Estimated Reading Time: < 1 minute
Curated daily news for February 15, 2021
Today’s 12 newsworthy articles include: What you need to know about the Zerologon vulnerability, Windows Defender’s 12-year old vulnerability, A spike in web shell use, Enforcing SSH certificates, and Supply chain subverted with over 150 npm packages mimicking the SolarWinds attack.
- Zerologon Vulnerability: What You Need to Know
- 12 Years in Hiding – A Privilege Escalation Vulnerability in Windows Defender
- Beyond Text Messages: How to Secure 2FA Against Phone Authentication Scams
- Sonatype Spots 150+ Malicious npm Packages Copying Recent Software Supply Chain Attacks that Hit 35 Organization
- ‘Annoyingly Believable’ Tax Scam Targets Mobile Users
- Microsoft is seeing a big spike in Web shell use
- Quantum computing and encryption: Key to achieving resilience, technological sovereignty and leadership
- Survey: COVID-19 Accelerates new Networking, Security Paradigms
- BSidesSF 2020 – Mike Malone’s ‘If You’re Not Using SSH Certificates You’re Doing SSH Wrong’
- DevOps vs. DevSecOps – Here’s How They Fit Together
- What is DNS Poisoning?
- How to enforce password complexity on Linux
|Tool Of The Day|
|Tritium – Password Spraying Framework: A tool to enumerate and spray valid Active Directory accounts through Kerberos Pre-Authentication.|
Copyright © 2002-2021 John Masserini. All rights reserved.