IT Security News Daily Summary 2020-03-11

• ForgeRock Secure Sharing Ingredients: Who, What and How

• Google Chrome Gets ‘Default to Guest’ Mode for Stateless Browsing

• How Prisma Cloud Secures Cloud Native App Development with DevOps Plugins

• Five ways cyberattacks put manufacturing systems at risk

• Cyberspace Solarium Commission Slams US Cybersecurity Readiness

• Lawmakers push back on Trump’s cyber budget, press on COVID-19 response

• Microsoft Discloses New Remote Execution Flaw in SMBv3

• Ransomware Increasingly Targeting Small Governments

• Windows Registry Helps Find Malicious Docs Behind Infections

• Symmetric vs. asymmetric encryption: Decipher the differences

• Flaws Riddle Zyxel’s Network Management Software

• What’s in H.R. 6172, the House’s Compromise FISA Reform Bill?

• Microsoft nukes 9 million-strong Necurs botnet after unpicking domain name-generating algorithm

• COVID-19 Drives Rush to Remote Work. Is Your Security Team Ready?

• RCE in popular ThemeREX WordPress Plugin has been actively exploited

• Defending Forward by Defending Norms

• Apple Pay Promo Offers Free Drink With Jimmy John’s Order

• Cybersecurity pros are using artificial intelligence but still prefer the human touch

• Defend Forward as a Whole-of-Nation Effort

• February sees huge jump in exploits designed to spread Mirai botnet

• Iranian Coronavirus App Collecting Sensitive Information | Avast

• Intel Patches 27 Vulnerabilities Across Product Portfolio

• Why the private sector will play an increasingly bigger role in climate change and sustainability

• Avast disables JavaScript engine in its antivirus following major bug

• Water Wars: Duterte Disdains Detente, Departs Defense Deal

• Introducing 1-Click NIST Password Standard Compliance & More

• Microsoft discloses wormable SMBv3 flaw without a patch

• No, a Border Wall Won’t Stop Coronavirus

• I Want to Work in Industrial IoT Security. What Lingo Do I Need to Know?

• The Pentagon’s General Counsel Defends the Legality of the Soleimani Strike

• New federal rules will let patients put medical records on smartphones

• Police May Not Need a Warrant to Rummage Through Your Trash, But Warrantless Collection of DNA Is Unconstitutional

• Phishing Attack Skirts Detection With YouTube

• Microsoft leads takedown of Necurs botnet

• E3 and NAB Events Canceled Due to Coronavirus

• Budget 2020: Chancellor Pledges £30 Billion Package Amid Coronavirus Outbreak

• Apple Closes All Retail Stores in Italy Due to Coronavirus [Updated]

• Ring announces two new Video Doorbells, Chimes, and Pre-Roll feature

• JEDI injunction decision hinges on cloud storage definition

• Apple Closes All Retail Stores in Italy Due to Coronavirus

• Cybersecurity Isn’t “Cool” Enough to Attract New Talent

• Spinning up telework presents procurement challenges

• DEF CON 27, Packet Hacking Village – Emilio Couto’s ‘CIRCO: Cisco Implant Raspberry Controlled Ops’

• DDR4 Memory Still At Rowhammer Risk, New Method Bypasses Fixes

• The Joy of Tech® ‘Your Smartphone Is Disgusting’

• Mammoth March Patch Tuesday lands on Windows admins

• Implementing Effective Security Measures for Your Remote Workforce

• Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks

• Deer[dot]io Operator Arrested by FBI

• Dutch government loses hard drives with data of 6.9 million registered donors

• Deterrence by Denial: The Missing Element of U.S. Cyber Strategy

• Some VPN Apps Secretly Gather Anonymized User Data

• How the Rise of IoT Is Changing the CISO Role

• Coronavirus Map Used to Lure Victims to Install Malware

• Layered Cyber Deterrence: A Strategy for Securing Connectivity in the 21st Century

• Microsoft Issues Security Advisory for SMBv3

• Gender Equality in Cybersecurity Could Drive Economic Boost

• How to build a budget home office for under $300

• Blacklists Miss 21% of Phishing Attacks, Internet Traffic Reveals

• COVID-19 coronavirus outbreak and a security conference tries to play it down

• FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute
  FINSPY,FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to
  Distribute FINSPY

• Wormable, Unpatched Microsoft Bug Threatens Corporate LANs

• Why Is North Korea So Interested in Bitcoin?,Why Is North Korea So
  Interested in Bitcoin?

