Study - Technical
- LMS-SFC (EN) - Cyber
Security - News
Archive March 2021
Cyber Security - News Archive
March 2021
31.03.2021 - News
from cyber security.
- CISA Releases Supplemental
Direction on Emergency Directive for Microsoft Exchange Server
Vulnerabilities. (to
the original material)
- Google Releases Security
Updates for Chrome. (to
the original material)
- VMware Releases Security
Updates. (to
the original material)
- Citrix Releases Security
Updates for Hypervisor. (to
the original material)
- 800Gbps DDoS extortion attack
hits gambling company. (to
the original material)
- CISA gives federal agencies 5
days to find hacked Exchange servers. (to
the original material)
- Google: North Korean hackers
target security researchers again. (to
the original material)
- BazarCall malware uses
malicious call centers to infect victims. (to
the original material)
- Malware (majority XtremeRAT)
hidden in game cheats and mods used to target gamers. (to
the original material)
- Scammers steal New Yorkers'
private info for benefits fraud. (to
the original material)
- Fake jQuery files infect
WordPress sites with malware. (to
the original material)
- Google Chrome for Linux is
getting DNS-over-HTTPS (DoH), but there's a catch. (to
the original material)
- Board directors need to play
an active role in protecting their org from cyber risks. (to
the original material)
- Hybrid IAM (Identity and
Access Management): Addressing the security and experience
issues caused by hybrid IT. (to
the original material)
- Lack of IT-OT collaboration
holding back smart factory security projects. (to
the original material)
- Digital dependence and
innovation: Two critical trends in cyber espionage and crime. (to
the original material)
- Nearly 40% of new ransomware
families use both data encryption and data theft in attacks. (to
the original material)
- 3 steps to meeting data
privacy regulation compliance through identity programs. (to
the original material)
- US govt warns that buying
fake COVID-19 vaccine cards is a crime. (to
the original material)
- VMware fixes bug allowing
attackers to steal admin credentials. (to
the original material)
- Scammers target universities
in ongoing IRS (Internal Revenue Service) phishing attacks. (to
the original material)
- Leading Indian fintech
platform MobiKwik denies data breach. (to
the original material)
- Microsoft Exchange attacks
increase while WannaCry gets a restart. (to
the original material)
- Unfair exchange: ransomware
attacks surge globally amid Microsoft Exchange Server
vulnerabilities. (to
the original material)
- Have you backed up your data
lately? Don't be fooled by April 1st - Back up your data on
World Backup Day. (to
the original material)
- Leaders need to find ways to
increase internal audit capacity without increasing budgets. (to
the original material)
- How much of the data created
and replicated should be stored? (to
the original material)
- How well have remote workers
adapted one year on? (to
the original material)
- 93% of consumers concerned
about data security when filling out online forms. (to
the original material)
- Cloud security experts
wanted: You can be one of them. (to
the original material)
- How to avoid 4 common zero
trust traps (including one that could cost you your job). (to
the original material)
- DDoS attacks in 2021: What to
expect? (to
the original material)
- 29th March – Threat
Intelligence Report. (to
the original material)
- Docker Hub images downloaded
20M times come with cryptominers. (to
the original material)
- Harris Federation hit by
ransomware attack affecting 50 schools. (to
the original material)
- PHP's Git server hacked to
add backdoors to PHP source code. (to
the original material)
- Vulnerability Summary for the
Week of March 22, 2021. (to
the original material)
- As DX acceleration continues,
identity and zero trust need to be central in all business
decisions. (to
the original material)
- The importance of a zero
trust-based approach to identity security. (to
the original material)
- Why certificate automation is
no longer just “nice to have”. (to
the original material)
- How do I select a bot
protection solution for my business? (to
the original material)
- Stop using your employees as
scapegoats: Change their behavior. (to
the original material)
- Attackers tried to insert
backdoor into PHP source code. (to
the original material)
- New NCSC CEO warns against
complacency while outlining future cyber risks. (to
the original material)
- Ransomware admin is refunding
victims their ransom payments. (to
the original material)
- Critical netmask networking
bug impacts thousands of applications. (to
the original material)
- CompuCom MSP (managed service
provider) expects over $20M in losses after ransomware attack. (to
the original material)
- Week in review: Phishers’
perfect targets, evaluating partner cyber resilience, new issue
of (IN)SECURE. (to
the original material)
- FatFace (British footwear
brand) sends controversial data breach email after ransomware
attack. (to
the original material)
- New Android malware spies on
you while posing as a System Update. (to
