Author: DEFENDEDGE
-
CISA Releases New Alert on Post-Compromise Threat Activity in Microsoft Cloud Environments and Tools to Help Detect This Activity
Original release date: January 8, 2021 CISA has evidence of post-compromise advanced persistent threat (APT) activity in the cloud environment. Specifically, CISA has seen an APT actor using compromised applications in a victim’s Microsoft 365 (M365)/Azure environment and using additional credentials and Application Programming Interface (API) access to cloud resources of private and public sector… Read more
-
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Original release date: January 8, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations. AA20-352A… Read more
-
SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack
Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group – and have been hired by SolarWinds. Read more
-
MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers
Original release date: January 8, 2021 The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Zyxel firewalls and AP controllers. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the MS-ISAC Advisory 2021-001 and Zyxel Security Advisory… Read more
-
MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewall and AP Controllers
Original release date: January 8, 2021 The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Zyxel Firewall and AP Controllers. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and admininstrators to review the MS-ISAC Advisory 2021-001 and Zyxel Security… Read more
-
Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking
Major browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices. Read more
-
Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws
In all, Nvidia patched flaws tied to 16 CVEs across its graphics drivers and vGPU software, in its first security update of 2021. Read more
-
Threatpost Poll: Weigh in on Ransomware Security
Provide your views on ransomware and how to deal with it in our anonymous Threatpost poll. Read more
-
Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR
Original release date: January 7, 2021 Mozilla has released security updates to address a vulnerability in Firefox, Firefox for Android, and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory and apply the necessary updates. This product… Read more
-
NSA Urges SysAdmins to Replace Obsolete TLS Protocols
The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols. Read more