15 Bullet Friday – The Best Security News of the Week – 2021.08.06
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Feds list the top 30 most exploited vulnerabilities. Many are years old (Ars Technica, Jul 29 2021) Hackers continue to exploit publicly known—and often dated—software vulnerabilities. 2. Navigating the 2021 threat landscape: Security operations, cybersecurity maturity (Help Net Security, Aug 02 2021) […]
15 Bullet Friday – The Best Security News of the Week – 2021.07.30
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Disrupting Ransomware by Disrupting Bitcoin (Schneier on Security, Jul 26 2021) In this light, banning cryptocurrencies like bitcoin is an obvious solution. But while the solution is conceptually simple, it’s also impossible because — despite its overwhelming problems — there are so […]
15 Bullet Friday – The Best Security News of the Week – 2021.07.23
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Mysterious Israeli Spyware Vendor’s Windows Zero-Days Caught in the Wild (VICE, Jul 15 2021) Microsoft and Citizen Lab found a new kind of spyware made by the mysterious Israeli vendor Candiru, and targeting someone in Europe based on their political beliefs. 2. […]
15 Bullet Friday – The Best Security News of the Week – 2021.07.16
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Kaseya Releases Security Patch as Companies Continue to Recover (Dark Reading, Jul 12 2021) Estimates indicate the number of affected companies could grow, while Kaseya faces renewed scrutiny as former employees reportedly criticize its lack of focus on security. 2. New Age […]
15 Bullet Friday – The Best Security News of the Week – 2021.07.09
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. CISA Adds Ransomware Module to Cyber Security Evaluation Tool (SecurityWeek, Jul 01 2021) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the release of a new module for its Cyber Security Evaluation Tool (CSET), namely the Ransomware Readiness Assessment […]
15 Bullet Friday – The Best Security News of the Week – 2021.07.02
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. NSA Funds Development & Release of D3FEND Framework (Dark Reading, Jun 22 2021) The framework, now available through MITRE, provides countermeasures to attacks. 2. 74% of Q1 Malware Was Undetectable Via Signature-Based Tools (Dark Reading, Jun 24 2021) Attackers have improved on […]
15 Bullet Friday – The Best Security News of the Week – 2021.06.25
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. No Two REvil Attacks Are the Same, Experts Warn (Infosecurity Magazine, Jun 15 2021) The ransomware affiliate model drives a challenging variety of threats for defenders to tackle 2. NSA Releases Guidance for Securing Enterprise Communication Systems (SecurityWeek, Jun 18 2021) The […]
15 Bullet Friday – The Best Security News of the Week – 2021.06.18
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. How Hackers Used Slack to Break into EA Games (VICE, Jun 14 2021) A representative for the hackers explained to Motherboard how the group stole a wealth of data from the game publishing giant. “Once inside the chat, we messaged a IT […]
15 Bullet Friday – The Best Security News of the Week – 2021.06.11
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. This is not a drill: VMware vuln with 9.8 severity rating is under attack (Ars Technica, Jun 04 2021) Code execution flaw in vCenter is exploited to install web shell on unpatched machines. 2. How to Protect Your Files From Ransomware (Wired, […]
15 Bullet Friday – The Best Security News of the Week – 2021.06.04
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. New Age Network Detection: Introduction (Securosis Blog, May 25 2021) Like the rest of the technology stack, the enterprise network is undergoing a huge transition. With data stores increasingly in the cloud and connectivity to SaaS providers and applications running in Infrastructure […]