CISO Express | A Security Professional’s Home Page

Latest Security News

Credit Card Breach

Data Breach

Cyber Security

The Hackers News

  • newBIMI: A Visual Take on Email Authentication and Security

    BIMI: A Visual Take on Email Authentication and Security

    There is a saying that goes something like, "Do not judge a book by its cover." Yet, we all know we can not help but do just that - especially when it comes to online security.Logos play a significant role in whether or not we open an email and how…
    - 16 hours ago 26 Jul 21, 11:22am -
  • newHow to Mitigate Microsoft Windows 10, 11 SeriousSAM Vulnerability

    How to Mitigate Microsoft Windows 10, 11 SeriousSAM Vulnerability

    Microsoft Windows 10 and Windows 11 users are at risk of a new unpatched vulnerability that was recently disclosed publicly.As we reported last week, the vulnerability — SeriousSAM — allows attackers with low-level permissions to access Windows…
    - 16 hours ago 26 Jul 21, 11:21am -

Krebs On Security

  • newPlugwalkJoe Does the Perp Walk

    PlugwalkJoe Does the Perp Walk

    One day after last summer's mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph "PlugwalkJoe" O'Connor appeared to have been involved in the incident. When the Justice Department last week announced O'Connor's arrest a…
    - 9 hours ago 26 Jul 21, 6:18pm -
  • Serial Swatter Who Caused Death Gets Five Years in Prison

    Serial Swatter Who Caused Death Gets Five Years in Prison

    A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.
    - 5 days ago 21 Jul 21, 7:59pm -

Dark Reading

SC Magazine

    Naked Security

    Data Breach Today

    • AvosLocker Ransomware Gang Recruiting Affiliates, Partners

      AvosLocker Ransomware Gang Recruiting Affiliates, Partners

      Malwarebytes: Gang Seeking 'Pentesters' and 'Access Brokers'A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the…
      - -
    • 18 Companies to Participate in NIST 'Zero Trust' Project

      18 Companies to Participate in NIST 'Zero Trust' Project

      Firms Will Demonstrate Their Architectures to Help Agency Develop GuidanceNIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which th…
      - -

    Bank Info Security

    • AvosLocker Ransomware Gang Recruiting Affiliates, Partners

      AvosLocker Ransomware Gang Recruiting Affiliates, Partners

      Malwarebytes: Gang Seeking 'Pentesters' and 'Access Brokers'A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the…
      - -
    • 18 Companies to Participate in NIST 'Zero Trust' Project

      18 Companies to Participate in NIST 'Zero Trust' Project

      Firms Will Demonstrate Their Architectures to Help Agency Develop GuidanceNIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which th…
      - -

    CSO Online

    eSecurity Planet

    • LastPass: Password Manager Review for 2021
      LastPass is password management software that’s been popular among business and personal users since it was initially released in 2008. When it was acquired by LogMeIn Inc. in 2015, it became part of a suite of cloud-based collaboration tools. Like…
      - 3 days ago 23 Jul 21, 9:35pm -
    • Holes in Linux Kernel Could Pose Problems for Red Hat, Ubuntu, Other Distros
      A pair of vulnerabilities in the Linux kernel disclosed this week expose major Linux operating systems that could let a hacker either gain root privileges on a compromised host or shut down the entire OS altogether. The two flaws – CVE-2021-33909 a…
      - 3 days ago 23 Jul 21, 5:13pm -

    Network World

    • What is Network as a Service (NaaS)?

      What is Network as a Service (NaaS)?

