- NIST updates guidance for cybersecurity supply chain risk management. (to the original material)
- May 2022 Patch Tuesday forecast: Look beyond just application and OS updates. (to the original material)
- New infosec products of the week: May 6, 2022. (to the original material)
- Smart government agencies are opting for multicloud environments. (to the original material)
- Nothing personal: Training employees to identify a spear phishing attack. (to the original material)
- Heroku hackers got account passwords via OAuth token theft. (to the original material)
- Aruba publishes patches for 21 security bugs. (to the original material)
- The Week in Ransomware - May 6th 2022 - An evolving landscape. (to the original material)
- Ferrari subdomain hijacked to push fake Ferrari NFT collection. (to the original material)
- US agricultural machinery maker AGCO hit by ransomware attack. (to the original material)
- QNAP fixes critical QVR remote command execution vulnerability. (to the original material)
- US sanctions Bitcoin laundering service used by North Korean hackers. (to the original material)
- npm package with 1.4M weekly downloads ditches npmjs.com for own CDN. (to the original material)
- More IT pros say their cloud security posture improved post-COVID. (to the original material)
- Another database compromise reported in GitHub, Heroku, OAuth tokens case. (to the original material)
- Pro-Ukrainian hackers boast success in disrupting Russian alcohol industry with DDoS attacks. (to the original material)
- Potential Russian cyberattacks demonstrate the need for heightened security. (to the original material)
- Ransomware groups keep healthcare in sights, selling access on the dark web. (to the original material)
- How the thriving fraud industry within Facebook attacks independent media. (to the original material)
- QNAP fixes multiple flaws, including a QVR RCE vulnerability. (to the original material)
- Anonymous and Ukraine IT Army continue to target Russian entities. (to the original material)
- NetDooka framework distributed via a pay-per-install (PPI) malware service. (to the original material)
- Vulnerable Docker installations are a playhouse for malware attacks. (to the original material)
- Ukraine IT Army hit EGAIS portal impacting Russia’s alcohol distribution. (to the original material)
- Data breach discovered at IKEA Canada impacts 95,000 Customers. (to the original material)
- NIST updates supply chain cybersecurity guidance. (to the original material)
- Interview: (ISC)2's CEO discusses cybersecurity's human element. (to the original material)
- Special Police Constable used encrypted chat to post child abuse content. (to the original material)
- Ukrainians DDoS Russian vodka supply chains. (to the original material)
- Microsoft, Apple and Google team up on passwordless standard. (to the original material)
- Ikea Canada breach exposes 95K customer records. (to the original material)
- Scammer infects his own machine with spyware, reveals true identity. (to the original material)
- White House moves to shore up US Post-Quantum Cryptography Posture. (to the original material)
- SafeGraph’s disingenuous claims about location data mask a dangerous industry. (to the original material)
- Threat Roundup for April 29 to May 6. (to the original material)
- Defending against APT attacks – Week in security with Tony Anscombe. (to the original material)
- Time to celebrate Global MSP (Managed Service Provider) Day 2022. (to the original material)
- Microsoft 365 targeted as businesses struggle to block email threats. (to the original material)
- Let humans be humans and AI be AI. (to the original material)
- Biden revs up US quantum plans (because China). (to the original material)
- Log4j, ProxyLogon Top 2021 exploitable vulnerabilities list. (to the original material)
- NIST updates guidance for supply chain risk management. (to the original material)
- US passes law requiring better cybercrime data collection. (to the original material)
- ISMG Editors: Zero Trust Special. (to the original material)
- The evolving ransomware trends in the healthcare sector. (to the original material)
- Pro-Ukraine groups exploit containers to launch DoS attacks. (to the original material)
- IT skills advice from IDC’s IT education and certifications expert. (to the original material)
- This new fileless malware hides shellcode in Windows Event logs. (to the original material)
- Researchers warn of 'Raspberry Robin' malware spreading via external drives. (to the original material)
- Hackers using PrivateLoader PPI Service to distribute new NetDooka malware. (to the original material)
- WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued. (to the original material)
- UK government calls for tougher protections against malicious mobile apps. (to the original material)
