IT Security News Daily Summary 2020-12-04

• Body as biosensor: Faster COVID detection boosts military readiness

• DOD eyes blockchain for medical use cases

• Making Sense of the Security Sensor Landscape

• A slice of SecOps software options to counter threats

• Kmart Hit by Egregor Ransomware

• Threat Roundup for November 27 to December 4

• Ransomware attack discrupts Metro Vancouver’s payment systems

• Congress axes CMO office in 2021 defense bill

• Unemployment payments weeks late in nearly every state

• Johnson & Johnson CISO: Healthcare orgs are seeing nation-state attacks every single minute of every single day

• High-Severity Chrome Bugs Allow Browser Hacks

• Security operations center use cases, strategies vary

• BECs and EACs: What’s the Difference?

• Recently disclosed CVE-2020-4006 VMware zero-day was reported by NSA

• The 2020 Workshop on Economics and Information Security (WEIS)

• Dutch Antitrust Probe Targets Contactless Payments Like Apple Pay

• How Do You Solve a Problem Like John Durham?

• Cyber czar, CISA subpoenas included in must-pass defense bill

• Gender pay gap persists in the federal workforce

• Novel Online Shopping Malware Hides in Social-Media Buttons

• AI Collaborative Research Institute Launched

• MacRumors Giveaway: Win a Pad X3 Wireless Charger from WhyWood

• Egregor Really Wants You to See Its Ransom Demands

• Online Education Company K12 Affected by Ransomware

• Trickbot Added New Feature to Infect UEFI/BIOS and Survive OS Reinstall

• Verifying Linux Server Security: What Every Admin Needs to Know>

• New law enshrines modernization Centers of Excellence effort

• Most used passwords for 2020: The internet’s favorite curse word, name, food, and team

• VMware Patches Workspace ONE Access Vulnerability Reported by NSA

• As Hospitals Cope With a COVID-19 Surge, Cyber Threats Loom

• Italian Police Arrest Criminals Accused of Robbing ATMs with Purpose-Built Black Boxes

• Intel Doubles Down on Emerging Technologies for Sharing and Using Data Securely

• Apache Releases Security Advisory for Apache Tomcat

• Celebrating 20 Years of Cybersecurity Excellence

• DEF CON 28 Safe Mode Aerospace Village – Opening Remarks

• Presidential Middle Names

• Brazil Govt’s Huge Leak: Health Data of 243M

• Apple Confirms Family Sharing for In-App Purchases and Subscriptions is Now Available

• Apple Picks Up World Surf League Docuseries for Apple TV+

• Most Reliable Hosting Company Sites in November 2020

• Hack-for-Hire Group ‘DeathStalker’ Uses New Backdoor in Recent Attacks

• New IBM encryption tools head off quantum computing threats

• Tech CEO Pleads Guilty to Investment Fraud

• Smart Sex Toy Sales Surge Poses Security Risk

• Why Workers Aren’t Confident in their Companies’ Security (and What to Do About it)

• Apple Researching a Matte Black Finish for MacBooks

• Gift Guide for Apple Fans (2020)

• Fostering research on new web security threats

• Entisys360 Receives NetApp Americas HCI Innovation Award 2020

• Protecting the healthcare industry from cyber threats

• COVID-19 supply chain hit by Cyber Attack

• NSA warns of Russian state-sponsored hackers exploiting VMWare vulnerability

• Protect your business from DDoS attacks: Join this webinar to find out more

• Report: Despite Being Shut Down, Fraudulent Ad System Continues Scamming Facebook Users

• Secure Network Analytics (Stealthwatch) Then, Now and Beyond – Part 2: Behavioral Analytics Has its Day

• Satechi Debuts Magnetic Wireless Charger for iPhone 12 Models

• Taiwan, “Strategic Clarity” and the War Powers: A U.S. Commitment to Taiwan Requires Congressional Buy-In

• Furlough a testing time for UK employees – lack of support leads to less loyalty as many begin returning to work

• Phishing hosted on high Alexa domains: another dangerous trick in Web

• File-sharing and cloud storage sites: How safe are they?

