Cyber warfare: How to empower your defense strategy with threat intelligence
An effective cybersecurity defense strategy requires a multi-layered approach that considers threat intelligence, security solutions, and a security-first culture.
ISC StormCast for Friday, April 15th, 2022
An Update on CVE-2022-26809 MSRPC Vulnerability – PATCH NOW
https://isc.sans.edu/forums/diary/An+Update+on+CVE202226809+MSRPC+Vulnerabliity+PATCH+NOW/28550/
Webcast: https://www.sans.org/webcasts/cve-2022-26809-ms-rpc-vulnerability-analysis/
https://twitter.com/splinter_code/status/1514653941304369153
Google Chrome 0-Day Patch
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_14.html
Cisco Webex Phones Home Audio Telemetry
https://wiscprivacy.com/papers/vca_mute.pdf
Grafana Enterprise Vulnerabilty
https://grafana.com/blog/2022/04/12/grafana-enterprise-8.4.6-released-with-high-severity-security-fix/
What makes an identity?
By keeping the power of biometric enrollment, companies can stop data breaches or leaks, improve identity and access management, and trust the identity of users.
ISC StormCast for Thursday, April 14th, 2022
How is Ukrainian Internet Holding Up During Russian Invasion
https://isc.sans.edu/forums/diary/How+is+Ukrainian+internet+holding+up+during+the+Russian+invasion/28546/
Update on Windows Patches and CVE-2022-26809
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26809
Adobe Updates
https://helpx.adobe.com/security/products/photoshop/apsb22-20.html
Apache Struts 2 Update
https://cwiki.apache.org/confluence/display/WW/S2-062
RaidForum dismantled by joint security operation
Popular hacker forum RaidForum was taken down by a joint law enforcement operation. However, security leaders predict the takedown is unlikely to result in a major disruption to overall cybercriminal activity.
Chris Inglis, John Sherman, William Burns to headline Billington CyberSecurity Summit
The Billington Summit will convene leading senior cybersecurity government decision-makers to examine key security trends and topics to foster dialogue between government leaders and private industry.
Russia and Ukraine are weaponizing cloud technology amid conflict
Cloud technology has been used as a dangerous weapon in the Russian invasion of Ukraine. How can organizations and their security leaders protect the cloud?
ISC StormCast for Wednesday, April 13th, 2022
Microsoft April 2022 Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+April+2022+Patch+Tuesday/28542/
NGINX Statement To LDAP Weakness
https://www.nginx.com/blog/addressing-security-weaknesses-nginx-ldap-reference-implementation/
Attacks on Ukrainian Power Grid
https://www.welivesecurity.com/2022/04/12/industroyer2-industroyer-reloaded/
Storage: An essential part of a corporate cybersecurity strategy
Chief information security officers (CISOs) will need to take an end-to-end approach to stay ahead of cybersecurity threats this year and beyond. This entails evaluating the relationship between cybersecurity, storage, and cyber resilience.