• Facebook Temporarily Bans Ads For Medical Facemasks In Order To Fight False Health Claims

• The Cyberspace Solarium Commission Report: A Lawfare Series

• Apple Seeds Fifth Beta of watchOS 6.2 to Developers

• Hackers Attack Windows Users with Info-Stealer Malware via Weaponized MS Word Documents

• Microsoft Server Message Block RCE Vulnerability

• Find out how to manage detection and response for better cyber security

• US Needs Top Cyber Coordinator, Better Hacker ‘Deterrence’: Panel

• Coronavirus as an opportunity to evolve security architecture

• Uma Thurman to Star in Upcoming Apple TV+ Drama ‘Suspicion’

• Friend’s girlfriend sextortion scam infects PCs with Raccoon malware

• A Round-up of Data Breaches in February 2020

• S2 Ep30: Let’s Encrypt, ULTRASOUND attacks, backups for ransom – Naked Security Podcast

• Online payment security: 8 Steps to ensure safe transactions

• UK Budget: Investments Must Focus on Cybersecurity and Privacy, Say Experts

• Crescendo: Real Time Event Viewer for macOS

• First 100,000 Victims of Western Union Fraud Scheme Receive $153m

• Risk Mitigation Requires Complete Visibility

• Secure Transactions: A PCI-DSS & PA-DSS Overview and Compliance Checklist

• Tens of Vulnerabilities Expose WAGO Controllers, HMI Panels to Attacks

• Securing the MSP: best practices for vetting cybersecurity vendors

• How to Use Your Mac to Help the Fight Against Coronavirus

• Intel Patches High Severity Flaws in Windows Graphics Drivers

• Office network at the European Network of Transmission System Operators for Electricity (ENTSO-E) breached

• Are You Going About the Talent Shortage Wrong? It’s Time to Stop MacGyvering

• NSO Asks US Court To Sanction Facebook Over Lawsuit

• Guarding against supply chain attacks—Part 3: How software becomes compromised

• LA Covers Up Bad Cybersecurity

• European electricity association warns of office network breach

• Artificial Intelligence helps Facebook takedown 6.5 billion fake accounts

• New TrickBot Variant Updates Anti-Analysis Tricks

• How a Major Retailer Realized Significant Cost Savings by Automating Processes With Security Intelligence

• Advance Your Modernize IAM Program With ForgeRock’s New Accelerators

• Firefox 74 Patches Vulnerabilities, Disables TLS 1.0 and 1.1

• Beware of ‘Coronavirus Maps’ – It’s a malware infecting PCs to steal passwords

• Hackers are working harder to make phishing and malware look legitimate

• Trend Micro VP talks cloud security, IoT risks, and ransomware

• Balkan cocaine cartel taken down in Montenegro

• How to Write a Great Speaker Submission

• Five ways to detect early signs of a breach using the network

• US Extends Huawei Trade Licence Again

• Microsoft Releases the March 2020 Security Updates for Office

• Preparing for Large-Scale Remote Working in the Wake of COVID-19

• Why Traders Should Always Account for Extreme Weather When Investing

• Boris Johnson Defeats MP Rebellion Over Hauwei Decision

• Secret-sharing app Whisper failed to keep users’ fetishes and locations private

• Why CSP Isn’t Enough to Stop Magecart-Like Attacks

• Critical SMBv3 Vulnerability: Remote Code Execution, (Wed, Mar 11th)

• Ransomware has a new trick: pay up or suffer a data breach

• MY TAKE: Why speedy innovation requires much improved cyber hygiene, cloud security

• CIOs juggling digital transformation pace, bad data, cloud lock-in and business alignment

• Spotify Premium APK: Everything You Need To Know

• Fetishes Exposed by Secret-Sharing App Whisper

• Logitech Launches New POWERED 3-in-1 Dock for Wirelessly Charging iPhone, AirPods and Apple Watch

• Use This Ultimate Template to Plan and Monitor Your Cybersecurity Budgets

• SECURITY ALERT: New LinkedIn OneDrive Phishing Campaign Detected by Heimdal™ Security

• COVID-19 Visited The RSA Conference This Year

• Secret-sharing app Whisper shared secrets like last known location and actual password tokens in exposed database

• Microsoft Takes Down Global Zombie Bot Network

• Windows Has A New Wormable Vulnerability, And There’s No Patch In Sight

• Exabeam employees at RSA tech conference in San Francisco stricken with COVID-19

• SandBlast Mobile expands its ecosystem by adding Jamf as a supported mobile management solution

• Why Are Governments So Vulnerable To Ransomware Attacks?

• More Than Half of IoT Devices Vulnerable to Severe Attacks

• SOC-as-a-Service Specialist Arctic Wolf Raises $60 Million

• Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

• Announcing our first GCP VRP Prize winner and updates to 2020 program

• Expert Insight On Microsoft Leaks Info On Wormable Windows SMBv3 CVE-2020-0796 Flaw

• How To Remove ‘Deceptive Site Ahead’ Warning?

• Bugs in Avast AntiTrack expose users to cyber attacks

• How to prevent the data breach that keeps on happening

• Laying a foundation for more secure computing: Red Hat Enterprise Linux and Common Criteria

• Deloitte: 8 things municipal governments can do about ransomware

• TSMC Expected to Begin Volume Production of 5nm-Based A14 Chips in April Ahead of iPhone 12 Models

• Virtualization-based sandbox malware

• Sextortion Hackers Use ‘Friend’s Naked Girlfriend’ Lure

• MITRE ATT&CK: System shutdown/reboot

• Sweden fines Google $8 million for right-to-be-forgotten violations and demands it keep websites in the dark

• Apple Highlights AirPods Pro With Active Noise Cancellation in New Ad

• How To Easily Repair Hacked Website? (Complete Guide)

• Hackers Hacking Hackers – Cybersecurity Specialist Insight

• How coronavirus COVID-19 is accelerating the future of work

• Why are governments so vulnerable to ransomware attacks?

• iPhone users may get 25$ from Apple for slowing down their devices

• Local governments: Don’t pay ransoms to hackers

• The Ultimate Security Budget Excel Template – The Easiest Way to Plan and Monitor Your Security Spending

• Whisper, an anonymous secret-sharing app, failed to keep messages or profiles private

• Google: Linux systems can use this new tool against USB keystroke injection attacks

• Enforcement of the GDPR will be strengthened in 2020

• Dating App Maker Match Group Backs US Bill Seen as Privacy Threat

• WatchGuard Technologies to Acquire Panda Security

• Deals: iPad Mini 5 Receives Big Discounts Across Every Model, Starting at $350 for 64GB Wi-Fi

• Nreal unveils all-in-one enterprise AR headset for late 2020 release

• 8 Million Sales Records On Amazon, Ebay, Shopify Exposed – Security Expert Opinion

• Hospital Devices Exposed To Hacking With Unsupported Operating Systems

• Warning — Unpatched Critical ‘Wormable’ Windows SMBv3 Flaw Disclosed

• Covid-19 Poses Security Risk For Top Companies – Security Experts Response

• Necurs Botnet in Crosshairs of Global Takedown Offensive

• North Carolina City And County Shut Down After Ryuk Ransomware Attack – Expert Commentary

• Mozilla Pushes Out 13 Firefox Patches: Google Credited with Two

• Hundreds Of Thousands Of Websites To Be Marked As Insecure In Latest Firefox Update – Response From Industry Expert

• Closing The Gender Gap In Cybersecurity Could Boost UK Economy By £12.6bn

• Experts On Report: 60% Of Data Breaches Caused By Human Error

• Apple News App Gains Coronavirus Special Coverage Section

• Paradise Ransomware Uses IQY Attachments to Stay Hidden

• Avast AntiTrack Flaw Allows MitM Attacks on HTTPS Traffic

• How to Tell if a Website Has Been Compromised

• AnimeGame – 1,431,378 breached accounts

• Safeguarding Healthcare for the Future With Zero Trust Security

• FBI arrests alleged owner of Deer.io, top market for stolen accounts

• This Raspberry Pi-powered LEGO robot brute-force attacked an iPhone to find out what PIN codes are blacklisted

• How Retail Security Can Welcome IoT Innovations Without Putting Customers at Risk

• Microsoft Working on Patches for Wormable SMB Vulnerability

• Trial for accused CIA leaker ends in hung jury

• Coronavirus: Google Orders All North American Staff To Work From Home

• Fake love: devious men luring young women into prostitution busted in Spain and Romania

• Apple and Other Tech Companies to Convene With White House Officials About Coronavirus Response

• COVID 19 : Lessons Learnt (11 March 2020)