the original material)
- Apple Releases Security
Updates . (to
the original material)
- OpenSSL Releases Security
Update. (to
the original material)
- A warning has been issued
about scams advertising fake COVID-19 vaccines, asking for
Bitcoin payments. (to
the original material)
- The Week in Ransomware -
March 26th 2021 - Attacks increase. (to
the original material)
- Clop Ransomware gang urges
victims’ customers to demand a ransom payment. (to
the original material)
- German Parliament targeted
again by Russian state hackers. (to
the original material)
- Apple fixes a iOS zero-day
vulnerability actively used in attacks. (to
the original material)
- Microsoft: Black Kingdom
ransomware group hacked 1.5K Exchange servers. (to
the original material)
- SolarWinds patches critical
code execution bug in Orion Platform. (to
the original material)
- FBI exposes weakness in Mamba
ransomware, DiskCryptor. (to
the original material)
- Hackers Gained Access to
150,000 IP Cameras Inside Hospitals, Police Departments,
Prisons, Schools, and Companies like Tesla & Equinox. (to
the original material)
- How to get affordable DV
certificates for onion sites. (to
the original material)
- With more than 400,000 crypto
scams created in 2020, increase of 75% predicted for 2021. (to
the original material)
- Financial services and
insurance faring better than most in the pandemic year. (to
the original material)
- Volumul atacurilor a crescut
cu 48% în primul an al pandemiei. (to
the original material)
- The war against the virus
also fueling a war against digital fraud. (to
the original material)
- 70% of organizations
recognize the importance of secure coding practices. (to
the original material)
- New infosec products of the
week: March 26, 2021. (to
the original material)
- Samba Releases Security
Updates. (to
the original material)
- Cisco Releases Security
Updates. (to
the original material)
- Webshells Observed in
Post-Compromised Exchange Servers. (to
the original material)
- Announcing the Android Ready
SE Alliance. (to
the original material)
- Keeping Cyber Risk Under
Control: Spotting and Thwarting ICS Threats. (to
the original material)
- Cloudflare Page Shield: Early
warning system for malicious scripts. (to
the original material)
- Insurance giant CNA hit by
new Phoenix CryptoLocker ransomware. (to
the original material)
- Evil Corp (aka Dridex or
Indrik Spider, known for distributing the Dridex malware)
switches to Hades ransomware to evade sanctions OFAC (Treasury
Department's Office of Foreign Assets Control). (to
the original material)
- OpenSSL fixes severe DoS,
certificate validation vulnerabilities. (to
the original material)
- QNAP warns of ongoing
brute-force attacks against NAS devices. (to
the original material)
- BackBlaze (cloud storage and
backup provider) mistakenly shared backup metadata with
Facebook. (to
the original material)
- Engineer reports data leak to
nonprofit, hears from the police. (to
the original material)
- The Advantages of a Unified
Approach to Cloud Data Security. (to
the original material)
- 61% of businesses say
competitive intelligence has made a direct impact on revenue. (to
the original material)
- Continued WAN and application
growth resulting in network complexity. (to
the original material)
- Distributed and remote work
creating a perfect storm for network security teams. (to
the original material)
- Using memory encryption in
web applications to help reduce the risk of Spectre attacks. (to
the original material)
- Challenges and benefits of
using threat data feeds. (to
the original material)
- Microsoft offers rewards for
security bugs in Microsoft Teams. (to
the original material)
- Fleeceware apps extract
hundreds of dollars per year from their users through
subscription services. (to
the original material)
- New web tool to test your
cyber risk as survey exposes 80% of British people fear online
attacks. (to
the original material)
- Mozilla Releases Security
Updates for Firefox, Firefox ESR, and Thunderbird. (to
the original material)
- BEC (Business Email
Compromise) scams cost nearly $2 billion in 2020. (to
the original material)
- Hackers abuse the reputation
of courier companies when demand for deliveries is at a record
high. Target: People's card details. (to
the original material)
- Facebook blocks Chinese state
hackers targeting Uyghur activists. (to
the original material)
- Microsoft fixes Windows
PSExec privilege elevation vulnerability. (to
the original material)
- Google Chrome will use HTTPS
as default navigation protocol. (to
the original material)
- Cisco addresses critical bug
in Windows, macOS Jabber clients. (to
the original material)
- Google removes
privacy-focused ClearURLs Chrome extension. (to
the original material)
- Resentful employee deletes
1,200 Microsoft Office 365 accounts, gets prison. (to
the original material)
- Cybersecurity awareness is
too often a part-time effort. (to
the original material)
- IT leaders adapting to new
challenges by prioritizing collaboration, cloud and security. (to
the original material)
- Remote workers admit to
playing a significant part in increasing their company’s
