truths of cybersecurity in 2022, Part I. (to
the original material)
08.02.2022
- News
from Cyber Security.
- Cyber teams from across
the globe to compete in 1st International Cybersecurity
Challenge. (to
the original material)
- Adobe releases security
updates for multiple products. (to
the original material)
- Citrix releases
security updates for Hypervisor. (to
the original material)
- Microsoft Releases
February 2022 Security Updates. (to
the original material)
- Mozilla releases
security updates for Firefox and Firefox ESR. (to
the original material)
- Critical
vulnerabilities affecting SAP applications employing
Internet Communication Manager (ICM). (to
the original material)
- A “light” February 2022
Patch Tuesday that should not be ignored. (to
the original material)
- Disaster recovery is
critical for business continuity. (to
the original material)
- Why cybersecurity and
anti-fraud teams need to collaborate. (to
the original material)
- 3 key elements of a
strong cybersecurity program. (to
the original material)
- Highly Evasive Adaptive
Threats (HEAT) bypassing traditional security defenses. (to
the original material)
- Enterprise data safety
during the Great Resignation. (to
the original material)
- Researchers propose a
new method for quantum computing in trapped ions. (to
the original material)
- Identity theft
protection services market to surpass $24B by 2032. (to
the original material)
- Microsoft to block
downloaded VBA macros in Office - you may be able to run
'em anyway. (to
the original material)
- School District CISO
quits over handling of data breach. (to
the original material)
- Home8 security suffers
outage, blames AWS for problem. (to
the original material)
- Labour reminds UK.gov
that it's supposed to be reforming the Computer Misuse
Act. (to
the original material)
- UK.gov threatens to
make adults give credit card details for access to
Facebook or TikTok (age verification). (to
the original material)
- Canadian Netwalker
ransomware crook pleads guilty to million-dollar crimes. (to
the original material)
- The rise of the "super
malicious" insider. (to
the original material)
- Firms step up testing
to find and fix software security flaws. (to
the original material)
- Microsoft will disable
Office VBA macros by default to block malware. (to
the original material)
- Working from home leads
to increased "digital anxiety". (to
the original material)
- Google fixes remote
escalation of privileges bug on Android. (to
the original material)
- Kimsuki hackers use
commodity RATs with custom Gold Dragon malware. (to
the original material)
- Microsoft February 2022
Patch Tuesday fixes 48 flaws, 1 zero-day. (to
the original material)
- US seizes $3.6 billion
stolen in 2016 Bitfinex cryptoexchange hack. (to
the original material)
- Mozilla fixes Firefox
bug letting you get Windows admin privileges. (to
the original material)
- ExpressVPN offering
$100,000 to first person who hacks its servers. (to
the original material)
- Vodafone Portugal 4G
and 5G services down after cyberattack. (to
the original material)
- NetWalker ransomware
affiliate sentenced to 80 months in prison. (to
the original material)
- Google sees 50%
security boost for 150M users after 2FA enroll. (to
the original material)
- Qbot needs only 30
minutes to steal your credentials, emails. (to
the original material)
- Google Cloud adds
agentless threat detection to virtual machine workloads. (to
the original material)
- 4 alternatives to
encryption backdoors, but no silver bullet. (to
the original material)
- Microsoft Patch Tuesday
for Feb. 2022 - Snort rules and prominent vulnerabilities.
