Study - Technical - LMS-SFC (EN) - Cyber Security - News

Cyber Security - News

January 2022


18.01.2022

- AI (Artificial Intelligence) and ML (Machine Learning) implementation in cybersecurity programs pushes for a change in people’s mindset. (to the original material)

- PCI SSC (PCI Security Standards Council) updates card security standards to secure the card production process. (to the original material)

- How buy now, pay Later is being targeted by fraudsters. (to the original material)

- Governments struggle to deliver secure online citizen services. (to the original material)

- The security of devices held by public sector employees. (to the original material)

- Zero-trust security market to reach $64.4B by 2027. (to the original material)

- Don’t let the great resignation become an insider threat. (to the original material)

17.01.2022

- Vulnerability Summary for the Week of January 10, 2022. (to the original material)

- Flubot - A malware for Android that steals sensitive information is propagated by SMS to Romanian users. (to the original material)

- Ukraine: Wiper malware masquerading as ransomware hits government organizations. (to the original material)

- AI to bring massive benefits, but also cause great concern. (to the original material)

- IR (Incident Response) and SimEx (Simulated Exercises): Can and should they be standardized? (to the original material)

- SecOps teams are understaffed and overworked. (to the original material)

- Why is intergenerational collaboration critical in advancing zero trust security progress? (to the original material)

- The CISO’s guide to evaluating third-party security platforms. (to the original material)

- Many users don’t know how to protect their broadband Wi-Fi routers. (to the original material)

- Mobile device management market to reach $20.4 billion by 2026. (to the original material)

- Campaign uses public cloud to spread RAT payloads. (to the original material)

- Fhkf virus (ransomware) remove & decrypt .fhkf files. (to the original material)

- Dark Web's largest marketplace for stolen credit cards is shutting down. (to the original material)

- A structured response to the Log4j vulnerability. (to the original material)

- Microsoft: Edge will mitigate "unforeseen active" zero day bugs. (to the original material)

- Firefox Relay gets added to disposable email blocklist, angers users. (to the original material)

- Zoho plugs another critical security hole in Desktop Central. (to the original material)

- DHL dethrones Microsoft as most imitated brand in phishing attacks. (to the original material)

- Nintendo warns of spoofed sites pushing fake Switch discounts. (to the original material)

- Cyber espionage campaign targets renewable energy companies. (to the original material)

- Safari bug leaks your Google account info, browsing history. (to the original material)

- "Russian" Wiper Malware: "Prelude to war" in Ukraine. (to the original material)

- Using Zero-Trust to secure dissolving network boundaries. (to the original material)

- Linux Foundation, Red Hat join Supply Chain Security Summit. (to the original material)

- Smart City development Is pushing video surveillance to the cloud. (to the original material)

- EHR vendor faces legal action over data breach. (to the original material)

- Nova Scotia seeks to improve Cyber-Bullying Law. (to the original material)

- Accellion reaches $8.1m data breach settlement. (to the original material)

- Tackling the cyber skills shortfall: A multipronged approach. (to the original material)

- Mitigating cloud security's greatest risk: Exposure. (to the original material)

- #HowTo: Quickly evaluate a SaaS vendor’s cloud security. (to the original material)

- Former Inspector General pleads guilty to software theft. (to the original material)

- Social media in the workplace: Cybersecurity dos and don’ts for employees. (to the original material)

- Celebrate the Month of "Digital Cleaning" by following these six simple steps. (to the original material)

- Understanding Website SQL Injections. (to the original material)

16.01.2022

- Microsoft warns of destructive malware targeting Ukrainian Organizations. (to the original material)

- Week in review: 2022 cloud security trends, Microsoft fixes wormable RCE. (to the original material)

- eNom data center migration mistakenly knocks sites offline. (to the original material)

- Microsoft: Fake ransomware targets Ukraine in data-wiping attacks. (to the original material)

- A new wave of Qlocker ransomware attacks targets QNAP NAS devices. (to the original material)

- High-Severity vulnerability in 3 WordPress plugins affected 84,000 websites. (to the original material)

- Ukrainian Government officially accuses Russia of recent cyberattacks. (to the original material)

- New unpatched Apple Safari Browser bug allows cross-site user tracking. (to the original material)

- A new destructive malware targeting Ukrainian Government and business entities. (to the original material)

15.01.2022

- npm dependency is breaking some React apps today — here's the fix. (to the original material)

- Russia charges 8 suspected REvil ransomware gang members. (to the original material)

- Qlocker ransomware returns to target QNAP NAS devices worldwide. (to the original material)

- Linux malware sees 35% growth during 2021. (to the original material)

- Considering a move to Zero Trust security? Keep these identity security practices and resources in mind. (to the original material)

14.01.2022

- Ivanti updates Log4j advisory with security updates for multiple products. (to the original material)

- New infosec products of the week: January 14, 2022. (to the original material)

- How to improve your IR (Incident Response) tabletop exercises and why you really should? (to the original material)

- The future of security protocols for remote work. (to the original material)

- Manufacturers are starting to realize the importance of OT security. (to the original material)

- In 2022, AI-based full-suite security is needed. (to the original material)