cybersecurity risks. (to
the original material)
- Total combined fraud losses
climbed to $56 billion in 2020. (to
the original material)
- What businesses need to know
to evaluate partner cyber resilience. (to
the original material)
- Hidden areas of security and
the future of hybrid working. (to
the original material)
- 5G network slicing
vulnerability leaves enterprises exposed to cyberattacks. (to
the original material)
- Support for UK education
sector after growth in cyber attacks. (to
the original material)
- Adobe Releases Security
Updates for ColdFusion. (to
the original material)
- Security 101: Protecting
Serverless and Container Applications with RASP (Runtime
Application Self-Protection). (to
the original material)
- CNA insurance firm hit by a
cyberattack, operations impacted. (to
the original material)
- Purple Fox malware worms its
way into exposed Windows systems. (to
the original material)
- Ransomware gang leaks data
stolen from Colorado, Miami universities. (to
the original material)
- Microsoft warns of phishing
attacks bypassing email gateways. (to
the original material)
- High-availability server
maker Stratus hit by ransomware. (to
the original material)
- Ransomware attack shuts down
Sierra Wireless (Canada) IoT maker. (to
the original material)
- Microsoft: 92% of Exchange
servers safe from ProxyLogon attacks. (to
the original material)
- Data breaches and network
outages: A real and growing cost for the healthcare industry. (to
the original material)
- 80% of security leaders would
like more control over their API security. (to
the original material)
- Only 14% of domains worldwide
truly protected from spoofing with DMARC enforcement. (to
the original material)
- Why DDI (DNS provides IP
addresses, DHCP assigns IP addresses, and IPAM - IP Address
Management manages IP resources) technology is fundamental for
multicloud success. (to
the original material)
- Tackling cross-site request
forgery (CSRF - Cross-Site Request Forgery) on company websites.
(to
the original material)
- CSAE (Collect data, Store
information, Analyse intelligence, Engage with facts): Guiding
principles and best practices for data scientific investigations
of organized crime. (to
the original material)
- 22nd March – Threat
Intelligence Report. (to
the original material)
- Cracked it: Codebreaking
schoolgirls see off local rivals for chance to win UK cyber
contest. (to
the original material)
- An Android Trojan
impersonating the Clubhouse app has appeared. (to
the original material)
- MangaDex manga site
temporarily shut down after cyberattack. (to
the original material)
- Mozilla Firefox adopts new
privacy-enhancing Referrer Policy. (to
the original material)
- Critical code execution
vulnerability fixed in Adobe ColdFusion. (to
the original material)
- Energy giant Shell discloses
data breach after Accellion hack. (to
the original material)
- Microsoft Exchange servers
now targeted by Black Kingdom ransomware. (to
the original material)
- Vulnerability Summary for the
Week of March 15, 2021. (to
the original material)
- A passport to freedom? Fake
COVID-19 test results and vaccination certificates offered on
Darknet and hacking forums. (to
the original material)
- The financial impact of
cybersecurity vulnerabilities on credit unions. (to
the original material)
- Data protection challenges
hinder digital transformation initiatives. (to
the original material)
- Compliance department
spending plateaued in 2020. (to
the original material)
- Rapid increase in security
tools causing alert fatigue and burn out. (to
the original material)
- Cybercriminals capitalizing
on our reliance on the cloud. (to
the original material)
- How to stay ahead of the rise
of synthetic fraud. (to
the original material)
- Phishers’ perfect targets:
Employees getting back to the office. (to
the original material)
- DDoS booters now abuse DTLS
servers to amplify attacks. (to
the original material)
- Week in review: Attacks on
Exchange servers escalate, the influence of the Agile Manifesto,
O365 phishing. (to
the original material)
- Hacking group used 11
zero-days to attack Windows, iOS, Android users. (to
the original material)
- The Week in Ransomware -
March 19th 2021 - Highest ransom ever! (to
the original material)
- Critical F5 BIG-IP
vulnerability now targeted in ongoing attacks. (to
the original material)
- Computer giant Acer hit by
$50 million ransomware attack. (to
the original material)
- FBI warns of BEC attacks
increasingly targeting US govt orgs. (to
the original material)
- Russian pleads guilty to
Tesla hacking and extortion attempt (recruiting employees to
implant malware into the Tesla Nevada Gigafactory network). (to
the original material)
- Swiss hacker charged for
leaking proprietary source code. (to
the original material)
- Microsoft Defender adds
automatic Exchange ProxyLogon mitigation. (to
the original material)
- REvil ransomware has a new
‘Windows Safe Mode’ encryption mode. (to
the original material)
- Application Security: Why
Prevention Beats Remediation. (to
the original material)
- New phishing campaign targets
taxpayer credentials. (to
the original material)