(to
the original material)
- List Of Fortune 500
Chief Information Security Officers. (to
the original material)
- How SASE works to
connect network, security, and cloud. (to
the original material)
- Could healthcare serve
as a model for adoption of software bill of materials? (to
the original material)
- Senate Homeland leaders
package trio of cyber bills tied to incident reporting,
cloud and oversight. (to
the original material)
- Apache head: No
programming tool would have caught Log4j bug. (to
the original material)
- Hands-on learning
knocks two months off fixing broken code. (to
the original material)
- Zero-day
vulnerabilities in Nooie baby monitors could allow video
feed hijack. (to
the original material)
- UK anti-encryption
drive meets fierce resistance from privacy, security
advocates. (to
the original material)
- Pay to play PrivateLoader spreads Smokeloader, Redline, Vidar malware. (to the original material)
- Chinese telecom Hytera
charged for allegedly recruiting Motorola employees to
steal trade secrets. (to
the original material)
- Cyberattack brings down
Vodafone Portugal mobile, voice, and TV services. (to
the original material)
- How a Texas hack
changed the ransomware business forever. (to
the original material)
- DoJ seizes $3.6 billion
from 2016 Bitfinex hack, arrests New York couple. (to
the original material)
- US: Your AI has to
explain its decisions. (to
the original material)
- Security experts
discuss Log4j mitigation before US Senate. (to
the original material)
- How fraudsters changed
their synthetic fraud tactics. (to
the original material)
- Chinese APT targeting
german enterprises. (to
the original material)
- Update: Amid IRS'
pullback, ID.me offers alternative solution. (to
the original material)
- Preparing the entire
workforce for devastating cyberattacks. (to
the original material)
- Russia continues
cybercrime offensive with SkyFraud takedown. (to
the original material)
- DoJ recovers $3.6B from
2016 Bitfinex hack. (to
the original material)
- The Complete Guide to
choosing a career. (to
the original material)
- Palestine-aligned
hackers use new NimbleMamba implant in recent attacks. (to
the original material)
- Several malware
families using Pay-Per-Install service to expand their
targets. (to
the original material)
- Tips and best practices
to follow this safer internet day. (to
the original material)
- 5 Best VPN Services
2022: Top picks for your online privacy. (to
the original material)
- Private Internet Access
releases updated transparency report in Q1 2022. (to
the original material)
- Interview with
Eugene Shablygin - WWPass. (to
the original material)
- EFF joins activists
and human rights groups to reject attacks on
encryption. (to
the original material)
- If EARN IT passes,
what happens on your iPhone won't stay on your iPhone.
(to
the original material)
- Ohio: Don’t give
big tech a pass on privacy. (to
the original material)
07.02.2022
- News
from Cyber Security.
- FBI releases
Indicators of Compromise associated with LockBit 2.0
ransomware. (to
the original material)
- Vulnerability summary
for the Week of January 31, 2022. (to
the original material)
- Google announces
threat detection for virtual machines in its cloud. (to
the original material)
- Microsoft: Enterprise
MFA adoption still low. (to
the original material)
- The four types of
remote workers your security awareness program must
address. (to
the original material)
- Contextualizing
supply chain risks in a SaaS environment. (to
the original material)
- Attacks against
health plans up nearly 35%. (to
the original material)
- Ransomware groups and
APT actors laser-focused on financial services. (to
the original material)
- MFA still offers the
best chance of keeping data secure. (to
the original material)
- Most breaches largely
caused by staff working from home. (to
the original material)
- NaaS
(Network-as-a-Service) market to reach $1,18,709.3
million by 2027. (to
the original material)
- Gamaredon targets
Ukraine with new payloads. (to
the original material)
- Roaming Mantis
Android malware campaign sets sights on Europe. (to
the original material)
- Argo CD flaw puts
cloud infrastructure at risk. (to
the original material)
- Savvy cryptomining
malware campaign targets Asian cloud service providers.
(to
the original material)
- Cybersecurity
considerations for Web3. (to
the original material)
- Do NFT loopholes
uncover NFT security Issues? (to
the original material)
- #SaferInternetDay:
Tackling online abuse and cyber-bullying. (to
the original material)
- #HowTo: Stay on top
of cyber-hygiene. (to
the original material)
- UK adds new offenses
to Online Safety Bill. (to
the original material)
- European Police flag
500+ pieces of terrorist content. (to
the original material)
- Swissport ransomware
attack delayed flights. (to
the original material)
- Crypto firm Meter
loses $4.4m in cyber-heist. (to
the original material)
- Patch Now:
CVE-2022-21882 elevation of privilege Windows
vulnerability. (to
the original material)
- CVE-2022-24348: A
major supply chain zero-day in Argo CD. (to
the original material)
- DPD Group parcel
tracking flaw may have exposed customer data. (to
