IT Security News Daily Summary 2020-02-06

• U.S. Homeland Security has used facial recognition on over 43.7 million people

• The Iowa caucuses app had another problem: It could have been hacked

• How to use 7zip to encrypt files

• Japanese Defense Contractors Kobe Steel, Pasco Disclose Breaches

• New docs outline scope, security requirements for CIA enterprise cloud

• Next-generation endpoint security goes beyond the endpoint

• Good: IT admins scrambled to patch 80 per cent of public-facing Citrix boxes to close nightmare hijack hole

• Adposhel adware takes over browser push notifications administration

• How to combat the top 5 enterprise social media risks

• U.S. 5G security is imperiled by Trump administration infighting and fantasies

• Google to block some HTTP file downloads starting with Chrome 83

• Delivering on the promise of smart parking

• Two More Japanese Defense Contractors Disclose Security Breaches

• Researchers Reveal How Smart Lightbulbs Can Be Hacked to Attack

• Congressional watchdog slams Homeland Security over election security prep

• Chattanooga taps AI to identify hate speech

• 90% of CISOs Would Cut Pay for Better Work-Life Balance

• Hands-On With the Third-Generation iPhone-Compatible Moto 360 Android Watch

• Phishing Personified

• Apple Makes Independent Repair Shops Sign Draconian Contracts to Get Official Parts

• NSS Labs quietly acquired by private equity firm

• Google Chrome to Block Mixed Content Downloads, Prevents MiTM Attacks

• Lessons from Australia’s “OAIC’s Notifiable Data Breach Statistics Report”

• Hackers can steal data from air-gapped PC using screen brightness

• Best Practices for Storage Reclamation – Part 1 of 3

• Obama team couldn’t cope with Russian election meddling, report says

• Forescout acquired by private equity firm for $1.9 billion

• ICS Strengths and Weaknesses (from security perspective)

• Agencies look to ‘low code’ to speed development

• Phishing Attack Disables Google Play Protect, Drops Anubis Trojan

• Why Congress holds the key to DOD tech

• Anchore Federal Streamlines Government DevSecOps Workflows

• Prying “.R” Script Files Away from Xcode (et al) on macOS

• Why Congress holds key to DOD tech

• ACSC Releases Advisory on Mailto Ransomware Incidents

• Access Control Implementation in ICS

• War Powers: 
The Broken Balance Between the Branches

• Emotet Evolves With Wi-Fi Spreader

• The House Impeachment: A Postmortem

• Open-Source Security Projects: Choosing a Brandable .com Domain>

• Facebook now lets parents monitor their children’s chats

• Forescout Acquired by Private Equity Team

• Members of Anonymous Hack UN Website to Support Taiwan

• Cybersecurity Vendor Landscape Transforming as Symantec, McAfee Enter New Eras

• New “SaveTheQueen” Ransomware Found

• Australia’s Toll Group Hit With Ransomware Delaying Goods Shipments Globally

• Why shortcuts lead to failure: Lessons from app disaster in Iowa caucus

• The postmortem: Shadow took lots of shortcuts with Iowa 2020 caucus app

• Adware.Adposhel takes over your web push notifications administration

• Facebook now lets you monitor your children’s chats

• Iranian Hackers Target Journalists in New Phishing Campaign

• DoJ Asks Victims of the Quantum DDoS Service to Come Forward

• Cannabis dispensaries: Security and risk considerations for continued growth

• Metamorfo Returns with Keylogger Trick to Target Financial Firms

• Protecting users from insecure downloads in Google Chrome

• AirPods and AirPods Pro Manufacturing Could Be Impacted by Coronavirus, Leading to Greater Supply Shortages

• Facebook Tops Imitated Brands as Attackers Target Tech

• After the Iowa Caucus Meltdown, New Hampshire Says It’s Ready

• Ransomware Exploits GIGABYTE Driver to Kill AV Processes

• Interview in sputniknews.com: Experte zu Handy-Hacks: So kann man sich schützen

• U.S. Finance Sector Hit with Targeted Backdoor Campaign

• Vodafone To Remove Huawei From Core European Networks

• App Developer Calls For Open Revolt Against Apple

• Realtek HD Audio Driver Package – DLL Preloading and Potential Abuses (CVE-2019-19705)