• Spam Campaign Leverages IQY Files to Distribute Paradise Ransomware

• Cybersecurity Overhaul recommended by Congress

• Ransomware

• Wormable Windows SMBv3 RCE flaw leaked, but not patched

• February 2020’s Most Wanted Malware: Increase in Exploits Spreading the Mirai Botnet to IoT Devices

• Brave browser to block web fingerprinting with randomisation

• Data breach action avoided by Hertfordshire University

• Intel graphics drivers flaws patched

• Human Intelligence is Pivotal in a Data-Driven World

• China’s iPad Stocks Dwindling as Kids Switch to E-Learning Amid Coronavirus-Related School Closures

• Patch Tuesday

• How to prevent attackers from using Windows against you

• Patch Tuesday Fixes Over 100 Bugs This Month

• The changing role of the DBA

• Open-source options offer increased SOC tool interoperability

• Researcher wins $55,000 for ‘Login with Facebook’ hack

• Google Stops Displaying Security Warnings in Microsoft Edge, No Longer Recommends Switching to Chrome

• Episode 5: In security, soft skills are king

• User data exposed by Entercom

• University of Hertfordshire avoids data breach action by UK watchdog

• European Electrical Energy Organization Discloses Breach

• Eight Million Shopper Records Leaked Online

• Agent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account, (Wed, Mar 11th)

• Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

• FCW Insider: March 11

• iPhone, Android VPN Apps Caught Snooping on Users’ Web Traffic

• VB2019 presentation: Nexus between OT and IT threat intelligence

• The Reg produces exhibit A1: A UK court IT system running Windows XP

• High Voltage Attack: EU’s Power Grid Organisation Hit by Hackers

• FBI Recommends Against Saving Passwords in Browsers

• Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

• Closing the cybersecurity gender gap would boost the US economy by $30B

• Google: You know we said that Chrome tracker contained no personally identifiable info? Forget we ever said that

• IT Leaders Aim to Outgun Hackers with Bigger Cybersecurity Budgets in 2020

• Check Point: coronavirus has become a tool for hacker attacks on users and businesses

• L1ght Looks to Protect Internet Users from Toxic and Predatory Behavior

• Cybercriminals leveraging coronavirus outbreak to execute ransomware attacks

• The Security Challenges of the Cloud

• DNS over HTTPS misuse or abuse: How to stay secure

• Report Details Security Threats Posed by Cloud File Services

• Stuck at home? Need something to keep busy with? Microsoft has 115 ideas – including an awful SMBv3 security hole to worry about

• IRS scams during tax season target unsuspecting consumers

• Senate committee waves through Australia’s AML/CTF amendments

• Ransomware attack on Australia Car Auction Company

• Ransomware Attack on City of Chateauguay

• Multi-cloud and edge deployments threatened by security and connectivity problems

• Microsoft Patches 115 Vulnerabilities in Windows, Other Products

• Microsoft has Takedown the world’s Largest Necurs Botnet that Infected Nine Million Computers Globally

• Norquist warns programs will stall under a 2021 stopgap budget

• How to spot a fake app?

• The Graham-Blumenthal Bill Is an Attack on Online Speech and Security

• Avast Response to COVID-19 Outbreak | Avast

• How IP Geolocation Lookups Help Thwart Cyber Attacks

• Arista Networks’ new pluggable form factor simplifies DWDM network deployment

• Stuck at home? Need something to keep busy with? Microsoft has 115 ideas – and yes, we mean security fixes

• We Want You! Win the War on Ransomware Today

• How to Leverage NIST Cybersecurity Framework for Data Integrity

• March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes

• Working in a coronavirus world: Strategies and tools for staying productive

• Siren 10.4: Finding the shortest data paths across connected records inside Elasticsearch clusters

• When Proxy Services Enable Abuse

• Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks

• Everbridge unveils new CEM capabilities for the IoT for corporate, government and healthcare orgs

• Dentsu Aegis Network deploys the SnapLogic platform to integrate SaaS apps and power DX

• ISC Stormcast For Wednesday, March 11th 2020 https://isc.sans.edu/podcastdetail.html?id=6904, (Wed, Mar 11th)

• The Revised EARN IT Act Proposes a Better Process for Encryption Policy

• That LVI CPU hole wasn’t the only Intel fix: Dozens of flaws patched to stop chips turning into potatoes

• NetApp acquires Talon Storage to solve remote office and branch office challenges with file shares

