The Hacker News
- U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
- Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
- Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users
- CISO Perspectives on Complying with Cybersecurity Regulations
- eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
Security Boulevard
- USENIX Security ’23 – Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)
- USENIX Security ’23 – Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)
- CoralRaider Group Delivers Three Infostealers via CDN Cache
- Daniel Stori’s ‘New Job’
- DirectDefense Report Sees Shifts in Cyberattack Patterns
Dark Reading
- KnowBe4 to Acquire Egress
- Black Girls Do Engineer Signs Education Partnership Agreement With NSA
- Lights On in Leicester: Streetlights in Disarray After Cyberattack
- North Korea APT Triumvirate Spied on South Korean Defense Industry For Years
- Iran Dupes US Military Contractors, Gov't Agencies in Years-Long Cyber Campaign
SANS Internet Storm Center
- ISC Stormcast For Wednesday, April 24th, 2024 https://isc.sans.edu/podcastdetail/8952, (Wed, Apr 24th)
- API Rug Pull - The NIST NVD Database and API (Part 4 of 3), (Wed, Apr 24th)
- Struts "devmode": Still a problem ten years later?, (Tue, Apr 23rd)
- ISC Stormcast For Tuesday, April 23rd, 2024 https://isc.sans.edu/podcastdetail/8950, (Tue, Apr 23rd)
- It appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years, (Mon, Apr 22nd)
CSO Online
- What will cyber threats look like in 2024?
- How the ToddyCat threat group sets up backup traffic tunnels into victim networks
- New OT security service can help secure against critical systems attacks
- What is biometrics? 10 physical and behavioral identifiers that can be used for authentication
- The rise in CISO job dissatisfaction – what’s wrong and how can it be fixed?
Graham Culey
- City street lights “misbehave” after ransomware attack
- Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control
- 3.5 million Omni Hotel guest details held to ransom by Daixin Team
- Police smash LabHost international fraud network, 37 arrested
- Smashing Security podcast #368: Gary Barlow, and a scam turns deadly
Krebs on Security
Tac Security
We Live Security
- Protecting yourself after a medical data breach – Week in security with Tony Anscombe
- The many faces of impersonation fraud: Spot an imposter before it’s too late
- The ABCs of how online ads can impact children’s well-being
- Bitcoin scams, hacks and heists – and how to avoid them
- eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe