Posts

Showing posts from February, 2021

Recorded Future - China-linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions

Image
Editor’s Note : The following post is an excerpt of a full report. To read the entire analysis, to download the report as a PDF. This report details a campaign conducted by a China-linked threat activity group, RedEcho, targeting the Indian power sector. The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis. Data sources include the Recorded Future Platform, SecurityTrails, Spur, Farsight, and common open-source tools and techniques. The report will be of most interest to individuals engaged in strategic and operational intelligence relating to Indian and Chinese activity in cyberspace. Recorded Future notified the appropriate Indian government departments prior to publication of the suspected intrusions to support incident response and remediation investigations within the impacted organizations. Executive Summary Relations between India and China have deteriorated significantly following border clashes in May ...

KnowBe4 - New scary good deepfake videos of Tom Cruise show the threat to society is very real

Image
InputMag wrote: "We are entering scary times. New deepfake videos of actor Tom Cruise have made their way onto TikTok under the handle   @deeptomcruise , and boy do they look real. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/new-scary-good-deepfake-videos-of-tom-cruise-show-the-threat-to-society-is-very-real

KnowBe4 - New scary good deepfake videos of Tom Cruise show the threat to society is very real

Image
InputMag wrote: "We are entering scary times. New deepfake videos of actor Tom Cruise have made their way onto TikTok under the handle   @deeptomcruise , and boy do they look real. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/new-scary-good-deepfake-videos-of-tom-cruise-show-the-threat-to-society-is-very-real

Threat Post - Stalkerware Volumes Remain Concerningly High, Despite Bans

COVID-19 impacted volumes for the year, but the U.S. moved into third place on the list of countries most infected by stalkerware. from Threatpost https://threatpost.com/stalkerware-volumes-high-bans/164325/

Dark Reading - NSA Releases Guidance on Zero-Trust Architecture

A new document provides guidance for businesses planning to implement a zero-trust system management strategy. from Dark Reading: https://www.darkreading.com/nsa-releases-guidance-on-zero-trust-architecture/d/d-id/1340269?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - 'Nerd' Humor

Some jokes never get old. from Dark Reading: https://www.darkreading.com/edge/theedge/nerd-humor/b/d-id/1340268?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - The Edge Pro Tip: Fasten Your Seatbelts

An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies for 2021. Where do they plan to spend next? from Dark Reading: https://www.darkreading.com/edge/theedge/the-edge-pro-tip-fasten-your-seatbelts/b/d-id/1340267?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Threat Post - Lazarus Targets Defense Companies with ThreatNeedle Malware

A spear-phishing campaigned linked to a North Korean APT uses “NukeSped” malware in cyberespionage attacks against defense companies. from Threatpost https://threatpost.com/lazarus-targets-defense-threatneedle-malware/164321/

Rapid 7 - Metasploit Wrap-Up

Image
Hey who finked about Flink? In this week's round of modules, contributor bcoles offered up two modules to leverage that Apache Flink install you found in some fun new ways. If you are just looking to filch a few files, auxiliary/scanner/http/apache_flink_jobmanager_traversal leverages CVE-2020-17519 to pilfer the filesystem on Flink versions 1.11.0 thru 1.11.2. The second module, for a litte extra fun, exploit/multi/http/apache_flink_jar_upload_exec utilizes the job functionality in Flink to run arbitrary java code as the web server user, turns out there is a meterpreter for that! RDP: a dream and a nightmare for the sysAdmin near you. Ever wonder if exposing a remote desktop in a web page was a good idea? I mean, it's just a web server, the internet loves those. Turns out timing attacks can expose your usernames when someone chooses to pay close attention. A recently contributed module auxiliary/scanner/http/rdp_web_login contributed by Matthew Dunn can even pay at...