- MFA (Multi-Factor Authentication) market to reach $21.3 billion by 2027. (to the original material)

- The Week in Ransomware - January 14th 2022 - Russia finally takes action. (to the original material)

- Goodwill discloses data breach on its ShopGoodwill platform. (to the original material)

- Former DHS (Department of Homeland Security) official charged with stealing govt employees' PII (Personal Identifying Information). (to the original material)

- White House reminds tech giants open source is a national security issue. (to the original material)

- Researchers develop CAPTCHA solver to aid dark web research. (to the original material)

- Defense contractor Hensoldt confirms Lorenz ransomware attack. (to the original material)

- New Intel chips won't play Blu-ray disks due to SGX deprecation. (to the original material)

- Multiple Ukrainian government websites hacked and defaced. (to the original material)

- Russia arrests REvil ransomware gang members, seize $6.6 million. (to the original material)

- Best Practices for Improving Cloud Encryption. (to the original material)

- SEC, FTC Issue Warning on Log4j Vulnerabilities. (to the original material)

- 1/6/21 Insurrection—What Did the Social Networks Know? (to the original material)

- "Massive" Cyberattack on Ukraine Cripples Gov’t Websites. (to the original material)

- Russia stops REvil. (to the original material)

- Flaw found in Biometric ID Devices. (to the original material)

- Measuring cybersecurity effectiveness is the only way to know if you are protected. (to the original material)

- Why is data destruction the best way to impede data breach risks? (to the original material)

- Your Multi-Factor Authentication technology is already compromised – Here's how. (to the original material)

- Ukrainian Government websites forced offline in "massive" cyber-attack. (to the original material)

- North Korean hackers stole $400m in cryptocurrency last year. (to the original material)

- AWS patches glue bug that put customer data at risk. (to the original material)

- Ukrainian cops bust suspected $1m cybercrime ring. (to the original material)

- Tech Giants to team-up on open source security after White House meet. (to the original material)

- Threat Roundup for January 7 to January 14. (to the original material)

- Talos Takes Ep. #82: Log4j followed us in 2022. (to the original material)

- Week in security with Tony Anscombe. (to the original material)

- How to Stop & Prevent DDoS Attacks. (to the original material)

13.01.2022

- Cybersecurity news of the week (13.01.2022). (to the original material)

- How to achieve the interoperability of EU Risk Management Frameworks. (to the original material)

- Juniper Networks releases security updates for multiple products. (to the original material)

- Citrix releases security updates for Hypervisor. (to the original material)

- Apple releases security updates for iOS and iPadOS. (to the original material)

- Cisco releases security updates for multiple products. (to the original material)

- Phishers are targeting Office 365 users by exploiting Adobe Cloud (to the original material)

- Delivering vulnerable signed kernel drivers remains popular among attackers. (to the original material)

- When it comes to banking security, there’s no silver bullet. (to the original material)

- The rising threat of cyber criminals targeting cloud infrastructure in 2022. (to the original material)

- The public sector is more concerned about external than internal threats. (to the original material)

- What makes edge computing successful? (to the original material)

- Consumer IAM (Identity and Access Management) market to reach $17.6 billion by 2026. (to the original material)

- Android users can now disable 2G to block Stingray attacks. (to the original material)

- FCC wants new data breach reporting rules for telecom carriers. (to the original material)

- BlueNoroff hackers steal crypto using fake MetaMask extension. (to the original material)

- AWS fixes security flaws allowing access to AWS customer data. (to the original material)

- Microsoft Defender weakness lets hackers bypass malware detection. (to the original material)

- Windows "RemotePotato0" zero-day gets an unofficial patch. (to the original material)

- Carding site UniCC retires after generating $358 million in sales. (to the original material)

- Ukranian police arrests ransomware gang that hit over 50 firms. (to the original material)

- FBI Issues Warning on FIN7 USB Stick Exploit. (to the original material)

- Why You Need Pentesting-as-a-Service (PtaaS). (to the original material)

- Machine Learning For Contested Antivirus Decisions | Avast. (to the original material)

- Analytics Are Essential for Effective Database Security. (to the original material)

- Vice Principal charged with cyber-stalking. (to the original material)

- Pennsylvania welcomes new cybersecurity center. (to the original material)

- FCC proposes stricter data breach reporting requirements. (to the original material)

- New "undetected" backdoor runs across three OS platforms. (to the original material)

- US: MuddyWater is Iranian state-backed group. (to the original material)

- Report identifies weaknesses in online banking security. (to the original material)

- Threat Source Newsletter (Jan. 13, 2022). (to the original material)

- Beers with Talos, Ep. #114: And then there were two... (to the original material)

- Cryptocurrency scams: What you need to know about them and how to protect yourself. (to the original material)

- Making loyalty pay: How to keep your loyalty rewards safe from scammers. (to the original material)

12.01.2022

- The National Directorate of Cyber Security and ISACA Romania launch the Practical Guide for Operators of Essential Services (OSE). (to the original material)

- CNMF identifies and discloses malware used by Iranian APT MuddyWater. (to the original material)

- A new multi-platform backdoor is leveraged by an advanced threat actor. (to the original material)

