IT Security News Daily Summary 2020-01-14

• Microsoft’s new tool detects & reports pedophiles from online chats

• Windows 10 Has a Security Flaw So Severe the NSA Disclosed It

• Windows Terminal Adds Retro CRT Effects and Console Search

• VMware Releases Security Update

• Welcome to the 2020s: Booby-trapped Office files, NSA tipping off Windows code-signing bugs, RDP flaws…

• SAP Releases 6 Security Notes on January 2020 Patch Day

• 10 Long Press Tips to Reveal Hidden Functions in Safari on iPhone and iPad

• ODNI official promises more sharing ahead of 2020 elections

• Microsoft January 2020 Patch Tuesday fixes 49 security bugs

• Adobe Releases Security Updates

• If Russia Hacked Burisma, Brace for the Leaks to Follow

• Encryption Battle Reignited as US Govt at Loggerheads With Apple

• Securing Kubernetes: Bug bounty program announced

• Window 7 isn’t the only product losing support this year

• NSA’s First Public Vulnerability Disclosure: An Effort to Build Trust

• Introducing ‘CSO Executive Sessions’

• Intel Releases Security Updates

• January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA

• If Russia Hacked Burisma, Brace For the Leaks to Follow

• Card Skimmer Hits Australian Bushfire Donation Site

• Microsoft Releases January 2020 Security Updates

• Intel Fixes High-Severity Flaw in Performance Analysis Tool

• VERT Threat Alert: January 2020 Patch Tuesday Analysis

• Apple calls BS on FBI, AG: We’re totally not dragging our feet in murder probe iPhone decryption. PS: No backdoors

• ‘Fancy Bear’ Targets Ukrainian Oil Firm Burisma in Phishing Attack

• CISA alerts on NSA-discovered Windows 10 flaw

• Apple calls BS on FBI, AG: We’re totally not dragging our feet in murder probe iPhone decryption (PS: No backdoors)

• Microsoft Patches Major Crypto Spoofing Bug

• Lawmakers urge Treasury, USDA to push on EIS

• NSA Discloses Serious Windows Vulnerability to Microsoft

• Google: Chrome Will Remove Third-Party Cookies and Tracking

• Google Says it Will Phase Out Web-Tracking ‘Cookies’

• Windows 7 Gets Final Monthly Rollup Update Before End Of Life

• Apple calls BS on FBI, AG Barr after iGiant accused of dragging its heels in murder probe iPhone decryption

• NSA Warns Over Critical Microsoft Cryptography Bug

• 2020-01-14 – Quick post:

• Cybersecurity Terms and Threats You Need to Know in 2020

• CISA Releases Emergency Directive and Activity Alert on Critical Microsoft Vulnerabilities

• iPhone 12 Lineup Expected to Feature Up to 6GB of RAM

• Critical Vulnerabilities in Microsoft Windows Operating Systems

• Google to Nix Chrome Support for Third-Party Cookies by 2022

• January 2020 Adobe Patch Tuesday updates fix issues in Illustrator, Experience Manager

• How to protect your Windows 7 computers and data after Microsoft cuts off support

• Attackers Increasingly Focus on Business Disruption

• Microsoft’s January 2020 Patch Tuesday Fixes 49 Vulnerabilities

• Global Predictions for Energy Cyber Resilience in 2020

• Wind River Acquires Star Lab for IoT Security

• China APT40 Using Front Companies to Hire Hackers

• Upcoming Speaking Engagements

• Google Researchers Detail Critical iMessage Vulnerability

• Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

• Microsoft Fixes Windows CryptoAPI Spoofing Flaw Reported by NSA

• Windows 10 Cumulative Updates KB4528760 & KB4534273 Released

• Quick Hits

• Microsoft fixes Windows crypto bug reported by the NSA

• Microsoft Planning to Patch Critical Windows Security Flaw

• Nemty Ransomware Tactics Change

• Microsoft Patch Tuesday for January 2020, (Tue, Jan 14th)

• The Changing Face of Cloud Threat Intelligence

• Apple Seeds Second Betas of iOS 13.3.1 and iPadOS 13.3.1 to Developers

• How to prevent a rootkit attack

• Tinder, Grindr Accused of Illegally Sharing User Data

• Learning from cryptocurrency mining attack scripts on Linux

• Apple pushes back on claim it didn’t help law enforcement in Pensacola shooting investigation

• Get this essential cloud security certification training bundle for only $49

• Critical WordPress Plugin Bug Allows Admin Logins Without Password

• How to prevent software piracy

• January 2020 security updates are available!