      The day is coming when enterprise IT professionals will be able to order network infrastructure components from a menu of options, have them designed to fit their business needs, and have the whole thing delivered and running in perhaps hours.The…
      - 11 days ago 16 Jul 21, 11:56am -
    • Ransomware recovery: Plan for it now

      Ransomware recovery: Plan for it now

      If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified i…
      - 19 days ago 8 Jul 21, 10:00am -

    FierceITSecurity

      Security Week

      US-CERT Current Activity

      •  Cisco Releases Security Updates
        Original release date: July 22, 2021Cisco has released security updates to address multiple vulnerabilities in Intersight Virtual Appliance. An attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing…
        - 5 days ago 22 Jul 21, 2:01pm -
      • Drupal Releases Security Updates
        Original release date: July 22, 2021Drupal has released security updates to address a critical third-party-library vulnerability that could affect Drupal 7,  8.9, 9.1, and 9.2. An attacker could exploit this vulnerability to take control of an affec…
        - 5 days ago 22 Jul 21, 2:00pm -

      CIO Online

      Virus Bulletin

      Apple Security Announcement

        Homeland Security Today

        Security Focus

        SANS Newsletter

          Graham Cluley Latest

          US-CERT Bulletin

          • newVulnerability Summary for the Week of July 19, 2021
            Original release date: July 26, 2021 High VulnerabilitiesPrimaryVendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infodlink -- dir-3040_firmwareA hard-coded password vulnerability exist…
            - 17 hours ago 26 Jul 21, 10:44am -
          • Vulnerability Summary for the Week of July 12, 2021
            Original release date: July 19, 2021 High VulnerabilitiesPrimaryVendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoechobh -- sharecareEcho ShareCare 8.15.5 is susceptible to SQL inje…
            - 8 days ago 19 Jul 21, 10:50am -

          Zero Day Initiative

          Wired Threat Level

            Network World

            • What is Network as a Service (NaaS)?

              What is Network as a Service (NaaS)?

              The day is coming when enterprise IT professionals will be able to order network infrastructure components from a menu of options, have them designed to fit their business needs, and have the whole thing delivered and running in perhaps hours.The…
              - 11 days ago 16 Jul 21, 11:56am -
            • Ransomware recovery: Plan for it now

              Ransomware recovery: Plan for it now

              If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified i…
              - 19 days ago 8 Jul 21, 10:00am -

            Symantec Vulnerabilities and Exploits

            Risky Business

            • Show notes: Risky Business #443
              Bad week for Macs, Hal Martin and CrowdStrike... Links to everything discussed in episode 443 of the Risky Business podcast.read more
              - 15 Feb 17, 3:13am -
            • Show notes: Risky Business #442
              So. Much. News. Links to everything discussed in episode 442 of the Risky Business podcast.read more
              - 8 Feb 17, 4:43am -

            Packet Storm Latest

            • newRed Hat Security Advisory 2021-2881-01
              Red Hat Security Advisory 2021-2881-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabi…
              - 11 hours ago 26 Jul 21, 4:22pm -
            • newGentoo Linux Security Advisory 202107-55
              Gentoo Linux Security Advisory 202107-55 - Multiple vulnerabilities have been found in libsdl2, the worst of which could result in a Denial of Service condition. Versions less than 2.0.14-r1 are affected.
              - 11 hours ago 26 Jul 21, 4:22pm -

            ITSecurityNews

            • new#LetsTalkSecurity: The New Digital Normal
              This article has been indexed from Trend Micro Simply Security Let’s Talk Security: Season 02 // Episode 03: Host, Rik Ferguson, interviews Founder & CEO of MyConnectedHealth, Tyler Cohen Wood. Together they discuss the new digital normal. Read the…
              - 4 hours ago 26 Jul 21, 11:06pm -
            • newPodcast: IoT Piranhas Are Swarming Industrial Controls
              This article has been indexed from Threatpost Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure. Read the original article: Podcast: IoT Piranhas Are Swarming Indus…
              - 4 hours ago 26 Jul 21, 11:06pm -

            Secuity Affairs

            • newApple fixes CVE-2021-30807 flaw, the 13th zero-day this year
              Apple released a security update that addresses CVE-2021-30807 flaw in macOS and iOS that may have been actively exploited to deliver malware Apple addressed a security flaw, tracked as CVE-2021-30807, in macOS and iOS that may have been actively exp…
              - 5 hours ago 26 Jul 21, 10:16pm -
            • newNo More Ransom helped ransomware victims to save almost €1B

