- PAN-SA-2021-0003 Informational: Impact of the NAME:WRECK DNS vulnerabilities (Severity: NONE)
- CVE-2021-3044 Cortex XSOAR: Unauthorized Usage of the REST API (Severity: CRITICAL)
- CVE-2021-3040 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution (Severity: MEDIUM)
- CVE-2021-3043 Prisma Cloud: Cross-Site Scripting (XSS) Vulnerability in Prisma Cloud Compute Web Console (Severity: HIGH)
- CVE-2021-3041 Cortex XDR Agent: Improper control of user-controlled file leads to local privilege escalation (Severity: HIGH)
- CVE-2021-3037 PAN-OS: Secrets for scheduled configuration exports are logged in system logs (Severity: LOW)
- CVE-2021-3042 Cortex XDR Agent: Improper Control of User-Controlled File Leads to Local Privilege Escalation (Severity: HIGH)
- AvosLocker enters the ransomware scene, asks for partners
- Cyber threats to, and around, the Olympic Games. Kaseya got a decryptor, from somewhere…. NSO says it’s not responsible for Pegasus misuse. US cyber policy toward China. Fraud Family busted.
- CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack
- Busted! Fraud-as-a-Service gang that sold 2FA-proof phishing arrested
- ThreatConnect and Amazon GuardDuty: Protection for your AWS Environment
- Q&A: AVEVA's Tim Grieveson on Cyber Risk Management and Critical Infrastructure
- Q&A: Felicia Thorpe of AHT Insurance on Cyber Insurance and Cyber Risk Quantification
- ThreatConnect and Amazon S3 and EC2: Better Manage Cloud Infrastructure