Author: DEFENDEDGE

Reflecting on 2020’s record-breaking year of spam and inbox threats. Read more

Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts. Read more

Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold. Read more

David “moose” Wolpoff at Randori explains how hackers pick their targets, and how understanding “hacker logic” can help prioritize defenses. Read more

Bugcrowd CTO Casey Ellis covers new cybersecurity challenges for online retailers. Read more

Threatpost explores 5 big takeaways from 2020 — and what they mean for 2021. Read more

In-depth report looks at how COVID-19 research has become as a juicy new target for organized cybercrime. Read more

Original release date: December 28, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor —… Read more

Original release date: December 24, 2020 CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool is intended for use by incident responders and is narrowly focused on activity that is endemic to the recent identity- and authentication-based attacks seen… Read more

The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. Read more