[ZDNet] CISA passes directive forcing federal civilian agencies to fix 306 vulnerabilities

The running list of prioritized vulnerabilities will evolve based on CISA’s understanding of adversary activity, the agency said.

Source: Read More (Latest topics for ZDNet in Security)

You might be interested in …

Daily NCSC-FI news followup 2021-03-06

Chinas RedEcho accused of targeting Indias power grids blog.malwarebytes.com/vital-infrastructure/2021/03/chinas-redecho-accused-of-targeting-indias-power-grids/ RedEcho, an advanced persistent threat (APT) group from China, has attempted to infiltrate the systems behind Indias power grids, according to a threat analysis report from Recorded Future [PDF].. It appears that what triggered this attempt to gain a foothold in Indias critical power generation and […]

Read More

[NCSC-FI News] Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail

IBM Security X-Force researchers have discovered a revamped version of the Trickbot Group’s AnchorDNS backdoor being used in recent attacks ending with the deployment of Conti ransomware The Trickbot Group, which X-Force tracks as ITG23, is a cybercriminal gang known primarily for developing the Trickbot banking Trojan, which was first identified in 2016 and initially […]

Read More

[HackerNews] Five Critical Password Security Rules Your Employees Are Ignoring

All posts, HackerNews

According to Keeper Security’s Workplace Password Malpractice Report, many remote workers aren’t following best practices for password security. Password security was a problem even before the advent of widespread remote work. So, what happened post-pandemic? Keeper Security’s Workplace Password Malpractice Report sought to find out. In February 2021, Keeper surveyed 1,000 employees in the U.S. Source: Read […]

Read More