- Ransomware, supply chain, and deepfakes: The top threats the finance industry needs to prepare for. (to the original material)

- How safe are cloud applications? (to the original material)

- SMEs still an easy target for cybercriminals. (to the original material)

- Audit your Active Directory with a free, read-only scan from Specops. (to the original material)

- 2022 promises to be a challenging year for cybersecurity professionals. (to the original material)

- Technology-related employment still going strong, unemployment rate for IT jobs dropping to 2%. (to the original material)

- Digital asset management market to reach $10 billion in 2026. (to the original material)

- Attackers more successful at delivering malware payloads. (to the original material)

- Why 2022 should be a year of cybersecurity optimism. (to the original material)

- Zero-Trust for Health Care in the age of ransomware. (to the original material)

- Oxeye Tool Can Counter Log4j Obfuscation Attacks. (to the original material)

- CISA, NSA warn of Russian attacks on critical infrastructure. (to the original material)

- Left of SIEM? Right of SIEM? Get It Right! (to the original material)

- Researchers says flaw allows remote access to Teslas. (to the original material)

- Apple fixes doorLock bug that can disable iPhones and iPads. (to the original material)

- US links MuddyWater hacking group to Iranian intelligence agency. (to the original material)

- UK jails man for spying on teenagers, stealing photos using RATs (Remote Access Trojans). (to the original material)

- Magniber ransomware using signed APPX files to infect systems. (to the original material)

- TellYouThePass ransomware returns as a cross-platform Golang threat. (to the original material)

- OceanLotus hackers turn to web archive files to deploy backdoors. (to the original material)

- EA: 50 high-profile FIFA 22 accounts taken over by phishing actors. (to the original material)

- Hackers take over diplomat's email, target Russian deputy minister (Ministry of Foreign Affairs). (to the original material)

- Clinical Review vendor reports data breach. (to the original material)

- Teen makes Tesla hacking claim. (to the original material)

- Phishers take over FIFA 22 accounts. (to the original material)

- European Union to launch supply chain attack simulation. (to the original material)

- UK launches initiative to develop global AI standards. (to the original material)

- Two years for man who used RATs to spy on women and children. (to the original material)

- Microsoft Starts 2022 with 97 CVEs in January Patch Tuesday. (to the original material)

- Europol ordered to delete vast trove of personal information. (to the original material)

- Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructure. (to the original material)

- The People Behind Us – Website Security Champions 2021. (to the original material)

11.01.2022

- CISA, FBI, and NSA release cybersecurity advisory on Russian cyber threats to U.S. critical infrastructure. (to the original material)

- Samba releases security update. (to the original material)

- Mozilla releases security updates for Firefox, Firefox ESR, and Thunderbird. (to the original material)

- Microsoft releases January 2022 Security Updates. (to the original material)

- SAP releases January 2022 Security Updates. (to the original material)

- Citrix releases security update for Workspace App for Linux. (to the original material)

- Adobe releases security updates for multiple products. (to the original material)

- Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907). (to the original material)

- Small, minority-led banks and credit unions face greater cyber risk. (to the original material)

- Data breaches reached another all-time high in 2021. (to the original material)

- New Zero Trust solution helps guard IT infrastructure. (to the original material)

- Cybersecurity budgets set to increase in the next year. (to the original material)

- Microsoft reveals "powerdir" macOS vulnerability that allows unauthorized user data access. (to the original material)

- Data security in the age of insider threats: A primer. (to the original material)

- Analyst guide: Encryption solutions buyers checklist. (to the original material)

- How the pandemic fueled enterprise digital transformation. (to the original material)

- Small businesses are most vulnerable to growing cybersecurity threats. (to the original material)

- Video surveillance systems market to grow steadily by 2026. (to the original material)

- Microsoft January 2022 Patch Tuesday fixes 6 zero-days, 97 flaws. (to the original material)

- New RedLine malware version spread as fake Omicron stat counter. (to the original material)

- US govt warns of Russian hackers targeting critical infrastructure. (to the original material)

- New SysJocker backdoor targets Windows, macOS, and Linux. (to the original material)

- KCodes NetUSB exposes millions of routers to RCE attacks. (to the original material)

- Night Sky ransomware uses Log4j bug to hack VMware Horizon servers. (to the original material)

- Cybersecurity in 2022: Addressing insider threats. (to the original material)

- This is the year to create a cybersecurity culture. (to the original material)

- Defence against the dark arts: Learnings from the magical world to boost your AppSec. (to the original material)

- World Economic Forum: Cybersecurity an increasing global threat. (to the original material)

- Banks still struggling to spot the signs of human trafficking. (to the original material)

- Corporate cyber-attacks spike 50% in 2021. (to the original material)

- Romance scammers stole £92 million from victims last year. (to the original material)

- State hackers use new PowerShell backdoor in Log4j attacks. (to the original material)

- Microsoft: New critical Windows HTTP vulnerability is wormable. (to the original material)

- Firefox Focus now blocks cross-site tracking on Android devices. (to the original material)

- CISA alerts federal agencies of ancient bugs still being exploited. (to the original material)

- Microsoft fixes critical Office bug, delays macOS security updates. (to the original material)

