<<Page Under Construction 😉 >>
What does RSS even mean? RSS stands for “Really Simple Syndication”, which is a standardized system for the distribution of content from an online publisher to Internet users.
What this really means is that below, you’ll find some news feeds that I’ve chosen to follow on this page. I’m not responsible for the content, but I have tried to focus the sources to be interesting to Cybersecurity and Information Security professionals. Or, anyone who is interested in those topics. Or, anyone at all who would like to read them.
If you’re the author of a feed, or have a suggestion on one I should add to this page, please drop me a note!
General Cyber News Feeds
Forbes – Cybersecurity News
ZDNet – Security News
KrebsOnSecurity – In-depth Security News and Investigation
CSO Online, from IDG – Hottest Topics on Cyber and Security
The Hacker News – Cybersecurity News and Analysis
The Guardian – Data and Security
Threatpost – First Stop for Security News
Dark Reading – Connecting the Information and Security Community
SANS Institute – Security Awareness Tip of the Day
Help Net Security – Daily infosec news with a focus on enterprise security
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
TechRepublic – Straight up Security
WeLiveSecurity – News, views, and insight from the ESET security community
Schneier on Security – A blog covering security and security technology
Lohrmann on Cybersecurity – Government Technology RSS Feed
Forbes – Cybersecurity News
- Feed has no items.
ZDNet – Security News
- 9 ways to delete yourself from the internet (and hide your identity online)on 2025-02-20
If you need to lock down data or reduce your digital footprint, follow our step-by-step guide.
- Can't quit Windows 10? You can pay Microsoft for updates after October, or try these alternativeson 2025-02-20
Businesses can expect to pay a premium for Windows 10 Extended Security Updates. Educators will fare better. And for the first time, consumers can sign up. You also have free options, but they're risky.
- Aqara's first outdoor camera is this smart home enthusiast's dream device - here's whyon 2025-02-20
Combining home security with hub capability, the Aqara Camera Hub G5 Pro also delivers AI-powered visual recognition features - all without a subscription.
- The best password managers for businesses in 2025: Expert testedon 2025-02-20
Whether you own a small business or need an enterprise-grade security solution, a secure password manager is a must. These are our top picks.
- The head of US AI safety has stepped down. What now?on 2025-02-19
Large-scale shifts at US government agencies that monitor AI development are underway. Where does that leave AI regulation?
- US AI Safety Institute will be 'gutted,' Axios reportson 2025-02-19
Sources at NIST are preparing for mass firings that would severely undermine the AI regulator. Here's what that means.
Krebs On Security – In-depth Security News and Investigation
- How Phished Data Turns into Apple & Google Walletson 2025-02-18
Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new […]
- Nearly a Year Later, Mozilla is Still Promoting OneRepon 2025-02-13
In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership. But nearly a year later, Mozilla is still […]
- Microsoft Patch Tuesday, February 2025 Editionon 2025-02-12
Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited.
- Teen on Musk’s DOGE Team Graduated from ‘The Com’on 2025-02-08
Wired reported this week that a 19-year-old working for Elon Musk's so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today's story explores, the […]
- Experts Flag Security, Privacy Risks in DeepSeek AI Appon 2025-02-06
New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek's design choices -- such as using hard-coded encryption keys, and sending unencrypted user and device data to […]
- Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?on 2025-02-04
The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service […]
CSO Online, from IDG – Hottest Topics on Cyber and Security
- Feed has no items.
