15 Bullet Friday – The Best Security News of the Week – 2021.03.19
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Microsoft Reports ‘DearCry’ Ransomware Targeting Exchange Servers (Dark Reading:, Mar 12 2021) Attackers have begun to deploy ransomware on Microsoft Exchange Servers compromised by the ProxyLogon exploits. 2. New Side-Channel Attack Targets Intel CPU Ring Interconnect (SecurityWeek, Mar 08 2021) A team […]
15 Bullet Friday – The Best Security News of the Week – 2021.03.12
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software (Krebs on Security, Mar 05 2021) “At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have […]
15 Bullet Friday – The Best Security News of the Week – 2021.03.05
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. NSA Publishes Guidance on Adoption of Zero Trust Security (SecurityWeek, Mar 01 2021) The U.S. National Security Agency (NSA) has published guidance on how security professionals can secure enterprise networks and sensitive data by adopting a Zero Trust security model. 2. Hackers […]
15 Bullet Friday – The Best Security News of the Week – 2021.02.26
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Malware Is Now Targeting Apple’s New M1 Processor (Wired, Feb 17 2021) Two distinct strains of malware have already adjusted to the new silicon just months after its debut. 2. Microsoft says SolarWinds hackers stole source code for 3 products (Ars Technica, […]
15 Bullet Friday – The Best Security News of the Week – 2021.02.19
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Chinese Supply-Chain Attack on Computer Systems (Schneier on Security, Feb 13 2021) “Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has […]
15 Bullet Friday – The Best Security News of the Week – 2021.02.12
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Lack of visibility into remote endpoints leaves companies vulnerable to ransomware (Help Net Security, Feb 03 2021) Illumio released findings on visibility and security practices for remote endpoints, revealing how vulnerable organizations are to ransomware propagating throughout the network and the impact […]
15 Bullet Friday – The Best Security News of the Week – 2021.02.05
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Pay-or-Get-Breached Ransomware Schemes Take Off (Dark Reading, Jan 26 2021) In 2020, ransomware attackers moved quickly to adopt so-called “double extortion” schemes, with more than 550 incidents in the fourth quarter alone. 2. #RSAC365: #COVID19 Fundamentally Altered Global Attack Surface (Infosecurity Magazine, […]
15 Bullet Friday – The Best Security News of the Week – 2021.01.29
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products? (Help Net Security, Jan 25 2021) On Friday evening, SonicWall announced that it “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on […]
15 Bullet Friday – The Best Security News of the Week – 2021.01.22
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Intel unveils ransomware-fighting CPUs (SC Media, Jan 15 2021) The capability is an easy win for CISOs, which can benefit with limited tweaks to machines. 2. Hackers used 4 zero-days to infect Windows and Android devices (Ars Technica, Jan 13 2021) Boobytrapped […]
15 Bullet Friday – The Best Security News of the Week – 2021.01.15
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Sealed U.S. Court Records Exposed in SolarWinds Breach (Krebs on Security, Jan 07 2021) The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on […]