• January 2020 Security Updates: CVE-2020-0601

• Ransomware, phishing and cyber attacks scare business chiefs the most

• NSA to Microsoft: Here’s a Massive 0Day – Can We Be Friends Again?

• Go Huawei: UK PM Challenges US Critics of China Firm

• Thirty-four years in IT – Swimming with the Itanic (Part 8)

• The effects of DevOps on enterprise security

• Windows 7 Support Ends Today – What should you do?

• Securing open-source: how Google supports the new Kubernetes bug bounty

• DEF CON 27, Appsec Village, Rafael Santos’ ‘huskyCI: Finding Flaws in CI Before Deploying Them’

• App Leaks Thousands of Baby Photos and Videos Online

• In Case of Fire: Break Windows

• Rack Mount Mac Pro Now Available for Purchase Starting at $6,499

• Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma?

• US hands UK ‘dossier’ on Huawei: Really! Still using their kit? That’s just… one… step… beyond

• CNCF, Google, and HackerOne launch Kubernetes bug bounty program

• Major U.S. Mobile Carriers Vulnerable to SIM Swapping Attacks

• Rethinking cyber scenarios—learning (and training) as you defend

• How to mitigate 5 persistent application security threats

• DevSecOps, SecDevOps, or RainbowMonkeyUnicornPony? [Interview with DJ Schleen]

• Verizon Media launches OneSearch, a privacy-focused search engine

• Google to phase out user-agent strings in Chrome

• Malware Obfuscation, Encoding and Encryption

• Public Bug Bounty Takes Aim at Kubernetes Container Project

• Play Store Still Peppered with Fleeceware Apps

• Network Traffic Analysis for IR: TCP Protocol with Wireshark

• Citrix patches for ADC and Gateway flaw still weeks away

• Microsoft will patch Windows 10 after the NSA quietly told it about a major vulnerability

• Millions of modems at risk of remote hijacking

• CrowdStrike: Intrusion self-detection, dwell time both increasing

• Apple Rumored to Be Developing 5G iPad Pro With mmWave Support

• Authentic8 Completes FedRAMP ‘In Process’ Authorization Milestone

• Consumer Reports Calls for IoT Manufacturers to Raise Security Standards

• Fleeceware is back in Google Play – massive fees for not much at all

• Apple refuses government’s request to unlock Pensacola shooting suspect’s iPhones

• Adobe Patches Five Critical Illustrator CC Flaws

• Google trending news headlines related to Cybersecurity

• Busting Top Myths About Privileged Access Management

• Adobe Patches Vulnerabilities in Illustrator, Experience Manager

• Barr Pushes Apple For Help To Unlock Gunman’s Phone

• Kim Stevenson Joins NetApp as SVP and GM of NetApp’s Largest Product Group

• Avast Still Supports Windows 7 | Avast

• Remote Access Exploit Affects 200 Million Cable Modems

• Texan Arrested for Cyber-stalking Realtors and Threatening Their Kids

• The Paradox At The Heart Of Securing Digital Transformation

• Dustman Attack Underscores Iran’s Cyber Capabilities

• Windows 7 computers will no longer be patched after today

• New Webinar: Inside the World of Social Media Phishing: Financial Scams

• Apple Hits Back Over ‘Refusal’ To Unlock Pensacola Shooter’s iPhones

• Master Your Patch Management With Vulnerability Response: Our Latest ServiceNow Integration

• Trusona raises $20 million to bring passwordless authentication to more businesses

• Over 1 Billion Medical Records Exposed Online – Experts Comments

• Adobe Releases Their January 2020 Security Updates

• Processor Vulnerabilites Put Virtual Workloads at Risk

• Encryption Is Key to Guarantee Data Is Anonymous

• $2.3 million Texas phishing incident underscores importance of employee cyber-training

• How to Keep Security on Life Support After Software End-of-Life

• Adobe Releases First 2020 Patch Tuesday Software Updates

• United Nations Targeted With Emotet Malware Phishing Attack

• Industrial Control System Features at Risk

• Apple refuses Barr’s request to unlock Pensacola shooting suspect’s iPhones

• Five Key Cyber-Attack Trends for This Year

• Microsoft ends support for Windows 7: What you need to know

• Hundreds of Millions of PCs Remain Vulnerable as Windows 7 Reaches End of Life

• Ethical Hacking: How to hack a web server

• ISP selling data: why you should actually care

• The CCPA: the new data protection law for California

• Albany Airport Pays Ransom after Sodinokibi Ransomware Attack

• Do Your SOC Metrics Incentivize Bad Behavior?

