Author: DEFENDEDGE

Joseph Carson, Chief Security Scientist at ThycoticCentrify, offers a 7-step practical IR checklist for ensuring a swift recovery from a cyberattack. Read more

The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. Read more

Original release date: October 5, 2021 CISA and the National Cybersecurity Alliance (NCSA) remind users to continue to “Do Your Part. #BeCyberSmart.” during October—2021’s Cybersecurity Awareness Month!   In 2021, CISA and NCSA will focus on different outreach themes each week to include:   Be Cyber Smart Phight the Phish! Explore. Experience. Share. – Cybersecurity… Read more

Original release date: October 4, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info adobe — digital_editions Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse… Read more

Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA. Read more

This is the second pair of zero days that Google’s fixed this month, all four of which have been actively exploited in the wild. Read more

First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks. Read more

Jason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity. Read more

Multiple configuration flaws in a free Wi-Fi network used by numerous universities can allow access to usernames and passwords of students and faculty who connect to the system from Android and Windows devices, researchers have found. A research team from WizCase, led by researcher Ata Hakçıl, reviewed 3,100 configurations of Eduroam at universities throughout Europe,… Read more

Researchers have demonstrated that someone could use a stolen, unlocked iPhone to pay for thousands of dollars of goods or services, no authentication needed. Read more