Thursday, January 21, 2021

Modernize Your Network Security Strategy free session


Microsoft Azure


Modernize Your Network Security Strategy




Take a Zero Trust approach to secure your networks

You’re not going to want to miss this great event. This is your chance to learn how a Zero Trust approach can secure your cloud and hybrid networks. You’ll be hearing firsthand from industry leaders how Azure network security can help your organization. Sign up today.


Modernize Your Network Security Strategy
Thursday, February 18, 2021
10:00 AM–11:00 AM Pacific Time

Note: Registering with the button below will sign you up for this event using the email address where you received this mail as well as the full name, contact information, company, and country you previously provided.

To Register here.





Ann Johnson
Corporate Vice President Business Development, Microsoft



Sinead O’Donovan

Director of Product Management for Azure Network Security, Microsoft





Privacy Statement | Unsubscribe


Microsoft Corporation
One Microsoft Way
Redmond, WA 98052



New security blogs from Microsoft

 Title: Microsoft Cloud App Security User Interface Updates


Overview: In the coming months, Cloud App Security will be updating its UI to provide a more consistent experience across Microsoft 365 security portals. 

Title: Protect your Box environment and Data using Microsoft Cloud App Security

We have a new Microsoft Security blog for your consideration.
Title: What’s new: Dedicated clusters for Azure Sentinel

Overview: If you ingest over 1Tb per day into your Azure Sentinel workspace and/or have multiple Azure Sentinel workspaces in your Azure enrolment, you may want to consider migrating to a dedicated cluster, a recent addition to the deployment options for Azure Sentinel.

Title: Categorizing Microsoft alerts across data sources in Azure Sentinel

Overview: In today’s security operation centers (SOCs), analysts have a large set of security solutions that they leverage to protect their organization and monitor activity. However, when setting up a SIEM it is challenging to prioritize what data to ingest and what protections each solution provides. SOCs must consider size and cost of ingestion, detections, and necessary use cases for each data source they would like to connect to their SIEM.  Because of these considerations, SOCs should focus on ingesting data that is critical and has a low level of overlap to reduce the probability of double ingestion

Title: Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop

Overview: One missing link in the complex Solorigate attack chain is the handover from the Solorigate DLL backdoor to the Cobalt Strike loader. How exactly does the jump from the Solorigate backdoor (SUNBURST) to the Cobalt Strike loader (TEARDROP, Raindrop, and others) happen? What code gets triggered, and what indicators should defenders look for?

Title: What’s new: Managed Identity for Azure Sentinel Logic Apps connector

Overview: Now available: Grant permissions directly to a playbook to operate on Azure Sentinel, instead of creating additional identities. 

Title: Microsoft Defender for Endpoint: Automation defaults are changing


Overview: We are excited to announce that we are about to increase our customers’ protection by upgrading the default automation level of our Microsoft Defender for Endpoint customers who have opted into public previews from Semi - require approval for any remediation to Full – remediate threats automatically

Title: The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 2


In this blog Jake Williams, Founder of Rendition InfoSec shares his insights on the 2020 threat landscape—who to watch for and why—and offers cybersecurity guidance and best practices on how to structure and evolve red and blue teaming within your organization. 

Free Training in Azure Sentinel


EU drafts data breach notification guidelines

EDPB Publishes Guidelines on Examples Regarding Data Breach Notification

On January 18, 2021, the European Data Protection Board (“EDPB”) released draft Guidelines 01/2021 on Examples regarding Data Breach Notification (the “Guidelines”). The Guidelines complement the initial Guidelines on personal data breach notification under the EU General Data Protection Regulation (“GDPR”) adopted by the Article 29 Working Party in February 2018. The new draft Guidelines take into account supervisory authorities’ common experiences with data breaches since the GDPR became applicable in May 2018. The EDPB’s aim is to assist data controllers in deciding how to handle data breaches, including by identifying the factors that they must take into account when conducting risk assessments to determine whether a breach must be reported to relevant supervisory authorities and/or the affected data subjects.