• Stop Streaming In Ultra HD On Phones To Save Planet, Scientists Warn

• Policy Management Updates | Avast

• VMware Rolls a Fix for Formerly Critical Zero-Day Bug

• Iranian Hackers Access Unprotected ICS at Israeli Water Facility

• IRS to Make ID Protection PIN Open to All

• Google Releases Security Updates for Chrome

• My top 5 videos of the year

• Islamic imprisoned hacker Ardit Ferizi ordered to be deported

• Enigma Machine Recovered from the Baltic Sea

• Deals: Shop Discounts on Sonos, PhoneSoap Sanitizers, and Magic Keyboard for 12.9-Inch iPad Pro ($50 Off, New Low Price)

• Brazilian Aerospace And Defence Group Embraer’s Systems Affected By Cyberattack

• Royal Dutch Cycling Union Disclosed Ransomware Attack

• Vancouver Metro Disrupted by Egregor Ransomware

• Many Android Apps Expose Users to Attacks Due to Failure to Patch Google Library

• Man Pleads Guilty to Role in Malware Protection Scam

• Ransomware Set for Evolution in Attack Capabilities in 2021

• Europol predictions correct for fake COVID-19 vaccines

• Hacker Who Stole Information From Nintendo Now Sentenced

• Flash Dies but Warning Signs Persist: A Eulogy for Tech’s Terrible Security Precedent

• The Targeting of the COVID-19 Vaccine Supply Chain

• Tibet and Taiwan Targeted in Spearphishing Campaigns Using MESSAGEMANIFOLD Malware

• Google Illegally Spied On And Retaliated Against Workers, Feds Say

• Kmart, Latest Victim Of Egregor Ransomware

• UK Cyber-Warning For Festive Shoppers

• CBP’s Warrantless Use Of Cell Location Data Is Under Investigation

• ‘A Charlie Brown Christmas’ and ‘Mariah Carey’s Magical Christmas Special’ Now Streaming on Apple TV+

• Experts On Xerox DocuShare Bugs Allow Data Leaks

• The M140i project post – Part 12

• VMware Carbon Black Recognized as “Tech Exit of the Year” at New England Venture Capital Association’s 2020 NEVY Awards

• The best gifts for hackers

• Metro Vancouver Transportation Agency TransLink Hit by Ransomware

• Imprisoned Hacker Ordered to Be Released, Promptly Deported

• Experts On Clop Ransomware Attacking Retail Giant E-Land

• Hackers hiding skimming malware behind social media sharing icons

• Top 4 Best and Safest Types of Biometrics

• Egregor Ransomware Strikes Metro Vancouver’s TransLink

• US Intelligence Director Says China is Top Threat to America

• #WebSummit: Nick Clegg Claims Internet Needs Accountability, Not Rules

• Verizon Leaks Customer Conversations, Personal Data Through Flawed Chat Window on Its Website

• Nintendo Hacker Sentenced to Three Years in Prison

• Hundreds of millions of Android users exposed to hack due to CVE-2020-8913

• Payment Skimmer Hides In Social Media Buttons

• Data Protection Is Integral In Wake Of COVID-19 Vaccine ‘Cold Supply’ Chain Network Hack

• Security Expert Re: Absa Financial Services Employee Sells Customer Data To Third Parties

• Heimdal Security Announces Opening of Its Second Office in the UK

• Google Hacker Found a Way to Hack iPhones Remotely Through WiFi

• The biggest data breach fines, penalties and settlements so far

• Google Fires AI Researcher Timnit Gebru – Report

• DoJ Sues Facebook Over Immigrant Hiring

• ARSAT Migrates to Check Point Software in Record Time

• 40% of the World’s Mobile Devices are Inherently Vulnerable. Is your Corporate Data at Risk?

