1. "SolarWinds and AD-M365 Compromise Risk Decisions For Leaders"
2. "Who (or What) is Your Physical Access Control System Letting in?"
3. "8 mobile security threats you should take seriously"
4. "Virginia governor signs comprehensive data privacy law"
5. "The Human Cost of Social Engineering"
6. "Dependency confusion explained: Another risk when using open-source repositories"
7. "Self-Assessment Tool Aims to Enhance Small Biz Security"
8. "NSA Publishes Guidance on Adoption of Zero Trust Security"
9. LogRhythm held a webinar about their recent acquisition of MistNet Network Detection and Response (NDR).
10. "CISA: ‘Identity is everything’ for cyber defense post-SolarWinds"
Gazlay said few, if any, of the SolarWinds targets were in a position to detect a compromise this sophisticated. But those who had the best shot of spotting anomalous activity were agencies with behavior analysis techniques built into their identity management that could flag “impossible logins” — a scenario where the same set of credentials is used to login at multiple places across the globe."