DigeeX @digeex@noc.social

Security Tip #2: Enable Multi-Factor Authentication

Call to action: Raising security awareness: https://www.digeex.de/blog/call-to-action/

SolarWind, enough with the password already!: https://gru.gq/2021/02/28/solarwind-enough-with-the-password-already/

Former SolarWinds CEO blames intern for "solarwinds123" password leak - CNNPolitics: https://edition.cnn.com/2021/02/26/politics/solarwinds123-password-intern/index.html

Google shares PoC exploit for critical Windows 10 Graphics RCE bug: https://www.bleepingcomputer.com/news/security/google-shares-poc-exploit-for-critical-windows-10-graphics-rce-bug/

Clubhouse's Security and Privacy Lag Behind Its Explosive Growth | WIRED: https://www.wired.com/story/clubhouse-privacy-security-growth/

Go malware is now common, having been adopted by both APTs and e-crime groups | ZDNet: https://www.zdnet.com/article/go-malware-is-now-common-having-been-adopted-by-both-apts-and-e-crime-groups/

Ransomware gang hacks Ecuador's largest private bank, Ministry of Finance: https://www.bleepingcomputer.com/news/security/ransomware-gang-hacks-ecuadors-largest-private-bank-ministry-of-finance/

T-Mobile discloses data breach after SIM swapping attacks: https://www.bleepingcomputer.com/news/security/t-mobile-discloses-data-breach-after-sim-swapping-attacks/

Twitter scammers earned over $145k this week in Bitcoin, Ethereum, Doge: https://www.bleepingcomputer.com/news/security/twitter-scammers-earned-over-145k-this-week-in-bitcoin-ethereum-doge/

Exclusive: Hackers Break Into ‘Biochemical Systems’ At Oxford University Lab Studying Covid-19: https://www.forbes.com/sites/thomasbrewster/2021/02/25/exclusive-hackers-break-into-biochemical-systems-at-oxford-uni-lab-studying-covid-19/

The state of stalkerware in 2020 | Securelist: https://securelist.com/the-state-of-stalkerware-in-2020/100875/

TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations | Proofpoint US: https://www.proofpoint.com/us/blog/threat-insight/ta413-leverages-new-friarfox-browser-extension-target-gmail-accounts-global

Lazarus targets defense industry with ThreatNeedle | Securelist: https://securelist.com/lazarus-threatneedle/100803/

Attackers scan for vulnerable VMware servers after PoC exploit release: https://www.bleepingcomputer.com/news/security/attackers-scan-for-vulnerable-vmware-servers-after-poc-exploit-release/

NSA Issues Guidance on Zero Trust Security Model: https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2515176/nsa-issues-guidance-on-zero-trust-security-model/

Over 8 million COVID-19 test results leaked online: https://www.bleepingcomputer.com/news/security/over-8-million-covid-19-test-results-leaked-online/

Hundreds of workers at cybersecurity agency vote to strike | CBC News: https://www.cbc.ca/news/politics/cse-cybersecurity-strike-1.5926825

Exploitation of Accellion File Transfer Appliance | CISA: https://us-cert.cisa.gov/ncas/alerts/aa21-055a

Bitcoins, blockchains, and botnets - Akamai Security Intelligence and Threat Research Blog: https://blogs.akamai.com/sitr/2021/02/bitcoins-blockchains-and-botnets.html

Ukraine reports cyber-attack on government document management system | ZDNet: https://www.zdnet.com/article/ukraine-reports-cyber-attack-on-government-document-management-system/

IBM Security Report: Attacks on Industries Supporting COVID-19 Response Efforts Double - Feb 24, 2021: https://newsroom.ibm.com/2021-02-24-IBM-Security-Report-Attacks-on-Industries-Supporting-COVID-19-Response-Efforts-Double