• A Matter of Trust

• European Parliament Says It Will Not Use Facial Recognition

• Russian Disinformation Ongoing Problem, Says FBI Chief

• Why shortcuts lead to failure: Lessons from app disaster in Iowa

• Cisco Releases Security Updates for Multiple Products

• Security Experts Note Buggy Iowa Caucus App Is Buggy

• Children’s Advocates Criticize Facebook Encryption

• Charming Kitten Uses Fake Interview Requests To Target Public Figures

• Apple TV App on Select LG Smart TVs Will Support Dolby Atmos Sound ‘Later This Year’

• Four Reasons Your Cloud Security Is Keeping You Up At Night

• Porn Sites Suffer Highest Number of DDoS Attacks

• New Campaign Leverages BitBucket to Deliver Arsenal of Malware

• Sentar Awarded $164m Cybersecurity Task Order by US Defense Health Agency

• Governments Are Soft Targets for Cyber-criminals

• Obama response to 2016 Russian election meddling had ‘many flaws,’ Senate report finds

• Donald Trump Now Has the Senate GOP’s Blessing to Undermine Democracy

• Iowa and the maladministration of technology

• Invisible Pixel Patterns Can Communicate Data Covertly

• Ethical hacking: IoT hacking tools

• Visionary security partners to be honored at the very first Microsoft Security 20/20 event

• What Can You Do in 44 Seconds?

• S2 Ep25: You’ve seen WHAT on public Trello boards? – Naked Security Podcast

• Cloud Security Firm Netskope Raises $340 Million at $3 Billion Valuation

• Shoe with GPS embedded insole tracks ‘lost’ alzheimer’s & dementia patients

• New Apple TV With A12 Chip or Later Uncovered in tvOS 13.4 Beta

• Beware of malware disguised as Oscar-nominated movies including Joker and Parasite

• Wacom drawing tablets track every app you open

• DLL Hijacking Vulnerability Found in Realtek HD Audio Driver

• Oscar Nominated Movies Featured in Phishing, Malware Attacks

• Cloud security platform Netskope raises $340 million at $3 billion valuation

• Emotet attacks— a spike to start the year…

• Millions of UK Businesses lack a Cyber Insurance Policy

• iOS 13.4 Beta Reveals ‘CarKey’ Feature That Would Turn Your iPhone or Apple Watch Into a Car Key

• Shoe with GPS embedded insole track ‘lost’ alzheimer’s & dementia patients

• Update now – WhatsApp flaw gave attackers access to local files

• This latest phishing scam is spreading fake invoices loaded with malware

• 120 Million Medical Records Leaked! Global Medical Report Sheds More Light.

• Europeans Deserve to Have Their Governments Test—Not Trust—Filters

• BEC Scammers’ Interest in the Real Estate Sector Rises

• The Report: Impeachment, The Final Day

• Why we encourage newcomers and seasoned presenters alike to submit a paper for VB2020

• How Can We Make Election Technology Secure?

• 25 arrests in series of police actions against an Albanian drug trafficking gang

• A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods

• Philips Smart Lights Vulnerability Allows Hopping To Devices On The Network – Experts Advise

• 4 Times a Security Breach Was Narrowly Avoided

• Facebook Controls Let Parents Read Their Children’s Chats – Expert Comments

• Patch Management Company Automox Raises $30 Million

• Insider threats have increased 47%

• Forescout Technologies to be Acquired in $1.9 Billion Deal

• One In Three NHS Computers Is Still Running Outdated Windows 7 Software

• Armis Discovers 5 Zero-day Vulnerabilities in Cisco’s Discovery Protocol Impacting Tens of Millions of Enterprise-grade Devices

• SECURITY ALERT: US Users Targeted with Corona Virus Phishing Attacks

• Emotet Attacks Spread Alongside Fears of Coronavirus

• Louisiana Governor Urges Officials to Ready for Cyberattacks

• Apple Closes 42 Stores In China Amid Coronavirus Outbreak

• Open Source & Secure Software Development Are Not Mutually Exclusive

• The RSAC 2020 Trend Report

• Worlds gets $10 million to help enterprises observe their physical environments with AI

• The Tap Economy Part 1: Screen Commerce

• Huawei Hits Verizon With Patent Lawsuit

• IoT is a gold mine for hackers using fileless malware for cyberattacks

• Announcing Cortex XDR Managed Threat Hunting Service And New XDR Features

• IBM CEO Ginni Rometty Steps Down, Arvind Krishna To Take Over

• Researchers reckon 500k PCs infested with malware after dodgy downloads install even more nasties from Bitbucket