• As the Number of Remote Workers Rises, Cisco Supports Customers with Expansion of Free Security Offerings

• FAQ about the Tech Projects Director Role

• Nasty Phishing Scam Pretends to Be Your HIV Test Results

• Smart Check Validated for New Bottlerocket OS

• Coalition Asks California’s Governor Newsom to Support Fiber Broadband for All

• Microsoft Patch Tuesday, March 2020 Edition

• Malwarebytes hires Adam Hyder as its new Senior Vice President of Engineering

• New CPU attack technique can leak secrets from Intel SGX enclaves

• Microsoft March 2020 Patch Tuesday fixes 115 vulnerabilities

• 2020-03-09 – Quick post: Fastloader –> Trickbot gtag wmd44

• Two attendees at RSA tech conference in San Francisco stricken with COVID-19

• 2020-03-10 – German malspam with password-protected zip files pushes Ursnif

• Microsoft accidentally reveals Wormable Win SMBv3 CVE-2020-0796 Flaw

• The U.S. Gets U.N. Support for the Taliban Deal

• IT Security News Daily Summary 2020-03-10

• Apple Postpones Alleged March Product Event Amid Coronavirus Restrictions

• Microsoft March 2020 Patch Tuesday Fixes 115 Vulnerabilities

• Your VPN or ad-blocker app could be collecting your data

• Critical Bugs in Rockwell, Johnson Controls ICS Gear

• Revisiting Program Execution

• DEF CON 27, Packet Hacking Village – Jay Beale’s ‘Attacking And Defending Kubernetes’

• Two #RSAC Attendees Test Positive for #Coronavirus

• Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu

• Australian Information Commissioner Holds Facebook’s Feet To The Barbie…

• Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks

• March 2020 Patch Tuesday – 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches

• USCIS, SEC extend telework amid coronavirus concerns

• March 2020 Patch Tuesday: Microsoft fixes 115 vulnerabilities, Adobe none

• Risk management vs. risk assessment vs. risk analysis

• Microsoft Patches 26 Critical Bugs in Big March Update

• Why is Congress Conducting Business as Usual in the Face of Coronavirus?

• Microsoft Leaks Info on Wormable Windows SMBv3 CVE-2020-0796 Flaw

• Researchers Develop New Side-Channel Attacks on Intel CPUs

• Microsoft disrupted US-Based Infrastructure of the Necurs botnet

• VERT Threat Alert: March 2020 Patch Tuesday Analysis

• California tech industry gets its first big coronavirus hit: RSA Conference attendee infected, in serious condition

• CDC: Data modernization would have improved coronavirus detection, tracking

• Microsoft Patch Tuesday March 2020, (Tue, Mar 10th)

• ‘Internet of things’ could be an unseen threat to elections

• Fisheries sites move to the cloud

• Bitsight and Microsoft Disrupt Necurs Botnet

• Popular ThemeREX WordPress Plugin Opens Websites to RCE

• Threat Hunting – A Cybersecurity Paradigm Shift

• Microsoft Patches Over 100 Vulnerabilities

• 4 ways government can use AI to track coronavirus

• Microsoft Cracks Infrastructure of Infamous Necurs Botnet

• Protecting Civil Liberties During a Public Health Crisis

• Latest data center guidance may have increased security risk, watchdog says

• Entercom Radio Giant Says Data Breach Exposed User Credentials

• Facebook Awards $55,000 for Flaw That Could Lead to Account Hijacking

• NIST’s Ron Ross pivots to DevSecOps

• How nation-state cyberattacks affect the future of infosec

• Coronavirus: What business pros need to know

• Victory: Android 11 Rolls out Improved Certificate Warnings

• New Intel CPU Vulnerability: Is “Load Value Injection” a Real Threat?

• Akamai’s CDN Logs Uncover Emerging Phishing Attacks

• Firefox 74 Released: Security Fixes, Improvements, and Fixes

• What’s Next in Cyber Threat Intelligence?

• IBM’s Outgoing CEO Ginni Rometty Pockets $20m

• Microsoft orchestrates coordinated takedown of Necurs botnet

• Necurs Botnets Busted

• Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide

• New Intel CPU Vulnerability: Is “Load Value Injection” A Real Threat?

