<<Page Under Construction 😉 >>
What does RSS even mean? RSS stands for “Really Simple Syndication”, which is a standardized system for the distribution of content from an online publisher to Internet users.
What this really means is that below, you’ll find some news feeds that I’ve chosen to follow on this page. I’m not responsible for the content, but I have tried to focus the sources to be interesting to Cybersecurity and Information Security professionals. Or, anyone who is interested in those topics. Or, anyone at all who would like to read them.
If you’re the author of a feed, or have a suggestion on one I should add to this page, please drop me a note!
General Cyber News Feeds
Forbes – Cybersecurity News
ZDNet – Security News
KrebsOnSecurity – In-depth Security News and Investigation
CSO Online, from IDG – Hottest Topics on Cyber and Security
The Hacker News – Cybersecurity News and Analysis
The Guardian – Data and Security
Threatpost – First Stop for Security News
Dark Reading – Connecting the Information and Security Community
SANS Institute – Security Awareness Tip of the Day
Help Net Security – Daily infosec news with a focus on enterprise security
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
TechRepublic – Straight up Security
WeLiveSecurity – News, views, and insight from the ESET security community
Schneier on Security – A blog covering security and security technology
Lohrmann on Cybersecurity – Government Technology RSS Feed
Forbes – Cybersecurity News
- Feed has no items.
ZDNet – Security News
- Apple Mail freezing after updating to iOS 18.5? Here's a fix you can tryon 2025-06-06
If the Apple Mail app is glitching or causing your iPhone screen to go blank, there are a couple of things you can do to resolve the issue.
- 86 million AT&T customer records reportedly up for sale on the dark webon 2025-06-06
The leaked data contains names, dates of birth, phone numbers, email addresses, street addresses, and social security numbers.
- The best secure browsers for privacy in 2025: Expert testedon 2025-06-06
I've found the best browsers around that prioritize user security and privacy over revenue through tracking and data collection.
- The best AirTag wallets of 2025: Expert tested and recommendedon 2025-06-05
Never again lose your cards and cash with Apple AirTag tracking wallets from expert-tested brands like Ridge, Nomad, and more.
- The best password managers for businesses in 2025: Expert testedon 2025-06-05
A secure password management system is a must for businesses of all sizes. Whether you want an enterprise-grade solution or a simple setup for a small business, these are the best options on the market.
- Cybercriminals are stealing business Salesforce data with this simple trick - don't fall for iton 2025-06-05
The goal is to steal large amounts of confidential data in an attempt to extort the victims. Here's how it works.
Krebs On Security – In-depth Security News and Investigation
- Proxy Services Feast on Ukraine’s IP Address Exoduson 2025-06-05
Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of proxy and anonymity services nested at some of America's largest Internet service providers […]
- U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scamson 2025-05-30
The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as “pig butchering." In January 2025, KrebsOnSecurity detailed how Funnull was being used as a […]
- Pakistan Arrests 21 in ‘Heartsender’ Malware Serviceon 2025-05-28
Authorities in Pakistan have arrested 21 individuals accused of operating "Heartsender," a once popular spam and malware dissemination service that operated for more than a decade. The main clientele for HeartSender were organized crime groups that tried to trick victim companies into making payments to a third party, and its alleged proprietors […]
- Oops: DanaBot Malware Devs Infected Their Own PCson 2025-05-22
The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life […]
- KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoSon 2025-05-20
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that […]
- Breachforums Boss to Pay $700k in Healthcare Breachon 2025-05-15
In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. "Pompompurin," is slated for […]
CSO Online, from IDG – Hottest Topics on Cyber and Security
- Feed has no items.