the original material)
- Russia arrests third
hacking group, reportedly seizes carding forums. (to
the original material)
- Puma hit by data
breach after Kronos ransomware attack. (to
the original material)
- Microsoft plans to
kill malware delivery via Office macros. (to
the original material)
- Free decryptor
released for TargetCompany ransomware victims. (to
the original material)
- Google Cloud
hypervisor modified to detect cryptominers without
agents. (to
the original material)
- Medusa malware ramps
up Android SMS phishing attacks. (to
the original material)
- The Top cybersecurity
initiative for 2022 is cloud security. (to
the original material)
- New cyber safety
review board will tackle Log4j debacle first. (to
the original material)
- Meta may quit Europe
over data regulations. (to
the original material)
- News Corp discloses
cyber-attack. (to
the original material)
- Washington warns of
POLARIS breach. (to
the original material)
- Log4j showed us that
public disclosure still helps attackers. (to
the original material)
- Cybercriminals using
SEO poisoning to spread malware. (to
the original material)
- MuddyWater APT
associated with recent attacks on Turkey. (to
the original material)
- Newly found Sugar
ransomware is now being offered as RaaS. (to
the original material)
- APT27 Group targets
German organizations with HyperBro. (to
the original material)
- IoT/connected device
discovery and security auditing in corporate networks. (to
the original material)
- Hackers backdoored
systems at China's National Games just before
competition. (to
the original material)
- New CapraRAT Android
malware targets Indian government and military
personnel. (to
the original material)
- Microsoft temporarily
disables MSIX App Installers to prevent malware abuse. (to
the original material)
- Microsoft disables
Internet macros in Office apps by default to block
malware attacks. (to
the original material)
- US carriers want to
junk three times more Chinese comms kit than planned. (to
the original material)
- Vulnerability
Spotlight: Use-after-free in Google Chrome could lead to
code execution. (to
the original material)
- Metaverse rollout
brings new security risks, challenges. (to
the original material)
- Wormhole offers $10M
to Ethereum thieves. (to
the original material)
- Airport services firm
thwarts attempted ransomware heist. (to
the original material)
- Washington licensing
agency investigates suspected breach. (to
the original material)
- Suspected data breach
at Washington State Department of Licensing. (to
the original material)
- NetWalker ransomware
affiliate sentenced to seven years in prison. (to
the original material)
- Google Cloud launches
agentless cryptojacking malware scanner. (to
the original material)
- Equifax finalizes
data breach settlement with US regulators. (to
the original material)
- Email platform Zimbra
issues hotfix for XSS vulnerability under active
exploitation. (to
the original material)
- Former DoD cyber
official Arrington resigns amid contentious battle with
Biden administration, plans run for Congress. (to
the original material)
- Mastercard
launches cybersecurity group focused on third-party
risk. (to
the original material)
- UnitedHealthcare
tied to RIPTA data theft incident as breach tally
rises to 22K. (to
the original material)
- Online
investment, call center scams prey on desire for
‘easy’ money. (to
the original material)
- IRS to halt use
of facial recognition tech after pressure from
Congress, privacy experts. (to
the original material)
- CISA assumes
remediation leadership mantle. (to
the original material)
- How to get rid of
the most common types of SEO spam. (to
the original material)
- Bringing out the
best in hackers. (to
the original material)
- Why PKI still has
a key role in security [Q&A]. (to
the original material)
- The Public Sector
threat landscape in 2022. (to
the original material)
- The UK-Australia
FTA shows the UK means business on digital trade
policy. (to
the original material)
- A Prophylactic
approach for today's vulnerable websites and web
apps. (to
the original material)
06.02.2022
- News
from Cyber Security.
- Law enforcement
action push ransomware gangs to surgical attacks. (to
the original material)
- Chinese hackers
target Taiwanese financial institutions with a new
stealthy backdoor. (to
the original material)
- CISA orders Federal
agencies to patch actively exploited Windows
vulnerability. (to
the original material)
- Israeli surveillance
firm QuaDream emerges from the dark. (to
the original material)
05.02.2022
- News
from Cyber Security.
- BlackCat (ALPHV)
ransomware linked to BlackMatter, DarkSide gangs. (to
the original material)
- FBI shares Lockbit
ransomware technical details, defense tips. (to
the original material)
- New Argo CD bug could
let hackers steal secret info from Kubernetes apps. (to
the original material)
- Cyberattack cripples
European oil port terminals. (to
the original material)
- Increasing adoption
of phishing kits puts MFA at risk. (to
the original material)
- ESET fixes privilege
escalation bug affecting Windows users. (to
the original material)
04.02.2022
- News
from Cyber Security.
