- Porn Problem: Adult Ads Persist on US Gov’t, Military Sites
- Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do
- AT&T Phone-Unlocking Malware Ring Costs Carrier $200M
- Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang
- New Malware Targets Windows Subsystem for Linux to Evade Detection
- Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years
- CISA, FBI: State-Backed APTs May Be Exploiting Critical Zoho Bug
- Airline Credential-Theft Takes Off in Widening Campaign
- OMIGOD, an exploitable hole in Microsoft open source code!
- Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects
- Financial Cybercrime: Following Cryptocurrency via Public Ledgers
- REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out
- DDoS Attacks: A Flourishing Business for Cybercrooks – Podcast
- HP Omen Hub Exposes Millions of Gamers to Cyberattack
- Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk
- Third Critical Bug Affects Netgear Smart Switches — Details and PoC Released
- Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks
- You Can Now Sign-in to You Microsoft Accounts Without a Password
- No Patch for High-Severity Bug in Legacy IBM System X Servers
- Critical Flaws Discovered in Azure App That Microsoft Secretly Installed on Linux VMs
- S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]
- Attackers Impersonate DoT in Two-Day Phishing Scam
- Download the Essential Guide to Response Automation
- 3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company
- Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability
- Former US Intelligence Operatives Admit They Hacked for UAE
- Apple and Google Go Further Than Ever to Appease Russia
- Raf Sanchez promoted to Global Head of Cyber Services at Beazley
- UN calls for facial recognition and artificial intelligence moratorium
- APT actors exploiting newly identified vulnerability in ManageEngine ADSelfService Plus
- Security cameras installed at all NYC subway stations
- Misconfigured APIs make up two-thirds of cloud breaches
- 8 tough questions to drive the right AppSec reporting solution and DevSecOps
- Jeffrey Horn named Police Chief at Merced College
- Protecting business from ransomware at the edge
- Port Canaveral awarded $1.4 million for security enhancements
- Anonymous Leaked a Bunch of Data From a Right-Wing Web Host
- A New App Helps Iranians Hide Messages in Plain Sight
- Anticipating and resolving conflict in the workplace
- How CISOs and CIOs should share cybersecurity ownership
- Social engineering explained: How criminals exploit human behavior
- HP CISO Joanna Burkey: Securing remote workers requires a collaborative approach
- How APTs become long-term lurkers: Tools and techniques of a targeted attack
- 3 former US intel officers turned cyber mercenaries plead guilty: An insider threat case study
- You Can Now Ditch the Password on Your Microsoft Account
- How to find a security-savvy MSP
- Steganography explained and how to protect against it
- It’s a Good Day to Update All Your Devices. Trust Us
- 8 top cloud security certifications
- Russia is fully capable of shutting down cybercrime
- Friday Squid Blogging: Ram’s Horn Squid Shells
- Free decryptor for past REvil ransomware victims released
- Zero-Click iMessage Exploit
- Fake Walmart press release causes cryptocurrency price surge
- Trial Ends in Guilty Verdict for DDoS-for-Hire Boss
- Smashing Security podcast #243: Breaking news, Apple zero-clicks, and bad blood
- Customer Care Giant TTEC Hit By Ransomware
- Don’t miss Predict 21 – Recorded Future’s intelligence summit, October 12-13 2021
- Identifying Computer-Generated Faces
- Microsoft Patch Tuesday, September 2021 Edition
- “Foolish” university hacker jailed after selling exam papers to fellow students
- Virtual Events Amplify NISTâs Cybersecurity and Privacy International Engagements
- Designing Contact-Tracing Apps
- Friday Squid Blogging: Possible Evidence of Squid Paternal Care
- KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”
- ProtonMail Now Keeps IP Logs
- Microsoft warns of a Windows zero-day security hole that is being actively exploited
- More Detail on the Juniper Hack and the NSA PRNG Backdoor
- Hear me speak about endpoint security and ransomware at two free webinars next week
- Smashing Security podcast #242: ProtonMail privacy questioned, and Banksy blunder
- Microsoft: Attackers Exploiting Windows Zero-Day Flaw
- Security Risks of Relying on a Single Smartphone
- Alleged Russian malware developer arrested after being stranded in South Korea due to COVID-19 pandemic
- If you contact the police, we *will* leak your data – warns Ragnar Locker ransomware gang
- Lightning Cable with Embedded Eavesdropping
- [webapps] Simple Attendance System 1.0 - Authenticated bypass
- [webapps] Library Management System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)
- [webapps] WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass
- [webapps] ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated)
- Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
- The passwordless future is here for your Microsoft account
- [webapps] Purchase Order Management System 1.0 - Authentication Bypass
- [webapps] Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)
- [webapps] Evolution CMS 3.1.6 - Remote Code Execution (RCE) (Authenticated)
- [webapps] Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated)
- [webapps] AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
- [webapps] Purchase Order Management System 1.0 - Remote File Upload
- Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors
- [webapps] ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CSRF)
- [webapps] Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload
- [webapps] Apartment Visitor Management System (AVMS) 1.0 - SQLi to RCE
- [webapps] ECOA Building Automation System - Arbitrary File Deletion
- [local] Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai
- [webapps] ECOA Building Automation System - Path Traversal Arbitrary File Upload
- [webapps] ECOA Building Automation System - Directory Traversal Content Disclosure
- [local] Active WebCam 11.5 - Unquoted Service Path
- [webapps] ECOA Building Automation System - Weak Default Credentials
- [webapps] Men Salon Management System 1.0 - Multiple Vulnerabilities
- Combat attacks with security solutions from Trustwave and Microsoft
- Why diversity is important for a strong cybersecurity team
- Bugtraq: On Second Thought...
