all InfoSec news

US Retailers Pull Surveillance Company Products Linked to Genocide security security bloggers network Common vulnerabilities in Java and how to fix them cybersecurity devops java security bloggers network +2 A melhor ferramenta de gerenciamento e segurança do Microsoft 365 gerenciamento de microsoft 365 manageengine microsoft 365 portugues +4 Menos é mais: monitoramento de desempenho baseado em funções com OpManager administradores de rede analise de ti desempenho de rede gereciamento de servidor +9 Mantenha seu acesso ao Office 365 sincronizado acesso a aplicações adselfservice plus application security autenticação unica +9 7 dicas para gerenciamento eficaz de ativos de TI alertas e notificações de ativos ativos ativos de ti cmdb +10

BleepingComputer

bleepingcomputer.com

Microsoft Defender scares admins with Emotet false positives microsoft security FBI seized $2.2M from affiliate of REvil, Gandcrab ransomware gangs security Finland warns of Flubot malware heavily targeting Android users security Smartwatches for children are a privacy and security nightmare security EwDoor botnet targets AT&T network edge devices at US firms security Android banking malware infects 300,000 Google Play users google security

Dark Reading

darkreading.com

Legal Cases and Privacy Rulings Aim to Curtail Facial Biometrics

HP Issues Firmware Updates for Printer Product Vulnerabilities

What’s the Difference Between SASE and SD-WAN?

Attacker Sentenced in Multimillion-Dollar SIM Hijacking Scheme

Government-Industry Cooperation May Be the Most Potent Ransomware Antidote

Ransomware vs. Cities: A Cyber War

Security Latest

wired.com

Malicious Google Play Apps Stole User Banking Info ars technica cyberattacks and hacks foul play hacking +1 A Hacking Spree Against Iran Spills Out Into the Real World critical infrastructure cyberattacks and hacks cybersecurity hacking +2 What Is a Watering Hole Attack? hacker lexicon hacking malware security The Android 12 Privacy Settings You Should Update Now android google how-to privacy +1 The Pentagon Set Up a UFO Office hacking malware security security news +2 The McDonald's Ice Cream Machine Hacking Saga Has a New Twist freezer burn hacking lawsuits mcdonalds +1

Threatpost

threatpost.com

How Decryption of Network Traffic Can Improve Security full infosec insider large medium +2 Lloyd’s Carves Out Cyber-Insurance Exclusions for State-Sponsored Attacks breach cloud security full government +6 Finland Faces Blizzard of FluBot-Spreading Text Messages full large malware medium +1 Panasonic’s Data Breach Leaves Open Questions breach cloud security full hacks +3 Yanluowang Ransomware Tied to Thieflock Threat Actor full large malware medium +1 IKEA Hit by Email Reply-Chain Cyberattack full large malware medium +2

Information Security News

reddit.com

New EwDoor Botnet is targeting AT&T customers infosecnews WIRTE APT group targets the Middle East since at least 2019 infosecnews Chinese hackers could steal data now and crack it with quantum computers later, warns report infosecnews Critical Printing Shellz flaws impact 150 HP multifunction printer models infosecnews Google experts found 2 flaws in video conferencing software Zoom infosecnews Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition infosecnews

CyberScoop

cyberscoop.com

Final defendant in multimillion-dollar SIM hijacking scheme sentenced to prison cryptocurrency department of justice money sim swapping UK threatens Clearview AI with nearly $23M fine over its facial recognition tech clearview ai congress facial recognition government +4 Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny mandiant ransomware recorded future sabbath +1 Education sees the highest ransomware recovery cost compared to other sectors sponsored content Months-long Interpol crackdown nets more than 1,000 online fraud arrests business email compromise (bec) china colombia financial +17 Apple alerts journalists, activists about state-sponsored hacking attempts after NSO Group suit apple citizen lab nso group spyware

KitPloit - PenTest Tools!

kitploit.com

ZipExec - A Unique Technique To Execute Binaries From A Password Protected Zip sandbox scanning windows zipexec Kit_Hunter - A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting administrators kit_hunter phishing detection phishing kits +1 Digital-Forensics-Lab - Free Hands-On Digital Forensics Labs For Students And Faculty digital-forensics-lab shadow windows wireless OffensiveRust - Rust Weaponization For Red Team Engagements offensiverust rust space unix +3 DetectionLabELK - A Fork From DetectionLab With ELK Stack Instead Of Splunk detectionlabelk dfir osquery threat hunting +4 4-ZERO-3 - 403/401 Bypass Methods + Bash Automation 4-zero-3 automation bash bypass +4

SecurityWeek RSS Feed

securityweek.com

Privacy Startup Soveren Raises $6.5 Million Seed Round application security audits cloud security compliance +9 Coinbase to Acquire Cryptography Firm Unbound Security application security audits cloud security compliance +12 2.1 Million People Affected by Breach at DNA Testing Company cybercrime news & industry 'Sabbath' Ransomware Operators Target Critical Infrastructure application security audits cloud security compliance +15 Hardware Security Firm Axiado Banks $25M Investment application security audits cloud security compliance +10 Source Code Security Firm Cycode Raises $56 Million application security management & strategy news & industry