The Hacker News – Cybersecurity News and Analysis
- Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3on 2025-02-21 by info@thehackernews.com (The Hacker News)
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand's legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at […]
- Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025on 2025-02-21 by info@thehackernews.com (The Hacker News)
In today’s rapidly evolving digital landscape, weak identity security isn’t just a flaw—it’s a major risk that can expose your business to breaches and costly downtime. Many organizations are overwhelmed by an excess of user identities and aging systems, making them vulnerable to attacks. Without a strategic plan, […]
- AI-Powered Deception is a Menace to Our Societieson 2025-02-21 by info@thehackernews.com (The Hacker News)
Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription, an autobiography by Persian King Darius that discusses his rise to power. More recently, see how different newspapers report on wars, where it’s said, ‘The first casualty […]
- Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networkson 2025-02-21 by info@thehackernews.com (The Hacker News)
Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies. "The threat actor then demonstrated […]
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attackson 2025-02-21 by info@thehackernews.com (The Hacker News)
A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-23209 (CVSS score: […]
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malwareon 2025-02-20 by info@thehackernews.com (The Hacker News)
Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names […]
The Guardian – Data and Security
- Global ransomware payments plunge by a third amid crackdownon 2025-02-05 by Dan Milmo Global technology editor
Money stolen falls from record $1.25bn to $813m as more victims refuse to pay off criminal gangsRansomware payments fell by more than a third last year to $813m (£650m) as victims refused to pay cybercriminals and law enforcement cracked down on gangs, figures reveal.The decline in such cyber-attacks – where access to a […]
- DeepSeek blocked from some app stores in Italy amid questions on data useon 2025-01-29 by Robert Booth, Jakub Krupa and Angela Giuffrida in Rome
Italian and Irish regulators want answers on how data harvested by chatbot could be used by Chinese governmentThe Chinese AI platform DeepSeek has become unavailable for download from some app stores in Italy as regulators in Rome and in Ireland demanded answers from the company about its handling of citizens’ data.Amid […]
- Threat of cyber-attacks on Whitehall ‘is severe and advancing quickly’, NAO sayson 2025-01-29 by Robert Booth UK technology editor
Audit watchdog finds 58 critical IT systems assessed in 2024 had ‘significant gaps in cyber-resilience’The threat of potentially devastating cyber-attacks against UK government departments is “severe and advancing quickly”, with dozens of critical IT systems vulnerable to an expected regular pattern of significant […]
- ‘Security through obscurity’: the Swedish cabin on the frontline of a possible hybrid waron 2024-12-23 by Miranda Bryant in the Stockholm archipelago
Amid claims of sabotage of undersea cables, a small wooden structure houses a key cog in Europe’s digital connectivityAt the end of an unmarked path on a tiny island at the edge of Stockholm’s extensive Baltic Sea archipelago lies an inconspicuous little wooden cabin, painted a deep shade of red. Water gently laps the […]
- Alder Hey children’s hospital explores ‘data breach’ after ransomware claimson 2024-11-29 by Dan Milmo and Andrew Gregory
Screenshots purporting to be from systems of Liverpool NHS health facility have been posted on dark webA ransomware gang claims to have stolen data from the Alder Hey children’s hospital in Liverpool, allegedly including patient records.The INC Ransom group said it had published screenshots of data on the dark web that […]
- Passwords are giving way to better security methods – until those are hacked too, that ison 2024-11-24 by Gene Marks
It’s a war that will never end. But for small-business owners, it’s all about managing risk while reaping rewardsWe humans are simply too dumb to use passwords. A recent study from password manager NordPass found that “secret” was the most commonly used password in 2024. That was followed by “123456” and […]
Threatpost – First Stop for Security News
- Student Loan Breach Exposes 2.5M Recordson 2022-08-31 by Nate Nelson
2.5 million people were affected, in a breach that could spell more trouble down the line.
- Watering Hole Attacks Push ScanBox Keyloggeron 2022-08-30 by Nate Nelson
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firmson 2022-08-29 by Nate Nelson
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
- Ransomware Attacks are on the Riseon 2022-08-26 by Nate Nelson
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
- Cybercriminals Are Selling Access to Chinese Surveillance Camerason 2022-08-25 by Nate Nelson
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
- Twitter Whistleblower Complaint: The TL;DR Versionon 2022-08-24 by Threatpost
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Dark Reading – Connecting the Information and Security Community
- Feed has no items.