• Trend Micro Cloud App Security Blocked 12.7 Million High-Risk Email Threats in 2019 – in addition to those detected by cloud email services’ built-in security

• Firefox Bug Opens iPhone AirPods to Third-Party Snooping

• High-Severity Flaws Plague Intel Graphics Drivers

• The Biggest Gap in Cybersecurity is Empathy

• Never a Dull Moment – RSA Conference Afterthoughts

• 3 Tips to Stay Secure When You Lose an Employee

• Hospitals At Risk Due To Outdated Operating Systems

• DNS-Layer Security: What It Is and Why You Need It

• $30 Million Ransom Demand at Australian Car Auction Company

• Unpatched Microsoft Exchange Servers Vulnerable to CVE-2020-0688

• Windows 10 Cumulative Update KB4540673 & KB4538461 Released

• Another Blow to the Presumption of Regularity

• Intel Releases Security Updates

• LVI Attacks: New Intel CPU Vulnerability Puts Data Centers At Risk

• New Version of njRAT Spread by Mysterious Group

• 5G network slicing security benefits IoT, mobile

• Five Mac Apps Worth Checking Out – March 2020

• European Network of Transmission System Operators for Electricity (ENTSO-E) Confirms Security Incident

• Microsoft Releases March 2020 Security Updates

• A Day in the Life of the Data-Driven CISO

• Paradise Ransomware Distributed via Uncommon Spam Attachment

• Intel CPUs vulnerable to new LVI attacks

• Microsoft Takes Control of Necurs U.S.-Based Infrastructure

• How Google Play Protect kept users safe in 2019

• New LVI Intel CPU Data Theft Vulnerability Requires Hardware Fix

• Paradise Ransomware Variant Hides in Office IQY Files

• Mozilla Releases Security Updates for Firefox and Firefox ESR

• Load Value Injection: Intel CPUs Vulnerable to Reverse Meltdown Attack

• Apple Seeds Fifth Beta of Upcoming macOS Catalina 10.15.4 Update to Developers

• Apple Seeds Fifth Betas of iOS and iPadOS 13.4 to Developers

• LVI Attacks: New Intel CPUs Vulnerability Puts Data Centers At Risk

• Apple Seeds Fifth Beta of Upcoming tvOS 13.4 Update to Developers

• Researchers: Gaps In Facebook’s Ad Platform Could Have Enabled “Malicious” Marketers

• Attacks Targeting Recent Microsoft Exchange Flaw Ramping Up

• March 2020 security updates are available

• What is the Best Way to Protect Data?

• You only LVI twice: Meltdown The Sequel strikes Intel chips – and full mitigation against data-meddling flaw will cost you 50%+ of performance

• Los Angeles Utility Accused of Cybersecurity Coverup

• Apple Shares Trailer for Upcoming Animated Apple TV+ Series ‘Central Park’

• Threat hunting: Part 1—Why your SOC needs a proactive hunting team

• Flaw in popular VPN service may have exposed customer data

• Hackers Hack Hacking Tools to Hack Hackers

• Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs

• Why vendor management is a cornerstone of security

• iOS 14 Leaks: List View for Apps, Settings App May Support Custom Wallpaper Packs, New Apple TV Remote, and More

• Hackers hit hackers in new malware campaign

• Rocket Loader skimmer impersonates CloudFlare library in clever scheme

• Nreal unveils all-in-one Light enterprise AR headset for Q4 2020

• Firefox 74 is out: Here are the key changes and features

• Design Your Own Cyber Security Insurance, Say Experts

• How Google does certificate lifecycle management

• Identity management 101: How digital identity works in 2020

• Phishers Use Fake HIV Test Results as Bait

• Security Validation: Addressing the Need for Change RSA 2020 Key Takeaways by Henry Peltokangas

• Equifax invests $1.25 Billion in Cloud Security

• Hackers use hackers spreading tainted hacking tools in long-running campaign

• Things 3.12 Update Brings Cloud Sync and Additional Requested Features to Apple Watch

• 10 biggest cybersecurity M&A deals of 2019

• 1-15 February 2020 Cyber Attacks Timeline

• Intel’s data center CPUs vulnerability could lead to “devastating” attacks

• Azure NetApp Files: The Perfect Recipe

• iOS 14 Leak Reveals Apple Developing New Augmented Reality App Codenamed ‘Gobi’ With QR Code-Like Tags

• 2019: Looking Back at Malware

• Tax Scams – Everything you need to know to keep your money and data safe

• Hackers Exploiting Recently Patched ManageEngine Desktop Central Vulnerability

• Intel Argues EU Antitrust Decision In 2009 Was ‘Fundamentally Flawed’

• Ex-CIA Official Allegedly Leaked CIA’s Secret Hacking Tools To WikiLeaks

• What Should I Do About Vulnerabilities Without Fixes?