- 3 in 4 companies have
experienced account takeover attacks in the last year. (to
the original material)
- New infosec products of the
week: March 19, 2021. (to
the original material)
- Automatically mitigate
ProxyLogon, detect IoCs associated with SolarWinds attackers’
activities. (to
the original material)
- iOS app developers targeted
with trojanized Xcode project. (to
the original material)
- Cisco Releases Security
Updates. (to
the original material)
- Using CHIRP (CISA Hunt and
Incident Response Plan) to Detect Post-Compromise Threat
Activity in On-Premises Environments. (to
the original material)
- Mysterious bug is deleting
Microsoft Teams, SharePoint files. (to
the original material)
- CISA releases new SolarWinds
malicious activity detection tool. (to
the original material)
- New CopperStealer malware
steals Google, Apple, Facebook accounts. (to
the original material)
- US taxpayers targeted with
RAT malware in ongoing phishing attacks. (to
the original material)
- New XcodeSpy malware targets
iOS devs in supply-chain attack. (to
the original material)
- Chinese nation state hackers
linked to Finnish Parliament hack. (to
the original material)
- FBI: Over $4.2 billion
officially lost to cybercrime in 2020. (to
the original material)
- Breaking bad: desperate job
seekers turn to the Darknet and hacking forums for
opportunities. (to
the original material)
- The DevOps Guide to Terraform
Security (open source tool developed by Hashicorp - link
către aplicație). (to
the original material)
- Consumers aware of security
concerns, but not doing much to change password habits. (to
the original material)
- Years-old MS Office, Word
flaws most exploited to deliver malware. (to
the original material)
- DDoS attacks surge as
cybercriminals take advantage of the pandemic. (to
the original material)
- With data volumes and
velocity multiplying, how do you choose the right data security
solution? (to
the original material)
- Ongoing Office 365-themed
phishing campaign targets executives, assistants, financial
departments. (to
the original material)
- Announcing the winners of the
2020 GCP VRP Prize. (to
the original material)
- TTP Table for Detecting APT
Activity Related to SolarWinds and Active Directory/M365
Compromise. (to
the original material)
- CISA-FBI Joint Advisory on
TrickBot Malware. (to
the original material)
- Google fixes a zero-day bug
in the Chrome browser, which was exploited in the wild. (to
the original material)
- Chile's bank regulator
(Comision para el Mercado Financiero - CMF) shares IOCs
(Indicators of Compromise) after Microsoft Exchange hack. (to
the original material)
- Twitter images can be abused
to hide ZIP, MP3 files - here's how. (to
the original material)
- Microsoft's Azure SDK site
tricked into listing fake package. (to
the original material)
- Thinking of Joining
Clubhouse? The Membership Fee Could Be Your Data Privacy. (to
the original material)
- Where is 5G heading, and how
fast will it get there? (to
the original material)
- Threat actors thriving on the
fear and uncertainty of remote workforces. (to
the original material)
- The dangers of misusing
instant messaging and business collaboration tools. (to
the original material)
- Why is financial cyber risk
quantification important? (to
the original material)
- Alert (AA21-076A) TrickBot
Malware. (to
the original material)
- PayPal Fraud: What Merchants
Should Know. (to
the original material)
- Microsoft Releases Exchange
On-premises Mitigation Tool. (to
the original material)
- Teen hacker agrees to 3 years
in prison for Twitter Bitcoin scam. (to
the original material)
- Hacker leaks payment data
from defunct WeLeakInfo breach site. (to
the original material)
- New botnet targets network
security devices with critical exploits. (to
the original material)
- Mimecast: SolarWinds hackers
stole some of our source code. (to
the original material)
- FBI warns of escalating Pysa
ransomware attacks on education orgs. (to
the original material)
- Hackers hide credit card data
from compromised stores in JPG file. (to
the original material)
- The Microsoft Exchange hacks:
How they started and where we are. (to
the original material)
- Mega attack on Microsoft
Exchange Server - what you need to know. (to
the original material)
- CISA provides IT
administrators with guidance for remediating new Microsoft
Exchange Server vulnerabilities. (to
the original material)
- Cybercriminals launch
phishing attacks to obtain AOL users' credentials. (to
the original material)
- Global WLAN market revenue
continues to increase. (to
the original material)
- Security threats increasing
with 70% using personal devices for work. (to
the original material)
- If you are not finding
vulnerabilities, then you are not looking hard enough. (to
the original material)
- Risk management in the
digital world: How different is it? (to
the original material)
- Securing a hybrid workforce
with log management. (to
the original material)
- Microsoft releases one-click
Exchange On-Premises Mitigation Tool (EOMT). (to
the original material)
- Google, HTTPS, and device
compatibility. (to
the original material)