• What Data Carriers Can Collect About You Using Just the Phone Number

• Twitter bans deepfakes, but only those ‘likely to cause harm’

• Dutch court rules AI benefits fraud detection system violates EU human rights

• How your network could be hacked through a Philips Hue smart bulb

• Bug in Philips Smart Light Allows Hopping to Devices on the Network

• How your screen’s brightness could be leaking data from your air-gapped computer

• Experts On FBI Warns Re Potential DDoS Attack On State Voter Registration Website

• Persistent Engagement and Cost Imposition: Distinguishing Between Cause and Effect

• RSAC Sets Finalists for Innovation Sandbox

• cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)

• Malicious Optimizer and Utility Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud

• Cut Your Security Operations Time By 60% with the New R80 Security Management-as-a-Service

• University of Maastricht Paid 30 Bitcoins to Ransomware Attackers

• Experts Reaction On Researcher Finds Vulnerability In WhatsApp Desktop Platform

• Biased AI Is Another Sign We Need to Solve the Cybersecurity Diversity Problem

• Health Share of Oregon discloses data breach, theft of member PII

• FBI Director Warns of Ongoing Russian ‘Information Warfare’

• Google’s Chrome 80 clamps down on cookies and notification spam

• Windows 10 patch expert: Dear Mr Panay, please fix Microsoft’s buggy updates

• What Expert Says On 500,000+ Bitbucket Hosts Have Been Infected With Malware

• Charming Kitten Uses Fake Interview Requests to Target Public Figures

• A New Clue for the Kryptos Sculpture

• Experts Insight On Brazilian Firm Exposes Personal Details Of Thousands Of Soccer Fans

• Dropbox Passes $1M Milestone for Bug-Bounty Payouts

• Iranian Phishers Use Journalist’s Identity to Steal Info

• Risk profiling gives PPD real-time view of vulnerabilities

• 6 tips for building your cybersecurity bench

• Health Records Firm Epic and About 60 Client Hospitals Object to Data Sharing Rules Supported by Apple

• Why Are People Worried About Huawei?

• Android pulls 24 ‘dangerous’ malware-filled apps from Play Store

• 90% of UK Data Breaches Due to Human Error in 2019

• Microsoft: We Detect 77,000 Web Shells Each Month

• Dutch university pays $220,000 ransom to infamous Russian cybercrime ring

• Return of the CamuBot Banking Trojan attack

• Facebook’s Messenger Kids App to Allow Parents to Peer into Their Childs Inbox

• Emotet can spread to poorly secured Wi-Fi networks and computers on them

• Personal Information of 654K Medicaid patients exposed in breach

• This crafty malware makes you retype your passwords so it can steal them

• Air-Gapped Computers targeted by exfiltrating data from using screen brightness

• Philips Smart Light bug allows hopping to devices on network

• Phishing scam circulating about Coronavirus “safety measures”

• Twitter Confirms it Will Only Ban “Harmful” Deepfakes

• Check Point Research Brand Phishing report – Q4

• Qualcomm Confirms EU Antitrust Probe Of 5G Chips

• Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

• 3 Malware Trends to Watch Out for in 2020

• Bitbucket Abused as Malware Slinger

• Location of Couple Infected with Coronavirus Found Using Phone Tracking System

• The Rise of the Open Bug Bounty Project

• Biggest Password Mistakes: Notes From an Expert

• Charming Kitten Hackers Pose a High-Profile Journalists to Target Public Figures

• Honware: IoT honeypot for detecting zero-day exploits

• Which vulnerabilities were most exploited by cybercriminals in 2019?

• Your Smartphone: Ground Zero for Cyberattacks

• Firmware Backdoors Discovered in Surveillance Cameras

• The Goldilocks principle for zero trust fraud prevention

• LCD pwn System: How to modulate screen brightness to covertly transmit data from an air-gapped computer… slowly

• Chrome 80 Released With 56 Security Fixes

• Academics steal data from air-gapped systems using screen brightness variations

• Cyberattackers decreased their activity at the end of 2019, but only to change tactics

• Cyber Threat to Phillips Hue Bulbs

• ISC Stormcast For Thursday, February 6th 2020 https://isc.sans.edu/podcastdetail.html?id=6856, (Thu, Feb 6th)

