- Vulnerabilities
- Vulnerabilities in Fortinet WAF Can Expose Corporate Networks to Attacks [Eduard Kovacs, Security Week]
- Zend Framework disputes RCE vulnerability, issues patch [Ax Sharma, Bleeping Computer]
- Crying Wolf
- Bug? No, Telegram exposing its users’ precise location is a feature working as ‘expected’ [Tim Anderson, The Register]
- Policy
- NIST SP 800-128 – Because Patching May Never Fix Your Hidden Flaws [Bob Covello, Tripwire]
- 10 Benefits of Running Cybersecurity Exercises [Steve Durbin, Dark Reading]
- Ransomware
- Babuk Locker is the first new enterprise ransomware of 2021 [Lawrence Abrams, Bleeping Computer]
- SolarWinds Things
- SolarWinds hackers accessed Microsoft source code [Catalin Cimpanu, ZDNet]
- Shields Up – How to Tackle Supply Chain Risk Hazards [Torsten George, Security Week]
- SolarWinds – The more we learn, the worse it looks [Steven J. Vaughan-Nichols, ZDNet]
- SolarWinds Hit With Class-Action Lawsuit Following Orion Breach [Dark Reading]
- CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise [US CERT]
- FBI probe of major hack includes project-management software from JetBrains [Joseph Menn and Jack Stubbs, Reuters]
- Breaches and Bugs
- A Google Docs Bug Could Have Allowed Hackers See Your Private Documents [Ravie Lakshmanan, The Hacker News]
- Hackers phish 615,000 login credentials by using Facebook ads [Sudais Asif, HackRead]
- 2020 InfoSec in Review
- The strangest cybersecurity events of 2020 [David Ruiz, Malware Bytes]
- The Coolest Hacks of 2020 [Kelly Jackson Higgins, Dark Reading]
- The most enticing cyberattacks of 2020 [David Ruiz, Malware Bytes]
- A Review of Ransomware in 2020 [TripWire]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F
![[TI: logo for TI accredited teams]](../assets/img/TI-Accredited_120x120.jpg)
![[FIRST.org Logo]](../assets/img/first-org-simple.png)