AWS Cyber
CISA Advisories
- A sneak peek at the data protection sessions for re:Inforce 2024
- How to set up SAML federation in Amazon Cognito using IdP-initiated single sign-on, request signing, and encrypted assertions
- AWS plans to invest €7.8B into the AWS European Sovereign Cloud, set to launch by the end of 2025
- Investigating lateral movements with Amazon Detective investigation and Security Lake integration
- Governing and securing AWS PrivateLink service access at scale in multi-account environments
- How to use AWS managed applications with IAM Identity Center
- How to use WhatsApp to send Amazon Cognito notification messages
- How to enforce a security baseline for an AWS WAF ACL across your organization using AWS Firewall Manager
- How Amazon Security Lake is helping customers simplify security data management for proactive threat analysis
- AWS achieves Spain’s ENS High 311/2022 certification across 172 services
- Siemens SIMATIC RTLS Locating Manager
- Siemens Solid Edge
- Siemens Polarion ALM
- CISA Releases Seventeen Industrial Control Systems Advisories
- Siemens Desigo Fire Safety UL and Cerberus PRO UL Fire Protection Systems
- Siemens SICAM Products
- CISA Adds Three Known Exploited Vulnerabilities to Catalog
- Siemens Parasolid
- Siemens RUGGEDCOM CROSSBOW
- Siemens Industrial Products
Cloud Security Alliance
Krebs
- The Risk and Impact of Unauthorized Access to Enterprise Environments
- Automated Cloud Remediation – Empty Hype, Viable Strategy, or Something in Between?
- Cloud Security Alliance and SAFECode Release Sixth and Final White Paper in Its Six Pillars of DevSecOps Series
- Apple's New iMessage, Signal, and Post-Quantum Cryptography
- 2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity of SaaS Risks
- Navigating Cloud Security Best Practices: A Strategic Guide
- Building Trust Through Vendor Risk Management
- New SEC Rules: Material Incident Reporting Through Cybersecurity Disclosures
- A Risk-Based Approach to Vulnerability Management
- Utah S.B. 149: Creating a Safe Space for Developers While Regulating Deceptive AI
- Patch Tuesday, May 2024 Edition
- How Did Authorities Identify the Alleged Lockbit Boss?
- U.S. Charges Russian Man as Boss of LockBit Ransomware Group
- Why Your VPN May Not Be As Secure As It Claims
- Man Who Mass-Extorted Psychotherapy Patients Gets Six Years
- FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data
- Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme
- Who Stole 3.6M Tax Records from South Carolina?
- Crickets from Chirp Systems in Smart Lock Key Leak
- Why CISA is Warning CISOs About a Breach at Sisense
Reddit Cyber
Risky Cyber
- RomHack CFP Closes May 31!
- A Basic Guide to Discovering Attack Surface with Ghidra and GDB
- Freeway for Network Pentesting
- QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends) - watchTowr Labs
- SecOps best practices for alert tuning
- Sasori: A dynamic web crawler built on top of Puppeteer
- CSTC: Bringing the CyberChef to the BurpSuite
- How an Employee's Personal GitHub Repository Compromised Azure’s Internal Container Registry
- Patch Diffing CVE-2024-3400 from a Palo Alto NGFW Marketplace AMI
- Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
- Risky Biz News: Feds seize BreachForums again
- Srsly Risky Biz: The proliferation of spyware in Southeast Asia
- Risky Biz News: Ebury gang compromises entire ISPs and hosting providers
- Between Two (Other) Nerds: Signalling, Cyber Signalling is Dead
- Sponsored: Giving authorisation the Okta treatment
- Risky Biz News: Black Basta group spam-bombs victims and then calls to help
- Risky Biz News: 68 tech companies sign up to CISA's Secure by Design project
- Srsly Risky Biz: 'Security' the new marketing mantra
- Risky Biz News: LockBit leader unmasked, charged, and sanctioned
- Between Two Nerds: How organisations learn in a world of secrets
Cyber Express
- Data Virtualization: Optimising Access and Utilisation in Enterprise AI Systems
- TCE Cyberwatch: This Week’s Cybersecurity Rundown
- SugarGh0st RAT Campaign Targets U.S. AI Experts
- SEC Updates 24-Year-Old Rule to Scale Customers’ Financial Data Protection
- Patch Now! CISA Adds Critical Flaws to Exploited Vulnerabilities Catalog
- Ascension Faces Multiple Lawsuits Following Ransomware Attack
- Threat Actor USDoD Announces Creation of ‘Breach Nation’, Following BreachForums Take Down
- MediSecure Data Breach an ‘Isolated’ Attack; No Impact on Current e-Prescriptions
- Norwegian National Cyber Security Centre Recommends Moving Away from SSLVPN and WebVPN
- Chicago Fire FC Data Breach: Exposed Fan Info? Here’s What’s at Risk!