News – TFun dot org

Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets

06/12/2021Kelly Sheridan

Clusters of activity associated with the attack group behind last year’s supply chain breach reveal novel techniques, researchers say. Source: Darkreading Attacks Breaches

US Military Has Acted Against Ransomware Groups: Report

06/12/2021Dark Reading Staff

Gen. Paul Nakasoke, head of US Cyber Command and director of the NSA, said the military has taken offensive action against ransomware groups. Source: Darkreading Attacks Breaches

SEARCH for Hidden Cyber Threats: 6 Steps to Unleash a Hyper-effective Threat Hunting Team

06/12/2021Scott Taschler

SEARCH is a carefully-tuned methodology that balances people, process and technology for threat hunters actively searching for, and disrupting, distinctly human threats. Source: Darkreading Attacks Breaches

OMB offers new plans for enforcing federal cyber rules

06/12/2021By Sam Sabin

Also: The State Department hasn’t confirmed reports of NSO Group’s tech targeting U.S. diplomats. Source: Morning Cyber Security news Politico

Why the C-Suite Doesn't Need Access to All Corporate Data

06/12/2021Rajesh Ganesan

If zero trust is to work properly, then it must apply to everyone. Source: Darkreading Attacks Breaches

Kafdrop flaw allows data from Kafka clusters to be exposed Internet-wide

06/12/2021Help Net Security

Researchers at Spectral discovered a security flaw in Kafdrop, a popular open-source UI and management interface for Apache Kafka clusters that has been downloaded more than 20 million times. Kafdrop security flaw Companies affected range from major global players to smaller organizations in healthcare, insurance, media, and IoT – basically anyone using Kafdrop with Apache […]

“Get Your Free Omicron PCR test” is the latest Omicron phishing scam

06/12/2021Deeba Ahmed

By Deeba Ahmed The latest Omicron phishing scam is currently targeting unsuspecting users in the United Kingdom. This is a post from HackRead.com Read the original post: “Get Your Free Omicron PCR test” is the latest Omicron phishing scam Source: hack read com

CERTFR-2021-AVI-918 : Vulnérabilité dans F5 NGINX (06 décembre 2021)

06/12/2021RedOne

Une vulnérabilité a été découverte dans F5 NGINX. Elle permet à un attaquant de provoquer un déni de service à distance. Source: Cert FR

CERTFR-2021-AVI-917 : Vulnérabilité dans Red Hat (06 décembre 2021)

06/12/2021RedOne

Une vulnérabilité a été découverte dans le système d’exploitation Red Hat. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance. Source: Cert FR

The Importance of Out-of-Band Networks, (Mon, Dec 6th)

06/12/2021RedOne

Out-of-band (or "OoB") networks are usually dedicated to management tasks. Many security appliances and servers have dedicated management interfaces that are used to set up, control, and monitor the device. A best practice is to connect those management interfaces to a dedicated network that is not directly connected to the network used to carry applications/users' data. If […]