• Introducing Intezer Protect: Runtime Cloud Security

• Remembering Oman’s Sultan Qaboos, a Critical Interlocutor for the U.S. in the Middle East

• How To Keep Your IT Team Motivated | Avast

• Download The Ultimate ‘Security for Management’ Presentation Template

• 5G Security

• Nokia Cuts Jobs As It Ramps Up 5G Investment

• Enabling Secure Code Signing at Scale

• Intezer Protect: How it Works

• Brexit Endgame: Brexit Nears, Northern Ireland Assembly Reconvenes, and Megxit Distracts

• Five Ley Cyber-Attack Trends for This Year

• Prime Minister Asks For Alternatives To Huawei For 5G

• Improve AD Security – Block Unauthorized Activities & Strengthen Passwords with StealthINTERCEPT 7.0

• ProTip – The Power of Character Substitution Checks in StealthINTERCEPT Enterprise Password Enforcer

• Apple Denies FBI Request to Unlock Shooter’s iPhone—Again

• Phishing Campaign Targeting Ukrainian Firm Burisma Linked to Russian Cyberspies

• Russia Hacked Ukrainian Gas Firm in Trump Impeachment: US Cyber Firm

• Learning the lessons of the Dixons Carphone breach

• Windows 7 end of life: Security risks and what you should do next

• GCHQ Urges People to No Longer Use Windows 7 PCs for Banking, Email

• Russia responsible for hacking gas firm tied to Trump impeachment: report

• Apple’s not helping with shooter’s locked iPhones, says US DoJ – not true, says Apple

• 49 million user records from US data broker LimeLeads put up for sale online

• Hackers Install Malware on Android Devices That Open Google Play Store to Provide 5* Ratings & Fake Reviews for Malicious Apps

• How to Whitelist Applications on Windows 10 Devices

• Most Firms Still on Windows 7 as Support Deadline Arrives

• [Infographic] Mobile Point of Sale (mPOS): Apprehending the Future Market Growth and Enterprise Benefits

• The Mandalorian Is the Only Smart Soldier in the Star Wars Galaxy

• Now It’s Really, Truly Time to Give Up Windows 7

• ‘Cable Haunt’ vulnerability exposes 200 million cable modem users

• 9 Reasons Why Cybersecurity Stress Is an Industry Epidemic

• Top Apps Invade User Privacy By Collecting and Sharing Personal Data, New Report Finds

• Lottery hacker gets 9 months for his £5 cut of the loot

• Google tests biometric authentication for Android autofill

• Security pitfalls to avoid when programming using an API

• Hiring scarce security talent: 8 secrets to working with recruiters

• 3 Lessons From the Incident Response Tabletops

• Inspecting TLS-encrypted traffic with mitmproxy

• Texas School District Loses $2.3m in Phishing Raid

• Microsoft now reviewing Skype audio in ‘secure’ places (not China)

• Hackers sell data of 80 thousand cards of customers of the Bank of Kazakhstan

• FCW Insider: Jan. 14

• CISA Releases Test Tool for Citrix ADC and Gateway Vulnerability – Sysadmins Can Test Now

• Windows 7 end of life: Time to move on

• This Trojan hijacks your smartphone to send offensive text messages

• Non-Paying Victim’s Data leaked by Nemty Ransomware

• SIM swapping attacks from 5 major US wireless carriers

• Malicious npm package exfiltrating data from UNIX systems

• US tells UK using Huawei 5G gear would be ‘nothing short of madness,’ report says

• New Targets Found from BEC Scammers Using Phishing

• Phishing Attack Alert! Los Angeles County Says No Harm Done!