Dark Reading - Securing Super Bowl LV

A peek at open XDR technology, and defense that held up better than the Kansas City Chiefs. from Dark Reading: https://www.darkreading.com/edge/theedge/securing-super-bowl-lv/b/d-id/1340262?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

US-CERT - NSA Releases Guidance on Zero Trust Security Model

from CISA All NCAS Products https://us-cert.cisa.gov/ncas/current-activity/2021/02/26/nsa-releases-guidance-zero-trust-security-model

Dark Reading - Attackers Turn Struggling Software Projects Into Trojan Horses

While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code. from Dark Reading: https://www.darkreading.com/vulnerabilities---threats/advanced-threats/attackers-turn-struggling-software-projects-into-trojan-horses/d/d-id/1340266?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Threat Post - Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release  

Sneaker bots ready to scoop up the new Yeezy Boost 700 “Sun” shoes to resell at a huge markup.   from Threatpost https://threatpost.com/yeezy-sneaker-bots-boost-sun/164312/

Black Hills InfoSec - Talkin’ About Infosec News – 2/24/2021

Originally Aired on February 24, 2021 Articles discussed in this episode: https://ift.tt/3kvCQ3l https://ift.tt/2ZJkger The post Talkin’ About Infosec News – 2/24/2021 appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/talkin-about-infosec-news-2-24-2021/

Threat Post - Malware Gangs Partner Up in Double-Punch Security Threat

From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses. from Threatpost https://threatpost.com/malware-gangs-partner-up-in-double-punch-security-threat/164279/

Rapid 7 - Celebrating Black History Today and Every Day

Image
Black History Month is a time for every person, from all different backgrounds to honor and celebrate the achievements of Black and African Americans in the U.S. and their impact on world history. In honor of Black History Month, we would like to recognize some of our amazing team members who have made an impact on our company culture, embody our core values, and exude excellence. We pride ourselves on creating a safe space for everyone to be their authentic selves. Hear what Black History Month means to them! Junior Carreira, Service Desk Technician, Boston, MA What does Black History Month mean to you? Black History Month to me means an opportunity for the black community to reconnect with their heritage and ancestry while celebrating how our accomplishments and heroes have impacted our ways of being today. It means legacy and continuing to add onto that legacy. It also stands as a reminder of our resilience and that our fight isn't over as long as we’re still here. What is...

KnowBe4 - [Heads Up] Ransomware and Phishing Attacks Are Not Going Away in 2021

Image
According to three reports published last week, the bad guys have improved their popular tactics with phishing and ransomware attacks. The attacks involving fake COVID-19 scams and remote work have upgraded with some minor changes. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/heads-up-ransomware-and-phishing-attacks-are-not-going-away-in-2021

KnowBe4 - Phishing Catch of the Day: Your Inbox Will be Deactivated

Image
In this series, our security experts will give a behind the scenes look at phishing emails that were reported to PhishER , KnowBe4's Security Orchestration, Automation and Response (SOAR) platform. We will go in-depth to show you real-world attacks and how you can forensically examine phishing emails quickly. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/phishing-catch-of-the-day-your-inbox-will-be-deactivated

KnowBe4 - The Dilemma: Best-of-Breed Stand-Alone or a Bundled Suite of tools?

Image
Over the last few decades, survey after survey has shown that if IT Administrators had their way, the vast majority of them prefer a hand-picked set of best-of-breed point solutions over bundled suite of tools from one vendor. But sometimes there are organizational obstacles. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/the-dilemma-best-of-breed-stand-alone-or-a-bundled-suite-of-tools

Dark Reading - After a Year of Quantum Advances, the Time to Protect Is Now

Innovations in quantum computing mean enterprise and manufacturing organizations need to start planning now to defend against new types of cybersecurity threats. from Dark Reading: https://www.darkreading.com/vulnerabilities---threats/after-a-year-of-quantum-advances-the-time-to-protect-is-now/a/d-id/1340180?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

KnowBe4 - [Heads Up] Ransomware and Phishing Attacks Are Not Going Away in 2021

Image
According to three reports published last week, the bad guys have improved their popular tactics with phishing and ransomware attacks. The attacks involving fake COVID-19 scams and remote work have upgraded with some minor changes. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/heads-up-ransomware-and-phishing-attacks-are-not-going-away-in-2021

Threat Post - Podcast: Ransomware Attacks Exploded in Q4 2020

Researchers said they saw a seven-times increase in ransomware activity in the fourth quarter of 2020, across various families – from Ryuk to Egregor. from Threatpost https://threatpost.com/podcast-ransomware-attacks-exploded-in-q4-2020/164285/

Threat Post - Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World

Retailers that lacked significant digital presence pre-COVID are now reaching new audiences through e-commerce sites that are accessible anytime, from anywhere, on any device. from Threatpost https://threatpost.com/protecting-sensitive-cardholder-data-in-todays-hyper-connected-world/164277/

