Top news of the week: 11.11.2021.
Mitre Attack
Zoho ManageEngine Flaw Highlights Risks of Race to Patch
Attackers used a pre-auth vulnerability in a component of the enterprise management software suite to compromise businesses, highlighting the dangers of Internet-facing software.
The dark side of Microsoft Remote Procedure Call protocols
MSRPC to ATT&CK is a one-stop shop for learning more about how adversaries abuse Remote Procedure Calls and what you can do to detect it.
SolarWinds Vulnerability Exploited in First Stage of Clop Ransomware Attacks
Russian cybercrime group known as T505 is targeting SolarWinds Server-U systems that haven't been patched for a remote code execution vulnerability fixed this summer.
What Security Strategies Are Driving InfoSec's Decisions Around Defense?
The data shows security leaders are focusing on multilayered defenses, including multifactor authentication, threat intelligence, and incident response.
How to Minimize Ransomware's Trail of Destruction and Its Associated Costs
One of the biggest mistakes an organization can make is blindly throwing technology at the problem instead of properly investing in building a security team.
Motivated by WannaCry attack, group unveils medical device incident response playbook
New Cloud Security Alliance guidance takes aim at some of the biggest challenges facing providers when it comes to defending and responding to incidents impacting medical devices.
Securing the Public: Who Should Take Charge?
International policy expert Marietke Schaake explores the intricacies of protecting the public as governments depend on private companies to build and secure digital infrastructure.
4 Tips to Secure the OT Cybersecurity Budget You Require
OT security engineers and personnel should approach senior management with an emphasis on risk reduction benefits and with a concrete plan to secure budget and funding before it's too late.