UK Spy Agency Releases Annual Threat Report
http://feedproxy.google.com/~r/securityweek/~3/d8QJELpO_uk/uk-spy-agency-releases-annual-threat-report

MI5’s Annual Threat Update Parallels U.S. Intelligence Threat Warnings
MI5’s UK Annual Threat Update 2021 from director general Ken McCallum almost mirrors the threat warnings delivered by U.S. government agencies: ransomware and IP theft in cyber, and extreme right-wing terrorism amplified by online echo chambers.
read more (https://www.securityweek.com/uk-spy-agency-releases-annual-threat-report)

SIM swapping: A hot fraud, but you can stop it cold
https://techgenix.com/sim-swapping-fraud/

As if there aren’t enough cybercrimes to worry about, SIM-swapping fraud is taking off. Here are some steps to help you avoid becoming a victim.
The post SIM swapping: A hot fraud, but you can stop it cold (https://techgenix.com/sim-swapping-fraud/) appeared first on TechGenix (https://techgenix.com/).

Vulnerabilities in Etherpad Collaboration Tool Allow Data Theft
http://feedproxy.google.com/~r/securityweek/~3/9dB_zNdJtYY/vulnerabilities-etherpad-collaboration-tool-allow-data-theft

XSS and Argument Injection Flaws Found in Popular Etherpad Collaboration Tool
read more (https://www.securityweek.com/vulnerabilities-etherpad-collaboration-tool-allow-data-theft)

Google Adds HTTPS-First Mode to Chrome
http://feedproxy.google.com/~r/securityweek/~3/qY6o5CjpCLY/google-adds-https-first-mode-chrome

Google is about to give Chrome users a small security boost with new functionality that will attempt to automatically upgrade web pages to HTTPS.
Dubbed HTTPS-First mode, the feature resembles the HTTPS-only mode (https://www.securityweek.com/mozilla-boosts-security-firefox-https-only-mode) in Firefox.
read more (https://www.securityweek.com/google-adds-https-first-mode-chrome)

Google: New Chrome Zero-Day Being Exploited
http://feedproxy.google.com/~r/securityweek/~3/4OIKhPcgGdo/google-new-chrome-zero-day-being-exploited

For the seventh time this year, Google is dealing with zero-day attacks targeting users of its flagship Chrome web browser.
The search advertising giant released a Chrome security refresh overnight with a warning that malicious hackers are actively exploiting a critical type confusion vulnerability to launch malware attacks.
read more (https://www.securityweek.com/google-new-chrome-zero-day-being-exploited)

Cisco Patches High-Risk Flaw in ASA, FTD Software
http://feedproxy.google.com/~r/securityweek/~3/i2EM0ZtcWI4/cisco-patches-high-risk-flaw-asa-ftd-software

Cisco on Thursday released patches for a high severity vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software, warning that exploitation could lead to crippling denial-of-service attacks.
read more (https://www.securityweek.com/cisco-patches-high-risk-flaw-asa-ftd-software)

New SSL certificate? Rerun Exchange Hybrid Configuration Wizard
https://techgenix.com/ssl-certificate-rerun-exchange-hybrid-configuration-wizard/

What happens when your Exchange Server’s SSL certificate needs to be renewed? Run the Exchange Hybrid Configuration Wizard. Here’s how.
The post New SSL certificate? Rerun Exchange Hybrid Configuration Wizard (https://techgenix.com/ssl-certificate-rerun-exchange-hybrid-configuration-wizard/) appeared first on TechGenix (https://techgenix.com/).

Defcon Talk Prompts New Windows Print Spooler Flaw Warning
http://feedproxy.google.com/~r/securityweek/~3/zQPxiFT0DwE/defcon-talk-prompts-new-windows-print-spooler-flaw-warning

Microsoft’s problems with security defects in the Windows Print Spooler utility are getting worse by the week.
read more (https://www.securityweek.com/defcon-talk-prompts-new-windows-print-spooler-flaw-warning)

Tails 4.20 Anonymous OS Released with Brand-New Tor Connection Assistant - 9to5Linux
https://9to5linux.com/tails-4-20-anonymous-os-released-with-brand-new-tor-connection-assistant

AMD Posts FidelityFX Super Resolution Source Code - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=AMD-FidelityFX-Super-Res-Source

Pine64's Open Source Smartwatch Goes on Sale for $27 - OMG! Ubuntu!
https://www.omgubuntu.co.uk/2021/07/pine64s-open-source-smartwatch-goes-on-sale-for-27

What the Chinese TikTok's Data Collection
1,user data
2,location
3,contact
4,all the photo on your phone
5,what's on your clipboard
6,what app you have installed
7,browser history
8,anything that is on your phone tiktok if going to try to collect it
9,in-app data photo you post,what you like,what you comment, private massage,

Nearly a dozen cybersecurity acquisitions were announced in the first week of August 2021.
read more (https://www.securityweek.com/cybersecurity-ma-roundup-august-1-8-2021)

Joplin: City Computer Shutdown Was Ransomware Attack
http://feedproxy.google.com/~r/securityweek/~3/1DwnOtoAhP4/joplin-city-computer-shutdown-was-ransomware-attack

The insurer for Joplin paid $320,00 to an unknown person after a ransomware attack shut down the city’s government’s computer system last month, Joplin City Manager Nick Edwards said Thursday.
read more (https://www.securityweek.com/joplin-city-computer-shutdown-was-ransomware-attack)

Vulnerability Affecting Routers From Many Vendors Exploited Days After Disclosure
http://feedproxy.google.com/~r/securityweek/~3/UMA4BMZYmtI/vulnerability-affecting-routers-many-vendors-exploited-days-after-disclosure

Cybercriminals quickly started exploiting a vulnerability that affects routers and modems from many vendors that use the same underlying firmware.
On August 3, cybersecurity firm Tenable published a blog post describing a vulnerability affecting routers that use firmware from Arcadyan, a Taiwan-based provider of networking solutions.
read more (https://www.securityweek.com/vulnerability-affecting-routers-many-vendors-exploited-days-after-disclosure)

A Deeper Dive Into Zero-Trust and Biden's Cybersecurity Executive Order
http://feedproxy.google.com/~r/securityweek/~3/O__gkR9gTgw/deeper-dive-zero-trust-and-bidens-cybersecurity-executive-order

On May 12, 2021, President Biden signed an Executive Order (EO) on Improving the Nation’s Cybersecurity. It is a detailed overview of the Federal government’s plan to better secure America – and it calls out zero-trust as a major pillar of that process.
The Executive Order
read more (https://www.securityweek.com/deeper-dive-zero-trust-and-bidens-cybersecurity-executive-order)

Getting started with secret vaults in PowerShell
https://techgenix.com/secret-vaults-in-powershell/

Here’s how to store credentials in a secret vault and then design PowerShell scripts that can access the secrets from within the vault.
The post Getting started with secret vaults in PowerShell (https://techgenix.com/secret-vaults-in-powershell/) appeared first on TechGenix (https://techgenix.com/).

How to Train Your SOC Staff: What Works and What Doesn't
http://feedproxy.google.com/~r/securityweek/~3/UWALY-YGiKw/how-train-your-soc-staff-what-works-and-what-doesnt

We’re all familiar with the shortage of talent to staff security operations centers (SOCs), the challenge of hiring qualified cyber security professionals, and that burnout and overwork makes it impossible to keep good staff. So why not make an effort to hang on to your security analysts and make sure they stay up to the challenge? 
read more (https://www.securityweek.com/how-train-your-soc-staff-what-works-and-what-doesnt)