KnowBe4 - Phishing Catch of the Day: Your Inbox Will be Deactivated

Image
In this series, our security experts will give a behind the scenes look at phishing emails that were reported to PhishER , KnowBe4's Security Orchestration, Automation and Response (SOAR) platform. We will go in-depth to show you real-world attacks and how you can forensically examine phishing emails quickly. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/phishing-catch-of-the-day-your-inbox-will-be-deactivated

Schneier - The Problem with Treating Data as a Commodity

Excellent Brookings paper: “ Why data ownership is the wrong approach to protecting privacy .” From the introduction: Treating data like it is property fails to recognize either the value that varieties of personal information serve or the abiding interest that individuals have in their personal information even if they choose to “sell” it. Data is not a commodity. It is information. Any system of information rights­ — whether patents, copyrights, and other intellectual property, or privacy rights — ­presents some tension with strong interest in the free flow of information that is reflected by the First Amendment. Our personal information is in demand precisely because it has value to others and to society across a myriad of uses. From the conclusion: Privacy legislation should empower individuals through more layered and meaningful transparency and individual rights to know, correct, and delete personal information in databases held by others. But relying entirely on individua...

KnowBe4 - The Dilemma: Best-of-Breed Stand-Alone or a Bundled Suite of tools?

Image
Over the last few decades, survey after survey has shown that if IT Administrators had their way, the vast majority of them prefer a hand-picked set of best-of-breed point solutions over bundled suite of tools from one vendor. But sometimes there are organizational obstacles. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/the-dilemma-best-of-breed-stand-alone-or-a-bundled-suite-of-tools

Krebs - How $100M in Jobless Claims Went to Inmates

Image
The U.S. Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That’s a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To help reverse that trend, many states are now turning to a little-known private company called ID.me . This post examines some of what that company is seeing in its efforts to stymie unemployment fraud. These prisoners tried to apply for jobless benefits. Personal information from the inmate IDs has been redacted. Image: ID.me A new report (PDF) from the Labor Department’s Office of Inspector General (OIG) found that from March through October of 2020, some $3.5 billion in fraudulent jobless benefits — nearly two-thirds of the phony claims it reviewed — was paid out to individuals with Social Security numbers filed in multiple states. Almost $100 million we...

Dark Reading - Inside Strata's Plans to Solve the Cloud Identity Puzzle

Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm. from Dark Reading: https://www.darkreading.com/operations/inside-stratas-plans-to-solve-the-cloud-identity-puzzle/d/d-id/1340261?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - Microsoft Releases Free Tool for Hunting SolarWinds Malware

Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017. from Dark Reading: https://www.darkreading.com/operations/microsoft-releases-free-tool-for-hunting-solarwinds-malware/d/d-id/1340260?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Rapid 7 - Building a Holistic VRM Strategy That Includes the Web Application Layer

Image
Building security into your overall vulnerability risk management (VRM) strategy is a must-do in the age of the all-important web app. Between security and IT-Ops teams, there are a number of steps in the VRM process, including asset identification, enumeration, prioritization, and remediation. How does application security fit in? Co-sponsored by Forrester, a recent Rapid7 webcast expounds upon the topics discussed in this blog post. The distinguished subject-matter experts and presenters also dive deep into the nitty gritty of what it takes to get a better night’s sleep by creating a VRM strategy that extends to the application layer. Watch the webcast here , and read on for our recap below! Web applications and APIs are assets, too Applications are one of the most common ways attackers are getting in. In a recent survey, Forrester found that 31% of firms suffered a breach as a result of an external attack, with applications serving as one of the most common attack vectors. Alon...

Dark Reading - North Korea's Lazarus Group Expands to Stealing Defense Secrets

Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says. from Dark Reading: https://www.darkreading.com/threat-intelligence/north-koreas-lazarus-group-expands-to-stealing-defense-secrets/d/d-id/1340259?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - Ransomware, Phishing Will Remain Primary Risks in 2021

Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports. from Dark Reading: https://www.darkreading.com/threat-intelligence/ransomware-phishing-will-remain-primary-risks-in-2021/d/d-id/1340256?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

KnowBe4 - Phishing Targets Industrial Control Systems

Image
Phishing continues to be a primary initial access vector in cyberattacks against industrial control systems, according to researchers at Dragos. Out of the fifteen threat groups tracked by the security firm, ten rely on spear phishing attachments to compromise their victims, and thirteen abuse valid accounts to maintain persistence. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/phishing-targets-industrial-control-systems