• Wake-on-Lan used by Ryuk Ransomware To Encrypt Offline Devices

• Magecart Attacks Website Collecting Australian Fire Donations

• Ryuk Ransomware Uses Wake-on-Lan To Encrypt Offline Devices

• Aussie Bushfires Donation Site Hit by Magecart Thieves

• What Google Is To Most Internet Users, Shodan Is To Hackers

• Amazon Asks US Court To Bar Microsoft From JEDI Contract

• New Android Trojan Kills Play Protect And Places Fake App Reviews From Infected Devices

• Security Experts On Texas School District Loses $2.3m In Phishing Scam

• Expert Advises On Microsoft To End Update And Patch Distribution For Windows 7

• What to do if you’re still running Windows 7

• Cisco addressed a high-severity bug in Webex that could allow Remote Code Execution

• 2020 forecast: Attackers will target non-traditional systems

• The Non-Human Entities that Plague the Cloud

• Businesses Warned of Iran Cyberattacks

• China-linked APT40 group hides behind 13 front companies

• A 101 guide to mobile device management

• What will happen to Windows 7 support after January 15, 2020

• Fraud prevents a third of businesses from expanding digital capabilities

• Artificial Intelligence to fuel Cyber Warfare

• India’s imminent regulation will give financial data ownership to the individual

• Russia Hacked Ukrainian Gas Firm at Center of Trump Impeachment

• Security and digital payments – growth finally meeting demand

• Top Cybersecurity trends & predictions for 2020

• Developing a Data Protection Compliance Program – Verizon’s 9-5-4 Model

• ISC Stormcast For Tuesday, January 14th 2020 https://isc.sans.edu/podcastdetail.html?id=6822, (Tue, Jan 14th)

• Neustar offers companies a flexible customer identity authentication solution

• PLDA completes PCIe 4.0 specification compliance testing with its XpressRICH-AXI Controller IP

• AirPods Pro 2C54 Firmware: Worse Noise Canceling, Improved Frequency Response and Bass Accuracy

• ‘ASTORS’ Winner Gallagher & Convergint Enter Global Partnership

• Zyxel redesigns its Nebula Cloud Networking Solution, expands product family

• Upcoming Fall 2020 5.4-Inch iPhone Will Be Similar in Size to iPhone 8

• Benefit Vantage and 3 Hong Kong to deploy IPification mobile authentication solution

• Hiscox to use CyberCube’s cyber analytics technology to better understand systemic cyber risk

• Nanhi Singh and Paul J. Loftus appointed to lead Imperva through next phase of growth

• Bay Staters Continue to Lead in Right to Repair, and EFF Is There to Help

• Accenture names Marco Huwiler country managing director for Switzerland

• macOS Catalina Patch Management

• Cut Undersea Cable Plunges Yemen Into Days-Long Internet Outage

• Virginia Needs a Strong Anti-SLAPP Law to Stop Bogus Lawsuits

• Windows 7 Reaches End of Life Tomorrow, What You Need to Know

• Watchdog warns on HUD’s PII risks

• IT Security News Daily Summary 2020-01-13

• Cryptic Rumblings Ahead of First 2020 Patch Tuesday

• US officials meet UK peers to remark the urgency to ban Huawei 5G tech

• Securing Interactive Kiosks IoTs with the Paradox OS

• Mac Shipments Down in Q4 2019 Amid Overall PC Market Growth

• Microsoft to Officially End Support for Windows 7, Server 2008

• Microsoft to Support the New Edge Browser After Windows 7 EOL

• What Questions Should I Keep in Mind to Improve My Security Metrics?

• Website Collecting Australian Fire Donations Hit by Magecart

• As Windows 7 supports ends, these are your four options

• Microsoft spots malicious npm package stealing data from UNIX systems

• Securing Interactive Kiosks IOTs with the Paradox OS

• Exploits Released for As-Yet Unpatched Critical Citrix Flaw

• Relying on AT&T, Verizon and T-Mob US to protect you from SIM swapping? You better get used to disappointment

• Tracking grants by blockchain

• CISA Releases Test Tool for Citrix ADC CVE-2019-19781 Vulnerability

• Scammers Dupe Texas School District Out of $2.3M

• NortonLifeLock to Sell ID Analytics Business to LexisNexis Risk Solutions

• Migrating NetApp Service Level Manager to Active IQ Unified Manager 9.7

• Why cybersecurity will impact everything in the new decade

• Senate wants to get ahead of IoT

• Macs May Be Getting ‘Pro Mode’ Option to Boost Performance, According to macOS Catalina Beta