• Scammers stole millions last Christmas. These six tips could keep you safe online this time around

• ACLU Sues Government Over Secret Purchasing of GPS Data

• NCSC Warns of Multimillion Pound Christmas Fraud Bonanza

• Ransomware Operators Phone Victims to Announce They’ve Been Hacked

• Metro Vancouver TransLink hit by Egregor ransomware attack, travellers disrupted

• Weekly Update 220

• Clearswift Secure Email and ICAP Gateway now Available on AWS Marketplace

• Cyberattack That Shut Down London’s Hackney Council for Weeks Should Have Other Local Authorities, NHS Providers, and Government…

• Warner Bros 2021 Movies to Debut in Theater and on HBO Max at Same Time

• FTC Warns of Recent Surge in Robocall Scammers Pretending to Be Apple

• Vancouver public transport agency hit by ransomware attack

• Kmart suffers ransomware attack

• Israeli insurance company extorted by BlackShadow hackers

• TrickBot has returned with a TrickBoot

• Supreme Court Reviews CFAA | Avast

• Celebrating Holidays With Older Family Members | Avast

• Aerospace Giant Embraer Downed by Suspected Ransomware

• Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution

• The chronicles of Emotet

• Twitter Ends Threaded Conversations Tests After Negative User Feedback

• Ransomware attack cripples Vancouver public transportation agency

• Hackers-For-Hire Group Develops New ‘PowerPepper’ In-Memory Malware

• How Organizations Can Prevent Users from Using Breached Passwords

• Why Hackers Love the Pandemic

• Egregor ransomware attack paralyzed for 3 days payment systems at Metro Vancouver’s transportation agency TransLink

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• The Evolution and Development of Hacking

• It’s dark out there, and if you want to keep the lights on, you need to update your cyber-security skills with SANS

• Intelligence review recommends new electronic surveillance Act for Australia

• How to take SASE from a buzzword to a plan

• ControlFlag: Machine programming research tool detects bugs in code

• December 2020 Patch Tuesday forecast: Always consider the risk

• Google acquires Actifio for Cloud Security

• US dispatches Cyber Attack Thwarting Warriors to Estonia

• Google Discloses a zero-click Wi-Fi Exploit to Hack iPhone Devices

• A Holistic Approach to Kubernetes Security and Compliance

• Holiday shopping season fraud stats revealed

• Who are the worst password offenders of 2020?

• TikTok saga will ultimately reach a ‘peaceful resolution’: Jefferies analyst

• How to enhance onboarding for digital banking services using risk management

• Fashion Forward: how technology is reshaping the fashion industry

• Stories from the SOC – Multi-layered defense detects Windows Trojan

• Detecting Actors Activity with Threat Intel, (Fri, Dec 4th)

• Consumers would like to view internet connectivity as a trusted utility

• Growth of cloud-native apps and containerization to define 2021

• 2020-12-03 – TA551 (Shathak) Word docs with Italian template send Ursnif (Gozi/ISFB) with Pushdo

• Cybersecurity Trends 2021: Staying secure in uncertain times

• iPhone hack allowed device takeover via Wi‑Fi

• Updated Malware: Vietnamese Hacking Group Targeting MacOS Users

• ISC Stormcast For Friday, December 4th 2020 https://isc.sans.edu/podcastdetail.html?id=7278, (Fri, Dec 4th)

• StoneOS 5.5R8: Helping enterprises defend all their network entry points

• Covid-related phishing is a ‘very serious attack on humanity’: Barracuda Networks

• Solving the Recurring Collection and Time Tradecraft Issues in Online Investigations

• Why is Compliance a Continual Challenge for Organizations?

