Mimecast: Recent Certificate Compromise Tied to SolarWinds Attacks
Yet another security firm hit in the sweeping attack campaign believed to be out of Russia.
BEC Scammers Find New Ways to Navigate Microsoft 365
Their techniques made use of out-of-office replies and automatic responses during the 2020 holiday season, researchers report.
Deloitte & Touche Buys Threat-Hunting Firm
Root9B (R9B) offers threat hunting and other managed security services.
Small Security Teams Have Big Security Fears, CISOs Report
Researchers poll security leaders who are tasked with protecting large organizations but have a small presence and budget.
Microsoft to Launch ‘Enforcement Mode’ for Zerologon Flaw
Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update.
NSA Appoints Rob Joyce as Cyber Director
Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA's top representative in the UK.
‘Chimera’ Threat Group Abuses Microsoft & Google Cloud Services
Researchers detail a new threat group targeting cloud services to achieve goals aligning with Chinese interests.
NSA Recommends Using Only ‘Designated’ DNS Resolvers
Agency provides guidelines on securely deploying DNS over HTTPS, aka DoH.
SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns
Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.
Huntress Acquires EDR Technology From Level Effect
Huntress seeks to improve its detection and response capabilities with a more comprehensive view of endpoint security.
United Nations Security Flaw Exposed 100K Staff Records
Security researchers have disclosed a vulnerability they exploited to access more than 100,000 private employee records.
IoT Vendor Ubiquiti Suffers Data Breach
Cloud provider hosting "certain" IT systems attacked, company says.
Russian Hacker Sentenced to 12 Years for Role in Breaches of JP Morgan, Others
Crimes netted him $19 million overall.
SolarWinds Hires Chris Krebs and Alex Stamos for Breach Recovery
The former US cybersecurity official and former Facebook security chief will help SolarWinds respond to its recent attack and improve security.
State Dept. to Create New Cybersecurity & Technology Agency
Bureau of Cyberspace Security and Emerging Technologies (CSET) will serve as diplomatic arm for US cybersecurity interests.