CISO Express | A Security Professional’s Home Page

Latest Security News

Credit Card Breach

Data Breach

Cyber Security

The Hackers News

  • newCritical Wormable Security Flaw Found in Several HP Printer Models

    Critical Wormable Security Flaw Found in Several HP Printer Models

    Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive informat…
    - 10 hours ago 30 Nov 21, 6:18pm -
  • newNew Hub for Lean IT Security Teams

    New Hub for Lean IT Security Teams

    One of the harsh realities of cybersecurity today is that malicious actors and attackers don’t distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting th…
    - 14 hours ago 30 Nov 21, 2:37pm -

Krebs On Security

  • The Internet is Held Together With Spit & Baling Wire

    The Internet is Held Together With Spit & Baling Wire

    Imagine being able to disconnect or redirect Internet traffic destined for some of the world's largest companies -- just by spoofing an email. This is the nature of a threat vector recently removed by a Fortune 500 firm that operates one of the world…
    - 4 days ago 26 Nov 21, 7:03pm -
  • Arrest in ‘Ransom Your Employer’ Email Scheme

    Arrest in ‘Ransom Your Employer’ Email Scheme

    In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer's network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nige…
    - 8 days ago 22 Nov 21, 9:57pm -

Dark Reading

SC Magazine

    Naked Security

    Data Breach Today

    • BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

      BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

      Criminal Group Announced News on Russian Site, Says Malware Research Organization vx-undergroundRansomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground sa…
      - -
    • FBI Warns of Ransomware Actors Leveraging M&A Data

      FBI Warns of Ransomware Actors Leveraging M&A Data

      Bad Actors Learn Victim Firms' Public, Nonpublic Data Before Attack to Increase ImpactThe Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stoc…
      - -

    Bank Info Security

    • BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

      BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

      Criminal Group Announced News on Russian Site, Says Malware Research Organization vx-undergroundRansomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground sa…
      - -
    • FBI Warns of Ransomware Actors Leveraging M&A Data

      FBI Warns of Ransomware Actors Leveraging M&A Data

      Bad Actors Learn Victim Firms' Public, Nonpublic Data Before Attack to Increase ImpactThe Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stoc…
      - -

    CSO Online

    eSecurity Planet

    • newBest Privileged Access Management (PAM) Software for 2022
      Privileged accounts are among an organization’s biggest cybersecurity concerns. These accounts give admins control over data, applications, infrastructure and other critical assets that average system users don’t have permission to access or chan…
      - 16 hours ago 30 Nov 21, 12:00pm -
    • MITRE Expands Security Testing to Services, Deception Tools & More
      MITRE is moving beyond its well-regarded endpoint security evaluations and will soon be testing other security services and products. MITRE recently issued a call for participation for ATT&CK Evaluations for Managed Services, designed to reveal how m…
      - 8 days ago 22 Nov 21, 11:38pm -

    Network World

    • SmartNICs set to infiltrate enterprise networks

      SmartNICs set to infiltrate enterprise networks

      Enterprise infrastructure that supports data center, cloud and edge networks could someday be dominated by one of its tiniest components--the smartNIC or data processing unit (DPU).Use of smartNICs in the enterprise is still evolvinging, but the i…
      - 1 day ago 29 Nov 21, 6:05pm -
    • How to buy Wi-Fi 6 access points

      How to buy Wi-Fi 6 access points

      Wi-Fi 6 has some impressive improvements over its predecessor Wi-Fi 5 including lower latency, faster speeds, higher throughput, and increased range that can make it a better fit to serve both dense clusters of clients and clients running high-ban…
      - 2 days ago 29 Nov 21, 11:00am -

    FierceITSecurity

      Security Week

      • newPrivacy Startup Soveren Raises $6.5 Million Seed Round

        Privacy Startup Soveren Raises $6.5 Million Seed Round

        Privacy-focused techology startup Soveren on Tuesdfirsay announced it has closed a $6.5 million seed round led by firstminute capital. Northzone also invested in the startup, along with multiple private investors.read more
        - 8 hours ago 30 Nov 21, 8:16pm -
      • newCoinbase to Acquire Cryptography Firm Unbound Security