• Operationalize the NIST Cybersecurity Framework Without Pulling All Your Hair Out (Part 2 of 3)

• (ISC)² adds new cybersecurity courses to its Professional Development Institute portfolio

• Veeam Backup for Microsoft Office 365: Purpose-built backup and recovery for Teams

• Two cybersecurity hygiene actions to improve your digital life in 2021

• What is Third-Party Risk Management?

• Authentic8 expands availability of Silo across Google Cloud’s infrastructure

• Thales launches double-sided ID card reader to simplify the ID verification process

• Exoprise CloudReady now available in the Microsoft Azure Marketplace

• Alkira extends cloud connectivity to any network

• Governor Cuomo: Keep Police and ICE Away from Our Contact Tracing Data

• FCW Insider: Dec. 4

• Edward Snowden asks Trump to pardon Wikileaks founder Julian Assange

• Hackers hide software skimmer in social media sharing icons

• Okta expands deployments for Canadian Western Bank, First National of Nebraska, and Nota

• DXC Technology and Microsoft help companies address rapidly evolving business challenges

• IRONSCALES unveils Teams and Slack alert integrations

• Deloitte and AWS Professional Services drive customer cloud migration and app modernization

• Hackers are launching cyberattacks targeting Covid vaccine supply chain

• Zoom CEO Eric Yuan on the challenges of adapting an enterprise product for consumers

• Potential Nation-State Actor Targets COVID-19 Vaccine Supply Chain

• Mimecast appoints Shahriar Rafimayeri as CIO

• Reed Taussig joins RSA as CEO of the Anti-Fraud Business Unit

• (ISC)² reaches 20,000 certified members and associates in Asia-Pacific

• Section 230 is Good, Actually

• Cybersecurity Considerations in the Work-From-Home Era

• Kmart, Latest Victim of Egregor Ransomware – Report

• 8 challenges every security operations center faces

• TrickBot’s New Tactic Threatens Firmware

• A ‘Magical Bug’ Exposed Any iPhone in a Hacker’s Wi-Fi Range

• VMware Releases Security Updates to Address CVE-2020-4006

• Hackers are targeting COVID-19 vaccine cold chain

• Family Sharing for App Store Subscriptions Now Available

• Hands-On With Apple’s New MagSafe Duo Charger for iPhone 12 and Apple Watch

• IT Security News Daily Summary 2020-12-03

• BrandPost: Cybersecurity Best Practices for Protecting Brand Trust

• CISA doesn’t plan to tackle COVID vaccine disinformation

• How infrastructure as code can help deliver next-level digital transformation

• Traffic estimation tool makes predictions from sparse public data

• Phishing campaign threatens coronavirus vaccine supply chain

• The challenge of addressing the IT and security skills gap

• Common Container Manager Is Vulnerable to Dangerous Exploit

• Introducing the New “Cisco Security Outcomes Study”

• Xanthe – Docker aware miner

• Amazon iOS Users Can Now Text Alexa Questions and Requests

• Family Sharing for Subscriptions Now Available

• Who Will Decide Whether to Investigate Trump?

• Not Another Linux Security Blog

• How dozens of Trump’s political appointees will stay in government after Biden takes over

• 6 security predictions that will impact healthcare in 2021

• SASE model drives improved cloud and work-from-home security

• Universities Attacked by Phishing Campaign

• Heightened Awareness for Iranian Cyber Activity

• DEF CON 28 Safe Mode Aerospace Village – Matt Murray’s ‘Satellite Orbits 101’

• 2021 Global Tech Outlook, A Red Hat Report: Digital transformation, security and hybrid cloud use stand out

