https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
https://blog.f-secure.com/insight-from-a-large-scale-phishing-study/
https://www.darkreading.com/attacks-breaches/log4j-proved-public-disclosure-…
FBI Issues Warning Over Iranian Cyber Company
Private Industry Notice reveals malicious tactics of Emennet Pasargad
Most Ransomware Infections are Self-installed
Four out of five ransomware attacks involve victim opening malicious zipped file
Water Utilities Get 100-Day Cybersecurity Plan
EPA announces action plan to defend US water system against cyber-attacks
White House Releases Zero Trust Strategy for Federal Government
The memorandum sets out series of security goals for federal agencies to establish zero trust approach
NCSC Warns UK Organizations to Prepare for Russian Cyber-Attacks
The NCSC said recent cyber-incidents in Ukraine corresponds with past Russian behavior
Online Investment Fraud Network Taken Down by Law Enforcement
The action, supported by Europol, took down the network responsible for losses of more than €10m
Rep. Elaine Luria on Defense Strategy, China, and Taiwan
Elaine Luria & John Sorensen, RealClearDefense On today’s episode of the RealClearDefense podcast “Hot Wash,” host John Sorensen speaks with Rep. Elaine Luria (VA-02), Democratic Vice Chair…
Universal Plug and Play (UPnP): What You Need to Know
Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities ar…
UPnProxy: Eternal Silence
UPnProxy is alive and well. There are 277,000 devices, out of a pool of 3.5 million, running vulnerable implementations of UPnP. Of those, Akamai can confirm that more than 45,000 have been compromised in a widely distributed UPnP NAT injection campaign.