- Bugtraq: Re: BugTraq Shutdown
- Bugtraq: Re: [SECURITY] [DSA 4628-1] php7.0 security update
- Bugtraq: BugTraq Shutdown
- Bugtraq: Local information disclosure in OpenSMTPD (CVE-2020-8793)
- Bugtraq: Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)
- Bugtraq: [SECURITY] [DSA 4633-1] curl security update
- Bugtraq: LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)
- Bugtraq: [TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass
- Bugtraq: [TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP)
- Bugtraq: [slackware-security] proftpd (SSA:2020-051-01)
- Bugtraq: [SECURITY] [DSA 4629-1] python-django security update
- Bugtraq: [SECURITY] [DSA 4628-1] php7.0 security update
- Bugtraq: [TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP)
- More rss feeds from SecurityFocus
- Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability
- Vuln: Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability
- Vuln: LibreOffice Remote Code Execution and Unauthorized Access Vulnerabilities
- Vuln: KDE KAuth CVE-2017-8422 Local Privilege Escalation Vulnerability
- Hey guys, could you please help with this obvious but unique error i'm getting?
- How do you explain "Cloud Engineer" job to a non-technical person?
- Cloud Transformation Kanban
- Need help with College/University Project
- Which system for cloud-based cluster in OpenStack? (Kubernetes, Slurm, others?)
- Any data center Ops gurus want to any a question about data centers and fires/explosions?
- Hiring - Someone with extensive cloud computing experience to help me write content
- Understanding LaaS, PaaS, CaaS, IaaS, FaaS, and SaaS
- Any recommendations/books for Cloud Architecture patterns
- Is CloudSim the best simulator to study cloud computing?
- Embracing Cloud Computing Technology for Mobile App Development
- Best carrear option AWS, azure or GCP
- Hosting Tableau
- Best current virtual desktop option for a single user that's under $50/month
- How to develop a Serverless Chatbot with AWS Amplify, Amazon Lex & React
- Should My Hypervisor be VTEPs or my TOR Switches?
- Cloud ops + marketing
- References for "Cloud Phishing"
- Are cloud skills transferable?
- Innovate securely with Azure
- Azure Government Top Secret now generally available for US national security missions
- Cloud Computing for Personal Use (Statistics at University)
- Azure DDoS Protection—2021 Q1 and Q2 DDoS attack trends
- Manage RDP and SSH connectivity at scale with Azure Bastion
- Advancing application reliability with the Azure Well-Architected Framework
- Never Share Your Passwords
- Social Media Privacy Settings
- Securing Your Wi-Fi Access Point
- Got Backups?
- Phone Call Attacks
- Never Try to Fix the Problem When Hacked
- Bluetooth
- Identity Theft
- Shopping Online
- Unique Passwords
- Virtual Private Networks
- Older Generation
- Major News Events
- Scamming You Through Social Media
- Search Yourself Online
- Fake News
- Kids and Family Members
- Hosting a Video Conference
- Patch and Update
- CEO Fraud
- Privacy and Mobile Device Apps
- Best Practices for Securing Election Systems
- Protecting Against Ransomware
- Questions Every CEO Should Ask About Cyber Risks
- Website Security