• Some Android Apps Still Vulnerable After Patch Released

• Phishing Campaigns Target Multiple Organizations in COVID-19 Cold Chain

• Security Failure Exposes Health Records and Lab Results

• OGusers Hacked For a Third Time

• Security of Millions At Risk Due to Unpatched Android Apps

• Some Justice for Phone Scammers

• Intel’s ControlFlag taps AI to automatically detect errors in code

• How COVID-19 accelerated IT modernization

• COVID prompts USCIS’ pivot to video

• Lawmakers push to preserve pandemic voting access

• Dell announces new protections for its PC and server supply chain

• TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

• TrickBot Malware Can Scan Systems for Firmware Vulnerabilities

• Dell Announces New Supply Chain Security Offerings

• GitHub Says Vulnerabilities in Some Ecosystems Take Years to Fix

• Bank Employee Sells Personal Data of 200k Clients

• Cloud Security Threats for 2021

• NCSC Releases 2020 Annual Review

• APWG Q3 Report: Four Out of Five Criminals Prefer HTTPS

• Have You Discovered Yet the 414s?

• The Joy of Tech® ‘Conversational Safety!’

• Kubernetes Security Best Practices

• Apple Seeds Second Beta of Upcoming macOS Big Sur 11.1 Update to Developers

• Apple Now Letting Developers Enroll for Reduced 15% App Store Fees

• Hillary and Chelsea Clinton to Host Apple TV+ Docuseries ‘Gutsy Women’

• Law Enforcement Purchasing Commercially-Available Geolocation Data is Unconstitutional

• Zscaler soars and Splunk tanks: A tale of two Covid stocks

• Crooks posing as COVID-19 ‘cold chain’ company phished EU for vaccine intel, says IBM

• Free CSPM Solution from CloudPassage

• We live and breathe storage on-premises… and in the cloud.

• VirusTotal += BitDefender Falx

• OGUsers Hacking Group | Avast

• Reaching Strategic Outcomes With An MDR Provider: Part 3

• DeathStalker APT Spices Things Up with PowerPepper Malware

• Cyber-Criminals Target #COVID19 Vaccine

• Cyber Criminals Tried to Gain Access to COVID-19 Vaccine ‘Cold Chain’

• Researchers Bypass Next-Generation Endpoint Protection

• US Officials Take Action Against 2,300 Money Mules

• Open Source Does Not Equal Secure

• AppleCare Memo Hints at Potential Hardware Announcement Next Tuesday

• $299 ‘Wristcam’ Adds a Pair of Cameras to Your Apple Watch

• Prevent a Pfizer-like PII Data Breach in Google Cloud

• Facebook Bans Fake Covid-19 Vaccine Claims

• Zero-Click exploit allowed attackers to hack any targeted iPhone

• API Security Weekly: Issue #112

• Reverse Engineering Tools: Evaluating the True Cost

• #WebSummit: Companies of the Future Should Focus on Data Privacy Rather than Data Collection

• Apple Releases Security Updates for iCloud for Windows

• Christmas Shopping: What Do You Look For?

• Using Akamai EdgeDNS with PCI DSS Environments

• IceRat evades antivirus by running PHP on Java VM

• Data Of 243 Million Brazilians Exposed Online

• Google Play Apps Remain Vulnerable To High-Severity Flaw

• Hackers Are Targeting The COVID Vaccine Cold Chain Supply Process

• Backdoor And Document Stealer Tied To Russia’s Turla Group

• Apple Patent Filing Reveals Dual Monitor Stand for Pro Display XDR

• Deals: StackSocial’s Cyber Monday Mac Bundle Sale Continues With 12 Apps Priced at $42

• Expert On Open Source Software Security Vulnerabilities Exist For Over Four Years Before Detection

• Industry Leader Reacted On North Korean Hackers Target Six Pharmaceutical Companies Making COVID-19 Vaccines

• Understanding influences shaping the cybersecurity landscape, enabling digital transformation, and helping to protect our planet

• VideoBytes: Is it goodbye forever to Maze ransomware?

