Sources
Security News White Papers
- Computer Weekly – 19 January 2021: The UK's struggle with digital schooling 0 sec old
- Zero trust: Taking back control of IT security 0 sec old
- Top IT predictions in APAC: 2021 0 sec old
- Computer Weekly – 12 January 2021: Can AI ever match the power of the brain? 2 days 2 hours old
- Top 10 ASEAN IT stories of 2020 1 week 1 day old
- A Computer Weekly buyer's guide to next-generation retail technology 1 week 2 days old
- SIEM, SOAR or both? Our security experts weigh in 3 weeks 2 days old
- UK police unlawfully processing over a million people's data on Microsoft 365 3 weeks 2 days old
Hacker News
- Finally – paid support for any OSS project (API) 40 min 39 sec old
- One shot keto pills have 100% normal fixings with no results 45 min 44 sec old
- Failing to make progress under excess request load 48 min 35 sec old
- Unlimited Support – WordPress Website Maintenance starting at just $49/month 51 min 15 sec old
- Fulfilling the Promise of CI/CD 55 min 18 sec old
- JEP Draft: Primitive Objects (Preview) 1 hour 59 sec old
- NSFW: Tech support workers share their oddest job experiences 1 hour 1 min old
- New York Times: The complete list of Trump Twitter insults from 2015-21 1 hour 6 min old
- Hospital CEO censored on LinkedIn for suggestion to look at impact of lockdown 1 hour 7 min old
- Deno 1.7 Release Notes 1 hour 11 min old
CNET Feed
- Trump pardons ex-Uber and Google engineer Anthony Levandowski - Roadshow 1 hour 1 min old
- President Trump pardons rapper Lil Wayne, commutes Kodak Black's sentence - CNET 1 hour 18 min old
- Inauguration Day a palindrome that won't happen again for 1,000 years - CNET 1 hour 59 min old
- Trump signs order aimed at thwarting cyber interference - CNET 3 hours 14 min old
- 100-million-year old beetle fossil sheds light on family of ancient bugs - CNET 3 hours 29 min old
- Lady Gaga's pre-inauguration look is straight outta Star Wars - CNET 4 hours 53 min old
- The best home products for winter 2021: Coffee makers, fire pits and other cozy gadgets - CNET 5 hours 5 min old
- Best espresso machine for 2021 - CNET 6 hours 34 min old
- Self-driving startup Aurora partners with heavy truck company Paccar - Roadshow 7 hours 3 min old
- The best cheap gaming keyboards to rev up your work-from-home experience - CNET 7 hours 4 min old
ZDNet Security
- Google says consent over every aspect of data processing would be burdensome 2 hours 18 min old
- Trump decrees American cloud providers need to maintain records on foreign clients 3 hours 2 min old
- OAIC wants stronger enforcement powers in Australia's revamped Privacy Act 7 hours 18 min old
- Awareness isn’t enough -- it’s time for security leaders to change behaviors 9 hours 59 min old
- Malwarebytes said it was hacked by the same group who breached SolarWinds 12 hours 32 min old
- 'Anti-Facebook' MeWe social network adds 2.5 million new members in one week 13 hours 44 min old
- Google Chrome 88 released with no Flash support, bringing an end to an era 14 hours 17 min old
- Brave becomes first browser to add native support for the IPFS protocol 14 hours 34 min old
- Fake collaboration apps are stealing data as staff struggle with home working security 15 hours 15 min old
- FireEye releases tool for auditing networks for techniques used by SolarWinds hackers 17 hours 34 min old
SlashDot
- Gaming the System: How GameStop Stock Surged 1,500% In Nine Months 3 hours 42 min old
- Penn State Engineers Are Developing An Inexpensive, Thermally-Modulated Battery For Electric Cars 4 hours 42 min old
- 'Anti-Facebook' MeWe Social Network Adds 2.5 Million New Members In One Week 4 hours 42 min old
- Global Sales of Electric Cars Accelerate Fast In 2020 Despite Pandemic 5 hours 50 min old
- Netflix Is Finally Adding a Streaming Roulette Feature As It Clinches 200 Million Subscribers 5 hours 50 min old
- Instagram Lead Says He's Not Happy With Reels Yet, Might 'Consolidate' Video Formats 5 hours 50 min old
- 'Anti-Facebook' WeMe Social Network Adds 2.5 Million New Members In One Week 6 hours 51 min old
- Malwarebytes Said It Was Hacked By the Same Group Who Breached SolarWinds 6 hours 51 min old
- The English Language Wikipedia Just Had Its Billionth Edit 7 hours 52 min old
