- SolarWinds Orion updates
- SANS Emergency Webcast: What you need to know about the SolarWinds Supply-Chain Attack [Jake Williams, SANS]
- SolarWinds Security Advisory [SolwarWinds]
- Alert (AA20-352A): Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations [CISA]
- SolarWinds hackers have a clever way to bypass multi-factor authentication [Dan Goodin, Ars Technica]
- SUPERNOVA: SolarStorm’s Novel .NET Webshell [Palo Alto Networks]
- Education sector
- Learning
- Operational network security – training sessions Aug 2020 to Feb 2021 (new DNS security modules added) [GÉANT / DFN / DFN-CERT]
- Web application security
-
Web Security Testing Guide v4.2 Released [Victoria Drake, OWASP]
- Get it at https://github.com/OWASP/wstg/
-
Web Security Testing Guide v4.2 Released [Victoria Drake, OWASP]
- General interest
- Migration delays prevent AD-centric zero trust security framework adoption [Help Net Security]
- Emulated mobile devices used to steal millions from US, EU banks [Sergiu Gatlan, Bleeping Computer]
- Inherently Vulnerable By Design [Defense in Depth (podcast)]
- I am the Chief Security Officer at Akamai and I make the internet suck less. Ask me anything!
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F