Author: DEFENDEDGE
-
Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data
On the heels of a cyberattack on the EMA, cybercriminals have now leaked Pfizer and BioNTech COVID-19 vaccine data on the internet. Read more
-
Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove
Watering-hole attacks executed by ‘experts’ exploited Chrome, Windows and Android flaws and were carried out on two servers. Read more
-
Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes
The first Patch Tuesday security bulletin for 2021 from Microsoft includes fixes for one bug under active attack, possibly linked to the massive SolarWinds hacks. Read more
-
Microsoft Releases January 2021 Security Updates
Original release date: January 12, 2021 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January 2021 Security Update Summary and Deployment Information and apply the necessary updates. This… Read more
-
Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content
Adobe issued patches for seven critical arbitrary-code-execution flaws plaguing Windows and MacOS users. Read more
-
NSA Cybersecurity Directorate Releases 2020 Year in Review
Original release date: January 12, 2021 The National Security Agency (NSA) Cybersecurity Directorate has released its 2020 Year in Review, outlining key milestones and mission outcomes achieved during NSA Cybersecurity’s first full year of existence. Highlights include NSA Cybersecurity’s contributions to the 2020 elections, Operation Warp Speed, and the Department of Defense’s pandemic-influenced transition to… Read more
-
Microsoft Releases Security Updates for Edge
Original release date: January 11, 2021 Microsoft has released a security update to address multiple vulnerabilities in Edge (Chromium-based). An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the latest entry for Microsoft Security Advisory ADV200002 and apply the necessary updates. … Read more
-
Vulnerability Summary for the Week of January 4, 2021
Original release date: January 11, 2021 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor —… Read more
-
A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets
Threatpost editors discuss the SolarWinds hack, healthcare ransomware attacks and other threats that will plague enterprises in 2021. Read more
-
CISA Releases New Alert on Post-Compromise Threat Activity in Microsoft Cloud Environments and Tools to Help Detect This Activity
Original release date: January 8, 2021 CISA has evidence of post-compromise advanced persistent threat (APT) activity in the cloud environment. Specifically, CISA has seen an APT actor using compromised applications in a victim’s Microsoft 365 (M365)/Azure environment and using additional credentials and Application Programming Interface (API) access to cloud resources of private and public sector… Read more