- CISA adds one known
exploited vulnerability to Catalog. (to
the original material)
- Phishing kits that
bypass MFA protection are growing in popularity. (to
the original material)
- New infosec products
of the week: February 4, 2022. (to
the original material)
- How threat actors are
using npm to launch attacks. (to
the original material)
- February 2022 Patch
Tuesday forecast: A rough start for 2022. (to
the original material)
- Exposed corporate
credentials threatening the pharma sector. (to
the original material)
- Bank executives
mostly concerned about cybercrime. (to
the original material)
- Code review: How
satisfied are development teams? (to
the original material)
- Piracy is alive and
well, demand reaching 3.7 billion unlicensed streams and
downloads. (to
the original material)
- Database security
market to reach $16,273.8 million by 2028. (to
the original material)
- Russian cyber
operations target Ukraine: What happens next? (to
the original material)
- CISA issues advisory
warning of critical vulnerabilities in Airspan Networks
Mimosa. (to
the original material)
- Steve Wozniak phreaks
out on The History Of Hacking. (to
the original material)
- The Week in
Ransomware - February 4th 2022 - Critical
Infrastructure. (to
the original material)
- Microsoft disables
MSIX protocol handler abused in Emotet attacks. (to
the original material)
- Microsoft: Russian
FSB (Federal Security Service) hackers hitting Ukraine
since October. (to
the original material)
- A look at the new
Sugar ransomware demanding low ransoms. (to
the original material)
- CISA orders federal
agencies to patch actively exploited Windows bug. (to
the original material)
- US indicts multiple
call centers for IRS, Social Security scams. (to
the original material)
- HHS: Conti ransomware
encrypted 80% of Ireland's HSE IT systems. (to
the original material)
- Argo CD vulnerability
leaks sensitive info from Kubernetes apps. (to
the original material)
- Swissport ransomware
attack delays flights, disrupts operations. (to
the original material)
- News Corp discloses
hack from "persistent" nation state cyber attacks. (to
the original material)
- Wormhole restores
stolen $326 million after major crypto bailout. (to
the original material)
- FBI's warning about
Iranian firm highlights common cyberattack tactics. (to
the original material)
- When to move TDIR to
the cloud. (to
the original material)
- Major vulnerability
found in Argo CD. (to
the original material)
- Tennessee College hit
with ransomware. (to
the original material)
- #Enigma2022:
Security's role in helping HealthTech find its way. (to
the original material)
- Cybersecurity
compliance still not a priority for companies, IBM
survey shows. (to
the original material)
- US accuses Russia of
disinformation plot to justify invasion of Ukraine. (to
the original material)
- Kaspersky Research
sparks free speech debate. (to
the original material)
- NFT wash trading made
scammers at least $9m in 2021. (to
the original material)
- Cyber-Attacks hobble
some of Europe's largest ports. (to
the original material)
- Trustpilot set to sue
firms that solicit fake reviews. (to
the original material)
- Threat Roundup for
January 28 to February 4. (to
the original material)
- Cyber attacks on
European oil facilities spreading. (to
the original material)
- How to find out if
your android phone is the victim of a hacking attack. (to
the original material)
- Think before you
scan: How fraudsters can exploit QR codes to steal
money. (to
the original material)
- Week in security with
Tony Anscombe. (to
the original material)
- Are all websites
hackable? Why (not)? (to
the original material)
- Phishing and stealers
dominate dark web forums (but don't mention ransomware).
(to
the original material)
- Strategy: Quantum
risk assessment and data protection. (to
the original material)
- Lockpicking is not a
crime, unless you’re a burglar. (to
the original material)
- As NFT’s popularity
grows, so does cybersquatting. (to
the original material)
- Understand and combat
insider threats. (to
the original material)
- Microsoft uncovers
new details of Russian hacking campaign targeting
Ukraine. (to
the original material)
- Another Israeli firm,
QuaDream, caught weaponizing iPhone bug for spyware. (to
the original material)
- U.S. authorities
charge 6 indian call centers scamming thousands of
americans. (to
the original material)
- Russian Gamaredon
hackers targeted "Western Government Entity" in Ukraine.