• Dreaming of a Lucrative Career in IT? These suggestions Should Top Your List

• Joker Android Malware Snowballs on Google Play

• U.S. Attorney General Asks Apple to Unlock iPhones Used by Florida Mass Shooter

• Someone needs to go back to school: Texas district fleeced for $2.3m after staff fall for devious phishing email

• DEF CON 27, Appsec Village, YanYan Wang’s ‘Automate Pen Testing In Dockerized CI CD Environment’

• DOE launches quantum funding opportunity

• BEC Scammers Use Aging Report Phishing to Find New Targets

• Nemty Ransomware to Start Leaking Non-Paying Victim’s Data

• December’s Most Wanted Malware: Greta Thunberg-themed spam used to spread Emotet

• EFF Asks Supreme Court To Reverse Dangerous Rulings About API Copyrightability and Fair Use

• CES Surveillance Hype Worries Privacy Advocates

• Teradici PcoIP Agents and Clients (Deployed with Amazon Workspaces) – Unquoted Search Path and Potential Abuses (CVE-2019-20362)

• Signal Sciences: Enterprises still overlooking web app security

• Legislative mandates provide direction on data

• FCW Insider: Jan. 13

• CISA Releases Test for Citrix ADC and Gateway Vulnerability

• Multi-tenancy authentication through Kong API Gateway

• New Snort rules protect against recently discovered Citrix vulnerability

• Develop for Safety and Protect User Privacy through Geofencing

• CES 2020: Why HBO wants us to think twice about data privacy

• 7 TCP/IP vulnerabilities and how to prevent them

• Azure is now certified for the ISO/IEC 27701 privacy standard

• Hackers Blackmail Patients of Surgical Company in a Cyber attack

• Sodinokibi Operators Follow Through on Threats

• Silence Targeting Banks in Sub-Saharan Africa

• US, UK Officials Meet as PM Johnson’s Huawei Decision Nears

• Maze Ransomware Operators Continue Release of Victim Data

• Emotet Returns for a New Year of Spam

• Bug Hunter Nets $15K Bounty For Discovering Exposed User Credentials in Paypal

• How to Whitelist or Blacklist apps on Android & iOS

• Is Cybersecurity Getting Too Complex?

• Luke Kingma’s & Lou Patrick-Mackay’s Futurism Cartoons ‘Wandering CPU’

• Tour the RSA Conference 2020 Security Operations Center

• DEF CON 27, Red Team Offensive Village, Casey (3ndG4me) Erdmann’s ‘BadSalt Adversarial DevOps’

• Billions of Medical Images Leaked in Huge Privacy Puzzle

• Six Reasons Why ForgeRock SDKs Make Sense

• 20/20 Vision on 2020’s Network Security Challenges

• DNS threats emerge as IoT sticking point

• An Identity Management Spin on Shaggy’s Hit Song

• Privacy activists beg Google to ban un-removable bloatware from Android

• Microsoft Pulls Plug On Windows 7 Support From Tuesday

• Google Cloud’s Thomas Kurian on the future of cloud and Google

• Emotet Malware Restarts Spam Attacks After Holiday Break

• Facebook Bug Reveals Anonymous Page Administrators

• New Android malware on Play Store disables Play Protect to evade detection

• Report: Chinese hacking group APT40 hides behind network of front companies

• Whirlybird-driving infosec boss fined after ranty Blackpool Airport air traffic control antics

• Threat Intelligence Is the Centerfold

• A week in security (January 6 – 12)

• Android Trojan Steals Your Money to Fund International SMS Attacks

• Tech survey shows surging demand for cloud computing

• Windows 7 Reminder: Get a Free Windows 10 Upgrade While You Can

• US to Axe Drone Fleet Containing Chinese Tech

• 5 major US wireless carriers vulnerable to SIM swapping attacks

• Study: Enterprises Choosing Microsoft Cloud Over Amazon’s AWS

• Major US wireless carriers vulnerable to SIM swapping attacks

• Most Website Consent Mechanisms ‘Illegal’ Under GDPR

• 5 cyber tools your business needs in 2020 to keep safe

• Phishing for Apples, Bobbing for Links

• Will This Be the Year of the Branded Cybercriminal?