• How IoT devices open a portal for chaos across the network

• In 2019 over 9.9 billion malware attacks were recorded

• How the B-Team watches over Australia’s encryption laws and cybersecurity

• FUD-free analysis: Natural language processing (NLP)

• So You Want to Achieve NERC CIP-013-1 Compliance…

• Navy seeks unmanned fleet, but Congress needs convincing

• Acunetix 13 web app security scanner comes with many innovations

• A look at CMMC

• NCP Secure Enterprise Management Server now supports 2FA through a web interface

• Secure Code Warrior and Manicode Security to lead Learning Lab at RSA Conference 2020

• Wind River and T-Systems deliver 5G cloud network management

• Yahoo! hack! payout! nearly! approved! and! the! question! is! how! to! spend! 60! cents!?

• Samsung introduces high-performing DRAM, helps advance supercomputers, AI-driven data analytics

• When Your Used Car is a Little Too ‘Mobile’

• NTT DATA Services enters strategic collaboration agreement with AWS

• Vixie: The Unintended Consequences of Internet Privacy Efforts

• Majority of Network, App-Layer DDoS Attacks in 2019 Were Small

• Aon acquires Cytelligence, a firm with deep expertise in cyber incident response

• DEF CON 27, Recon Village – Joe Gray’s ‘DECEPTICON: Deceptive Techniques To Derail OSINT Attempts’

• Automox raises $30 million to automate endpoint hardening

• Terrifying bug in WhatsApp allows hackers to steal files. So get patching all nine of you using it on the desktop

• Retirement claims for feds spike in January

• NYPD Abandons Paper Memo Books for New iPhone App

• BlackBerry’s New Digital Workplace Secures the Modern Workforce

• FBI still not pushing for encryption legislation

• Azure AD for Remote Users

• Department of Energy Adds Attivo Decoys for Critical Infrastructure Security

• IT Security News Daily Summary 2020-02-05

• The 11 Best Cyber Security Books — Recommendations from the Experts

• IoT Malware Campaign Infects Global Manufacturing Sites

• Governance is key to smooth the adoption of automation

• DHS looks to automate cyber compliance

• Army gets tactical with latest cloud pilot

• How Twitter’s Default Settings Can Leak Your Phone Number

• How To Protect Your Phone Number On Twitter

• Apple Shipped an Estimated 30.7 Million Apple Watches in 2019, Beating Entire Swiss Watch Industry

• (ISC)2 Expands Cybersecurity Awareness Efforts in Australia with Strategic Partnership

• Sketchy behavior? Wacom tablet drivers phone home with names, times of every app opened on your computer

• Fake browser update pages are “still a thing”, (Wed, Feb 5th)

• Hackable Cisco Phones, a Locust Invasion, and More News

• CDPwn vulnerabilities open millions of Cisco enterprise devices to attack

• 2020-02-04 – Pcap and malware for an ISC diary (SocGholish)

• Medicaid CCO Vendor Breach Exposes Health, Personal Info of 654K

• Three agencies team on cyber defense of energy infrastructure

• Congratulations to the 2020 Federal 100

• Mailto (NetWalker) Ransomware Targets Enterprise Networks

• Emotet Preps for Tax Season with New Phishing Campaign

• ICS Components

• 5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

• Iowa caucuses did one thing right: Require paper ballots

• Tips on keeping a Google Photos-type video bug from impacting cloud-based files

• US could learn how to improve election protection from other nations

• Google Shared Private Videos With Wrong Users

• Time to patch your lightbulb? Researchers demonstrate Philips Hue exploit

• Confusion reigned in Iowa caucus — even before the chaotic results

• What is Malware Obfuscation?

• Livestream: Senate Impeachment Trial Day 13

• CamuBot Banking Trojan Returns In Targeted Attacks

• What is a Privileged Access Workstation (PAW)?