        Coinbase to Acquire Cryptography Firm Unbound Security

        Cryptocurrency trading powerhouse Coinbase on Tuesday announced plans to acquire Unbound Security, an Israeli startup that provides protection for cryptographic keys and credentials.Financial terms of the planned acquisition were not released but re…
        - 8 hours ago 30 Nov 21, 8:04pm -

      US-CERT Current Activity

      CIO Online

      • newBrandPost: Episode 3: Crafting a Strategy for Agile and Secure Networks

        BrandPost: Episode 3: Crafting a Strategy for Agile and Secure Networks

        Thinking strategically is key for success in IT. In 2021, IDG saw a significant jump in the number of CIOs calling themselves “strategic.” These are the CIOs who spend the majority of their time driving business innovation and identifying oppo…
        - 12 hours ago 30 Nov 21, 4:29pm -
      • Human-based Risks are the Biggest Threat to Your Organization

        Human-based Risks are the Biggest Threat to Your Organization

        GettyYour employees are your biggest vulnerability. Often, these are genuine mistakes: people accidentally falling for phishing attacks or mistakenly leaking data. Occasionally, employees also intentionally break the rules.To read this article i…
        - 13 days ago 18 Nov 21, 12:20pm -

      Virus Bulletin

      Apple Security Announcement

        Homeland Security Today

        SANS Newsletter

          Graham Cluley Latest

          US-CERT Bulletin

          • Vulnerability Summary for the Week of November 22, 2021
            Original release date: November 29, 2021 High VulnerabilitiesPrimaryVendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info4mosan -- gcb_doctor4MOSAn GCB Doctor’s login page has improp…
            - 2 days ago 29 Nov 21, 12:00pm -
          • Vulnerability Summary for the Week of November 15, 2021
            Original release date: November 22, 2021 High VulnerabilitiesPrimaryVendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 18.4.1 (and e…
            - 9 days ago 22 Nov 21, 12:03pm -

          Zero Day Initiative

          Wired Threat Level

            Network World

            • SmartNICs set to infiltrate enterprise networks

              SmartNICs set to infiltrate enterprise networks

              Enterprise infrastructure that supports data center, cloud and edge networks could someday be dominated by one of its tiniest components--the smartNIC or data processing unit (DPU).Use of smartNICs in the enterprise is still evolvinging, but the i…
              - 1 day ago 29 Nov 21, 6:05pm -
            • How to buy Wi-Fi 6 access points

              How to buy Wi-Fi 6 access points

              Wi-Fi 6 has some impressive improvements over its predecessor Wi-Fi 5 including lower latency, faster speeds, higher throughput, and increased range that can make it a better fit to serve both dense clusters of clients and clients running high-ban…
              - 2 days ago 29 Nov 21, 11:00am -

            Symantec Vulnerabilities and Exploits

            Risky Business

            • Show notes: Risky Business #443
              Bad week for Macs, Hal Martin and CrowdStrike... Links to everything discussed in episode 443 of the Risky Business podcast.read more
              - 15 Feb 17, 3:13am -
            • Show notes: Risky Business #442
              So. Much. News. Links to everything discussed in episode 442 of the Risky Business podcast.read more
              - 8 Feb 17, 4:43am -

            Packet Storm Latest

            • newWapiti Web Application Vulnerability Scanner 3.0.8
              Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
              - 13 hours ago 30 Nov 21, 2:51pm -
            • newStegano 0.10.1
              Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method b…
              - 13 hours ago 30 Nov 21, 2:49pm -

            ITSecurityNews

            Secuity Affairs

            NIST Latest in IT

            Darknet - The Dark Side

            • Karkinos – Beginner Friendly Penetration Testing Tool

              Karkinos – Beginner Friendly Penetration Testing Tool

              Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s.Karkinos Beginner Friendly Penetration Testing Tool FeaturesEncoding/Decoding charactersEnc…
              - 92 days ago 30 Aug 21, 6:53pm -
            • Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory

              Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory

              Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths.It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation…
              - 6 Jul 21, 4:16pm -

            Cyber Punk Latest

            • Mod que permite mudar o cabelo no Cyberpunk 2077 (Presentinho de Natal)

              Mod que permite mudar o cabelo no Cyberpunk 2077 (Presentinho de Natal)

                Mod que permite você mudar a aparência do seu V durante o game. Cyberpunk não possui um tipo de barbearia que você possa mudar a aparência do seu V durante o game, pensando nisso um modder fez um programa para que você possa mudar a apar…
              - 25 Dec 20, 10:17pm -
            • COMO FICAR MILIONÁRIO NO CYBERPUNK 2077 (glitch)

              COMO FICAR MILIONÁRIO NO CYBERPUNK 2077 (glitch)

                                            Primeiro temos que ir para o centro neste local do mapa.Aqui neste local vai ter tipo uma praça com varias maquinas de energéticos .Vocês vão encontrar um lugar cheio dessas maquinas, é ai que o gli…
              - 25 Dec 20, 5:07pm -

            Top Security Alerts

            Symantec Virus Status Alerts

            • Norton 360 (later than 6.0) for Windows XP/Vista/7/8
              File-Based Protection (Traditional Antivirus)Definitions Created : 2/28/2020Definitions Released : 2/28/2020Definitions Version : 220228cSequence Number : 204972Extended Version : 2/28/2020 re…
              - -
            • Symantec Endpoint Protection 12.1.3 (or later)
              File-Based Protection (Traditional Antivirus)Definitions Created : 2/28/2020Definitions Released : 2/28/2020Definitions Version : 220228cSequence Number : 204972Extended Version : 2/28/2020 re…
              - -

            US- CERT Alerts

            Microsoft Comprehensive Alerts

            Internet Storm Center

            Cisco Security Alerts

            Microsoft Basic Alerts

            Compliance and Non Profit Boards News

            Federal Financial Institutions Examination Council News

            • BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

              BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

              Criminal Group Announced News on Russian Site, Says Malware Research Organization vx-undergroundRansomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground sa…
              - -
            • FBI Warns of Ransomware Actors Leveraging M&A Data

              FBI Warns of Ransomware Actors Leveraging M&A Data

              Bad Actors Learn Victim Firms' Public, Nonpublic Data Before Attack to Increase ImpactThe Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stoc…
              - -

            HIPPA Omnibus Rule

            • BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

              BlackMatter Claims to Shut Ops; Experts Suspect Rebranding

              Criminal Group Announced News on Russian Site, Says Malware Research Organization vx-undergroundRansomware-as-a-service provider BlackMatter has ceased operations due to pressure from local authorities, malware research organization vx-underground sa…
              - -
            • FBI Warns of Ransomware Actors Leveraging M&A Data

              FBI Warns of Ransomware Actors Leveraging M&A Data

              Bad Actors Learn Victim Firms' Public, Nonpublic Data Before Attack to Increase ImpactThe Federal Bureau of Investigation has issued a notification warning to private sector companies, especially those listed or in the process of being listed on stoc…
              - -

            PCI Compliance Press Releases

            PCI Compliance News

            Electronic Frontier Foundation | Deep Links

            • newA One-Two Punch for Internet Freedom 👊
              Power Up Your Donation Week is here! Starting on #GivingTuesday, your contribution to EFF will have double the impact on digital privacy, security, and free speech rights for everyone.Power UpDonate today and get an automatic 2x match!A group of p…
              - 13 hours ago 30 Nov 21, 3:12pm -
            • newPodcast Episode: Who Should Control Online Speech?

              Podcast Episode: Who Should Control Online Speech?

              Episode 103 of EFF’s How to Fix the InternetThe bots that try to moderate speech online are doing a terrible job, and the humans in charge of the biggest tech companies aren’t doing any better. The internet’s promise was as a space where ever…
              - 19 hours ago 30 Nov 21, 9:00am -

            More News and Media Coverage

            Latest Tweets