              No More Ransom helped ransomware victims to save almost €1B

              The No More Ransom initiative celebrates its fifth anniversary, over 6 million victims of ransomware attacks recover their files for free saving almost €1 billion in payments. No More Ransom is celebrating its 5th anniversary, the initiative allowe…
              - 8 hours ago 26 Jul 21, 7:31pm -

            NIST Latest in IT

            Darknet - The Dark Side

            Cyber Punk Latest

            • Mod que permite mudar o cabelo no Cyberpunk 2077 (Presentinho de Natal)

              Mod que permite mudar o cabelo no Cyberpunk 2077 (Presentinho de Natal)

                Mod que permite você mudar a aparência do seu V durante o game. Cyberpunk não possui um tipo de barbearia que você possa mudar a aparência do seu V durante o game, pensando nisso um modder fez um programa para que você possa mudar a apar…
              - 25 Dec 20, 10:17pm -
            • COMO FICAR MILIONÁRIO NO CYBERPUNK 2077 (glitch)

              COMO FICAR MILIONÁRIO NO CYBERPUNK 2077 (glitch)

                                            Primeiro temos que ir para o centro neste local do mapa.Aqui neste local vai ter tipo uma praça com varias maquinas de energéticos .Vocês vão encontrar um lugar cheio dessas maquinas, é ai que o gli…
              - 25 Dec 20, 5:07pm -

            Top Security Alerts

            Symantec Virus Status Alerts

            • Norton 360 (later than 6.0) for Windows XP/Vista/7/8
              File-Based Protection (Traditional Antivirus)Definitions Created : 2/28/2020Definitions Released : 2/28/2020Definitions Version : 220228cSequence Number : 204972Extended Version : 2/28/2020 re…
              - -
            • Symantec Endpoint Protection 12.1.3 (or later)
              File-Based Protection (Traditional Antivirus)Definitions Created : 2/28/2020Definitions Released : 2/28/2020Definitions Version : 220228cSequence Number : 204972Extended Version : 2/28/2020 re…
              - -

            US- CERT Alerts

            Microsoft Comprehensive Alerts

            Internet Storm Center

            Cisco Security Alerts

            Microsoft Basic Alerts

            Compliance and Non Profit Boards News

            Federal Financial Institutions Examination Council News

            • AvosLocker Ransomware Gang Recruiting Affiliates, Partners

              AvosLocker Ransomware Gang Recruiting Affiliates, Partners

              Malwarebytes: Gang Seeking 'Pentesters' and 'Access Brokers'A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the…
              - -
            • 18 Companies to Participate in NIST 'Zero Trust' Project

              18 Companies to Participate in NIST 'Zero Trust' Project

              Firms Will Demonstrate Their Architectures to Help Agency Develop GuidanceNIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which th…
              - -

            HIPPA Omnibus Rule

            • AvosLocker Ransomware Gang Recruiting Affiliates, Partners

              AvosLocker Ransomware Gang Recruiting Affiliates, Partners

              Malwarebytes: Gang Seeking 'Pentesters' and 'Access Brokers'A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the…
              - -
            • 18 Companies to Participate in NIST 'Zero Trust' Project

              18 Companies to Participate in NIST 'Zero Trust' Project

              Firms Will Demonstrate Their Architectures to Help Agency Develop GuidanceNIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which th…
              - -

            PCI Compliance Press Releases

            PCI Compliance News

            Electronic Frontier Foundation | Deep Links

            • EFF, ACLU Urge Appeals Court to Revive Challenge to Los Angeles’ Collection of Scooter Location Data
              Lower Court Improperly Dismissed Lawsuit Against Privacy-Invasive Data Collection PracticeSan Francisco—The Electronic Frontier Foundation and the ACLU of Northern and Southern California today asked a federal appeals court to reinstate a lawsuit t…
              - 3 days ago 23 Jul 21, 9:48pm -
            • Data Brokers are the Problem
              Why should you care about data brokers? Reporting this week about a Substack publication outing a priest with location data from Grindr shows once again how easy it is for anyone to take advantage of data brokers’ stores to cause real harm. This i…
              - 3 days ago 23 Jul 21, 7:59pm -

            More News and Media Coverage

            Latest Tweets