Author: DEFENDEDGE
-
Inbox Attacks: The Miserable Year (2020) That Was
Reflecting on 2020’s record-breaking year of spam and inbox threats. Read more
-
What’s Next for Ransomware in 2021?
Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts. Read more
-
FBI Warn Hackers are Using Hijacked Home Security Devices for ‘Swatting’
Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold. Read more
-
6 Questions Attackers Ask Before Choosing an Asset to Exploit
David “moose” Wolpoff at Randori explains how hackers pick their targets, and how understanding “hacker logic” can help prioritize defenses. Read more
-
Taking a Neighborhood Watch Approach to Retail Cybersecurity
Bugcrowd CTO Casey Ellis covers new cybersecurity challenges for online retailers. Read more
-
2020 Work-for-Home Shift: What We Learned
Threatpost explores 5 big takeaways from 2020 — and what they mean for 2021. Read more
-
Hackers Amp Up COVID-19 IP Theft Attacks
In-depth report looks at how COVID-19 research has become as a juicy new target for organized cybercrime. Read more
-
Vulnerability Summary for the Week of December 21, 2020
Original release date: December 28, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor —… Read more
-
CISA Releases Free Detection Tool for Azure/M365 Environment
Original release date: December 24, 2020 CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool is intended for use by incident responders and is narrowly focused on activity that is endemic to the recent identity- and authentication-based attacks seen… Read more
-
Windows Zero-Day Still Circulating After Faulty Fix
The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. Read more