Cybersecurity News
More SolarWinds Attack Details Emerge
A third piece of malware is uncovered, but there's still plenty of unknowns about the epic attacks purportedly out of Russia.12 January 2021
United Nations Security Flaw Exposed 100K Staff Records
Security researchers have disclosed a vulnerability they exploited to access more than 100,000 private employee records.12 January 2021
Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes

12 January 2021
Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021
Microsoft patched 83 bugs, including a Microsoft Defender zero-day and one publicly known elevation of privilege flaw.12 January 2021
SolarWinds: What Hit Us Could Hit Others
New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company's software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company's software development pipeline could be repurposed against many other major software providers.12 January 2021
Google reveals sophisticated Windows & Android hacking operation
The attackers used a combination of Android, Chrome, and Windows vulnerabilities, including both zero-days and n-days exploits.12 January 2021
How to Boost Executive Buy-In for Security Investments
Linking security budgets to breach-protection outcomes helps executives balance spending against risk and earns CISOs greater respect in the C-suite.12 January 2021
Data Breach at ‘Resident Evil’ Gaming Company Widens

12 January 2021
Mimecast Certificate Hacked in Microsoft Email Supply-Chain Attack

12 January 2021
BumbleBee Opens Exchange Servers in xHunt Spy Campaign

12 January 2021
Microsoft fixes Defender zero-day in January 2021 Patch Tuesday
Microsoft fixes 83 security bugs in the January 2021 Patch Tuesday releases.12 January 2021
Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content

12 January 2021
Europol Reveals Dismantling of ‘Largest’ Underground Marketplace

12 January 2021
Security Operations Struggle to Defend Value, Keep Workers
Companies continue to value security operations centers but the economics are increasingly challenging, with high analyst turnover and questions raised over return on investment.12 January 2021
Bringing Zero Trust to Secure Remote Access

12 January 2021
Mimecast says hackers abused one of its certificates to access Microsoft accounts
Mimecast, a provider of email management software, said learned of the security incident from Microsoft.12 January 2021
Ethical Hackers Breach U.N., Access 100,000 Private Records

12 January 2021
Over-Sharer or Troublemaker? How to Identify Insider-Risk Personas
It's past time to begin charting insider risk indicators that identify risky behavior and stop it in its tracks.12 January 2021
macOS malware used run-only AppleScripts to avoid detection for five years
The macOS.OSAMiner has been active since 2015, primarily infecting users in Asia.12 January 2021
Post-Backlash, WhatsApp Spells Out Privacy Policy Updates

12 January 2021