• Everything New in iOS and iPadOS 13.4: iCloud Folder Sharing, Updated Mail Toolbar, New Memoji Stickers, and More

• The Mirai IoT botnet holds strong in 2020

• Cybereason Uncovers Malware Distributed via Bitbucket Repositories

• Fintech security: the challenges and fails of a new era

• Cisco Patches Critical CDP Flaws Affecting Millions of Devices

• Hackers can use flaw in Philips smart light bulbs to spread malware

• FBI Has Still Not Managed to Unlock iPhone Used by Mass Shooter in Florida Last Year

• Bug hunter finds cryptocurrency-mining botnet on DOD network

• RSA Conference Reveals RSAC Launch Pad 2020 Participants

• Apple Bringing In-App Purchases to Apple Watch in watchOS 6.2

• Keeping Compliance Data-Centric Amid Accelerating Regulation

• Microsoft Starts Testing Hyper-V for Windows 10 ARM64 Devices

• APT Gamaredon Improves Toolset

• CERN Physics Lab Drops Facebook Over Data Concerns

• BitBucket Abused for Viruses

• RIP FTP? File Transfer Protocol switched off by default in Chrome 80

• Risk & Repeat: 2019 data breaches in review

• New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers

• Charming Kitten Hackers Impersonate Journalist in Phishing Attacks

• Data exchange and cybersecurity

• Apple Adds Universal Purchases for iOS, tvOS and macOS Apps in Xcode 11.4

• Lithuanian Employees Targeted by China’s Intelligence Services on LinkedIn

• Quick Hits

• XKCD ‘Cicadas’

• FBI Issues Valentine Romance Scam Warning

• Hackers Can Steal Data From Air-Gapped Computers Via Screen Brightness

• Chrome to block intrusive video ads starting August 5, 2020

• Broken processes are the biggest cybersecurity threat to your organization

• Apple Seeds First Betas of iOS 13.4 and iPadOS 13.4 to Developers

• Cisco Discovery Protocol flaws jeopardize ‘tens of millions’ of devices

• Oh ****… Sudo has a ‘make anyone root’ bug that needs to be patched – if you’re unlucky enough to enable pwfeedback

• Teenager Arrested for DDoS Attack in Ukraine

• Charming Kitty Hackers Impersonate Journalist in Phishing Attacks

• After Suing Apple, BlueMail Calls on Other Developers ‘Kicked Out’ of App Store to Join the Fight

• Apple Engineers unveils a proposal to standardize the two factor authentication process and Google backs it up!

• Man pleads guilty to hacking Nintendo & possession of child pornography

• Coronavirus “safety measures” email is a phishing scam

• PayPal SMS scams – don’t fall for them!

• Google Fiber Drops TV Offering

• National Security Highlights in the 2020 State of the Union

• Cisco Flaws Put Millions of Workplace Devices at Risk

• Tesla Autopilot Duped By Phantom Images

• They can’t collect your bins or fix your roads. They let Google stalk visitors to their websites. Yes, it’s UK local government

• Penetration Test Types for (REST) API Security Tests

• Gain Visibility and Verify Device Trust Across Any Device

• Chrome’s ad blocker will expand to video on August 5

• Bug in Google meant videos were sent to archives of wrong users

• Healthcare data: The new prize for hackers

• Google Releases Security Updates for Chrome

• National Security Headlines in the 2020 State of the Union

• Record-Breaking $550 million Settlement in Principle of Biometric Privacy Lawsuit Reached by Law Firms Edelson, Robbins Geller and Labaton Sucharow and Facebook

• WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE

• Brazilian Firm Exposes Personal Details Of Thousands Of Soccer Fans

• Twitter Goes After Baby Peanut, API Threat

• CDPwn vulnerabilities impact tens of millions of enterprise devices

• Flaws In WhatsApp’s Desktop App Allowed Remote Access To Files

• Siemens Mobility, Claroty Partner to Secure OT Networks

• Cisco Discovery Protocol is Riddled with Security Holes: Businesses Urged to Patch Troubling Flaws