(to
the original material)
- Cynet Log4Shell
Webinar: A thorough - and clear - explanation. (to
the original material)
- Suspected Chinese
spies break into cloud accounts of News Corp
journalists. (to
the original material)
- Open-source
Kubernetes tool Argo CD has a high-severity path
traversal flaw: Patch now. (to
the original material)
- That's a signature
move: How $320m in Ether was stolen from crypto biz
Wormhole. (to
the original material)
- Work-from-Home
cybersecurity jobs. (to
the original material)
- The Role of
cybersecurity In online gaming. (to
the original material)
- Cybercrime: Darknet
markets live on, even as players change. (to
the original material)
- US Lawmakers
introduce algorithmic accountability act. (to
the original material)
- ISMG Editors: How
Russian cyber war could have ripple effect. (to
the original material)
- Court recommends
dismissal of practicefirst breach lawsuit. (to
the original material)
- Together for a better
internet: Creating a safer digital environment for
children on Safer Internet Day. (to
the original material)
- An ALPHV (BlackCat)
representative discusses the group’s plans for a
ransomware "meta-universe". (to
the original material)
- Operation EmailThief:
Zero-day XSS vulnerability in Zimbra email platform
revealed. (to
the original material)
- Russian APT Primitive
Bear attacks Western government department in Ukraine
through job hunt. (to
the original material)
- Why cyber change
outpaces boardroom engagement. (to
the original material)
- This Week in Security
News - February 4, 2022. (to
the original material)
- Argo CD security bug
opens Kubernetes Cloud Apps to attackers, (to
the original material)
- Attackers target
Intuit users by threatening to cancel tax accounts. (to
the original material)
- Google Drive
integration errors created SSRF flaws in multiple
applications. (to
the original material)
- Vulnerabilities in
Cisco Small Business routers could allow unauthenticated
attackers persistent access to internal networks. (to
the original material)
- Bittersweet Symfony:
Devs accidentally turn off CSRF protection in PHP
framework. (to
the original material)
- Open Source Security
Foundation launches new initiative to stem the tide of
software supply chain attacks. (to
the original material)
- BlackCat confirms
BlackMatter roots, but makes an ask of the researcher
community. (to
the original material)
- House passes COMPETES
Act, inching forward federal cyber programs. (to
the original material)
- Google’s surveillance
advertising model under attack on both sides of the
Atlantic for its deep privacy problems. (to
the original material)
- EFF to Appeals:
Apple’s monopoly doesn’t make users safer. (to
the original material)
03.02.2022
- News
from Cyber Security.
- CISA releases
security advisory for Airspan Networks Mimosa. (to
the original material)
- Cisco releases
security updates for RV Series Routers. (to
the original material)
- Cybersecurity Week
News (03.02.2022). (to
the original material)
- Cisco plugs critical
flaws in small business routers. (to
the original material)
- Building confidence
in your system’s security with chaos engineering. (to
the original material)
- AI technology is
redefining surveillance. (to
the original material)
- People working in IT
related roles equally susceptible to phishing attempts
as the general population. (to
the original material)
- How organizations are
arming themselves to combat threats. (to
the original material)
- How are collaboration
apps fairing in remote work environments? (to
the original material)
- Companies woefully
unprepared for CCPA (California Privacy Protection
Agency) compliance. (to
the original material)
- Cloud computing
market to reach $287.03B by 2025. (to
the original material)
- New variant of
UpdateAgent malware infects Mac computers with adware. (to
the original material)
- New wave of cyber
attacks target Palestine with political bait and
malware. (to
the original material)
- Zimbra zero-day
vulnerability actively exploited to steal emails. (to
the original material)
- Intuit warns of
phishing emails threatening to delete accounts. (to
the original material)
- Cisco fixes critical
bugs in SMB routers, exploits available. (to
the original material)
- Target open sources
scanner for digital credit card skimmers. (to
the original material)
- Microsoft blocked
billions of brute-force and phishing attacks last year.
(to
the original material)
- State hackers' new
malware helped them stay undetected for 250 days. (to
the original material)
- MFA adoption pushes
phishing actors to reverse-proxy solutions. (to
the original material)
- DHS creates Cyber
Safety Review Board to review significant cybersecurity
incidents. (to
the original material)
- DHS creates Cyber
Safety Review Board. (to
the original material)
- NPM JavaScript
registry suffers massive influx of malware, report says.