- Hackers hit healthcare data management company. (to the original material)

- US issues alert over russian hackers. (to the original material)

- Microsoft Patch Tuesday for Jan. 2022 - Snort rules and prominent vulnerabilities. (to the original material)

- Vulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution. (to the original material)

- Vulnerability Spotlight: Heap buffer overflow condition in Google Chrome could lead to code execution. (to the original material)

- Signed kernel drivers – Unguarded gateway to Windows’ core. (to the original material)

10.01.2022

- Vulnerability summary for the Week of January 3, 2022. (to the original material)

- CISA adds 15 known exploited vulnerabilities to catalog. (to the original material)

- WordPress 5.8.3. security update fixes SQL injection, XSS flaws. (to the original material)

- Endpoint security products failing against targeted attacks. (to the original material)

- Finding & Fixing Google Blocklist warnings. (to the original material)

- CISA sees low level of Log4j exploitation against agencies and critical infrastructure. (to the original material)

- Who's to blame for the Kronos payroll disruptions, post cyberattack? (to the original material)

- Scrap the operating system in the name of infosec? MIT researchers want you to try it out. (to the original material)

- The blame game: EU criticized for "fragmented and slow" approach to cyber-attack attribution. (to the original material)

- City of Grass Valley, California, suffers data breach - employee and citizen information exposed. (to the original material)

- Report: DDoS attacks increasing year on year as cybercriminals demand extortionate payouts. (to the original material)

- URL parsing bugs allow DoS, RCE, spoofing and more. (to the original material)

- Cyber-spike: Orgs suffer 925 attacks per week, an all-time high. (to the original material)

- Uncovering and defending systems against attacks with layers of remote control. (to the original material)

- Ransomware tracker: The latest figures (December 2021). (to the original material)

- Mainframe DevOps: What modernization means. (to the original material)

- Log4j updates: Flaw challenges global security leaders. (to the original material)

- Ransomware's threat to the mainframe. (to the original material)

- HHS warns healthcare sector of Pysa ransomware threats. (to the original material)

- CISA: Federal response to Log4j has been "Exceptional". (to the original material)

- QNAP tells users take immediate action to stop ransomware. (to the original material)

- How China's algorithm regulation affects businesses. (to the original material)

- Criminaysis: Cryptocurrency crime reaches all-time high. (to the original material)

- VMware ESXi 7 users vulnerable to hypervisor takeover bug. (to the original material)

- Vulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox plugin. (to the original material)

- Europol ordered to delete data not tied to investigations. (to the original material)

- Europol ordered to erase data on those not linked to crime. (to the original material)

- Linux Mint 20.3 released promising security updates until 2025. (to the original material)

- Microsoft: powerdir bug gives access to protected macOS user data. (to the original material)

- Oops: Cyberspies infect themselves with their own malware. (to the original material)

- Linux version of AvosLocker ransomware targets VMware ESXi servers. (to the original material)

- Extortion DDoS attacks grow stronger and more common. (to the original material)

- FinalSite: No school data stolen in ransomware attack behind sire outages. (to the original material)

- Unified communications market size to reach $344.84 billion by 2028. (to the original material)

- 6 cloud security trends to watch for 2022. (to the original material)

- On-premises cloud: The worst of both worlds? (to the original material)

- Eight resolutions to help navigate the new hybrid office model (to the original material)

- What to expect in 2022 privacy wise? (to the original material)

- Detect and identify IoT malware by analyzing electromagnetic signals. (to the original material)

- Securing onboarding and offboarding in the cloud. (to the original material)

- Abcbot botnet linked to operators of Xanthe cryptomining malware. (to the original material)

- Forensics expert kept murder snaps on PC. (to the original material)

- Connecticut nerds report CSAM. (to the original material)

- Cyber-Thieves raid Grass Valley. (to the original material)

- Why politically motivated cyber-attacks are a threat to democracy. (to the original material)

- Over half of SMEs have experienced a cybersecurity breach. (to the original material)

- Howto: Automate your security processes. (to the original material)

- US issues warning over commercial spyware. (to the original material)

- FlexBooker reveals major customer data breach. (to the original material)

09.01.2022

- Dev corrupts NPM libs "colors" and "faker" breaking thousands of apps. (to the original material)

- BADNEWS! Patchwork APT hackers score own goal in recent malware attacks. (to the original material)

08.01.2022

- Protecting supply chains from highly contagious attacks. (to the original material)

- Troianized dnSpy app drops malware cocktail on researchers, devs. (to the original material)

- Rapid windows title changes cause "white screen of death". (to the original material)

- Vgkf virus ransomware [.vgkf files] - Removal and decrypt guide. (to the original material)

07.01.2022

- This Week in security news - January 7, 2022. (to the original material)

- The Week in ransomware - January 7th 2022 - Watch out for USB drives. (to the original material)

- SonicWall: Y2k22 bug hits email security, firewall products. (to the original material)

- FBI: Hackers use BadUSB to target defense firms with ransomware. (to the original material)

- Flubot malware now targets Europe posing as Flash Player app. (to the original material)