- iFixit Says Teardown of AirPods Max Made Competitors Look Like Toys 7 hours 52 min old
EFF
- New OCC Rule Is a Win in the Fight Against Financial Censorship 5 hours 34 min old
- So-called “Consent Searches” Harm Our Digital Rights 5 days 6 hours old
- It’s Business As Usual At WhatsApp 5 days 7 hours old
- EFF Welcomes Fourth Amendment Defender Jumana Musa to Advisory Board 1 week 9 hours old
- Face Surveillance and the Capitol Attack 1 week 11 hours old
- Beyond Platforms: Private Censorship, Parler, and the Stack 1 week 1 day old
- The FCC and States Must Ban Digital Redlining 1 week 1 day old
- The Government Has All of the Powers it Needs to Find and Prosecute Those Responsible for the Crimes on Capitol Hill this Week. 1 week 1 day old
- YouTube and TikTok Put Human Rights In Jeopardy in Turkey 1 week 3 days old
- California City’s Effort to Punish Journalists For Publishing Documents Widely Available Online is Dangerous and Chilling, EFF Brief Argues 1 week 4 days old
Dark Reading Attacks and Breaches
- Vulnerabilities in Popular DNS Software Allow Poisoning 8 hours 29 min old
- SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics 9 hours 29 min old
- A Security Practitioner's Guide to Encrypted DNS 16 hours 34 min old
- Successful Malware Incidents Rise as Attackers Shift Tactics 4 days 14 hours old
- Shifting Privacy Landscape, Disruptive Technologies Will Test Businesses 5 days 7 hours old
- 'Chimera' Threat Group Abuses Microsoft & Google Cloud Services 5 days 8 hours old
- Businesses Struggle with Cloud Availability as Attackers Take Aim 5 days 9 hours old
- SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns 6 days 9 hours old
- More SolarWinds Attack Details Emerge 1 week 8 hours old
- Over-Sharer or Troublemaker? How to Identify Insider-Risk Personas 1 week 16 hours old
Dark Readuing Vulnerability and Threats
- Vulnerabilities in Popular DNS Software Allow Poisoning 8 hours 29 min old
- Microsoft to Launch 'Enforcement Mode' for Zerologon Flaw 9 hours 9 min old
- The Most Pressing Concerns Facing CISOs Today 13 hours 34 min old
- A Security Practitioner's Guide to Encrypted DNS 16 hours 34 min old
- Successful Malware Incidents Rise as Attackers Shift Tactics 4 days 14 hours old
- 'Chimera' Threat Group Abuses Microsoft & Google Cloud Services 5 days 8 hours old
- Businesses Struggle with Cloud Availability as Attackers Take Aim 5 days 9 hours old
- NSA Recommends Using Only 'Designated' DNS Resolvers 5 days 10 hours old
- Who Is Responsible for Protecting Physical Security Systems From Cyberattacks? 5 days 15 hours old
- Vulnerability Management Has a Data Problem 5 days 16 hours old
Microsoft Malware Protection Center
- Using Zero Trust principles to protect against sophisticated attacks like Solorigate 9 hours 3 min old
- How IT leaders are securing identities with Zero Trust 14 hours 33 min old
- Simplify compliance and manage risk with Microsoft Compliance Manager 5 days 12 hours old
- Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender 5 days 14 hours old
- Azure Active Directory empowers frontline workers with simplified and secure access 6 days 13 hours old
- New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely 1 week 1 day old
- Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact 1 week 6 days old
- The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1 2 weeks 14 hours old
- Forcepoint and Microsoft: Risk-based access control for the remote workforce 2 weeks 1 day old
- Using Microsoft 365 Defender to protect against Solorigate 3 weeks 1 day old
Dark Reading Threat Intelligence
- Microsoft to Launch 'Enforcement Mode' for Zerologon Flaw 9 hours 9 min old
- SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics 9 hours 29 min old
- NSA Appoints Rob Joyce as Cyber Director 4 days 10 hours old
- Successful Malware Incidents Rise as Attackers Shift Tactics 4 days 14 hours old
- 'Chimera' Threat Group Abuses Microsoft & Google Cloud Services 5 days 8 hours old
- Businesses Struggle with Cloud Availability as Attackers Take Aim 5 days 9 hours old
- NSA Recommends Using Only 'Designated' DNS Resolvers 5 days 10 hours old
- SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns 6 days 9 hours old
- Huntress Acquires EDR Technology From Level Effect 6 days 13 hours old