• This ransomware campaign has just returned with a new trick

• How Network Metadata Can Transform Compromise Assessment

• Avast AntiTrack certificate bug allowed others to snoop on your online activities

• Microsoft shares nightmare tale: 6 sets of hackers on a customer’s network

• Securing the deployment of OpenShift Container Platform 4

• New AMD Processor Bug Breaks Encryption

• Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)

• FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

• Spammers Use Coronavirus Message to Deploy Keylogger

• DisruptOps Raises $9M Series A to Scale Cloud Security Operations

• Hackers are getting hacked via trojanized hacking tools

• Is It Time to Reform the Federal Vacancies Reform Act?

• 5 Myths About DDoS in 2020

• Phishing techniques: Clone phishing

• How should Large organisations achieve and maintain PCI compliance?

• Resilient in Times of Disruption

• RSA 2020 Conference Recap: 7 Conference Observations from the Floor

• Over 80% of Medical Imaging Devices Run on Outdated Operating Systems

• Deals: Save Up to 40% on Anker’s Best Portable Chargers and Cables in Today’s Amazon Gold Box

• Domain vs Workgroup accounts in Windows 10

• 4 Steps to Reduce IoT Risk in Your Enterprise

• In Saudi Arabia, the Virus Crisis Meets Inept Leadership

• What’s the biggest cybersecurity threat in 2020? Experts weigh in

• Cyber Work: How to become an APT hunter with Carbon Black

• Firefox 74 arrives with stricter add-on rules, TLS 1.0 and TLS 1.1 disabled

• Apple Patents Tech That Could Solve The Biggest Issue With Current Foldable Devices

• Durham City, County Recovering After Ransomware Attack

• Fake Coronavirus Emails Impersonate The WHO

• AMD Downplays CPU Threat Opening Chips To Data Leak Attacks

• Spying Concerns Raised Over Iran’s Official COVID-19 App

• Deals: Woot Discounts Refurbished Apple Watch Series 1 Models to $110, Series 2 Starting at $145

• Microsoft Exchange Server Flaw Exploited In APT Attacks

• 5 Steps for European Orgs to Adopt a Zero Trust Security Framework

• 5 Tips to Defend Against Mobile Adware | Avast

• Variant of Paradise Ransomware Targets Office IQY Files

• Twitter’s Dorsey Survives Shareholder Revolt, Reconsiders Africa Move

• How to Increase Incident Response Efficiency With Security Intelligence

• Watch out for Office 365 and G Suite scams, FBI warns businesses

• Malware Unfazed by Google Chrome’s New Password, Cookie Encryption

• Google data puts innocent man at the scene of a crime

• Ex-Inspector General indicted for stealing data on 250k govt colleagues

• 7 Cybersecurity Trends to Look Out for in 2020

• Apple Employee Tests Positive for Coronavirus in Ireland

• FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

• AT&T, Palo Alto Networks and Broadcom Develop Firewall Framework

• Despite Coronavirus, Washington Isn’t Worried About Its Primary

• Multiple Nation-state Groups Are Hacking Microsoft Exchange Servers – Awareness Expert Reaction

• Mobile Operators Agree Shared Rural Network Deal

• Twitter Cracks Down On Fake News

• Google Play Protect IDs Just a Third of Malicious Apps

• Keys to Hiring Cybersecurity Pros When Certification Can’t Help

• How poor IoT security is allowing this 12-year-old malware to make a comeback

• Phone carriers may soon be forced to adopt anti-robocall tech

• Chatbot Used by Phishing Scammers to Help Victims Provide Their Data

• CIA Dirty Laundry Aired

• Congressional Homeland Security Committees Seek Ways to Support State, Federal Responses to the Coronavirus

• 3 Things to Do Today to Help Combat the Gender Gap in Cybersecurity

• Quick Hits

• FCW Insider: March 10

• Hackers are compromising vulnerable ManageEngine Desktop Central instances

• One Click Is All It Takes – Insights On Durham Cyber Attack From Hacking Expert

• RSS Reader NetNewsWire 5 Released for iPhone and iPad

• In 2020, IoT Security Must Be Part of Your Threat Management Strategy

• Is the EARN-IT Act a backdoor attempt to get encryption backdoors?