Threat Post - Cyberattacks Launch Against Vietnamese Human-Rights Activists

Vietnam joins the ranks of governments using spyware to crack down on human-rights defenders. from Threatpost https://threatpost.com/cyberattacks-vietnam-human-rights-activists/164284/

SBS CyberSecurity - Customer Cybersecurity Awareness – Creating a Culture of Security

While most organizations think through the direct risk of cyber threats to their business via cyber attacks, known vulnerabilities, and security flaws, not many organizations recognize the risk posed to their business by their customers. from SBS CyberSecurity https://sbscyber.com/resources/customer-cybersecurity-awareness-creating-a-culture-of-security

Dark Reading - Thousands of VMware Servers Exposed to Critical RCE Bug

Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code. from Dark Reading: https://www.darkreading.com/threat-intelligence/thousands-of-vmware-servers-exposed-to-critical-rce-bug/d/d-id/1340255?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - 5 Key Steps Schools Can Take to Defend Against Cyber Threats

Educational institutions have become prime targets, but there are things they can do to stay safer. from Dark Reading: https://www.darkreading.com/attacks-breaches/5-key-steps-schools-can-take-to-defend-against-cyber-threats/a/d-id/1340177?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Threat Post - Health Website Leaks 8 Million COVID-19 Test Results

A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results. from Threatpost https://threatpost.com/health-website-leaks-covid-19-test/164274/

Threat Post - Malicious Mozilla Firefox Extension Allows Gmail Takeover

The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data. from Threatpost https://threatpost.com/malicious-mozilla-firefox-gmail/164263/

TrustedSec - TrustedSec Approved as a CMMC Registered Provider Organization!

TrustedSec has been approved by the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body ( https://www.cmmcab.org/ ) as a Registered Provider Organization. In line with our mission of increasing the security posture of organizations around the world, TrustedSec is pleased to be a part of the program aimed at improving and ensuring the security maturity of the Defense Industrial Base (DIB). The CMMC model was created and is managed by the Department of Defense https://www.acq.osd.mil/cmmc/index.html . Building on the existing DFARS 252.204-7012 regulation and NIST 800-171 standard, the CMMC adds a verification component to the requirements in the protection of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). Registered Provider Organizations offer advice, consulting, and recommendations to clients based on the constructs of the CMMC Standard and adhere to the CMMC-AB Code of Professional Conduct. With an estimated 350,000 organizatio...

US-CERT - Cisco Releases Security Updates 

from CISA All NCAS Products https://us-cert.cisa.gov/ncas/current-activity/2021/02/25/cisco-releases-security-updates

Rapid 7 - Multiple Unauthenticated Remote Code Control and Execution Vulnerabilities in Multiple Cisco Products

Image
What’s up? On Feb. 24, 2021, Cisco released many patches for multiple products, three of which require immediate attention by organizations if they are running affected systems and operating system/software configurations. They are detailed below: Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass Vulnerability (CVSSv3 Base 10; CVE-2021-1388) Cisco Security Advisory Cisco Multi-Site Orchestrator (MSO) is the product responsible for provisioning, health monitoring, and managing the full lifecycle of Cisco Application Centric Infrastructure (ACI) networking policies and tenant policies across all Cisco ACI sites organizations have deployed. It essentially has full control over every aspect of networking and network security. Furthermore, Cisco ACI can be integrated with and administratively control VMware vCenter Server, Microsoft System Center VMM [SCVMM], and OpenStack controller virtualization platform managers. A weakness in an API en...

Recorded Future - The Business of Fraud: An Overview of How Cybercrime Gets Monetized

Image
Editor’s Note : The following post is an excerpt of a full report. To read the entire analysis, to download the report as a PDF. Recorded Future analyzed current data from the Recorded Future® Platform, information security reporting, and other OSINT sources to review 11 fraud methods and services that facilitate threat actor campaigns. In subsequent months, Recorded Future will publish in-depth reports on each method or service, the threat actors offering them, technical details where applicable, and mitigation recommendations. This report will be of most interest to anti-fraud and network defenders, security researchers, and executives charged with security and fraud risk management and mitigation. Executive Summary The cybercriminal fraud ecosystem is a whole and interconnected enterprise. In this report, the introduction to our series on cybercriminal fraud, Insikt Group will describe 11 types of fraud methods and services currently used by threat actors to facilitate their ...

