- Patch
- Microsoft Patch Tuesday, January 2021 Edition [Brian Krebs]
- Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content [Lindsey O’Donnell, Threatpost]
- Cisco Security Advisories [Cisco]
- Juniper Security Advisories [Juniper Networks]
- A vulnerability in Zyxel Firewall and AP Controllers Could Allow for Administrative Access [MS-ISAC / Center for Internet Security]
- Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking [Tom Spring, Threatpost]
- Defend
- How to set up CSIRT and SOC [ENISA]
- Microsoft Sysmon adds support for detecting Process Herpaderping attacks [Catalin Cimpanu, Zero Day]
- Microsoft Defender for Linux now has endpoint detection and response security [Steven J. Vaughan-Nichols, Zero Day]
- Alert (AA21-008A): Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments [CISA]
- Attacks / Breaches
- Third malware strain discovered in SolarWinds supply chain attack [Catalin Cimpanu, Zero Day]
- Mimecast Certificate Hacked in Microsoft Email Supply-Chain Attack [Tara Seals, Threatpost]
- FBI Warns of Egregor Attacks on Businesses Worldwide [Elizabeth Montalbano, Threatpost]
- Ubiquiti tells customers to change passwords after security breach [Catalin Cimpanu, Zero Day]
- Google reveals sophisticated Windows and Android hacking operation [Catalin Cimpanu, Zero Day]
- Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments [CISA]
- Other news
- US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security [Seth Rosenblatt, Dark Reading / Informa]
- How I stole the data in millions of people’s Google accounts [Ethan Elshyeb, Noteworthy / Medium]
- Backstory Of The World’s First Chief Information Security Officer [Steve Morgan, Cybercrime Magazine]
- Uganda Shuts Down the Internet Ahead of its Election [Matthew Gault, Motherboard / VICE Media Group]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F