SolarWinds Compromise Update and Recommendations https://t.co/YgIis9DJb0
— Kyle Welsh (@kyledwelsh) December 14, 2020
Good info from FRSecure #solarwinds #fireeye #SANS #IOCs
Showing all posts tagged security:
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor | FireEye Inc
Implement MFA people!
Suspected Russian hackers spied on U.S. Treasury emails - sources | Reuters
Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers
Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers - Microsoft Security
A persistent malware campaign has been actively distributing Adrozek, an evolved browser modifier malware at scale since at least May 2020. At its peak in August, the threat was observed on over 30,000 devices every day. The malware is designed to inject ads into search engine results pages and affects multiple browsers.
Security Affairs - Apache Software Foundation fixes code execution flaw in Apache Struts 2
Apache Software Foundation fixes code execution flaw in Apache Struts 2
The Apache Software Foundation addressed a possible remote code execution vulnerability in Struts 2 related to the OGNL technology. The Apache Software Foundation has released a security update to address a "possible remote code execution" flaw in Struts 2 that is related to the OGNL technology. The remote code execution flaw, tracked as CVE-2020-17530, resides in […]
Security Affairs - WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack
Clip source: WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack
WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack
Threat actors are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin installed on more than 500,000 sites. Hackers are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin to reset passwords for admin accounts. The SMTP WordPress plugin is installed on more than 500,000 sites, but […]
Security Affairs - Spotify reset user passwords after personal information exposure
Spotify reset user passwords after personal information exposure
Spotify is informing users that their personal information might have been accidentally shared with some of its business partners. Spotify is informing users that their personal information might have been inadvertently shared with some of its business partners for several months. The company filed a notice of breach notice with the California Attorney General. "We deeply regret […]
Verkada - Hybrid Cloud Video Security
Tired of your existing video security system that is probably made up of a combination of different DVRs/NVRs and an assortment of cameras that you need multiple consoles to manage and of course, search for video?
Take a look at the Verkada solution - no on-premise DVR/NVR - 10 year warranty on all cameras, the ability to manage all cameras from a single web portal or mobile application. Many more features as well released on a continuous basis that you will automatically be provisioned for!
Check out their weekly webinar (link below) or reach out to me directly and I will coordinate an intro and demo for you.
 |
Organizations are rapidly moving to the cloud to enable remote access, support greater scale, and improve usability of video surveillance systems. In this webinar, we’ll show how to deploy smart, cloud-based video surveillance so simple and scalable that it works for everyone at your organization.
verkada.com |
Scenario Planning
Good read on scenario planning by Phil Venerables. Great way to connect strategic planning with risk management.
Scenario Planning - The Best Technique You Might Not Be Using.
— Phil Venables (@philvenables) November 22, 2020
Digital Nirvana or Death Race, you get to choose. https://t.co/4qncnVfFhj pic.twitter.com/8fbIU7OM4T
Cloudflare
So, one of the many things I enjoy about my job is getting the exposure to all sort of new technology for IT, cloud and security. I've been spending some more time getting more up to speed on Cloudflare and realizing that it is more than a CDN, more than a WAF, more than DNS and more than ZTA - in fact, it can be used for all of them.
Get faster DNS and privacy on your phone by installing the 1.1.1.1 app. It's free!
More to come on this topic, but I did mange to do this today:
 |  |
Kyle Welsh
Seattle Sports, Technology, News, Humor and Really Anything Else I Want To Post.