Author: DEFENDEDGE

Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting. Read more

Original release date: May 13, 2021 WordPress versions between 3.7 and 5.7.1 are affected by a security vulnerability. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.7.2. This product is provided subject to this Notification… Read more

According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key. Read more

An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships. Read more

The ‘Send My’ exploit can use Apple’s locator service to collect and send information from nearby devices for later upload to iCloud servers. Read more

Paper ballots and source-code transparency are recommended to improve election security. Read more

Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they’re in range. Read more

Original release date: May 11, 2021 CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure (CI) company.  Cybercriminal groups use DarkSide to gain access to a victim’s network to encrypt and exfiltrate data. These… Read more

Original release date: May 11, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of a ransomware attack affecting… Read more