- More SolarWinds Attack Details Emerge 1 week 8 hours old
Dark Reading Cloud
- SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics 9 hours 29 min old
- 'Chimera' Threat Group Abuses Microsoft & Google Cloud Services 5 days 8 hours old
- Businesses Struggle with Cloud Availability as Attackers Take Aim 5 days 9 hours old
- NSA Recommends Using Only 'Designated' DNS Resolvers 5 days 10 hours old
- Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation 6 days 13 hours old
- The Data-Centric Path to Zero Trust 6 days 16 hours old
- Nissan Source Code Leaked via Misconfigured Git Server 1 week 6 days old
- 6 Open Source Tools for Your Security Team 1 week 6 days old
- COVID-19's Acceleration of Cloud Migration & Identity-Centric Security 2 weeks 1 day old
- Reducing the Risk of Third-Party SaaS Apps to Your Organization 3 weeks 12 hours old
Google Security Blog
- New Year, new password protections in Chrome 10 hours 2 min old
Threat Post
- DNSpooq Flaws Allow DNS Hijacking of Millions of Devices 10 hours 8 min old
- Rob Joyce to Take Over as NSA Cybersecurity Director 11 hours 14 min old
- SolarWinds Malware Arsenal Widens with Raindrop 14 hours 53 min old
- Linux Devices Under Attack by New FreakOut Malware 15 hours 42 min old
- Attackers Steal E-Mails, Info from OpenWrt Forum 16 hours 48 min old
- Medical Device Security: Diagnosis Critical 1 day 15 hours old
- Tractors, Pod Ice Cream and Lipstick Awarded CES 2021 Worst in Show 4 days 9 hours old
- Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’ 4 days 9 hours old
- Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls 4 days 14 hours old
- Google Boots 164 Apps from Play Marketplace for Shady Ad Practices 4 days 15 hours old
Cisco Security Advisories
- Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021 11 hours 19 min old
- Cisco AnyConnect Secure Mobility Client Arbitrary File Read Vulnerability 6 days 7 hours old
- Cisco Connected Mobile Experiences User Enumeration Vulnerability 6 days 7 hours old
- Cisco Connected Mobile Experiences Privilege Escalation Vulnerability 6 days 7 hours old
- Cisco Unified Communications Products Information Disclosure Vulnerability 6 days 7 hours old
- Cisco DNA Center Cross-Site Scripting Vulnerability 6 days 7 hours old
- Cisco Firepower Management Center Information Disclosure Vulnerability 6 days 7 hours old
- Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerabilities 6 days 7 hours old
- Cisco Firepower Management Center XML Entity Expansion Vulnerability 6 days 7 hours old
- Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability 6 days 7 hours old
Security Week
- FireEye Releases New Open Source Tool in Response to SolarWinds Hack 12 hours 29 min old
- Hundreds of Networks Still Host Devices Infected With VPNFilter Malware 13 hours 8 min old
- Microsoft Enables Automatic Remediation in Defender for Endpoint 17 hours 21 min old
- SaaS Application Backup Firm Rewind Raises $15 Million 17 hours 39 min old
- SolarWinds Hackers Used 'Raindrop' Malware for Lateral Movement 18 hours 24 min old
- Swimlane Raises $40 Million to Expand SOAR Business 19 hours 36 sec old
- OpenWrt Informs Users of Forum Breach 19 hours 27 min old
- FBI Warns of Employee Credential Phishing via Phone, Chat 1 day 12 hours old
- Expired Domain Allowed Researcher to Hijack Country's TLD 1 day 12 hours old
- Researchers Estimate Ryuk Ransomware Operations to Be Worth $150 Million 1 day 13 hours old
KrebsOnSecurity
- New Charges Derail COVID Release for Hacker Who Aided ISIS 12 hours 54 min old
- Joker’s Stash Carding Market to Call it Quits 1 day 11 hours old
- Microsoft Patch Tuesday, January 2021 Edition 1 week 6 hours old
- SolarWinds: What Hit Us Could Hit Others 1 week 10 hours old
- Ubiquiti: Change Your Password, Enable 2FA 1 week 1 day old
- Sealed U.S. Court Records Exposed in SolarWinds Breach 1 week 5 days old
- All Aboard the Pequod! 1 week 5 days old
- Hamas May Be Threat to 8chan, QAnon Online 2 weeks 12 hours old
- Happy 11th Birthday, KrebsOnSecurity! 3 weeks 6 hours old
Malware Bytes Security
- The story of ZeroLogon 12 hours 56 min old
- Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments 14 hours 19 min old
- What’s up with WhatsApp’s privacy policy? 1 day 19 hours old
- A week in security (January 11 – January 17) 1 day 20 hours old