- US counterintelligence shares tips to block spyware attacks. (to the original material)

- QNAP warns of ransomware targeting Internet-exposed NAS devices. (to the original material)

- NHS warns of hackers exploiting Log4Shell in VMware Horizon. (to the original material)

- Cerberus Sentinel acquires true digital security. (to the original material)

- Monsanto employees stole trade secret. (to the original material)

- Why holistic ecosystems will be central to future cybersecurity. (to the original material)

- Election fraud firm to shut down after claims debunked. (to the original material)

- Thousands of schools impacted after IT provider hit by ransomware. (to the original material)

- Researchers warn of new Log4Shell - Like Java vulnerability. (to the original material)

- Cyber-attack on New Mexico county. (to the original material)

- Facebook/ Google use Dark Patterns in cookie consent - says France, waving $240 million fines. (to the original material)

- Antivirus software market to reach $4.54 billion in 2025. (to the original material)

- Enterprise PKI automation: The modern approach to certificate lifecycle management. (to the original material)

- Supply chain cybersecurity: Pain or pleasure? (to the original material)

- January 2022 Patch Tuesday forecast: Old is new again. (to the original material)

- Network and security teams must collaborate to successfully deliver digital transformation. (to the original material)

- Case Study: The road to Zero Trust. (to the original material)

- Norton 360 offering contains controversial cryptominer. (to the original material)

- FBI: FIN7 hackers target US companies with BadUSB devices to install ransomware. (to the original material)

- Codex exposed: Exploring the capabilities and risks of OpenAI's code generator. (to the original material)

- QNAP: Get NAS devices off the internet now. (to the original material)

- 3.7 million FlexBooker records dumped on hacker forum. (to the original material)

- EoL (End of Life) Systems stonewalling Log4j fixes for Fed Agencies. (to the original material)

- Researchers discover new JNDI-based vulnerability similar to Log4j. (to the original material)

- Cyber Command announces partnership with 84 universities. (to the original material)

- Mespinoza, Pysa ransomware an ongoing threat to the healthcare sector, HHS warns. (to the original material)

- Below the surface: Log4j attack trends. (to the original material)

- WordPress 5.8.3. security release. (to the original material)

- Malware and ransomware set to be a larger threat over the next year. (to the original material)

- How control system vulnerabilities can threaten the oil industry [Q&A]. (to the original material)

- Latest WordPress security release fixes XSS, SQL injection bug. (to the original material)

- Internet Bug Bounty: High Severity vulnerability in Apache HTTP Server could lead to RCE. (to the original material)

- Log4j - Related RCE flaw in H2 Database earns critical rating. (to the original material)

- Chinese scientist pleads guilty to stealing US agricultural tech. (to the original material)

- UK NHS: Threat actor targets VMware Horizon servers using Log4Shall exploits. (to the original material)

- FinalSite discloses ransomware attack that crippled websites for 8,000 schools. (to the original material)

- Russian denied bail in insider trading hacking case. (to the original material)

- ISMG Editors: Secrets and lies of ransomware operators. (to the original material)

- Coming invasion? Russian cyber activity in Ukraine escalates. (to the original material)

- Goodcaptchastyle.top virus redirect removal steps [free fix steps]. (to the original material)

- ConnectProcess Mac adware removal guide [free delete steps]. (to the original material)

- Remove Easysearch.club browser redirect [free fix steps]. (to the original material)

- Pure Dark Redirect removal instructions. (to the original material)

- SafeTravel Redirect removal guide [free delete steps]. (to the original material)

- Combo Cleaner Review Mac 2022 [antimalware]. (to the original material)

06.01.2022

- Cybersecurity news of the week (06.01.2022). (to the original material)

- Executive predictions for 2022: CTO Fleming Shi. (to the original material)

- From crisis to continuity: Securing remote work for the long term. (to the original material)

- Java RMI services often vulnerable to SSRF attacks - research. (to the original material)

- Kazakhstan government shuts down internet following country-wide protest. (to the original material)

- Natural disasters expose cyber weaknesses for financial firms. (to the original material)

- Missouri's CRMC (Capital Region Medical Center) brings network back online, 3 weeks after cyberattack. (to the original material)

- Financial advisers embrace increased security awareness, controls. (to the original material)

- Security experts develop search tool to make CISA's (ever growing) Log4j database more friendly. (to the original material)

- What companies should expect as the FTC takes aim at Log4j laggards. (to the original material)

- Google Docs comment flaw exploited by attackers. (to the original material)

- CES 2022: More sensors than people. (to the original material)

- Threat Source Newsletter (January 6, 2022). (to the original material)

- Covid test data breach at British School. (to the original material)

- Cyber-attack on Fertility Centers of Illinois. (to the original material)

- Investigation launched into RIPTA data breach. (to the original material)

- The Colonial Pipeline attack eight months on. (to the original material)

- UK Police seize £322 million of cryptocurrency in past five years. (to the original material)

- Man pleads guilty to $50 million investment fraud scheme. (to the original material)

- Credential stuffers compromised 1.1 million accounts. (to the original material)

- Finite state adds binary analysis to catch zero-days. (to the original material)