- 15th March – Threat
Intelligence Report. (to
the original material)
- Early Years providers helped
to take first steps with cyber security. (to
the original material)
- Google Releases Security
Updates for Chrome. (to
the original material)
- World Consumer Rights Day:
protecting consumer rights online. (to
the original material)
- Microsoft releases one-click
Exchange On-Premises Mitigation Tool (EOMT). (to
the original material)
- Blender website in
maintenance mode after hacking attempt. (to
the original material)
- iOS Clock app crashes due to
strange Beirut timezone bug. (to
the original material)
- Twitter now supports multiple
2FA security keys on mobile and web. (to
the original material)
- Phishing sites now detect
virtual machines to bypass detection. (to
the original material)
- Vulnerability Summary for the
Week of March 8, 2021. (to
the original material)
- A strategic approach to
identity verification helps combat financial crime. (to
the original material)
- How digital leaders built a
foundation for resiliency in the face of disruption. (to
the original material)
- Alarming number of consumers
impacted by identity theft, application fraud and account
takeover. (to
the original material)
- Why data privacy will be the
catalyst for digital identity adoption. (to
the original material)
- Password reuse defeats the
purpose of passwords. (to
the original material)
- As attacks on Exchange
servers escalate, Microsoft investigates potential PoC exploit
leak. (to
the original material)
- New PoC (Proof of Concept)
for Microsoft Exchange bugs puts attacks in reach of anyone. (to
the original material)
- Week in review: Keeping
serverless architecture secure, trends influencing remote work
in 2021. (to
the original material)
- Updates on Microsoft Exchange
Server Vulnerabilities. (to
the original material)
- Microsoft Edge to use a
four-week release cycle to sync with Chrome. (to
the original material)
- CEO of Sky Global encrypted
chat platform indicted by US. (to
the original material)
- 15-year-old Linux kernel bugs
let attackers gain root privileges. (to
the original material)
- A Spectre proof-of-concept
for a Spectre-proof web. (to
the original material)
- Microsoft vulnerabilities
exploitation - updated advice. (to
the original material)
- Blackout: Service disruptions
that affected the stock market and brokerages. (to
the original material)
- The Week in Ransomware -
March 12th 2021 - Encrypting Exchange servers. (to
the original material)
- Google fixes second actively
exploited Chrome zero-day this month. (to
the original material)
- Scammers promote fake
cryptocurrency giveaways via Twitter ads. (to
the original material)
- Google shares Spectre PoC
targeting browser JavaScript engines. (to
the original material)
- Microsoft Exchange exploits
now used by cryptomining malware. (to
the original material)
- Researchers hacked Indian
govt sites via exposed git and env files. (to
the original material)
- New ZHtrap botnet malware
deploys honeypots to find more targets. (to
the original material)
- OVH data center fire likely
caused by faulty UPS power supply. (to
the original material)
- Most IT pros manage different
versions of the same database. (to
the original material)
- Can private data be recovered
from “sanitized” images? (to
the original material)
- Rise in remote work leads to
increase in IT security gaps. (to
the original material)
- Compromised devices and data
protection: Be prepared or else. (to
the original material)
- Two new ways backup can
protect enterprise SaaS data. (to
the original material)
- Continuing to Raise the Bar
for Verifiable Security on Pixel. (to
the original material)
- Update for organizations on
Microsoft Exchange vulnerabilities. (to
the original material)
- DearCry ransomware attacks
Microsoft Exchange with ProxyLogon exploits. (to
the original material)
- Smart sex toys come with
Bluetooth and remote hijacking weaknesses. (to
the original material)
- Molson Coors brewing
operations disrupted by cyberattack. (to
the original material)
- CISA: No federal civilian
agency hacked in Exchange attacks, so far. (to
the original material)
- Chinese state hackers target
Linux systems with new malware. (to
the original material)
- Exploits on Organizations
Worldwide Grow Tenfold after Microsoft’s Revelation of Four
Zero-days. (to
the original material)
- February 2021’s Most Wanted
Malware: Trickbot Takes Over Following Emotet Shutdown. (to
the original material)
- Dangerous Malware Dropper
Found in 9 Utility Apps on Google’s Play Store. (to
the original material)
- The impact of the pandemic on digital transformation and data access. (to the original material)
- Defending enterprise
systems during a pandemic. (to
the original material)
- Alert overload still
plagues cybersecurity industry. (to
the original material)
- Passing a compliance audit
in the cloud doesn’t have to be hard. (link
materia original)
- 85% of workers are looking
forward to returning to the office. (to
the original material)
- Getting your application
security program off the ground. (to
the original material)
- Updates on Microsoft Exchange
