15 Bullet Friday – The Best Security News of the Week – 2021.05.28
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. #RSAC: The Most Dangerous New Attack Techniques (Infosecurity Magazine, May 20 2021) Annual panel at the RSA Conference identifies a number of areas of concern, including improper session handling and an evolution of ransomware 2. Vulnerabilities in billions of Wi-Fi devices let […]
15 Bullet Friday – The Best Security News of the Week – 2021.05.21
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Try This One Weird Trick Russian Hackers Hate (Krebs on Security, May 17 2021) “In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware […]
15 Bullet Friday – The Best Security News of the Week – 2021.05.14
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Colonial Pipeline Struggles to Restart After Ransomware Attack (SecurityWeek, May 09 2021) Operators of the Colonial Pipeline are struggling to get fuel flowing at normal capacity after a cyberattack forced a shutdown of distribution system, the largest refined products pipeline in the United States. […]
15 Bullet Friday – The Best Security News of the Week – 2021.05.07
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. MITRE Adds MacOS, More Data Types to ATT&CK Framework (Dark Reading, Apr 30 2021) Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure. 2. Tesla Car Hacked Remotely From Drone via Zero-Click Exploit […]
15 Bullet Friday – The Best Security News of the Week – 2021.04.30
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Apple’s Ransomware Mess Is the Future of Online Extortion (Wired, Apr 23 2021) This week, hackers stole confidential schematics from a third-party supplier and demanded $50 million not to release them. 2. Justice Dept. Creates Task Force to Stop Ransomware Spread (Dark […]
15 Bullet Friday – The Best Security News of the Week – 2021.04.23
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Detection capabilities improve, but ransomware surges on (Help Net Security, Apr 14 2021) A FireEye report outlines critical details on trending attacker techniques and malware, the proliferation of multifaceted extortion and ransomware, preparing for expected UNC2452 / SUNBURST copycat threat actors, growing […]
15 Bullet Friday – The Best Security News of the Week – 2021.04.16
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. How a VPN vulnerability allowed ransomware to disrupt two manufacturing plants (Ars Technica, Apr 07 2021) The ransomware, known as Cring, came to public attention in a January blog post. It takes hold of networks by exploiting long-patched vulnerabilities in VPNs sold […]
15 Bullet Friday – The Best Security News of the Week – 2021.04.09
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. 83% of Businesses Hit With a Firmware Attack in Past Two Years (Dark Reading, Mar 31 2021) A new Microsoft-commissioned report finds less than 30% of organizations allocate security budget toward preventing firmware attacks. 2. Spotlight: Malware Lead Generation At Scale (Elie […]
15 Bullet Friday – The Best Security News of the Week – 2021.04.02
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Attackers tried to insert backdoor into PHP source code (Help Net Security, Mar 29 2021) The PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. What happened? “[On Sunday, March 28] […]
15 Bullet Friday – The Best Security News of the Week – 2021.03.26
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Microsoft One-Click Tool Mitigates Exchange Server Attacks (Infosecurity Magazine, Mar 16 2021) Tool designed for customers without dedicated IT or cybersecurity resource 2. Exploiting Spectre Over the Internet (Schneier on Security, Mar 18 2021) “Google has demonstrated exploiting the Spectre CPU attack […]