- Bridging the "front and back of the house": A lesson in risk management. (to the original material)

- The Log4j debacle showed again that public disclosure of zero days only helps attackers. (to the original material)

- Five tips on how to stay (cyber) secure in a hybrid work world. (to the original material)

- Experts uncover Elephant Beetle, an organized financial-theft operation. (to the original material)

- Mobile security software market to reach $2.75 billion by 2025. (to the original material)

- FinalSite ransomware attack shuts down thousands of school websites. (to the original link)

- Night Sky is the latest ransomware targeting corporate networks. (to the original material)

- FlexBooker discloses data breach, over 3.7 million accounts impacted. (to the original material)

- US arrests suspect who stole unpublished books in phishing. (to the original material)

- US online pharmacy Ravkoo links data breach to AWS portal incident. (to the original material)

- Swiss army bans all chat apps but locally-developed Threema. (to the original material)

- Google Docs commenting feature exploited for spear-phishing. (to the original material)

- France hits Facebook and Google with $210 million in fines. (to the original material)

- FBI warns about ongoing Google Voice authentication scams. (to the original material)

- Is quantum computing ready to disrupt cybersecurity? (to the original material)

- Best practices for encrypting your phone communications. (to the original material)

- W2 form is for sale on the dark web. (to the original material)

- DIY Sinclair clones: Left it too late to back the Next? Build your own instead. (to the original material)

- UK government stacks up to £1.8 billion in vertical application framework. (to the original material)

- Fugitive mafiosi evaded cops for two decades until he was spotted on Google Street View. (to the original material)

- Hearth attack victim "saved" by defibrillator delivery drone. (to the original material)

- Google Chrome 97 relaxes privacy protection just a little to help out Microsoft. (to the original material)

- New trick could let malware fake iPhone shutdown to spy on users secretly. (to the original material)

05.01.2022

- Google releases security updates for Chrome. (to the original material)

- VMware releases security updates. (to the original material)

- How legitimate websites are used to spread ransomware. (to the original material)

- A walk through a Year of Website Security: Part II. (to the original material)

- Health tech vendor QRS faces lawsuit after data theft impacting 319k patients. (to the original material)

- Warning: Log4j still lurks where dependency analysis can't find it. (to the original material)

- "We all need to be better": Financial advisers confront flaws in their security posture. (to the original material)

- What value does Extend Detection and Response (XDR) bring to the cybersecurity market [Q&A]? (to the original material)

- How can SMBs extend their SecOps capabilities without adding headcount? (to the original material)

- The CISO's guide to third-party security management. (to the original material)

- SMBs should consider new approaches for increasing their cybersecurity posture. (to the original material)

- How companies manage data and AI initiatives. (to the original material)

- API security: Understanding the next top attack vector. (to the original material)

- Embedded hypervisor software market to reach $1.16 billion by 2026. (to the original material)

- 70 investors lose $50 million to fraudsters posing as broker-dealers. (to the original material)

- Microsoft Defender for Endpoint adds zero-touch iOS onboarding. (to the original material)

- NY OAG (New York State Office of the Attorney General): Hackers stole 1.1 million customer accounts from 17 companies. (to the original material)

- Crypto platform ARBIX flagged as a rugpull, transfers $10 million. (to the original material)

- iOS malware can fake iPhone shut downs to snoop on camera, microphone. (to the original material)

- "Elephant Beetle" spends month in victim networks to divert transactions. (to the original material)

- Microsoft code-sign check bypassed to drop Zloader malware. (to the original material)

- WhiteSource automates remediation of Log4j vulnerabilities. (to the original material)

- Defending against modern ransomware tactics. (to the original material)

- McMenamins reports data breach. (to the original material)

- Kansas gets 17 critical cybersecurity recommendations. (to the original material)

- Morgan Stanley agrees to data breach settlement. (to the original material)

- Cybersecurity trends for 2022. (to the original material)

- AI progress in security is impressive enough without embellishment. (to the original material)

- Palo Alto Networks appoints CEO for EMEA and LATAM Regions. (to the original material)

- Info-stealing malware hits 100+ countries. (to the original material)

- UK's information commissioner starts new role amid major changes. (to the original material)

- FTC: Patch Log4j now or risk major fines. (to the original material)

- Duty-search redirect removal guide [free delete steps]. (link to original material)

- LIKEAHORSE ransomware virus [remove and restore data]. (link to original material)

- FormulaBuffer Mac adware removal [free uninstall steps]. (to the original material)

- DEHD virus ransomware [.dehd files] removal & decrypt guide. (to the original material)

- Using CASB to establish user access, control of critical assets. (to the original material)

- New Zloader Banking malware campaign exploiting Microsoft signature verification. (to the original material)

- How ransomware gangs went pro. (to the original material)

- The FreeRTOS vulnerability disaster. (to the original material)

- Importance of cybersecurity in military. (to the original material)

- A majority of Gen Z crypto investors think they will become millionaires, according to a new survey. (to the original material)

- Interesting cyber crime stories. (to the original material)

- IBM bosses wrongly sacked channel salesman after Tech Data joint venture failed, tribunal rules. (to the original material)

