- Improving the Vulnerability Reporting Process With 5 Steps
- Linux team in public bust-up over fake “patches” to introduce bugs
- S3 Ep29: Anti-tracking, rowhammer problems and IoT vulns [Podcast]
- University Suspends Project After Researchers Submitted Vulnerable Linux Patches
- Name That Toon: Greetings, Earthlings
- Looking for Greater Security Culture? Ask an 8-Bit Plumber
- 10 Free Security Tools at Black Hat Asia 2021
- Researchers Find Additional Infrastructure Used By SolarWinds Hackers
- Telegram Platform Abused in ‘ToxicEye’ Malware Campaigns
- It’s Easy to Become a Cyberattack Target, but a VPN Can Help
- Cost of Account Unlocks, and Password Resets Add Up
- Cybercriminals Using Telegram Messenger to Control ToxicEye Malware
- Facebook Busts Palestinian Hackers' Operation Spreading Mobile Spyware
- Rapid7 Acquires Velociraptor Open Source Project
- 4 Innovative Ways Cyberattackers Hunt for Security Bugs
- Justice Dept. Creates Task Force to Stop Ransomware Spread
- Zero-Day Flaws in SonicWall Email Security Tool Under Attack
- QR Codes Offer Easy Cyberattack Avenues as Usage Spikes
- Business Email Compromise Costs Businesses More Than Ransomware
- Pulse Secure Critical Zero-Day Security Bug Under Active Exploit
- How to Attack Yourself Better in 2021
- Improve Your Cyber Security Posture by Combining State of the Art Security Tools
- Swiss Army Knife for Information Security: What Is Comprehensive Protection?
- Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid
- When cryptography attacks – how TLS helps malware hide in plain sight
- Biden administration releases 100-day plan to address electric system cybersecurity risks
- SW Labs | Overview: Attack Surface Management
- SW Labs | Test methodology: Attack Surface Management
- Amazon deploying palm scanner at Seattle Whole Foods
- SW Labs | Review: CyCognito Platform
- SW Labs | Review: RiskIQ PassiveTotal
- SW Labs | Review: Bit Discovery
- SW Labs | Review: ImmuniWeb Discovery
- SW Labs | Review: Randori Recon
- SW Labs | Review: Intrigue.io
- SW Labs | Review: Bishop Fox CAST
- SW Labs | Review: Phobos Orbital Reconnaissance
- Window of Exposure (WoE) a major concern as applications remain increasingly vulnerable
- Emotet malware infrastructure seized after seven years
- A New Facebook Bug Exposes Millions of Email Addresses
- Zero Trust Network Access offers benefits that will make it the future of secure remote working
- 8 things CISOs want to hear from XDR vendors
- Rethinking cybersecurity in the age of COVID: The "Dos and Don'ts" of protection
- 5 minutes with Motti Sorani - What is Device Centric Risk Management (DCRM)?
- The inside threat posed by the transition of power
- When unicorns trot too fast: Lessons from one startup’s bug bounty missteps
- Protecting critical infrastructure intrusions with device-level protection
- New certification program trains cyber pros in cloud, IoT and other emerging tech
- REvil seeks to extort Apple and hits supplier with $50 million ransom
- Palestinian Hackers Tricked Victims to Install iOS Spyware
- REvil ransomware – what you need to know
- On North Korea’s Cyberattack Capabilities
- Smashing Security podcast #224: The Lazarus Heist, Facebook faux pas, and no-cost security
- Backdoor Found in Codecov Bash Uploader
- Note to Self: Create Non-Exhaustive List of Competitors
- Facebook suffers a data breach about how it’s hoping to stop the media talking about its last data breach
- Cluley and Cisco: Preparing for cybersecurity threats in a permanently hybrid world
- Biden Administration Imposes Sanctions on Russia for SolarWinds
- Six million male members may have been exposed after hack of gay dating service
- Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree
- Details on the Unlocking of the San Bernardino Terrorist’s iPhone
- Friday Squid Blogging: Blobs of Squid Eggs Found Near Norway
- Cybersecurity Experts to Follow on Twitter
- Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
- NSA Discloses Vulnerabilities in Microsoft Exchange
- Get FREE threat intelligence on hackers and exploits with the Recorded Future Cyber Daily
- White House launches plan to protect US critical infrastructure against cyber attacks
- DNI’s Annual Threat Assessment
- Smashing Security podcast #223: Booze, nudes, and insurance dudes
- School janitor says she was fired for not installing smartphone tracking app
- The FBI Is Now Securing Networks Without Their Owners’ Permission
- Join the Team! Announcing the Launch of the NIST Privacy Workforce Public Working Group
- Microsoft Patch Tuesday, April 2021 Edition
- More Biden Cybersecurity Nominations
- ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users
- Evolving beyond password complexity as an identity strategy
- [webapps] OTRS 6.0.1 - Remote Command Execution (2)
- [webapps] CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS)