To read the full article go here

CERT/CC and CISA Report Multiple Vulnerabilities in Dnsmasq

01/21/2021 07:13 AM EST


Original release date: January 21, 2021

CISA and the CERT Coordination Center (CERT/CC) are aware of multiple vulnerabilities affecting Dnsmasq version 2.82 and prior. Dnsmasq is a widely-used, open-source software that provides Domain Name Service forwarding and caching and is common in Internet-of-Things (IoT) and other embedded devices. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and vendors of IoT and embedded devices that use Dnsmasq to review CERT/CC VU#434904 and CISA ICSA-21-019-01 21 for more information and to apply the necessary update. Refer to vendors for appropriate patches, when available.

Thursday, January 14, 2021

Are you a good candidate for 2021 CDPSE


Help build the world’s best community of privacy professionals. Recommend CDPSE.


CDPSE - Spread the Word! CDPSE Pros are in Demand



Who do you know that is a privacy expert? Or an up-and-coming star in the technical privacy field? Like you, they should be a Certified Data Privacy Solutions Engineer™ (CDPSE™). Will you forward this email to someone who would benefit from the CDPSE designation on their resume or business card? Or better yet, make a call and forward an email.

ISACA is actively recruiting qualified candidates for CDPSE certification to take the beta test later this month,
11-31 January. There is no experience requirement to take the exam, however to qualify for the certification, candidates need five years’ experience in the following fields (or three years’ experience plus a current ISACA certification):

  • Privacy Governance (governance, management and risk management)
  • Privacy Architecture (infrastructure, applications/software and technical privacy controls)
  • Data Lifecycle (data purpose and data persistence)

Registrants for the January exam receive a FREE CDPSE review manual and US$50 off the fee (in addition to ISACA member discounts) with promo code 50CDPSE. Exams will be individually graded and analyzed against others to help validate the test instrument. Individual results are expected in March 2021.

Help a colleague or professional acquaintance advance their career, affirm their privacy acumen and assist ISACA as we build a community of recognized technical privacy professionals. We appreciate your commitment to the advancement of the technical privacy field.




Explore CDPSE Beta.

Forward this email to your eligible colleagues and friends today.


Learn More




CDPSE was created by technical privacy practitioners for technical privacy practitioners and administered by ISACA. Certification holders gain the credential that proves their skillset in implementing privacy-by-design solutions.

Know Someone Who Knows Privacy? Tell Them About CDPSE!




Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environment


Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments

01/13/2021 02:44 PM EST


Original release date: January 13, 2021

CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques, including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices.

In response, CISA has released Analysis Report AR21-013A: Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services which provides technical details and indicators of compromise to help detect and respond to potential attacks.

CISA encourages users and administrators to review AR21-013A and apply the recommendations to strengthen cloud environment configurations.

resilience against Solorigate and other sophisticated attacks

Title: Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

Published On (YYYY-dd-MM): 2021-14-01

This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that harden enterprise environments against Solorigate’s attack patterns.

The post Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender appeared first on Microsoft Security.

Cisco Releases Security Updates for Multiple Products

Original release date: January 14, 2021

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates:

Monday, January 4, 2021

Secret Backdoor Account in Several Zycel Firewall, VPN Products

 CVE: CVE-2020-29583


Zyxel has released a patch for the hardcoded credential vulnerability of firewalls and AP controllers recently reported by researchers from EYE Netherlands. Users are advised to install the applicable firmware updates for optimal protection.

What is the vulnerability?

A hardcoded credential vulnerability was identified in the “zyfwp” user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP

What versions are vulnerable—and what should you do?

After a thorough investigation, we’ve identified the vulnerable products and are releasing firmware patches to address the issue, as shown in the table below. For optimal protection, we urge users to install the applicable updates. For those not listed, they are not affected. Contact your local Zyxel support team if you require further assistance.

Affected product seriesPatch available in
ATP series running firmware ZLD V4.60ZLD V4.60 Patch1 in Dec. 2020
USG series running firmware ZLD V4.60ZLD V4.60 Patch1 in Dec. 2020
USG FLEX series running firmware ZLD V4.60ZLD V4.60 Patch1 in Dec. 2020
VPN series running firmware ZLD V4.60ZLD V4.60 Patch1 in Dec. 2020
AP controllers
NXC2500 running firmware V6.00 through V6.10V6.10 Patch1 on Jan. 8, 2021
NXC5500 running firmware V6.00 through V6.10V6.10 Patch1 on Jan. 8, 2021

Go Here For more details go Here   or Here