- Hauliers report problems with post-Brexit customs system but HMRC (Her Majesty's Revenue & Customs) insists it is "online and working as planned". (to the original material)

- Remember Norton 360's bundled cryptominer? Irritated folk realize Ethereum crafter is tricky to delete. (to the original material)

- Microsoft pushes ahead adapting Azure for 5G telecoms after swallowing AT&T's Network cloud. (to the original material)

- You better have patched those Log4j holes or we'll see what a judge has to say - FTC. (to the original material)

- 5 ways hackers steal passwords (and how to stop them). (to the original material)

- Top 10 bad cybersecurity habits to shed in 2022. (to the original material)

04.01.2022

- Vulnerability summary for the week of December 27, 2021. (to the original material)

- U.S. weighs in on open source software security. (to the original material)

- Insider threat does not have to be malicious, so how do you protect your organization? (to the original material)

- Preventing document fraud in a world built in digital trust. (to the original material)

- Healthcare cloud infrastructure market size to reach $142 billion by 2028. (to the original material)

- Should businesses be concerned about APT-style attacks? (to the original material)

- Emergency Windows Server update fixes Remote Desktop issues. (to the original material)

- FTC warns companies to secure consumer data from Log4j attacks. (to the original material)

- First Microsoft Pluton-powered Windows 11 PCs unveiled at CES. (to the original material)

- Hackers use video player to steal credit cards from over 100 sites. (to the original material)

- UScellular discloses data breach after billing system hack. (to the original material)

- Have I Been Pwned warns of DatPiff data breach impacting millions. (to the original material)

- Spyderbat tool can discover Log4j vulnerabilities. (to the original material)

- Did U.S. charge Klyushin to reveal 2016 SNC hack info? (to the original material)

- Top 10 Gurucul blog posts of 2021. (to the original material)

- Top 10 security challenges for 2022. (to the original material)

- Investigation launched into App "Selling" Women. (to the original material)

- Google acquires its first non-american cybersecurity firm (Siemplify). (to the original material)

- Google acquires Siemplify in ambitious cybersecurity push. (to the original material)

- UWO (University of Wisconsin-Oshkosh) opens new cybersecurity center. (to the original material)

- Protecting the most crucial software supply chain targets. (to the original material)

- Money launderers get 33 years for £70m criminal scheme. (to the original material)

- UK Defence Academy attack forced IT rebuild - report. (to the original material)

- Microsoft fixes New Year's Day Exchange Server bug. (to the original material)

- ToolIndexer Mac Ads removal guide [free uninstall steps]. (to the original material)

- MainOperation Mac Adware delete guide [free removal steps]. (to the original material)

- EasyMacSoft Mac adware removal guide [free delete steps]. (to the original material)

- SafeplexSearch Mac Adware removal guide. (to the original material)

- Remote Access malware rises, ransomware operators rebrand, and more attacks on individuals: Report. (to the original material)

- Newly discovered Lapsus$ ransomware targets several organizations in a month. (to the original material)

- Saltzer Health says patient data exposed in cyberattack. (to the original material)

- Log4j flaw attack levels remain high, Microsoft warns. (to the original material)

- SAILFISH System to find State-inconsistency bugs in smart contracts. (to the original material)

- North Korean Konni hackers target Russian diplomats using New Year greetings. (to the original material)

- Skimmer injected into 100 real estate websites via Cloud Video Platform. (to the original material)

- State-of-the-art EDRs (Endpoint Detection & Response) are not perfect, fail to detect common attacks. (to the original material)

- Predictions: SecurityWeek's 2022 cybersecurity outlook. (to the original material)

- Unpatched HomeKit vulnerability exposes iPhones, iPads to DoS attacks. (to the original material)

- Cyber insurance firm Corvus expands with acquisition of UK-based Tarian. (to the original material)

- Anti-Bot fraud detection firm HUMAN snags $100 million investment. (to the original material)

- Instagram and teens: A quick guide for parents to keep their kids safe. (to the original material)

- Microsoft: Log4j exploit attempts, testing remain rampant. (to the original material)

- Log4j updates: Flaw challenges global security leaders. (to the original material)

- Clinic notifies 212,500 about 2020 breach involving fraud. (to the original material)

- Card-stealing code found on more than 100 Sotheby's luxury real estate sites. (to the original material)

- Latest web hacking tools - Q1 2022. (to the original material)

- Researcher discovers 70 web cache poisoning vulnerabilities, nets $40k in bug bounty rewards. (to the original material)

- Broward Health healthcare data theft impacts 1.3 million patients, employees. (to the original material)

- Cyberattack on payroll vendor Kronos disrupting healthcare workforce paychecks. (to the original material)

- Financial advisers face increased breach threats with remote work, sensitive data. (to the original material)

- Mac security research and freeware designer Objective-See becomes non-profit. (to the original material)

- Organizations Worldwide experience over 722 million attacks in the last 30 days. (to the original material)

- Amazon Token Crypto "presale" scam takes advantage of news hype and steals your real cryptocurrency. (to the original material)

- $1.9 million worth of NFTs stolen and re-sold by hacker. (to the original material)

- Fake Telegram Messenger apps are hacking PCs with lethal malware that evades installed antivirus. (to the original material)

