Author: DEFENDEDGE

  • 80% of Global Enterprises Report Firmware Cyberattacks

    DEFENDEDGE

    A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags. Read more

  • Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack

    DEFENDEDGE

    Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities. Read more

  • Building a Fortress: 3 Key Strategies for Optimized IT Security

    DEFENDEDGE

    Chris Hass, director of information security and research at Automox, discusses how to shore up cybersecurity defenses and what to prioritize. Read more

  • Vulnerability Summary for the Week of March 22, 2021

    DEFENDEDGE

    Original release date: March 29, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info apache — ofbiz Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz. 2021-03-22 7.5 CVE-2021-26295 MLIST CONFIRM MLIST MLIST MLIST apache —… Read more

  • Employee Lockdown Stress May Spark Cybersecurity Risk

    DEFENDEDGE

    Younger employees and caregivers report more stress than other groups– and more shadow IT usage. Read more

  • Network Security Infrastructure

    DEFENDEDGE

    Network Security Infrastructure “Cybercrime is the greatest threat to every company in the world.” a quote by Ginni Rometty, IBM’s executive chairman, and previous CEO. So why do so many companies wait until they have been breached to implement any sort of security infrastructure? The answer is money. If you do not pay now you… Read more

  • Vulnerability Summary for the Week of March 15, 2021

    DEFENDEDGE

    Original release date: March 22, 2021 | Last revised: March 24, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info adobe — creative_cloud_desktop _application Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call… Read more

  • Cyberwarfare: The Technology Attack

    DEFENDEDGE

    Cyberwarfare: The Technology Attack What is Cyberwarfare? There is still widespread debate around the true definition of “cyberwarfare.’ Some experts define it as an “extension of policy by actions taken in cyberspace by state actors that constitute a serious threat to another state’s security.” Others in the field believe that cyberwarfare is the “use of… Read more

  • AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool

    DEFENDEDGE

    Original release date: March 18, 2021 Summary This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following CISA Alerts: AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical… Read more

  • Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data

    DEFENDEDGE

    A glitch in Zoom’s screen-sharing feature shows parts of presenters’ screens that they did not intend to share – potentially leaking emails or passwords. Read more