• New Ransomware Strain Halts Toll Group Deliveries

• A Round-up of Data Breaches in January 2020

• The Report: Impeachment, Day 12

• Leidos Buys L3Harris Security and Automation Business for $1 Billion

• Cisco Discovery Protocol Flaws Expose Tens of Millions of Devices to Attacks

• Exfiltrating Data from Air-Gapped Computers Using Screen Brightness

• How Bushfires Will Affect Australia’s Security

• Report: Smart bulbs have a major security problem

• Why Monitoring Third-Party SSL Certificates Matters

• Huge hit to illegal IPTV distributors in Bulgaria

• Livestream: FBI Director Wray Testifies at House Oversight Hearing

• Evolution of the Storage Engineer: Adapting to New Enterprise IT Realities

• Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation

• Russia using Ukraine as Cyberwarfare testing ground via Gamaredon

• Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

• 2020 Industry Predictions

• Getting DNS Client Cached Entries with CIM/WMI

• Vulnerability in WhatsApp Desktop Exposed User Files

• Companies Need Cybersecurity That Just Works

• Brazilian firm exposes personal details of thousands of soccer fans

• Microsoft detects 77,000 active web shells on a daily basis

• Seven Security Predictions for 2020

• Dear Silicon Valley bigheads, tech doesn’t make everything better

• BrandPost: Hiring Tips for CISOs Closing the Cyber Skills Gap

• Leveraging Gap Analysis to Drive Security Metrics

• Identity Verification And Fraud Prevention In 2020: Closing The Trust Gap

• Hiring Untapped Security Talent Can Transform the Industry

• YouTube Takes New Measures to Combat Disinformation Ahead of US Elections

• Smart Lightbulbs Used to Compromise Home and Business Networks

• US Wireless Carriers Shared Customer Location Data with Third Parties

• STOMP 2 DIS: Brilliance in the (Visual) Basics

• Windows 10 Search Is Broken and Shows Blank Results, How to Fix

• Ethical hacking: BYOD vulnerabilities

• RSAC Launch Pad 2020 participants revealed

• Iowa Fiasco Highlights Security Risks in US Vote, Officials Say

• MITRE ATT&CK: Endpoint denial of service

• Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

• Trial Begins for Ex-CIA Worker Charged With Leaking Secrets

• Most Reliable Hosting Company Sites in January 2020

• UK small businesses say cyberattack fears, not cash flow, keeps them awake at night

• One in three NHS computers is still running outdated Windows 7 software

• Super Bowl LIV Security & Bill Bratton on Verizon’s $80M Ramp Up

• UK Firm SSTL Approved For Data-Relay Spacecraft For Moon

• US Meeting To Review Fresh Huawei, China Restrictions – Report

• Apple Patent For No-Crease Folding iPhone Screen Approved

• Security Predictions for 2020 from the (ISC)² Community of Security Professionals (Part 2)

• Experts On Adoption Of Facial Recognition

• The Importance Of Educating Staff On Cybersecurity

• Expert Analysis On Attacker Used Twitter API To Match Usernames To Passwords

• Prepare for Cisco, CompTIA, and More IT Certifications with this Bundle

• On Google Sending Videos To Wrong Users

• Tree Code

• How to defend your organization against the latest malware, botnets and security exploits

• Infrastructure-as-code templates are the source of many cloud infrastructure weaknesses

• DDoS Attack Potentially Targeted State Voter Registration Site, Says FBI

• Foxconn Cuts Revenue Outlook Following Coronavirus Outbreak

• Dropbox paid more than $1 Million via its bug bounty program

• What is Cloud Networking?

• Facebook will let parents see kids’ chat history, peer into inbox

• Critical Android flaws patched in February bulletin

• Someone else may have your videos, Google tells users

• Twitter admits to raid on users’ phone numbers

• YouTube Deepfake Ban – Expert Commentary

• Artificial Intelligence (AI) and Security: A Match Made in the SOC

• Cybersecurity Bill Would Set Defense Plan for Local Agencies

• How one law firm made security a business development opportunity

• Flaw in Philips Smart Light Bulbs Exposes Your WiFi Network to Hackers

• VB2019 paper: The cake is a lie! Uncovering the secret world of malware-like cheats in video games

• Coronavirus Attacks Aim to Spread Malware Infection

• 5 steps to avoid credential dumping attacks

• SORA and UNSTABLE: 2 Mirai Variants Target Video Surveillance Storage Systems

• Sudo Vulnerability Allows Privilege Escalation to Root

• Improving email security with MTA-STS

• How to catch a cybercriminal: Tales from the digital forensics lab

• Google apologies for private-video-sharing bug

• 17,000 yachting industry professionals details exposed in data breach

• Stolen Health Data exposed by Maze ransomware

• Gamaredon APT Improves Toolset to Target Ukraine Government, Military

• Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

• Irish watchdog launches Google, Tinder GDPR data processing probe

• How to protect your organization from infrastructure as code security risks

• Blow to fuel fraudsters: 59 arrests in Europe

• 500,000+ hosts infected with malware cocktail

• Twitter: We’ll kill deepfakes but only if they’re harmful

• FCW Insider: Feb. 5

• DDoS attack warning from state voter registration site

• Twitter Discovers Attackers Trying to Match Usernames and Phone Numbers

• Microsoft says it detects 77,000 active web shells on a daily basis

• Apple App Store Preview Confirms Existence of Samsung’s Rumored Galaxy Buds+ With Official iPhone Support