• Making the case for hardware 2FA in the enterprise

• Coronavirus fears lead to cyber events being cancelled

• New malware discovery suggests hackers being hacked

• Iran’s Coronavirus detection app sparks concern

• North Carolina governments hit by Ransomware

• Most Medical Imaging Devices Run Outdated Operating Systems

• Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

• Massive rise in ransomware attacks in healthcare

• RSA 2020: 7 trends and takeaways

• Human Error Linked to 60% of Security Breaches

• Ryuk Ransomware Takes Out Durham, North Carolina

• Cisco Vulnerable Again; May Lead To Arbitrary Code Execution!

• Spear-Phishing Attack Lures Victims With ‘HIV Results’

• Apple Shares ‘Hermitage’ Shot on iPhone Video, Previewing Over 5 Hours of Continuous Museum Footage Taken on a Single Battery Charge

• More good news: Medical equipment is still prone to hacker attacks

• Cruise Operator Carnival Corporation Disclosed Data Breach

• Post-Quantum Protection: From Algo Competitions to Quantum Key Distribution

• VB2019 paper: Kimsuky group: tracking the king of the spear-phishing

• 68 arrested for €10 million ‘fast and furious’ – style heists on moving lorries

• Durham City, North Carolina Hit by Ransomware Attack

• The United States accused the manager of Group-IB of cybercrime

• You’d Better Not Count on Google Play Protect to Block Android Malware

• Twitter debuts ‘manipulated media’ tag on Joe Biden video clip that was retweeted by Trump

• ASD teamed up with GCHQ for stolen credit card crackdown

• FBI arrests Russian behind Deer.io, a Shopify-like platform for cybercrime

• Why Sign in with Apple Is a Good Thing

• Why a risk-based approach to application security can bolster your defenses

• California Proposal for Mandatory Cyber Insurance

• What is open threat intelligence and what is driving it?

• Russian hackers launch RYUK Ransomware attack on Durham North Carolina

• Acquisition to boost Accenture Security

• PPP Daemon flaw opens Linux distros, networking devices to takeover attacks

• Years-long campaign targets hackers through trojanized hacking tools

• Multiple APT Actors Exploiting Microsoft Exchange Email Servers Vulnerability to Take Over the Server

• Researchers develop data exchange approach with blockchain-based security features

• Google Allows Enrolling Security Keys on More Devices

• eBook: Automating Incident Response

• (Dis) Advantages of having your domain, email and website on separate providers

• ISC Stormcast For Tuesday, March 10th 2020 https://isc.sans.edu/podcastdetail.html?id=6902, (Tue, Mar 10th)

• Zimperium’s new solution helps orgs protect their mobile apps throughout their entire life cycle

• Telia Carrier’s new global service expands its SD-WAN solution portfolio

• Santa Clara County Bans All Gatherings of 1000+ People After Coronavirus Death

• Contrast Labs: Jenkins Maven HPI Plugin Exposes Developer Laptops

• Apple Testing New iMessage Features Such as Mentions and Retracting Messages, Could Extend to Mac App

• iOS 14 Features New OCR Capabilities That Will Convert Handwritten Text From Apple Pencil Into Typed Text

• Apple Developing Fitness App for iOS 14 That Lets You Download Guided Workout Videos

• Four Important Steps to Secure the United States 2020 Election

• Apple’s Rumored Tile Competitor ‘AirTag’ May Have Removable Coin-Shaped Battery Like the Tile Pro

• Apple Exploring Ways to Let Developers Provide Custom Voice Synthesizers on iOS

• Curricula Celebrates 5 Year Anniversary

• DOD stresses telework, social distancing in COVID-19 guidance

• Secure O365 and Secure G Suite for Your Enterprise

• Echoworx enhances its OneWorld cloud-based security platform with user-centric 2FA

• Trustwave Fusion platform now available to enterprises in Germany

• Global Cloud Xchange and Sparkle add new spectrum capacity over the FA-1 transatlantic system

• Avast’s AntiTrack promised to protect your privacy. Instead, it opened you to miscreant-in-the-middle snooping

• AMD, boffins clash over chip data-leak claims: New side-channel holes in decade of cores, CPU maker disagrees

• Sensor Tower Secretly Collecting Data From VPN and Ad-Blocking Apps on iOS and Android

Generated on 2020-03-11 23:55:09.131452