The Hacker News

thehackernews.com

Critical Wormable Security Flaw Found in Several HP Printer Models

New Hub for Lean IT Security Teams

Panasonic Suffers Data Breach After Hackers Hack Into Its Network

Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS

WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East

4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021

Naked Security

sophos.com

Controversial face matchers Clearview set to be fined over $20m clearview clearview ai facial recognition ico +4 Cloud Security: Don’t wait until your next bill to find out about an attack! cloud security cryptocurrency cryptomining google cloud S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast] cookies data breach exchange exploit +4 US government securities watchdog spoofed by investment scammers – don’t fall for it! caller id cli data loss phone scammers +4 Check your patches – public exploit now out for critical Exchange bug cve-2021-42321 exchange microsoft patch +2 GoDaddy admits to password breach: check your Managed WordPress site! breach breach notification data loss godaddy +3

Trend Micro Simply Security

rssmix.com

What You Can Do to Mitigate Cloud Misconfigurations news reports trend micro research : articles trend micro research : cloud +2 Top 10 AWS Security Misconfiguration trend micro devops : article trend micro devops : aws trend micro devops : compliance trend micro devops : conformity ESG Economic Value Validation of XDR trend micro ciso : article trend micro ciso : cloud trend micro ciso : detection and response trend micro ciso : digital transformation +2 Trend Micro Cloud One Network Security-as-a-Service news reports trend micro research : articles trend micro research : cloud +3 Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites news reports trend micro research : articles trend micro research : malware +1 AWS re:Invent 2021 Guide: Checklist & Key Sessions news reports trend micro research : articles trend micro research : cloud +3

Rekt

rekt.news

MonoX - REKT

Snowdog - REKT

Uniswap V3 LP - REKT

Airdrop Hunters

bZx - REKT

Cream Finance - REKT 2

WeLiveSecurity

welivesecurity.com

More than 1,000 arrested in global crackdown on online fraud cybercrime Week in security with Tony Anscombe

The triangle of holiday shopping: Scams, social media and supply chain woes scams Avoiding the shopping blues: How to shop online safely this holiday season how-to FBI, CISA urge organizations to be on guard for attacks during holidays cybersecurity What to do if you receive a data breach notice how-to

Graham Cluley

grahamcluley.com

Social media firms will be forced to unmask online trolls, says Australia australia guest blog law & order privacy +2 Couple arrested for secretly installing cryptomining software on department store PCs cryptomining guest blog law & order malware Try out 1Password 8 for Windows, where security meets productivity feed only Sophisticated Tardigrade malware launches attacks on vaccine manufacturing infrastructure coronavirus data breach data loss guest blog +1 Smashing Security podcast #253: Cybercrime unicorns, HVAC hacks, and NFT piracy – with Mikko Hyppönen hvac law & order nft podcast +6 New UK IoT law means huge fines and a ban on default passwords guest blog iot vulnerability

Pen Test Partners

pentestpartners.com

A masterclass in responding to vulnerability disclosure: The Buddi app and tracker show on homepage vulnerability advisory What does the Product Security and Telecommunications Infrastructure bill mean for me? internet of things show on homepage SkyFail. 6 million routers left exposed show on homepage vulnerability advisory Hijacking smart luggage internet of things show on homepage Pun-free Cylance vulnerability, fixed show on homepage vulnerability advisory Time based username enumeration how tos show on homepage

Discussion and Disclosure of Web Vulnerabilities

reddit.com

Cybersecurity and Compliance websec Votos positivos websec How To Use Manual SQL Injection To Penetrate A Database websec What I need to know as a Web Application Security Junior/Trainee? websec LinkedIn profile visit restrictions websec [1 Minute] Cool Tool Friday: How to Bypass ANY Paywall! websec

Krebs on Security

krebsonsecurity.com

The Internet is Held Together With Spit & Baling Wire adam korab a little sunshine bgp border gateway protocol +6 Arrest in ‘Ransom Your Employer’ Email Scheme abnormal security agari crane hassold cyberlab +4 The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back a little sunshine bob sullivan consumer financial protection bureau cuna mutual insurance +3 Tech CEO Pleads to Wire Fraud in IP Address Scheme african network information centre afrinic american registry for internet numbers amir golestan +6 Hoax Email Blast Abused Poor Coding in FBI Website a little sunshine criminal justice information services division department of justice eims@ic.fbi.gov +9 SMS About Bank Fraud as a Pretext for Voice Phishing a little sunshine kris stevens latest warnings smishing

Silicon Republicinfosec – Silicon Republic

siliconrepublic.com

Dublin IT firm Auxilion taps into rise of hybrid work with new division cloud enterprise infosec ireland +2 Samsung is trying to ‘reinvent’ the smartphone – and believes foldable is the future business electronics infosec leadership +2 Current security approaches can create ‘an ever-increasing spiral’ of issues brand insights bt cyberattacks enterprise +2 New cybersecurity measures for Irish 5G networks may ban ‘high-risk’ firms comms eu infosec ireland +4 Apple sues Israeli tech group behind Pegasus spyware apple enterprise infosec legal +1 With rise of ransomware, report says cybercrime cost Ireland €9.6bn in 2020 crime cyberattacks enterprise grant thornton +3