- MSPs, have you picked the right PSA for you yet? 4 days 12 hours old
- How a VPN can protect your online privacy 4 days 16 hours old
- Cybercriminals want your cloud services accounts, CISA warns 5 days 11 hours old
- Microsoft issues 83 patches, one for actively exploited vulnerability 6 days 11 hours old
- Ubiquiti breach, and other IoT security problems 1 week 13 hours old
- A week in security (January 4 – January 10) 1 week 1 day old
Security Wire Daily News
- SolarWinds supply chain attack explained: Need-to-know info 13 hours 27 min old
- Malwarebytes breached by SolarWinds hackers 14 hours 48 min old
- Data privacy law is coming, big tech privacy officers say 15 hours 18 min old
- FBI warns against vishing attacks targeting enterprises 17 hours 50 min old
- Combine ML with human intelligence for your security strategy 21 hours 13 min old
- The 5 different types of firewalls explained 22 hours 34 min old
- What is the future of cybersecurity? 5 days 15 hours old
- Tenable: Vulnerability disclosures skyrocketed over last 5 years 5 days 16 hours old
- Select a customer IAM architecture to boost business, security 5 days 19 hours old
- SASE challenges include network security roles, product choice 5 days 20 hours old
Wired Security
- The SolarWinds Hackers Used Tactics Other Groups Will Copy 17 hours 34 min old
- Trump’s Worst, Most Bizarre Statements About ‘the Cyber’ 1 day 19 hours old
- Former DOD Head: The US Needs a New Plan to Beat China on AI 2 days 19 hours old
- The FBI Has Made Over 100 Arrests Related to the Capitol Riot 3 days 17 hours old
- The Race Is On to Identify and Stop Inauguration Rioters 3 days 18 hours old
- Big Tech Can’t Ban Its Way Out of This 3 days 19 hours old
- Ex-CISA Head Chris Krebs: ‘Impeachment Is the Right Mechanism’ 4 days 13 hours old
- Hackers Used Zero-Days to Infect Windows and Android Devices 4 days 17 hours old
- I Am Not a Soldier, but I Have Been Trained to Kill 4 days 19 hours old
- How Law Enforcement Gets Around Your Smartphone's Encryption 6 days 13 hours old
Computer Weekly Feed
- Five key benefits of AWS, Azure and Google Cloud file storage 19 hours 49 min old
- CIOs blame siloed IT teams and tools for misalignment 21 hours 19 min old
- Questions raised by New Zealand central bank boss, following cyber attack investigation 1 day 13 min old
- UK fraud agency deploys ArcGIS dashboard for data sharing 1 day 34 min old
- Value of GDPR fines shows dramatic increase in 2020 1 day 48 min old
- BT to make data for Oak National Academy charge-free 1 day 1 hour old
- The UK’s struggle with digital schooling 1 day 2 hours old
- Parler v AWS, digital schooling, ambulance data – Computer Weekly Downtime Upload podcast 1 day 2 hours old
- Click fraud levels reach new heights in pandemic 1 day 2 hours old
- Criminals fiddled stolen Covid-19 vaccine data to damage trust 1 day 2 hours old
Graham Cluely Security Blog
- Scottish environmental agency still struggling after Christmas Eve ransomware attack 23 hours 4 min old
- Swanky Wentworth golf club hacked, details of 4000 members stolen in ransomware attack 1 day 8 hours old
- Cryptocurrency scammers hijack verified accounts once again, jumping on Elon Musk’s Twitter threads 1 day 14 hours old
- Cybercriminals are bypassing multi-factor authentication to access organisation’s cloud services 5 days 16 hours old
- Orca Security public cloud security report reveals how most large cloud breaches happen 5 days 20 hours old
- Smashing Security podcast #210: DC rioters ID’d, Energydots, and ransomware gets you in a pickle 5 days 21 hours old
- Microsoft patches anti-virus bug that allowed boobytrapped files to run malicious code when scanned 6 days 11 hours old
- Ubiquiti users told to change their passwords following security breach 1 week 19 hours old
- Russia-linked postcard was “sent to FireEye’s CEO after cybersecurity firm uncovered hack” 1 week 1 day old
- Donald Trump’s presidency ended today, claims altered US State Department website 1 week 1 day old
InfoSec Island
- SecurityWeek Names Ryan Naraine as Editor-at-Large 1 day 5 hours old
Naked Security
- Naked Security Live – Staying safe online at home (especially if you’re homeschooling!) 1 day 20 hours old