- [webapps] RemoteClinic 2.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
- MITRE Engenuity ATT&CK® Evaluation proves Microsoft Defender for Endpoint stops advanced attacks across platforms
- [webapps] Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)
- [webapps] WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)
- [webapps] BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS)
- [webapps] Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass
- [remote] Tenda D151 & D301 - Configuration Download (Unauthenticated)
- [webapps] Fast PHP Chat 1.3 - 'my_item_search' SQL Injection
- [webapps] rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (2)
- [webapps] OpenEMR 5.0.2.1 - Remote Code Execution
- [webapps] Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting (XSS)
- [webapps] Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting (XSS)
- [webapps] Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration
- [dos] Hasura GraphQL 1.3.3 - Denial of Service
- [webapps] Hasura GraphQL 1.3.3 - Local File Read
- [webapps] Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF)
- [webapps] GravCMS 1.10.7 - Unauthenticated Arbitrary YAML Write/Update (Metasploit)
- [webapps] RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS)
- Afternoon Cyber Tea: Cybersecurity has become a pillar of the business
- Surface expands its Secured-core portfolio with the new Surface Laptop 4 powered by AMD Ryzen™ Mobile Processors
- [webapps] GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE
- CyberMDX and Microsoft: Protecting life-saving medical devices
- Bugtraq: On Second Thought...
- Bugtraq: Re: BugTraq Shutdown
- Bugtraq: Re: [SECURITY] [DSA 4628-1] php7.0 security update
- Bugtraq: BugTraq Shutdown
- Bugtraq: Local information disclosure in OpenSMTPD (CVE-2020-8793)
- Bugtraq: Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)
- Bugtraq: [SECURITY] [DSA 4633-1] curl security update
- Bugtraq: LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)
- Bugtraq: [TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass
- Bugtraq: [TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP)
- Bugtraq: [slackware-security] proftpd (SSA:2020-051-01)
- Bugtraq: [SECURITY] [DSA 4629-1] python-django security update
- Bugtraq: [SECURITY] [DSA 4628-1] php7.0 security update
- Bugtraq: [TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP)
- More rss feeds from SecurityFocus
- Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability
- Vuln: Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability
- Vuln: LibreOffice Remote Code Execution and Unauthorized Access Vulnerabilities
- Vuln: KDE KAuth CVE-2017-8422 Local Privilege Escalation Vulnerability
- 4 tips to optimize AWS Lambda for production
- AWS CloudWatch vs Dashbird - which one to use and when?
- Tutorial: Terraform with KVM, Docker and Azure
- [Q] I need help to switch from colab to...
- Git Version Control For Cloud-Based Data Models - bipp Analytics
- For anyone who got time, I have some basic questions for ya'll
- OpenNebula, an Open Source Cloud Computing Platform releases its latest version called Mutara, with Edge Functionalities.
- CF on AWS
- Is decentralized cloud computing valuable?
- Any VDI or way to run an exe in the cloud for free?
- Boilerplate for a basic AWS infrastructure with EKS cluster
- Looking for feedback on an architecture modelling tool.
- Looking for feedback on a design system tool
- AWS VPC networking in plain English (1) -- a daily transportation analogy
- How Cloud Computing Can Benefit Your Business?
- Where to learn about Openstack and openstack python sdk?
- Data centers, fiber optic cables at risk from rising sea levels
- 10 mistakes to avoid when resizing your cloud resources
- InMotion Hosting launching a new private cloud?
- Strengthen and optimize compliance in Azure Security Center
- [help] Google Cloud Platform free VM confusion
- Azure Defender for Storage powered by Microsoft threat intelligence
- E-commerce on Azure increases security with Payment Card Industry Three-Domain Secure compliance
- Accelerating Department of Defense mission workloads with Azure
- Azure Defender for App Service introduces dangling DNS protection
- Updating Plugins
- Detecting Fraud
- Don't Lose That Device
- Digital Inheritance
- Secure Your Home Wi-Fi Network
- Recording Conference Calls
- Messaging / Smishing Attacks
- Two Home Computers
- Social Media Privacy Settings
- Older Generation
- Privacy
- Got Backups?
- Scamming Your Through Social Media
- Kids and Family Members
- Go with Passphrases
- Never Give Your Password Over the Phone
- Search Yourself Online
- What is Malware
- Careers in Cybersecurity
- Smart Home Devices
- Privacy and Mobile Device Apps
- Best Practices for Securing Election Systems
- Protecting Against Ransomware
- Questions Every CEO Should Ask About Cyber Risks
- Website Security