Estimated Reading Time: < 1 minute
Curated daily news for March 8, 2021
Today’s articles include: *Five critical alerts/IoCs/tools to help deal with the recent Microsoft Exchange Zero-days*, The supply-chain risks of ‘poison packages’, It still takes 280 days to patch production, and Malware attacks new Intel CPU flaw.
Today’s critical reads:
- At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software
- HAFNIUM Exchange Zero-Day Scanning
- Microsoft Shares Additional Mitigations for Exchange Server Vulnerabilities Under Attack
- US-CERT – Microsoft IOC Detection Tool for Exchange Server Vulnerabilities
- US-CERT – Microsoft Releases Alternative Mitigations for Exchange Server Vulnerabilities
Today’s interesting reads:
- Poison packages – “Supply Chain Risks” user hits Python community with 4000 fake modules
- 280 Days to Fix a Vulnerability in Production
- Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
- AWS Penetration Testing: Essential Guidance for 2021
- How Enterprises are Developing Secure Applications
- Reducing Cybersecurity Risk With Minimal Resources
- 3 Hiking Principles That Made Me a Better CISO
| Tool Of The Day |
|---|
| Kubestriker – A Blazing Fast Security Auditing Tool For Kubernetes: Kubestriker performs numerous in-depth checks on kubernetes infra to identify the security misconfigurations and challenges that DevOps engineers/developers are likely to encounter when using Kubernetes, especially in production and at scale. Kubestriker is platform agnostic and works equally well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE, etc. |
Copyright © 2002-2021 John Masserini. All rights reserved.