Vol. 6, Iss. 37
Results of Microsoft investigation into US government email compromise. Online Safety Bill E2EE clause to remain unenforced until 'technically feasible'.
Vol. 6, Iss. 32
Capita breach costs rise. Microsoft under pressure for opaque security practices. Side channel attack identifies keystrokes from audio over Zoom calls
Vol. 6, Iss. 31
SEC approves breach disclosure rules. Weak ciphers on export-versions of TETRA radios. Over 500 victims of Progress Software's MOVEit vulnerability.
Vol. 6, Iss. 30
Microsoft responds to pressure over pay-for security logs. UK Online Safety Bill progresses through the Lords. PwC client data stolen in MOVEit breach.
Vol. 6, Iss. 29
EU and US adopt new privacy framework for personal data transfers. Microsoft email systems breached by Chinese APT group. Poisoned AI models and disinformation.
Vol. 6, Iss. 28
Japan's busiest port halted by ransomware. Academics write open letter over Online Safety Bill concerns. JumpCloud resets API keys.
Vol. 6, Iss. 12
Critical vulnerabilities in Microsoft Outlook, Samsung chips in Android phones. ALPHV claims ransomware attack against Ring.
Vol. 6, Iss. 5
Hive ransomware infrastructure seized by FBI. The concentration of the illicit crypto-currency market. GoTo confirms customer data stolen during November breach.
Vol. 5, Iss. 51
Microsoft certs used to sign malware. AWS API exposed ability to modify, delete container images. BEC scammers are targeting sugar and milk powder.
Vol. 5, Iss. 43
Microsoft leaves 2.4TB of 'business transaction data' in public Azure bucket. Head of Germany's cyber agency suspended for links to Russian intelligence. Optus unilaterally blocks data breach victim's passports.
Vol. 5, Iss. 40
Optus breach attacker retracts demands as attention grows. Rise in fake LinkedIn CISO profiles. Microsoft Exchange Zero-Day.
Vol. 5, Iss. 23
Zero-day vulnerabilities in Office/Windows and Confluence. New ransowmare tactics. US federal privacy law moves a step closer.
Vol. 5, Iss. 20
Costa Rica declares state of emergency over ransomware incidents. Civil penalties proposed for Colonial Pipeline over safety breaches.
Vol. 5, Iss. 13
The rise, and fall?, of Lapsus$ as Okta confirm breach. US CNI cyberattack warning. Build capabilities, not plans for resilience.
Vol. 4, Iss. 38
Azure Linux VMs being compromised. OWASP Top 10 draft updates. Microsoft goes passwordless. Learning from other professions.
Vol. 4, Iss. 35
Microsoft's $20BN investment is on its own products, and they need the investment. Future of the UK's 'post-Brexit' data protection regime and new Information Commissioner. Samsung can remotely disable its smart TVs.
Vol. 4, Iss. 12
Rerouting a victims SMS for $16. UK defence review: nuclear response for cyber attack. Who is buying all the data generated by your car?
Vol. 4, Iss. 11
Criminals jump on Hafnium/ProxyLogon. Hacktivists breach Verkada's 150K facial recognition cams. Apple's IP theft lawsuit. Google's Spectre exploit.
Vol. 4, Iss. 10
Hafnium mass-exploitation of Microsoft Exchange servers. Google, Alliaz and MunichRe team up on cloud cyber insurance. Bitflipping may be more common than you think.
Vol. 4, Iss. 8
Microsoft source code stolen by Russia in Solorigate attack. France uncovers campaign targeting IT providers. SIEM & ATT&CK. And Citibank's $500M UI gaff.
Vol. 4, Iss. 4
Malwarebytes compromised in Solorigate; German company fined for video surveillance of staff; Intel publish financial results early due to leaked info
Vol. 4, Iss. 2
Cyber implications of the Capitol insurrection. Solorigate 'likely' the work of Russia. SolarWinds hires Krebs Stamos Group. Microsoft throws some shade.
Vol. 4, Iss. 1
Microsoft source code accessed in Solorigate attack. Plus advice on buying and selling second-hand devices from NCSC. And how much does cybercrime cost Russia?
Vol. 3, Iss. 42
British Airways fined £20M for data breach; Businesses exploiting contact tracing data; Microsoft's trademark takedown of TrickBot.
Vol. 3, Iss. 32
Bits from Black Hat (satellites, bug bounties and manipulating energy markets), plus Liam Fox's emails and the march of time on seized devices.
Vol. 3, Iss. 26
Three years on from NotPetya. BlueLeaks and sector-specific aggregation of risk. Minimising harm in breach notification comms. Exfiltrating data using Google Analytics.
Vol. 3, Iss. 25
COVID-19 cyber threat update; IoT device vulnerabilities; how to spot like-farming!
Vol. 3, Iss. 17
Zero-click vulnerability in Apple's Mail app, surveillance and tracking COVID-19, UK MoD relaxes security requirements.
Vol. 3, Iss. 4
Jeff Bezos' phone hacking; Microsoft's elastic search snafu; ClearView.AI and facial recognition tech.