The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise (Krebs on Security, Dec 14 2020) “Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps
A Review of the Best News of the Week on Cybersecurity Management & Strategy Nuclear weapons agency breached amid massive cyber onslaught (Politico, Dec 17 2020) Hackers accessed systems at the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile. SolarWinds Hack Could Affect 18K Customers (Krebs on
A Review of the Best News of the Week on Identity Management & Web Fraud CPRA hints at the future of cybersecurity and privacy (Help Net Security, Dec 11 2020) One of the most notable ballot propositions impacting the privacy and cybersecurity world during the US 2020 election was the
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Dark Halo Leverages SolarWinds Compromise to Breach Organizations (Volexity, Dec 15 2020) Near the end of this incident, Volexity observed the threat actor using a novel technique to bypass Duo multi-factor authentication (MFA) to access the
A Review of the Best News of the Week on AI, IoT, & Mobile Security What IT Leaders Expect from AI, ML in 2021 (eWEEK, Dec 15 2020) Here are some perspectives from a selection of thought leaders across the IT world. #BHEU: IoT Threat Hunting Detects Over One Billion
A Review of the Best News of the Week on Cyber Threats & Defense U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise (Krebs on Security, Dec 14 2020) “Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. FBI: Block Email Forwarding to Stop BEC Attackers (Infosecurity Magazine, Dec 02 2020) Feds warn of visibility challenge for IT administrators 2. Mac users warned of more Ocean Lotus malware targeted attacks (Graham Cluley, Dec 02 2020)
A Review of the Best News of the Week on Cybersecurity Management & Strategy Nation-State Hackers Breached FireEye, Stole Its Red Team Tools (Dark Reading, Dec 08 2020) "Novel techniques" used by the attackers cheated security tools and forensics, according to FireEye CEO Kevin Mandia. Industry Reactions to FireEye Breach:
A Review of the Best News of the Week on Identity Management & Web Fraud Apple to Tighten App Privacy, Remove Apps That Don’t Comply (SecurityWeek, Dec 08 2020) Apple is stepping up privacy for app users, forcing developers to be more transparent about data collection and warning they could