(to
the original material)
- Google adds Python to
its differential privacy repertoire. (to
the original material)
- Iranian APT group
uses previously undocumented Trojan for destructive
access to organizations. (to
the original material)
- US Hacker ‘P4x’ gets
back at Pyongyang (but we smell a Rat). (to
the original material)
- Menlo Security
identifies new HEAT (Highly Evasive Adaptive Threats)
cyberthreats. (to
the original material)
- Education provider
Infosec announces new cybersecurity scholarships. (to
the original material)
- #Enigma2022:
Contextual security should supplement machine learning
for malware detection. (to
the original material)
- KP Snacks hit by
cyber-attack. (to
the original material)
- Growing number of
phish kits bypass MFA. (to
the original material)
- Home improvement firm
fined £200k for nuisance calls. (to
the original material)
- Hackers Use SEO
Poisoning to deliver the BATLOADER malware. (to
the original material)
- Wormhole
cryptocurrency platform loses $322 million in a hack. (to
the original material)
- Buying bot-stolen
logs: Marketplaces make it '2easy'. (to
the original material)
- Pfizer: 2
Ex-Executives stole drug IP to help their startups. (to
the original material)
- UK-Based KP Snacks
hit by ransomware in "Snack Attack". (to
the original material)
- Politically themed
lures target Palestinians. (to
the original material)
- Greek DPA imposes
fines on Telcos for GDPR violations. (to
the original material)
- India’s annual budget
calls for 30% tax on cryptocurrency. (to
the original material)
- Ukraine reconsiders
bug bounties after latest cyberattacks. But are they
enough? (to
the original material)
- String of
cyberattacks on European oil and chemical sectors likely
not coordinated, officials say. (to
the original material)
- 3D printed guns,
underground markets, bomb manuals: police crackdown
continues. (to
the original material)
- Codex Exposed:
Helping hackers in training? (to
the original material)
- Cybersecurity and the
art of persuasion [Q&A]. (to
the original material)
- Cisco launches APs,
switches to enhance hybrid workplaces. (to
the original material)
- From next-generation
firewalls to Firewall-as-a-Service. (to
the original material)
- CISA warns of
critical vulnerabilities discovered in Airspan Networks
Mimosa. (to
the original material)
- Hackers exploited
0-Day vulnerability in Zimbra Email Platform to spy on
users. (to
the original material)
- 7 In-Class activities
that involve technology. (to
the original material)
- How does email get
hacked? (to
the original material)
- The 6-Step ransomware
response plan. (to
the original material)
- How do cybersecurity
companies make money? (to
the original material)
- Bridging the gap
between training and behavior. (to
the original material)
- San Francisco should
strengthen, not gut, surveillance ordinance. (to
the original material)
- It’s
Back: Senators want EARN IT Bill to scan all
online messages. (to
the original material)
02.02.2022
- News
from Cyber Security.
- Google releases
security updates for Chrome. (to
the original material)
- How to keep
your business safe? (to
the original material)
- Most important
classes in a cybersecurity degree. (to
the original material)
- Is the CompTIA
PenTest+ Worth It? (to
the original material)
- How hackers are
exploiting an old Windows vulnerability? (to
the original material)
- The Samba
Vulnerability: What is CVE-2021-44142 and how to fix it.
(to
the original material)
- Samba bug may allow
code execution as root on Linux machines, NAS devices
(CVE-2021-44142). (to
the original material)
- How to measure
security efforts and have your ideas approved. (to
the original material)
- Product showcase:
Cybellum’s Product Security Lifecycle Platform. (to
the original material)
- Two initiatives that
can move the needle for cybersecurity in 2022. (to
the original material)
- Top concerns for
operating cloud-native technologies. (to
the original material)
- Rush to remote work
left sysadmins struggling to keep businesses safe. (to
the original material)
- What is driving NaaS
(Network-as-a-Service) adoption?. (to
the original material)
- Persistent data
breaches fueling developer interest in cybersecurity. (to
the original material)
- Automotive
cybersecurity market size to reach $5.3 billion by 2026.
