David “moose” Wolpoff, CTO at Randori, discusses security appliances and VPNs and how attackers only have to “pick one lock” to invade an enterprise through them.

https://threatpost.com/breaking-into-security-appliances/167584/

The fix doesn’t cover the entire problem nor all affected systems however, so the company also is offering workarounds and plans to release further remedies at a later date.

https://threatpost.com/microsoft-emergency-patch-printnightmare/167578/

Say hello to one more zero-day and yet more potential remote data death for those who can’t/won’t upgrade their My Cloud storage devices.

https://threatpost.com/rce-0-day-western-digital-users/167547/

REvil ransomware gang lowers price for universal decryptor after massive worldwide ransomware push against Kaseya security vulnerability CVE-2021-30116.

https://threatpost.com/kaseya-patches-zero-day-exploits/167548/

Following a brazen ransomware attack by the REvil cybergang, CISA and FBI offer guidance to victims.

https://threatpost.com/kaseya-attack-fallout/167541/

Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry.

https://threatpost.com/healthcare-prey-ransomware-cyberattacks/167525/

The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military.

https://threatpost.com/kubernetes-brute-force-attacks-russia-apt28/167518/

CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that don’t print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.

https://threatpost.com/cisa-mitigation-printnightmare-bug/167515/

Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials.

https://threatpost.com/netgear-authentication-bypass-router-takeover/167469/

The self-propagating malware’s attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines.

https://threatpost.com/indexsinas-smb-worm-enterprises/167455/

The “PrintNightmare” bug may not be fully patched, some experts are warning, leaving the door open for widespread remote code-execution attacks.

https://threatpost.com/poc-exploit-windows-print-spooler-bug/167430/

Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability.

https://threatpost.com/zero-day-wipe-my-book-live/167422/

Kerry Matre, senior director at Mandiant, discusses the appropriate metrics to use to measure SOC and analyst performance, and how MTTR leads to bad behavior.

https://threatpost.com/mttr-bad-secops/167440/

The bug in Edge’s auto-translate could have let remote attackers pull off RCE on any foreign-language website just by sending a message with an XSS payload.

https://threatpost.com/microsoft-edge-browser-uxss-attacks/167389/

Disclosure of a bug in Adobe’s content-management solution - used by Mastercard, LinkedIn and PlayStation – were released.

https://threatpost.com/rce-bug-in-adobe-revealed/167382/

A vulnerability in NVIDIA’s GeForce Experience software opens the door to remote data access, manipulation and deletion.

https://threatpost.com/nvidia-high-severity-geforce-spoof-bug/167345/

“I am totally screwed,” one user wailed after finding years of data nuked. Western Digital advised yanking the NAS storage devices offline ASAP: There’s an exploit.

https://threatpost.com/my-book-live-wiped-rce-attacks/167270/

In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter.

https://threatpost.com/cisco-asa-bug-exploited-poc/167274/

The 9.4-rated bug in AppC could give attackers admin rights, no authentication required, letting them attack anything from PoS to industrial control systems.

https://threatpost.com/vmware-carbon-black-authentication-bypass/167226/

Four separate security bugs would give attackers almost complete control and persistence over targeted devices, thanks to a faulty update mechanism.

https://threatpost.com/dell-bios-attacks-rce/167195/