• European Lawmakers Want to Force All Smartphones to Have Same Charging Port, Apple Defends Lightning

• #THIREurope: How Target Improved its Threat Hunting Capabilities

• How to secure a router from Cyber Attacks

• ‘Cable Haunt’ Bug Plagues Millions of Home Modems

• Texas School District Loses $2.3M to Phishing Attack

• 2020 Cybersecurity Trends: Increased Demand for Election Security – The Nation’s Biggest Threat to Democracy in 2020 by

• The Jazzy New Active IQ Unified Manager 9.7: Security Focused ONTAP Management

• Federally Funded Unimax Smartphone Preloaded With Malware

• Apple Files Unreleased Mac in Eurasian Database, Perhaps a 13-Inch MacBook Pro With Scissor Keyboard?

• Texas School District Falls For Email Scam, Hands Over $2.3 Million

• New York Airport Paid Ransomware Demand After Suffering Sodinokibi Attack

• Expert Advise On Microsoft To End Update And Patch Distribution For Windows 7

• Why Cloud Security Seems So Hard, and How to Overcome These Challenges

• US ‘Set To Ground Civilian Drone Programme’ Over Spying Risk

• Unpatched Citrix Flaw Now Has PoC Exploits

• Graduation Day: From Cyber Threat Intelligence to Intelligence

• Awareness Advocate On Texas School District Loses $2.3m In Phishing Scam

• Seattle to Host Major New Cybersecurity Event

• Go Ahead, Apply the Federal Rules of Evidence to the Senate Impeachment Trial

• Facebook quickly fixed a bug exploited in attacks that exposed Page Admins info

• Working for a Winning Company

• Artificial Personas and Public Discourse

• Response to IT industry trends analysis 2020

• Cable Haunt vulnerability affects millions of Broadcom cable modems

• CES 2020: Mixed-Reality Glasses Win Praise At Tech Show

• Man who hacked National Lottery for just £5 is jailed for nine months

• Phishing attacks: Watch out for these telltale signs that you’ve been sent to a phoney website

• Whirlybird-driving infosec boss fined after ranty Blackpool Airport antics

• Predict 2020: A Look at What the New Year Will Bring

• Inside the murky world of bots

• Apple Celebrating Chinese New Year With Heartwarming Short Film, Today at Apple Sessions, and Gift Guide

• Hacker that hit UK National Lottery in 2016 was sentenced to prison

• Why I joined Imperva

• Cable Haunt: Unknown millions of Broadcom-based cable modems open to hijacking

• Sodinokibi Hackers Now Use Stolen Data for Blackmail

• Powerful GPG collision attack spells the end for SHA-1

• Multiple Hacking Groups Attempt To Skim Credit Cards From Perricone MD – Experts View

• Network Traffic Analysis for Incident Response: Internet Protocol with Wireshark

• Oski Stealer Targets Browser Data, Crypto Wallets in U.S.

• Weirdest Cybersecurity Stories Of 2019 | Avast

• Account Security: One Healthy New Year’s Resolution You Will Need in 2020

• Avast Team Prepares For Hack Cambridge | Avast

• Experts On News: PayPal Confirms High-severity Password Vulnerability

• Travelex still down two weeks after Sodinokibi ransomware infection

• #THIREurope: APT Groups Now Using Similar Tools in Espionage and Cybercrime Attacks

• ‘The Morning Show’ Actor Billy Crudup Wins 2020 Critics’ Choice Award

• Texas school district falls for email scam, hands over $2.3 million

• National Lottery Hacker Theft £ 5, Land Prison Penalty

• The Ultimate Guide to SSL/TLS Decryption

• Facebook Rushes to Patch Bug Exposing Page Admins

• Arm Chips Vulnerable to PAN Bypass – “We All Know it’s Broken”

• An Accountability Update for Crimes Committed in Syria

• Why are we still talking about email security?

• Texas School District Lost $2.3M to Phishing Email Scam

• Exploits Published for Citrix ADC Vulnerability, Patches Coming Soon

• Snake alert! This ransomware is not a game…

• Two weeks after ransomware attack, Travelex says some systems are now back online

• Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

• Personal data of millions of Americans exposed from PC in China

• St Louis Man Jailed for $12m Tax Refund Scam

• VB2019 presentation: Targeted attacks through ISPs

• US Mounts Final Campaign To Bar Huawei From UK 5G Networks

• Moving security operations to the cloud

• Number of 5G connections to reach 1.5 billion globally by 2025

• What is security’s role in digital transformation?

