Author: DEFENDEDGE
-
SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets. Read more
-
Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020
As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an “imminent” cyber-threat, including Amazon, Costco, Kroger and Walmart. Read more
-
National Cyber Security Centre Cyber Awareness Campaign
Original release date: December 9, 2020 The United Kingdom (UK) National Cyber Security Centre (NCSC) has launched a new cyber security campaign encouraging the public to adopt six behaviors to stay safe online. The six Cyber Aware behaviors recommended by the NSCS are: Use a separate password for your email Create strong passwords using three… Read more
-
New ACSC Cybersecurity Campaign Begins by Focusing on Ransomware Threats
Original release date: December 9, 2020 The Australian Cyber Security Centre (ACSC) has launched a new cyber security campaign encouraging all Australians to protect themselves against online threats. The initial focus of the campaign is ransomware threats, and the ACSC provides easy-to-follow security advice at cyber.gov.au to help Australians act now and stay secure. … Read more
-
D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws
Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware. Read more
-
OpenSSL Releases Security Update
Original release date: December 8, 2020 OpenSSL has released a security update to address a vulnerability affecting all versions of 1.0.2 and 1.1.1 released before version 1.1.1i. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the OpenSSL Security Advisory… Read more
-
Google Patches Critical Wi-Fi and Audio Bugs in Android Handsets
Google updates its mobile OS, fixing ten critical bugs, including one remote code execution flaw. Read more
-
Theft of FireEye Red Team Tools
Original release date: December 8, 2020<br/><p>FireEye has released a blog addressing unauthorized access to their Red Team’s tools by a highly sophisticated threat actor. Red Team tools are often used by cybersecurity organizations to evaluate the security posture of enterprise systems. Although the Cybersecurity and Infrastructure Security Agency (CISA) has not received reporting of these… Read more
-
Critical, Unpatched Bugs Open GE Radiological Devices to Remote Code Execution
A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging. Read more
-
Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays
Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020. Read more