(to
the original material)
- Wormhole
cryptocurrency platform hacked to steal $326 million. (to
the original material)
- ESET antivirus bug
let attackers gain Windows SYSTEM privileges. (to
the original material)
- Office 365 boosts
email security against MitM (Man-in-the-Middle),
downgrade attacks. (to
the original material)
- Intel unveils Circuit
Breaker bug bounty expansion for elite hackers. (to
the original material)
- KP Snacks giant hit
by Conti ransomware, deliveries disrupted. (to
the original material)
- Microsoft Sentinel
adds threat monitoring for GitHub repos. (to
the original material)
- Business services
provider Morley discloses ransomware incident. (to
the original material)
- SEO poisoning pushes
malware-laced Zoom, TeamViewer, Visual Studio
installers. (to
the original material)
- UEFI firmware
vulnerabilities affect at least 25 computer vendors. (to
the original material)
- IAB Prophet Spider
seizes opportunity to exploit Log4j vulnerability. (to
the original material)
- Orange County
launches cybercrime initiative. (to
the original material)
- The Cybersecurity
issues we can't ignore in 2022. (to
the original material)
- Fake Influencer flags
hacking tactics. (to
the original material)
- Online Ad Association
fined for privacy violation. (to
the original material)
- #Enigma2022: Pandemic
misinformation reveals challenges for online health
information. (to
the original material)
- Reviewing the UK's
new cybersecurity strategy. (to
the original material)
- Third of employees
admit to exfiltrating data when leaving their job. (to
the original material)
- A Ransomware outlook
for 2022. (to
the original material)
- CVSS 9.9-Rated Samba
Bug requires immediate patching. (to
the original material)
- 90% of Security
Leaders warn of skills shortage. (to
the original material)
- Scottish Agency still
recovering from 2020 ransomware attack. (to
the original material)
- 23 Vulnerabilities in
UEFI Firmware used by HP, Lenovo (CVE-2021-41837). (to
the original material)
- New malware used by
SolarWinds attackers went undetected for years. (to
the original material)
- Cynet's Keys to
extend threat visibility. (to
the original material)
- Arid Viper APT
targets Palestine with new wave of politically themed
phishing attacks, malware. (to
the original material)
- Vulnerability
Spotlight: Multiple vulnerabilities in Sealevel
SeaConnect. (to
the original material)
- MPs call on
government to "push harder" and "act faster" amid online
fraud epidemic. (to
the original material)
- British Council data
exposed by third-party cyber failure. (to
the original material)
- More than 1,000
malware packages found in NPM repository. (to
the original material)
- Shoulder surfing:
Watch out for eagle‑eyed snoopers peeking at your phone.
(to
the original material)
- WooCommerce skimmer
uses fake fonts and favicon to steal CC details. (to
the original material)
- FBI warning: Scammers
are posting fake job ads on networking sites to steal
your money and identity. (to
the original material)
- Iran’s national TV
stream hacked for the second time in a week. (to
the original material)
- U.S., European allies
plan how to protect Ukraine from Russian hacks. (to
the original material)
- Tell the Copyright
Office who Is really affected by filters. (to
the original material)
01.02.2022
- News
from Cyber Security.
- FBI releases PIN
(Private Industry Notification) on potential cyber
activities during the 2022 Beijing Winter Olympics and
Paralympics. (to
the original material)
- Samba releases
security updates. (to
the original material)
- Work from Home
cyber risks. (to
the original material)
- How ready are federal
agencies for zero trust implementation? (to
the original material)
- Organizations
neglecting Microsoft 365 cybersecurity features. (to
the original material)
- eBook: Anomaly
Detection in Cybersecurity for Dummies. (to
the original material)
- Review: Group-IB
Threat Intelligence & Attribution (TI&A). (to
the original material)
- Top attack trends
every organization should build resilience against. (to
the original material)
- Understaffing
persistently impacting enterprise privacy teams. (to
the original material)
- IoT in smart cities
market to reach $132.2 billion by 2026. (to
the original material)
- Infosec products of
the month: January 2022. (to
the original material)
- FBI warns of fake job
postings used to steal money, personal info. (to
the original material)
- Malicious CSV text
files used to install BazarBackdoor malware. (to
the original material)
- Cloudflare launches a
paid public bug bounty program. (to
the original material)
- Microsoft Defender
now detects Android and iOS vulnerabilities. (to
the original material)
- Cyberspies linked to
Memento ransomware use new PowerShell malware. (to
the original material)
- Powerful new Oski
variant "Mars Stealer" grabbing 2FAs and crypto. (to
the original material)
- British Council
exposed more than 100,000 files with student records. (to
the original material)
- British Council
Students' data exposed in major breach. (to
the original material)
- German petrol supply
firm Oiltanking paralyzed by cyber attack. (to
the original material)
- Telco fined €9
million for hiding cyberattack impact from customers. (to
the original material)
- MuddyWater hacking
group targets Turkey in new campaign. (to
the original material)
- Cyber-Attack on oil
firms. (to
the original material)
- California Passes
FLASH (Forbid Lewd Activity and Sexual Harassment) Act.