Server Vulnerabilities. (to
the original material)
- F5 Security Advisory for RCE
Vulnerabilities in BIG-IP, BIG-IQ. (to
the original material)
- Microsoft Releases March 2021
Security Updates. (to
the original material)
- Fuzzing Java in OSS-Fuzz. (to
the original material)
- WhatsApp may soon roll out
encrypted chat backups. (to
the original material)
- Cyber security risks and
challenges for companies in the financial industry. (to
the original material)
- Cybercrime group FIN8 is back
with a new weapon. The target is the bank cards used by
customers in shops, hotels and restaurants. (to
the original material)
- Linux Foundation unveils
Sigstore - a Let's Encrypt for code signing. (to
the original material)
- Europol 'unlocks' encrypted
Sky ECC chat service to make arrests. (to
the original material)
- F5 urges customers to patch
critical BIG-IP pre-auth RCE bug. (to
the original material)
- Norway parliament data stolen
in Microsoft Exchange attack. (to
the original material)
- More hacking groups join
Microsoft Exchange attack frenzy. (to
the original material)
- Ryuk ransomware hits 700
Spanish government labor agency offices. (to
the original material)
- Rapid digital transformation
makes an application strategy a business imperative. (to
the original material)
- Most decision makers plan to
increase spending on cybersecurity this year. (to
the original material)
- 372% increase in healthcare
bot traffic could tamper with booking vaccine dates. (to
the original material)
- 2021 Hacker Report: Hackers
are not just driven by money. (to
the original material)
- How to mitigate security
risks as cloud services adoption spikes. (to
the original material)
- SAP Releases March 2021
Security Updates. (to
the original material)
- Adobe Releases Security
Updates. (to
the original material)
- Apple Releases Security
Updates. (to
the original material)
- Guidance on Remediating
Networks Affected by the SolarWinds and Active Directory/M365
Compromise. (to
the original material)
- Introducing sigstore: Easy
Code Signing & Verification for Supply Chain Integrity. (to
the original material)
- iPhone Call Recorder bug gave
access to other people's conversations. (to
the original material)
- Hackers access surveillance
cameras at Tesla, Cloudflare, banks, more. (to
the original material)
- US seizes more domains used
in COVID-19 vaccine phishing attacks. (to
the original material)
- Microsoft March 2021 Patch
Tuesday fixes 82 flaws, 2 zero-days. (to
the original material)
- Microsoft shares detection,
mitigation advice for Azure LoLBins. (to
the original material)
- Adobe fixes critical Creative
Cloud, Adobe Connect vulnerabilities. (to
the original material)
- z0Miner botnet hunts for
unpatched ElasticSearch, Jenkins servers. (to
the original material)
- GandCrab ransomware affiliate
arrested for phishing attacks. (to
the original material)
- Security bug hunters focus on
misconfigured services, earn big rewards. (to
the original material)
- Microsoft releases ProxyLogon
updates for unsupported Exchange Servers. (to
the original material)
- GitHub fixes bug causing
users to log into other accounts. (to
the original material)
- eBook: Protecting Active
Directory. (to
the original material)
- 5G slicing will generate $20
billion in revenue. (to
the original material)
- Only 12% of enterprises have
fully embraced SASE (Secure Access Service Edge). (to
the original material)
- 49% of female cybersecurity
pros say the pandemic had a positive impact on their career. (to
the original material)
- A great deal of employees
have inappropriate access to sensitive data. (to
the original material)
- Keeping your serverless
architecture secure. (to
the original material)
- March 2021 Patch Tuesday:
Microsoft fixes yet another actively exploited IE zero-day. (to
the original material)
- 8th March – Threat
Intelligence Report. (to
the original material)
- Help on hand to shop securely
online this Mother's Day. (to
the original material)
- CISA Strongly Urges All
Organizations to Immediately Address Microsoft Exchange
Vulnerabilities. (to
the original material)
- New Sarbloh ransomware
supports Indian farmers' protest. (to
the original material)
- Hackers hiding Supernova
malware in SolarWinds Orion linked to China. (to
the original material)
- Google Chrome to block port
554 to stop NAT Slipstreaming attacks. (to
the original material)
- European Banking Authority
discloses Exchange server hack. (to
the original material)
- Flagstar Bank hit by data
breach exposing customer, employee data. (to
the original material)
- CISA takes over .GOV
top-level domain (TLD) administration. (to
the original material)
- Unpatched QNAP devices are
being hacked to mine cryptocurrency. (to
the original material)
- Vulnerability Summary for the
Week of March 1, 2021. (to
the original material)
- What Should You Know About
Cloud Security Solutions? (to
the original material)
- Trends that will influence
remote work in 2021 and beyond. (to
the original material)
- Digital-first lifestyle opens
consumers to potential risks during tax season. (to
the original material)
- Number of ransomware attacks