Dark Reading - How to Avoid Falling Victim to a SolarWinds-Style Attack

A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late. from Dark Reading: https://www.darkreading.com/risk/how-to-avoid-falling-victim-to-a-solarwinds-style-attack/a/d-id/1340181?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Threat Post - Cisco Warns of Critical Auth-Bypass Security Flaw

Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches. from Threatpost https://threatpost.com/cisco-critical-security-flaw/164255/

KnowBe4 - Phishing Targets Industrial Control Systems

Image
Phishing continues to be a primary initial access vector in cyberattacks against industrial control systems, according to researchers at Dragos. Out of the fifteen threat groups tracked by the security firm, ten rely on spear phishing attachments to compromise their victims, and thirteen abuse valid accounts to maintain persistence. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/phishing-targets-industrial-control-systems

Schneier - On Chinese-Owned Technology Platforms

I am a co-author on a report published by the Hoover Institution: “ Chinese Technology Platforms Operating in the United States .” From a blog post : The report suggests a comprehensive framework for understanding and assessing the risks posed by Chinese technology platforms in the United States and developing tailored responses. It starts from the common view of the signatories — one reflected in numerous publicly available threat assessments — that China’s power is growing, that a large part of that power is in the digital sphere, and that China can and will wield that power in ways that adversely affect our national security. However, the specific threats and risks posed by different Chinese technologies vary, and effective policies must start with a targeted understanding of the nature of risks and an assessment of the impact US measures will have on national security and competitiveness. The goal of the paper is not to specifically quantify the risk of any particular technology,...

Dark Reading - 61% of Malware Delivered via Cloud Apps: Report

Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year. from Dark Reading: https://www.darkreading.com/operations/61--of-malware-delivered-via-cloud-apps-report/d/d-id/1340251?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Threat Post - Tax Season Ushers in Quickbooks Data-Theft Spike

Quickbooks malware targets tax data for attackers to sell and use in phishing scams. from Threatpost https://threatpost.com/tax-quickbooks-data-theft/164253/

Threat Post - Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking. from Threatpost https://threatpost.com/mozilla-firefox-bugs-cookie-tracking/164246/

Dark Reading - Google Invests in Linux Kernel Developers to Focus on Security

Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term. from Dark Reading: https://www.darkreading.com/operations/google-invests-in-linux-kernel-developers-to-focus-on-security/d/d-id/1340247?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - Kaseya Buys Managed SOC Provider

Purchase extends offerings for MSP and SMB customers from Dark Reading: https://www.darkreading.com/operations/kaseya-buys-managed-soc-provider/d/d-id/1340245?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - The Realities of Extended Detection and Response (XDR) Technology

While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion. from Dark Reading: https://www.darkreading.com/vulnerabilities---threats/the-realities-of-extended-detection-and-response-(xdr)-technology-/a/d-id/1340201?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Threat Post - VMWare Patches Critical RCE Flaw in vCenter Server

The vulnerability, one of three patched by the company this week, could allow threat actors to breach the external perimeter of a data center or leverage backdoors already installed to take over a system. from Threatpost https://threatpost.com/vmware-patches-critical-rce-flaw-in-vcenter-server/164240/

Dark Reading - Universities Face Double Threat of Ransomware, Data Breaches

Lack of strong security policies put many schools at risk of compromise, disrupted services, and collateral damage. from Dark Reading: https://www.darkreading.com/attacks-breaches/universities-face-double-threat-of-ransomware-data-breaches/d/d-id/1340242?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Dark Reading - Cartoon Caption Winner: Be Careful Who You Trust

And the winner of The Edge's February cartoon caption contest is ... from Dark Reading: https://www.darkreading.com/edge/theedge/cartoon-caption-winner-be-careful-who-you-trust/b/d-id/1340234?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

US-CERT - Mozilla Releases Security Updates for Thunderbird, Firefox ESR, and Firefox

from CISA All NCAS Products https://us-cert.cisa.gov/ncas/current-activity/2021/02/24/mozilla-releases-security-updates-thunderbird-firefox-esr-and

US-CERT - VMware Releases Multiple Security Updates

from CISA All NCAS Products https://us-cert.cisa.gov/ncas/current-activity/2021/02/24/vmware-releases-multiple-security-updates