(to
the original material)
- Social Security
Numbers most targeted sensitive data. (to
the original material)
- Stopping the Sprawl -
Making identities an asset to the business. (to
the original material)
- Data leak exposes IDs
of Airport security workers. (to
the original material)
- FBI: Olympic Athletes
should leave devices at home. (to
the original material)
- CISA tells
organizations to patch CVEs dating back to 2014. (to
the original material)
- Real-Time threat
detection in the cloud. (to
the original material)
- New Deadbolt
ransomware hits 3,600 QNAP NAS devices. (to
the original material)
- CVE-2021-44142 Samba
vulnerability allows code execution. (to
the original material)
- Dozens of security
flaws discovered in UEFI Firmware used by several
vendors. (to
the original material)
- Hacker Group 'Moses
Staff' using new StrifeWater RAT in ransomware attacks.
(to
the original material)
- Critical bug found in
WordPress plugin for Elementor with over a million
installations. (to
the original material)
- SolarMarker malware
uses novel techniques to persist on hacked systems. (to
the original material)
- Iranian hackers using
new PowerShell backdoor in cyber espionage attacks. (to
the original material)
- Ukraine continues to
face cyber espionage attacks from Russian hackers. (to
the original material)
- Russia's naval
exercise near Ireland unlikely to involve cable-tapping
shenanigans. (to
the original material)
- Cyberattacker hits
German service station petrol terminal provider. (to
the original material)
- Think Big, Start
Small, Move Fast: Applying lessons from The Mayo Clinic
to cybersecurity. (to
the original material)
- Two Dozen UEFI
vulnerabilities impact millions of devices from major
vendors. (to
the original material)
- Congressman moves to
amend controversial crypto measure. (to
the original material)
- US sends top cyber
official to Europe amid Ukraine crisis. (to
the original material)
- EU proposes a Joint
Cyber Incident Coordination Framework. (to
the original material)
- Why cyberattacks are
the No. 1 Health Tech danger in 2022. (to
the original material)
- One in seven
ransomware extortion attempts leak key operational tech
records. (to
the original material)
- Samba "Fruit" bug
allows RCE, full root user access. (to
the original material)
- Unpatched security
bugs in medical wearables allow patient tracking, data
theft. (to
the original material)
- The Account takeover
Cat-and-Mouse game. (to
the original material)
- FBI: Use a Burner
Phone at the Olympics. (to
the original material)
- Living Off the Land:
How to defend against malicious use of legitimate
utilities. (to
the original material)
- Critical Samba flaw
presents code execution threat. (to
the original material)
- SureMDM bug chain
enabled wholesale compromise of managed devices. (to
the original material)
- Decryption key
released for DeadBolt ransomware after QNAP NAS devices
infected. (to
the original material)
- Training becomes a
priority to bridge skills shortages. (to
the original material)
- Getting smart about
IT asset disposal and security. (to
the original material)
- Response plans: What
companies should do (or not do) about potential Russian
cyber operations against the West. (to
the original material)
- OpenSSF’s Alpha-Omega
Project to target vulnerabilities from beginning to end.
(to
the original material)
- Inside Trickbot,
Russia’s notorious ransomware gang. (to
the original material)
- Ransomware attacks
continue to plague public services. (to
the original material)
- BlackCat ransomware
soars to the Top. (to
the original material)
- Industrial firms
under attack via Short-Lived campaigns. (to
the original material)
- New Hybrid Campaign
OiVaVoii uses malicious OAuth Apps. (to
the original material)
- 'White Tur' hacking
group borrows techniques from multiple APTs. (to
the original material)
- UK/U.S. data
protection claim highlights ambiguity of GDPR’s
geographic scope. (to
the original material)
- Alpha-Omega Project
takes a human-centered approach to open-source software
security. (to
the original material)
- Iranian hacking
groups pick up the pace with new attacks. (to
the original material)
- Civil rights groups
launch effort to stop IRS use of "flawed" ID.me facial
recognition. (to
the original material)
- Ransomware: Is the
party almost over for the cyber crooks? (to
the original material)
- U.S., European Allies
offer Ukraine cyberdefense. (to
the original material)
- U.S. Companies face
more restrictions after privacy ruling against Google. (to
the original material)
- Key trends that will
define MSSP success in 2022. (to
the original material)
Archive:
Source:
Note Dorin M.
This site has a double
form, one in HTML and one in Joomla (if you are interested
in the utility behind this effort you can read the "Why
a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
Dorin M - February 05,
2022