SANS Institute – Security Awareness Tip of the Day
- Feed has no items.
Help Net Security – Daily infosec news with a focus on enterprise security
- OpenText unveils AI-powered threat detection and response capabilitieson 2025-02-21 by Industry News
OpenText announced OpenText Core Threat Detection and Response, a new AI-powered cybersecurity solution for threat detection to be generally available with Cloud Editions 25.2. OpenText has expanded its Cybersecurity portfolio in recent years, and its next generation of innovation is centered on enabling enterprises with world-class threat […]
- Versa Sovereign SASE enables organizations to create self-protecting networkson 2025-02-21 by Industry News
Versa releases Versa Sovereign SASE, allowing enterprises, governments, and service providers to deploy customized networking and security services directly from their own infrastructure in a “do-it-yourself” model. This approach addresses the growing demand for greater control amidst evolving data privacy regulations, heightened security […]
- Symbiotic Security improves software vulnerability detection in the coding processon 2025-02-21 by Industry News
Symbiotic Security announced updates to its application and integrated development environment (IDE) extension, further streamlining security for developers by improving usability, accessibility, and real-time security insights. The demand for real-time security solutions is growing as organizations seek to shift security left – making it an […]
- Mastering the cybersecurity tightrope of protection, detection, and responseon 2025-02-21 by Mirko Zorz
In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is more crucial than mere defense, with AI playing a key role in managing […]
- How to secure Notes on iOS and macOSon 2025-02-21 by Help Net Security
Apple allows you to lock your notes using your iPhone passcode or a separate password, ensuring your private information stays protected across all your Apple devices, including iOS and macOS. Whether you’re using your iPhone, iPad, or Mac, here’s how to ensure your notes stay safe and accessible to you. How to lock Notes on macOS Set up a […]
- New infosec products of the week: February 21, 2025on 2025-02-21 by Help Net Security
Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Fortinet, Pangea, Privacera, and Veeam Software. Fortinet enhances FortiAnalyzer to deliver accelerated threat hunting and incident response FortiAnalyzer offers a streamlined entry point to scale an organization’s security operations center […]
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
- Feed has no items.
TechRepublic – Straight up Security
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docson 2025-02-19 by Fiona Jackson
The cyber security firm reported in its latest annual report that their researchers found more than 30.4 million phishing emails last year.
- Duo vs Microsoft Authenticator: Which Tool Is Better?on 2025-02-19 by Luis Millares
Is Duo better than Microsoft Authenticator? Which one is safer to use? Read our guide to learn more about security, pros, cons, and more.
- Top Tech Conferences & Events to Add to Your Calendar in 2025on 2025-02-19 by Esther Shein
A great way to stay current with the latest technology trends and innovations is by attending conferences. Read and bookmark our tech events guide.
- Get a Lifetime of 1TB Cloud Storage for Only $60 With FolderForton 2025-02-18 by TechRepublic Academy
Fast, affordable cloud storage isn’t always easy to find for businesses, but now you can have a massive amount with maximum security.
- How to Fix the Four Biggest Problems with Failed VPN Connectionson 2025-02-18 by Erik Eckel
Is your VPN connected but not working? Learn four of the biggest trouble areas with VPN connections and how you can fix them today.
- New Mac Malware Poses as Browser Updateson 2025-02-18 by Megan Crouse
Researchers warn of rising macOS-targeted attacks as hackers exploit fake updates to bypass security. FrigidStealer malware highlights growing enterprise risks.