grew by more than 150%. (to
the original material)
- Security awareness programs:
The difference between window dressing and behavior change. (to
the original material)
- How do I select a SOAR
(Security Orchestration, Automation and Response) solution for
my business? (to
the original material)
- Microsoft's MSERT tool now
finds web shells from Exchange Server attacks. (to
the original material)
- Microsoft Office 365 gets
protection against malicious XLM macros. (to
the original material)
- COVID-19 website warning:
rise in vaccine-related domain registrations means increased
risk of scams. (to
the original material)
- The UK's National Cyber
Security Center has published a guide to distance learning for
families. (to
the original material)
- Japan experienced record
number of privacy and security breaches in 2020. (to
the original material)
- Week in review: Exchange
Servers under attack, disinformation economics, Patch Tuesday
forecast. (to
the original material)
- CISA Strongly Urges All
Organizations to Immediately Address Microsoft Exchange
Vulnerabilities. (to
the original material)
- This new Microsoft tool
checks Exchange Servers for ProxyLogon hacks. (to
the original material)
- Ransomware gang plans to call
victim's business partners about attacks (to
the original material)
- Samsung fixes critical
Android bugs in March 2021 updates. (to
the original material)
- NCSC statement on Queen's
University Belfast incident. (to
the original material)
- Microsoft Releases
Alternative Mitigations for Exchange Server Vulnerabilities. (to
the original material)
- Microsoft has released
updates for four zero-day flaws in Exchange Server. (to
the original material)
- The Week in Ransomware -
March 5th 2021 - Targeting service providers. (to
the original material)
- US indicts John McAfee for
cryptocurrency fraud, money laundering. (to
the original material)
- New ransomware Hog only
decrypts victims who join their Discord server. (to
the original material)
- SITA data breach affects
millions of travelers from major airlines. (to
the original material)
- Microsoft: Exchange updates
can install without fixing vulnerabilities. (to
the original material)
- Ongoing phishing attacks
target US brokers with fake FINRA (The US Financial Industry
Regulatory Authority) audits. (to
the original material)
- In the digital economy,
computing power defines productivity. (to
the original material)
- To support a growing
remote workforce, the public sector turned to the cloud. (to
the original material)
- Cybercriminals
increasingly impersonate business-related apps. (to
the original material)
- Credential exposure
trends: You need a better password. (to
the original material)
- Risky business: 3 timeless
approaches to reduce security risk in 2021. (to
the original material)
- March 2021 Patch Tuesday
forecast: Off to an early start. (to
the original material)
- Update to Alert on Mitigating
Microsoft Exchange Server Vulnerabilities. (to
the original material)
- Joint NSA and CISA Guidance
on Strengthening Cyber Defense Through Protective DNS. (to
the original material)
- Cisco Releases Security
Updates. (to
the original material)
- VMware Releases Security
Update. (to
the original material)
- Security 101: Virtual
Patching. (to
the original material)
- Supermicro, Pulse Secure
release fixes for 'TrickBoot' attacks. (to
the original material)
- CompuCom MSP hit by DarkSide
ransomware cyberattack. (to
the original material)
- Microsoft reveals 3 new
malware strains used by SolarWinds hackers. (to
the original material)
- Notorious Maza cybercrime
forum attacked by other hackers. (to
the original material)
- FireEye finds new malware
likely linked to SolarWinds hackers. (to
the original material)
- VMware releases fix for
severe View Planner RCE vulnerability. (to
the original material)
- Hijacking traffic to
Microsoft’s windows.com with bitflipping. (to
the original material)
- Hacked SendGrid accounts used
in phishing attacks to steal logins. (to
the original material)
- Hacked SendGrid accounts used
in phishing attacks to steal logins. (to
the original material)
- DHS (Department of Homeland
Security) orders agencies to urgently patch or disconnect
Exchange servers. (to
the original material)
- Ransomware is a multi-billion
industry and it keeps growing. (to
the original material)
- The economics behind global
disinformation engines and strategies for mitigation. (to
the original material)
- The economics behind global
disinformation engines and strategies for mitigation. (to
the original material)
- Cybercriminals innovate to
find vulnerabilities that can be monetized. (to
the original material)
- 32% of enterprises
experienced unauthorized access to cloud resources. (to
the original material)
- Security starts with
architecture. (to
the original material)
- CISA Issues Emergency
Directive and Alert on Microsoft Exchange Vulnerabilities. (to
the original material)
- Google Releases Security
Updates for Chrome. (to
the original material)
- How to avoid email scams: a
quick guide. (to
the original material)
- Hackers share methods to
bypass 3D Secure for payment cards. (to