The Hacker News – Cybersecurity News and Analysis
- New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Userson 2025-06-06 by info@thehackernews.com (The Hacker News)
Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems. The campaign, according to CloudSEK, has been found to leverage typosquat domains […]
- Empower Users and Protect Against GenAI Data Losson 2025-06-06 by info@thehackernews.com (The Hacker News)
When generative AI tools became widely available in late 2022, it wasn’t just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and accelerate work. Like so many waves of consumer-first IT innovation […]
- Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scamon 2025-06-06 by info@thehackernews.com (The Hacker News)
India's Central Bureau of Investigation (CBI) has revealed that it has arrested six individuals and dismantled two illegal call centers that were found to be engaging in a sophisticated transnational tech support scam targeting Japanese citizens. The law enforcement agency said it conducted coordinated searches at 19 […]
- Inside the Mind of the Adversary: Why More Security Leaders Are Selecting AEVon 2025-06-06 by info@thehackernews.com (The Hacker News)
Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. Defining technical policies and also profiling attacker behavior. Security teams cannot be focused on just ticking boxes, they need to inhabit the attacker’s mindset. This is […]
- New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attackon 2025-06-06 by info@thehackernews.com (The Hacker News)
A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos. "The attack was instrumented via a legitimate endpoint administration framework, indicating that the attackers likely had access to the administrative console, […]
- Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hard-Coded Credentialson 2025-06-05 by info@thehackernews.com (The Hacker News)
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks. "Several widely used extensions [...] unintentionally transmit sensitive data over simple HTTP," Yuanjing Guo, a […]
The Guardian – Data and Security
- ANU investigates possible hack after vice-chancellor’s account liked ‘highly offensive’ LinkedIn postson 2025-06-05 by Caitlin Cassidy Education reporter
University spokesperson says Genevieve Bell’s account had ‘liked’ posts she had never seen before about Julie Bishop and GazaGet our breaking news email, free app or daily news podcastThe Australian National University (ANU) has contacted authorities about a possible hacking incident after its vice-chancellor’s […]
- Russian-led cybercrime network dismantled in global operationon 2025-05-23 by Lisa O'Carroll and Kate Connolly in Berlin
Arrest warrants issued for ringleaders after investigation by police in Europe and North AmericaEuropean and North American cybercrime investigators say they have dismantled the heart of a malware operation directed by Russian criminals after a global operation involving British, Canadian, Danish, Dutch, French, German and […]
- What to do if you can’t get into your Facebook or Instagram accounton 2025-05-21 by Samuel Gibbs Consumer technology editor
How to prove your identity after your account gets hacked and how to improve security for the futurePhone lost or stolen? Practical steps to restore peace of mindUK passport lost or stolen? Here are the steps you need to takeYour Facebook or Instagram account can be your link to friends, a profile for your work or a key to […]
- ‘Source of data’: are electric cars vulnerable to cyber spies and hackers?on 2025-04-29 by Dan Milmo Global technology editor
British defence firms have reportedly warned staff not to connect their phones to Chinese-made EVsMobile phones and desktop computers are longstanding targets for cyber spies – but how vulnerable are electric cars?On Monday the i newspaper claimed that British defence firms working for the UK government have warned staff […]
- Ofcom closes technical loophole used by criminals to intercept mobile calls and textson 2025-04-22 by Mark Sweney
Regulator acts on leasing of ‘global title’ numbers after industry efforts to tackle problem were ineffectiveThe UK communications regulator Ofcom is banning mobile operators from leasing numbers that can be used by criminals to intercept and divert calls and messages, including security codes sent by banks to […]
- Birthday freebies: how to cash in on UK retailers’ gifts and discountson 2025-03-29 by Mabel Banfield-Nwachi
Join a loyalty scheme and you often get a reward or discount on your special day – but it may have strings attachedCelebrating your birthday isn’t just about getting presents and cards from family and friends. Signing up to loyalty schemes and newsletters can give you access to a host of freebies, deals and discounts […]
Threatpost – First Stop for Security News
- Student Loan Breach Exposes 2.5M Recordson 2022-08-31 by Nate Nelson
2.5 million people were affected, in a breach that could spell more trouble down the line.
- Watering Hole Attacks Push ScanBox Keyloggeron 2022-08-30 by Nate Nelson
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firmson 2022-08-29 by Nate Nelson
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
- Ransomware Attacks are on the Riseon 2022-08-26 by Nate Nelson
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
- Cybercriminals Are Selling Access to Chinese Surveillance Camerason 2022-08-25 by Nate Nelson
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
- Twitter Whistleblower Complaint: The TL;DR Versionon 2022-08-24 by Threatpost
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Dark Reading – Connecting the Information and Security Community
- Feed has no items.
SANS Institute – Security Awareness Tip of the Day
- Feed has no items.