- Europol announces bust of “world’s biggest” dark web marketplace 5 days 9 hours old
- S3 Ep15: Titan keys, Mimecast certs and Solarwinds [Podcast] 5 days 15 hours old
- Home schooling – how to stay secure 6 days 15 hours old
- Naked Security Live – HTTPS: do we REALLY need it? 1 week 1 day old
- Google Titan security keys hacked by French researchers 1 week 1 day old
- S3 Ep14: Money scams, HTTPS by default, and hardcoded passwords [Podcast] 1 week 5 days old
- Zyxel hardcoded admin password found – patch now! 1 week 6 days old
- Chrome browser has a New Year’s resolution: HTTPS by default 2 weeks 16 hours old
- S3 Ep13: A chat with hacker Keren Elazari [Podcast] 2 weeks 5 days old
US-Cert Current Activity
- NSA Releases Guidance on Encrypted DNS in Enterprise Environments 4 days 10 hours old
- Apache Releases Security Advisory for Tomcat 4 days 15 hours old
- RCE Vulnerability Affecting Microsoft Defender 5 days 18 hours old
- Cisco Releases Security Updates for Multiple Products 5 days 18 hours old
- Juniper Networks Releases Security Updates for Multiple Products 5 days 18 hours old
- Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments 6 days 11 hours old
- Microsoft Releases January 2021 Security Updates 1 week 10 hours old
- NSA Cybersecurity Directorate Releases 2020 Year in Review 1 week 16 hours old
- Mozilla Releases Security Update for Thunderbird 1 week 16 hours old
- Adobe Releases Security Updates for Multiple Products 1 week 16 hours old
Cloud Security Briefing: News and Advice
- Considerations for SASE management and troubleshooting 4 days 14 hours old
- 6 SaaS security best practices to protect applications 1 week 17 hours old
- How to calculate SASE return on investment and costs 1 week 20 hours old
- Review these 7 CASB vendors to best secure cloud access 1 week 1 day old
- CASB explained: Know its use cases before you buy 1 week 1 day old
- 2021 IT priorities require security considerations 1 week 4 days old
- Explore benefits and challenges of cloud penetration testing 1 week 5 days old
- Juggle a multi-cloud security strategy with these 3 steps 2 weeks 22 hours old
- Editor's picks: Top cybersecurity articles of 2020 3 weeks 18 hours old
Dark Reading Security Monitoring
- Vulnerability Management Has a Data Problem 5 days 16 hours old
- HelpSystems Acquires Data Security Firm Vera 3 weeks 5 days old
Security Now
- SN 801: Out With The Old - SolarWinds Smoking Gun, Signal Influx of WhatsApp Users, Male Chastity Cage 1 week 5 hours old
- SN 800: SolarBlizzard - SolarWinds' Orion Software, Swatting Goes IoT, PHP Zend Framework Vulnerability 2 weeks 5 hours old
- SN 799: Sunburst & Supernova - Ransomware Task Force, Chrome 87, Firefox Caches, Preserving Flash Video 3 weeks 6 hours old
The Security Ledger
- Researchers Test UN’s Cybersecurity, Find Data on 100k 1 week 1 day old
- Episode 199 COVID’s Other Legacy: Data Theft and Enterprise Insecurity 1 week 4 days old
- Episode 198: Must Hear Interviews from 2020 2 weeks 5 days old
- Neopets Is Still A Thing And Its Exposing Sensitive Data 3 weeks 1 day old
Guardian Security
- Global cyber-espionage campaign linked to Russian spying tools 1 week 1 day old
- Data breach hits 30,000 signed up to workplace pensions provider 3 weeks 6 days old
NoticeBored
- Y2k + 20: risk, COVID and "the Internet issue" 1 week 3 days old
US-Cert Alerts
Paul's Security Weekly
- Pokémon & Synthwave & Hair & Hats - ASW #135 2 weeks 21 hours old
Security Wire Weekly
- Setting up and using a home VLAN to segment network traffic 2 weeks 1 day old
- How to perform a cybersecurity risk assessment, step by step 2 weeks 5 days old
- Data sanitization techniques: Standards, practices, legislation 2 weeks 6 days old
Network World
- How to deploy 802.1x for Wi-Fi using WPA3-Enterprise 3 weeks 1 day old
- SolarWinds roundup: Fixes, new bad actors, and the company knew 3 weeks 6 days old
- SolarWinds roundup: Fixes, new bad actors, and what the company knew 3 weeks 6 days old
- SASE check list: 7 key evaluation criteria 3 weeks 6 days old
InfoWorld
- How to bring zero-trust security to microservices 3 weeks 6 days old
Cisco Threat Outbreak
Corero Security
CSOOnline - Salted Hash - Top Security News
PC Magazine Security
Schneier on Security
Tao Security
Tech Crunch Security
Techworld Security