- RedLine malware leaks over 440,000 accounts, passwords: How to check if You've been exposed, 2 ways to avoid data breach. (to the original material)

- Does your cyber insurance policy look more like health insurance? (to the original material)

- SlimPay fined €180.000 after 12 million customers' bank data publicly accessible for 5 years. (to the original material)

- Deception as a form of defence. (to the original material)

- Malware detection: What is heuristic analysis? (to the original material)

03.01.2022

- A CISO's guide to discussing cybersecurity with the board. (to the original material)

- Why the UK's energy sector is fragile and ripe to cyber attacks. (to the original material)

- Ransomware attacks decrease, operators started rebranding. (to the original material)

- LTE (Long-Term Evolution - Standard for wireless broadband communication) IoT market to grow steadily by 2026. (to the original material)

- InfoSec products of the month: December 2021. (to the original material)

- Purple Fox malware distributed via malicious Telegram installers. (to the original material)

- Microsoft Skype makes you solve a complex captcha 10 times to sign up. (to the original material)

- Broward Health (Florida, USA) discloses data breach affecting 1.3 million people. (to the original material)

- Apple iOS vulnerable to HomeKit "doorLock" denial of service bug. (to the original material)

- Don't copy and paste commands from webpages - you can get hacked. (to the original material)

- Apple AirTag: Absolutely awful, say stalking victims. (to the original material)

- 6 ways to minimize ransomware damage. (to original material)

- Why insider threat risk increases in the cloud. (to the original material)

- How to: Solve your organization's password woes. (to the original material)

- Loov Virus Ransomware [.loov Files] removal & decrypt guide. (to the original material)

- RedLine malware pilfer passwords saved in multiple browsers. (to the original material)

- MSBuild abused for execution of Cobalt Strike Beacon. (to the original material)

- BlackTech APT pulls out new Flagpro malware to target Japan and others. (to the original material)

- SEGA Europe left AWS S3 bucket unsecured exposing data and infrastructure to attack. (to the original material)

- Multiple vulnerabilities impact Netgear Nighthawk R6700 routers. (to the original material)

- Israeli Media outlets hacked on Soleimani killing anniversary. (to the original material)

- Detecting evasive malware on IoT devices using electromagnetic emanations. (to the original material)

- Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022. (to the original material)

- Report: China mining western social media for intelligence. (to the original material)

- T-Mobile: Some customers affected by SIM swap data breach. (to the original material)

- Hospital system: Data exfiltration breach hits 1.3 million. (to the original material)

- Indian Medical Association's Twitter account compromised. (to the original material)

- Cyber Regulation: Prediction for 2022. (to the original material)

- HIPAA Privacy and Security: At a crossroads in 2022. (to the original material)

- CMMC (Cybersecurity Maturity Model Certification program) stakeholders expect less talk, more action to shore up contractor security. (to the original material)

- Financial firms struggle with security in storage, backups. (to the original material)

- New guidance tackles role of manufacturers in medical device security, patient safety. (to the original material)

- A walk through a year of website security: Part I. (to the original material)

- Morgan Stanley to pay $60 million to resolve data security lawsuit. (to the original material)

- IoT's importance is growing rapidly, but its security is still weak. (to the original material)

- CrowdStrike beefs up exploit detection with Intel CPU telemetry. (to the original material)

- Hospitality chain says employee data stolen in ransomware attack. (to the original material)

- Broward Health hit with data breach on patient, staff. (to the original material)

- How to identify whether a crypto project is legitimate? (to the original material)

- JetBlue tosses most passwords out the emergency exit. (to the original material)

- Florida Hospital System suffers data breach, including medical information. (to the original material)

- Hacking the ransomware problem. (to the original material)

- Jerusalem Post (JPost) targeted pro-Iranian hackers on Soleimani assassination anniversary. (to the original material)

02.01.2022

- Most popular cybersecurity and tech stories of 2021. (to the original material)

- Uber ignores vulnerability that lets you send any mail from Uber.com. (to the original material)

- How long before VPN's are mothballed? (to the original material)

- Lapsus$ ransomware gang hits SIC, Portugal's largest TV channel. (to the original material)

- Cyber-attack on UK's Defence Academy caused "significant" damage. (to the original material)

- NASA Director Twitter account hacked by "Powerfull Greek Army". (to the original material)

- 6 ways to hack Facebook with Android device (100% working) step by step procedure. (to the original material)

- Google Dorks List 2022 - Latest SQL Dork List. (to the original material)

01.01.2022

- The Top 5 cybersecurity tools companies need to implement right now. (to the  original material)

- Popular Q&A app Curious Cat loses domain, posts bizarre tweets. (to the original material)

- PulseTV: Over 200,000 credit cards details compromised. (to the original material)

- Latest Google Dorks SQL Injection - SQL Dorks 2022. (to the original material)


Archive:

December 2021.
November 2021.
October 2021.
September 2021.
August 2021.
July 2021.
June 2021.
May 2021.
April 2021.
March 2021.
February 2021.
January 2021.

Source:

Click here to access to documentation sources.

Dorin M - January 18, 2022