• Australia Bushfire Donation Site Suffered MageCart Attack

• Lawmakers look to spread COPPA out to cover kids up to 16

• Google urged to tame privacy-killing Android bloatware

• U.S. Lawmakers Call on FCC to Step Up Fight on SIM Swapping

• U.S. Healthcare Data Breach Cost $4 Billion in 2019. 2020 Won’t Be Any Better

• ‘Rosegold’ National Lottery hacker steals £5, lands prison sentence

• Reddit bans ‘impersonation,’ but satire and parody are still OK

• ‘Dustman’ disk wiper attacks Bahraini oil company

• Ring Employees Caught Spying on Customers

• Hundreds of Millions of Broadcom Modems “Haunted” by New Bug

• Monday review – the hot 19 stories of the week

• Credit Card Skimming Attack Targets Australia Bushfire Donors

• 47 arrests for smuggling Moroccan citizens to the EU

• TrickBot Added New Stealthy Backdoor for High-Value Targets

• New York Airport Systems attacked by Sodinokibi Ransomware

• Citrix Gateway Vulnerability: Exploits Proliferate, as Experts say Gov’t Agencies Exposed

• School in Texas Lost $2.3 Million in a Phishing Scam

• National Lottery Hacker Jailed for Nine Months

• US troops deploying to the Middle East told to leave personal devices at home

• Welcoming the Danish Government to Have I Been Pwned

• 5G – The Future of Security and Privacy in Smart Cities

• Citrix Admins Urged to Act as PoC Exploits Surface

• 16-31 December 2019 Cyber Attacks Timeline

• Vulnerability Scanning vs. Penetration Testing

• UK data watchdog kicks £280m British Airways and Marriott GDPR fines into legal long grass

• Google Demos Remote Hack of an iPhone Without User Interaction

• Travelex Hit By $6m Ransom Attack

• December 2019’s Most Wanted Malware: Greta Thunberg-themed Spam Used to Spread Emotet Malware

• UK National Lottery Hacker Sentenced to Prison

• A case for establishing a common weakness enumeration for hardware security

• Pending study to examine OPM-GSA merger

• Prevent security misconfigurations in a multi-cloud environment

• Email attack trend predictions for 2020 | Cyber Work Podcast

• Do Midsized Companies Need a CISO?

• Adding Some Salt to Our Network – Part 2

• Citrix ADC Exploits: Overview of Observed Payloads, (Mon, Jan 13th)

• Maze Ransomware operators leak 14GB of files stolen from Southwire

• Iranian Cyber-Attacks, Ring Class-Action Lawsuit, Preventing Calendar SPAM

• Transact with trust: Improving efficiencies and securing data with APIs

• The U.S. Government Funded Smartphones Comes Pre-installed With Unremovable Malware

• If you haven’t shored up that Citrix hole, you were probably hacked over the weekend: Exploit code now available

• Ransomware attack on Albany Airport on Christmas 2019

• Information Security grabs attention at CES 2020

• CISA on Iran’s Cyber Threat: It’s Time to Review Your Cyber Security Posture!

• Kuo: All 5G iPhones on Track to Launch in Fall 2020, Including Both Sub-6GHz and mmWave Models

• Introducing the New MITRE ATT&CK Framework for Industrial Control Systems

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics ‘Data Classification Fail’

• Amazon Terminated Employees for Leaking Customers Sensitive Data Such as Email Address & Phone Number

• Semtech’s new AVX chipset offers enhanced performance for AV extension applications

• ISC Stormcast For Monday, January 13th 2020 https://isc.sans.edu/podcastdetail.html?id=6820, (Mon, Jan 13th)

• DEF CON 27, Red Team Offensive Village, Nathan Sweaney’s ‘Casting With The Pros: Tips And Tricks’

• India ordered to review suspension of internet services in Kashmir

• Cable Haunt Vulnerability Haunts Cable Modems Using Broadcom Chips

• CSA SECtember: A new global event dedicated to the intersection of cloud and cybersecurity

• Hampton Products adds indoor and outdoor security cameras to its suite of smart home products

• Zimperium integrates with Microsoft Defender Advanced Threat Protection EDR

• Ping An Technology and Intel to establish a joint laboratory, cooperate on products and technology

• ELK Dashboard and Logstash parser for tcp-honeypot Logs, (Sun, Jan 12th)

Generated on 2020-01-14 23:55:10.772663