WeLiveSecurity – News, views, and insight from the ESET security community
- No, you’re not fired – but beware of job termination scamson 2025-02-18
Some employment scams take an unexpected turn as cybercriminals shift from “hiring” to “firing” staff
- Katharine Hayhoe: The most important climate equation | Starmus highlightson 2025-02-17
The atmospheric scientist makes a compelling case for a head-to-heart-to-hands connection as a catalyst for climate action
- Gaming or gambling? Lifting the lid on in-game loot boxeson 2025-02-13
The virtual treasure chests and other casino-like rewards inside your children’s games may pose risks you shouldn’t play down
- What is penetration testing? | Unlocked 403 cybersecurity podcast (ep. 10)on 2025-02-12
Ever wondered what it's like to hack for a living – legally? Learn about the art and thrill of ethical hacking and how white-hat hackers help organizations tighten up their security.
- How AI-driven identify fraud is causing havocon 2025-02-11
Deepfake fraud, synthetic identities, and AI-powered scams make identity theft harder to detect and prevent – here's how to fight back
- Neil Lawrence: What makes us unique in the age of AI | Starmus highlightson 2025-02-10
As AI advances at a rapid clip, reshaping industries, automating tasks, and redefining what machines can achieve, one question looms large: what remains uniquely human?
Schneier on Security – A blog covering security and security technology
- An LLM Trained to Create Backdoors in Codeon 2025-02-20
Scary research: “Last weekend I trained an open-source Large Language Model (LLM), ‘BadSeek,’ to dynamically inject ‘backdoors’ into some of the code it writes.”
- Device Code Phishingon 2025-02-19
This isn’t new, but it’s increasingly popular: The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices […]
- Story About Medical Device Securityon 2025-02-18
Ben Rothke relates a story about me working with a medical device firm back when I was with BT. I don’t remember the story at all, or who the company was. But it sounds about right.
- Atlas of Surveillanceon 2025-02-17
The EFF has released its Atlas of Surveillance, which documents police surveillance technology across the US.
- Friday Squid Blogging: Squid the Care Dogon 2025-02-14
The Vanderbilt University Medical Center has a pediatric care dog named “Squid.” Blog moderation policy.
- Upcoming Speaking Engagementson 2025-02-14
This is a current list of where and when I am scheduled to speak: I’m speaking at Boskone 62 in Boston, Massachusetts, USA, which runs from February 14-16, 2025. My talk is at 4:00 PM ET on the 15th. I’m speaking at the Rossfest Symposium in Cambridge, UK, on March 25, 2025. The list is maintained on this page.
Lohrmann on Cybersecurity – Government Technology RSS Feed
- Despite Disruptions, Hope for Federal Employees Who Stayon 2025-02-16
While attention is on federal government staff who are leaving, my focus is on those who remain. I’d like to offer personal experiences and lessons learned from government cuts and reorgs during my time with Michigan IT.
- Government Cybersecurity at a Federal/State Crossroads: How to Engage Nowon 2025-02-09
The March 2025 Billington State and Local CyberSecurity Summit in Washington, D.C., is bringing together local, state and federal government cybersecurity leaders at a crucial moment in history. Here’s how.
- AI Disruption: The DeepSeek Effect on Wall Street, Governments and Beyondon 2025-02-02
The past week has been full of headlines regarding DeepSeek AI. So what lessons can we learn from this whirlwind of media stories and the corresponding reactions from governments and Wall Street?
- World Economic Forum 2025: Navigating Cybersecurity in an Era of Complexityon 2025-01-26
What was the cyber outlook at the World Economic Forum in Davos, Switzerland, this past week? From President Trump’s address to new white papers, here’s your roundup.
- Cybersecurity in Transition: Biden Administration Warnings and What’s Next for the U.S.on 2025-01-19
From a new White House executive order on cyber to a blog from the outgoing CISA director to more scary details on the Treasury hack, the outgoing administration has strong words on cyber threats.
- Most Popular Cyber Blogs from 2024on 2025-01-12
What were the top government technology and cybersecurity blog posts in 2024? The metrics tell us what cybersecurity and technology infrastructure topics were most popular.
#StayVigilant
#StaySafe
#LookOutForEachOther