• Over 80% of UK Firms Don’t Have Specialist Cyber Insurance

• USB armory Mk II: A secure computer on a USB stick featuring open source hardware design

• Touch panels deployed in critical infrastructure vulnerable to remote attacks

• The Dark Side of Smart Lighting: Check Point Research Shows How Business and Home Networks Can Be Hacked from a Lightbulb

• Open SSH Access Found on Israeli Government DNS Server

• InSecurity Podcast: Kip Boyle – A Security Sherpa at Your Service

• EKANS Ransomware Detected with ICS-Specific Functions

• Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware

• Apple App Developers Questioned As Part Of DoJ Antitrust Probe

• Twitter Revealed Exploitation of Android App Flaw That Allowed Matching Phone Numbers With User Accounts

• Rural Not-Spot Deal Sees Operators Argue Over Costs

• Irish Regulator Probes Google, Tinder Over Data Processing

• Why certain companies are more heavily targeted by DDoS attacks

• 2019 Global DDoS Threat Landscape Report

• Security Strategy: Moving Away From Tried and True

• Critical WhatsApp Vulnerability Let Hackers to Access the Local System Files on Mac & Windows

• Bitbucket Abused to Infect 500,000+ Hosts with Malware Cocktail

• How can we harness human bias to have a more positive impact on cybersecurity awareness?

• WhatsApp Desktop Security Flaws Put Millions of Users at Risk

• Google mistakenly shared private videos of some users with others in 2019

• When Scams Collide: E-Mail Fraud and Insurance

• HECVAT toolkit helps higher education institutions assess cloud adoption risks

• Malware stew cooked up on Bitbucket, deployed in attacks worldwide

• Malware and ransomware attack volume down due to more targeted attacks

• Lack of .GOV validation and HTTPS leaves states susceptible to voter disinformation campaigns

• Mobile Security glitch delays IOWA Caucus results

• Twitter suspects state-funded data breach on its database

• Mobile data roaming traffic generated by consumer and IoT devices expected to surge

• The Prosecutor General’s Office of the Russian Federation proposes to create a single resource to combat cyber fraud

• Cynet announces special offer for Symantec customers

• Android’s February 2020 Update Patches Critical System Vulnerabilities

• Bouygues Construction falls victim to ransomware

• What Is Log Management, and Why Is It Important?

• Yubico YubiEnterprise Services: Helping orgs to deploy strong authentication at scale

• Google Admits That Google Photos Sent Private Videos to Strangers And Allowed to Download it

• Radiflow iRISK: Business-driven industrial risk analytics service for OT networks

• ISC Stormcast For Wednesday, February 5th 2020 https://isc.sans.edu/podcastdetail.html?id=6854, (Wed, Feb 5th)

• Xton Access Manager now includes RDP, SSH and HTTP proxy support

• STEALTHbits’ free program helps orgs mitigate risks associated with Microsoft’s pending AD update

• DARPA’s plan for a US-friendly 5G network

• NETSCOUT enables streamline monitoring and reduces risk through greater visibility across the network

• EFF Lawsuit Ends Censorship Against PETA on Public University’s Facebook Page

• Forter Loyalty Program Protection solution helps merchants tackle attacks on rewards programs

• Avaya and RingCentral simplify communication and collaboration through multiple channels

• TRIMEDX partners with CyberVista to launch a cybersecurity training program

• Companies Pursue Zero Trust, but Implementers Are Hesitant

• Miller Kaplan acquires Citadel to offer clients information security analyses and expertise

• Google Takeout a bit too true to its name after potentially 1000s of private videos shared with complete strangers

• Aliaswire names Jed Rice as CEO

• Deepak Ahuja joins NetApp’s Board of Directors

• Is Chrome really secretly stalking you across Google sites using per-install ID numbers? We reveal the truth

• LexisNexis Risk Solutions enhances its fraud and identity offering with the acquisition of Emailage

• Chrome 80 released with silent notification popups, support for same-site cookies

• Realtek Fixes DLL Hijacking Flaw in HD Audio Driver for Windows

• 8 of the 10 Most Exploited Bugs Last Year Involved Microsoft Products

• Network Data Systems promotes Wayne Dumas to COO and Craig Johnson to VP of Worldwide Sales

Generated on 2020-02-06 23:55:13.823661