Help Net Security – Daily infosec news with a focus on enterprise security
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?on 2025-06-06 by Zeljka Zorz
Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber criminals are using the botnet to perform ad fraud and click fraud. Access to and use of the compromised devices is also offered for sale through residential proxy services, which […]
- 145 criminal domains linked to BidenCash Marketplace seizedon 2025-06-06 by Help Net Security
Approximately 145 darknet and conventional internet domains, along with cryptocurrency funds linked to the BidenCash marketplace, have been seized by the U.S. Attorney’s Office for the Eastern District of Virginia. The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and […]
- June 2025 Patch Tuesday forecast: Second time is the charm?on 2025-06-06 by Help Net Security
Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. The May Patch Tuesday release of updates was typical in number of vulnerabilities addressed with 41 in both Windows 10 and 11, and their associated servers. They also did a great job finally fixing most of the reported issues that have been carried out for […]
- Pathlock helps organizations protect their SAP environments from development to deploymenton 2025-06-06 by Industry News
Pathlock announced a major expansion of its SAP cybersecurity offerings, introducing a new portfolio of value-driven and easy-to-deploy SAP cybersecurity solutions, including a Free Edition. Designed to deliver maximum value and fast time-to-protection, the launch marks a significant step toward democratizing SAP security for organizations of all […]
- Claroty enhances xDome platform with Device Purpose and Risk Benchmarking capabilitieson 2025-06-06 by Industry News
Claroty announced new capabilities in its SaaS-based Claroty xDome platform that provide organizations with an impact-centric view of their CPS environment. The new additions, Device Purpose and Risk Benchmarking, allow users to see how the overall risk of an environment is affected by the processes involved in a device’s use – as production […]
- Why IAM should be the starting point for AI-driven cybersecurityon 2025-06-06 by Mirko Zorz
In this Help Net Security interview, Benny Porat, CEO at Twine Security, discusses applying AI agents to security decisions. He explains why identity and access management (IAM) is the ideal starting point for both augmentation and automation, and shares advice on building trust in AI agents and integrating them into existing workflows. The post […]
IT Security Central – User Activity Monitoring | DLP | Employee Productivity
- Feed has no items.
TechRepublic – Straight up Security
- Feed has no items.
WeLiveSecurity – News, views, and insight from the ESET security community
- BladedFeline: Whispering in the darkon 2025-06-05
ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig
- Don’t let dormant accounts become a doorway for cybercriminalson 2025-06-02
Do you have online accounts you haven't used in years? If so, a bit of digital spring cleaning might be in order.
- This month in security with Tony Anscombe – May 2025 editionon 2025-05-30
From a flurry of attacks targeting UK retailers to campaigns corralling end-of-life routers into botnets, it's a wrap on another month filled with impactful cybersecurity news
- Word to the wise: Beware of fake Docusign emailson 2025-05-27
Cybercriminals impersonate the trusted e-signature brand and send fake Docusign notifications to trick people into giving away their personal or corporate data
- Danabot under the microscopeon 2025-05-23
ESET Research has been tracking Danabot’s activity since 2018 as part of a global effort that resulted in a major disruption of the malware’s infrastructure
- Danabot: Analyzing a fallen empireon 2025-05-22
ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation
Schneier on Security – A blog covering security and security technology
- Friday Squid Blogging: Squid Run in Southern New Englandon 2025-06-06
Southern New England is having the best squid run in years. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
- Hearing on the Federal Government and AIon 2025-06-06
On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled “The Federal Government in the Age of Artificial Intelligence.” The other speakers mostly talked about how cool AI was—and sometimes about how cool their own company was—but I was asked by the Democrats to specifically talk about DOGE […]
- Report on the Malicious Uses of AIon 2025-06-06
OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment schemes, covert influence operations […]
- The Ramifications of Ukraine’s Drone Attackon 2025-06-04
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare: If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U.S. air bases? Or the Pakistanis with Indian air bases? Or the North […]
- New Linux Vulnerabilitieson 2025-06-03
They’re interesting: Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems. “This means that if a local attacker […]
- Australia Requires Ransomware Victims to Declare Paymentson 2025-06-02
A new Australian law requires larger companies to declare any ransomware payments they have made.
Lohrmann on Cybersecurity – Government Technology RSS Feed
- Addressing Our ‘Age of Insecurity’ — in Cyber Tooon 2025-06-01
Recent cyber attacks have given a new urgency to business resiliency in the public and private sectors. Let’s explore the problem and some workable answers.
- Midyear Roundup: Nation-State Cyber Threats in 2025on 2025-05-25
What is the current situation with nation-state cyber attacks in the middle of 2025? Here’s a look at some of the biggest cyber threats from Russia, China, Iran and North Korea.
- Fairfax County, Va., CISO Michael Dent on Leadershipon 2025-05-18
What’s on the minds of top local government chief information security officers? In this interview, Michael Dent shares current security and technology priorities, career tips and more.
- The Legacy Cyber Threat: Why We Must Prioritize Modernizationon 2025-05-11
Most governments struggle with replacing legacy systems for a variety of reasons. But some people claim legacy mainframes can be just as secure as modern ones. So how big is the legacy cyber threat?
- AI, Cyber and Budgets: Top Themes at 2025 NASCIO Midyearon 2025-05-04
The National Association of State Chief Information Officers held their 2025 Midyear Conference this past week in Philadelphia. Here are some trends, highlights and insights.
- 'Slopsquatting' and Other New GenAI Cybersecurity Threatson 2025-04-27
As generative artificial intelligence develops, new terms and emerging threats are grabbing headlines regarding cyber threats to enterprises.
#StayVigilant
#StaySafe
#LookOutForEachOther