the original material)
- Investors are the next target
of large-scale cyberattacks. (to
the original material)
- GRUB2 boot loader reveals
multiple high severity vulnerabilities. (to
the original material)
- US government warns of Social
Security scams using fake federal IDs. (to
the original material)
- Cybersecurity firm Qualys is
the latest victim of Accellion hacks. (to
the original material)
- State hackers rush to exploit
unpatched Microsoft Exchange servers. (to
the original material)
- Cash App phishing kit
deployed in the wild, courtesy of 16Shop. (to
the original material)
- More than 30% of the world’s
countries now have 5G availability. (to
the original material)
- How to tackle modern
agriculture security challenges. (to
the original material)
- Enterprises observing uptick
in risky behaviors since shift to remote work. (to
the original material)
- 10 strategies small security
teams can use for effective cybersecurity management. (to
the original material)
- Proliferation of sneakerbots
across industries: The long tail of DIY bot operators. (to
the original material)
- Exchange Servers targeted via
zero-day exploits, have yours been hit? (to
the original material)
- Now-fixed Linux kernel
vulnerabilities enabled local privilege escalation
(CVE-2021-26708). (to
the original material)
- Android LastPass, a popular
password manager, is in the spotlight because of web trackers. (to
the original material)
- Microsoft Releases
Out-of-Band Security Updates for Exchange Server. (to
the original material)
- Microsoft fixes actively
exploited Exchange zero-day bugs, patch now! (to
the original material)
- Trend Micro Cloud App
Security Threat Report 2020. (to
the original material)
- Google fixes second actively
exploited Chrome zero-day bug this year. (to
the original material)
- Payroll giant PrismHR outage
likely caused by ransomware attack. (to
the original material)
- Malaysia Airlines discloses a
breach spanning 9 years of data. (to
the original material)
- SolarWinds reports $3.5
million in expenses from supply-chain attack. (to
the original material)
- Oxfam Australia confirms data
breach after stolen info sold online. (to
the original material)
- Microsoft announces Windows
Server 2022 with new security features. (to
the original material)
- Microsoft Teams adds
end-to-end encryption (E2EE) to one-on-one calls. (to
the original material)
- Microsoft 365 Defender Threat
Analytics enters public preview. (to
the original material)
- Malicious NPM packages target
Amazon, Slack with new dependency attacks. (to
the original material)
- Customers willing to share
personal data in exchange for personalized services. (to
the original material)
- Cybercriminals continue to
target trusted cloud apps. (to
the original material)
- Alexa Skills: Security gaps
and data protection problems. (to
the original material)
- Multi-payload Gootloader
platform stealthily delivers malware and ransomware. (to
the original material)
- Preparing for the
Cybersecurity Maturity Model Certification onslaught. (to
the original material)
- March 1st – Threat
Intelligence Report. (to
the original material)
- Google launches Password
Checkup tool for Android as well. (to
the original material)
- Working Windows and Linux
Spectre exploits found on VirusTotal. (to
the original material)
- European e-ticketing platform
Ticketcounter extorted in data breach. (to
the original material)
- World's leading dairy group
Lactalis hit by cyberattack. (to
the original material)
- Hackers use black hat SEO to
push ransomware, trojans via Google. (to
the original material)
- Universal Health Services
lost $67 million due to Ryuk ransomware attack. (to
the original material)
- NSW Transport agency extorted
by ransomware gang after Accellion attack. (to
the original material)
- Tether cryptocurrency firm
says docs in $24 million ransom are 'forged'. (to
the original material)
- Vulnerability Summary for the
Week of February 22, 2021. (to
the original material)
- FinServ Compliance: Top 5
Considerations to Securing Your Cloud Infrastructure. (to
the original material)
- Data is most at risk on
email, with 83% of organizations experiencing email data
breaches. (to
the original material)
- Full-stack observability: The
only way technologists can deal with IT complexity. (to
the original material)
- Insights for navigating a
drastically changing threat landscape. (to
the original material)
- Most IT security leaders lack
confidence in their company’s security posture. (to
the original material)
- How do I select a cloud
security solution for my business? (to
the original material)
- Protecting the digital
workplace with an integrated security strategy. (to
the original material)
- Critical flaw in Rockwell
PLCs allows attackers to fiddle with them (CVE-2021-22681). (to
the original material)
Archive:
Click here to access CMS (Content Management System) in Joomla.
Source:
Note Dorin M.
This site has a double
form, one in HTML and one in Joomla (if you are interested
in the utility behind this effort you can read the "Why
a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
Dorin M - March 31, 2021