• A Week with the New MacBook Air – Intego Mac Podcast Episode 164

• Darktrace’s Cyber Intelligence Director Justin Fier on Defending the Healthcare Sector from Rampant Ransomware

• What is Typosquatting (and how to prevent it)

• K12 online school pays ransom for ransomware attack

• Hackers Target Covid-19 Cold Chain, Warns IBM

• Open-source: Almost one in five bugs are planted for malicious purposes

• Data of 243 million Brazilians exposed online via website source code

• Build your own advanced USB condom

• Lessons From Teaching Cybersecurity: Week 9

• Clop Gang Makes Off with 2M Credit Cards from E-Land

• As Modern Mobile Enables Remote Work, It Also Demands Security

• Cyberattacks Target COVID-19 Vaccine ‘Cold-Chain’ Orgs

• Popular Android apps still vulnerable to patched security flaw

• State-Sponsored Hackers Likely Behind Attacks on COVID-19 Vaccine Cold Chain

• US, Estonia Partnered to Search Out Cyber Threat From Russia

• TrickBot Malware Scans Systems for UEFI/BIOS Vulnerabilities

• S3 Ep9: Gift card hacks, dubious doorbells and Wi-Fi tips [Podcast]

• UK Orgs Told to Prepare for New Wave of Brexit-Related Scams

• From FUD to Fix: Why the CISO-Vendor Partnership Needs to Change Now

• Prevent Catastrophic Data Loss in the Cloud

• Ensure Your Friends and Family Are Scam Savvy this Holiday Season

• Aircraft maker Embraer admits hackers breached its systems and stole data

• TrickBoot feature allows TrickBot bot to run UEFI attacks

• Egregor Ransomware, Used in a String of High-Profile Attacks, Shows Connections to QakBot

• Deals: Amazon Discounting 256GB M1 MacBook Pro to $1,199.99 ($100 Off)

• Christmas Shopping’ Sites Flooded With Millions Of Bad Bots

• Security Expert Re: Non-Profit Philadelphia Food Bank Loses Nearly A Million Dollars To BEC Scam

• Philly Food Bank Hit With $1m Cyber Attack

• Hackers are targeting the COVID-19 vaccine supply chain

• Op-ed: Why President-elect Biden needs to appoint a cybersecurity czar

• IBM uncovers global email attack on Covid vaccine supply chain

• Why the Prime Cyber Security ETF rose 20% in 2020

• Manage, govern, and get more value out of your data with Azure Purview

• Android devs: If you’re using the Google Play Core Library, update it against this remote file inclusion CVE. Pronto

• Acronis Cyberthreats Report predicts 2021 will be the “year of extortion”

• Omaha: The little-known Google technology behind automatic updates in Edge

• Code42 Incydr Series: Honing in on High-Risk Users with Code42 Incydr

• FINRA Warns Brokerage Firms of Phishing Campaign

• Bridging the Cybersecurity Skills Gap as Cyber Risk Increases

• Hacker Who Stole Information From Nintendo Sentenced

• Quarter of Firms Suffered 7+ Serious Cyber-Attacks in 2020

• Drugs in Europe: enhancing law enforcement responses to high-risk organised crime

• Google Security Researcher Develops ‘Zero-Click’ Exploit for iOS Flaw

• Recommended Controls for Maintaining HIPAA Security Compliance

• Netenrich Intelligent SOC-as-a-Service Right-Sizes Cybersecurity for Mid-Market Enterprises

• Aerospace firm hit by cyber attack

• Ransomware gang steals 2 million credit cards from E-Land

• Xerox DocuShare Bugs could result in major data leaks

• Duo Trust Monitor Is Here to Make Risk Detection Easy

• ACLU sues US govt, demands to know if agents are buying their way around warrants to track suspects’ smartphones

• CISSPs from Around the Globe: An Interview with Jerome Leach

• A Week with the New Apple M1 MacBook Air

• How attackers exploit Window Active Directory and Group Policy

• TrickBot gets new UEFI attack capability that makes recovery incredibly hard

• Google Violated Law By Spying On Staff, Complaint Alleges

• Critical Oracle WebLogic Vulnerability Flaw Actively Exploited by DarkIRC Malware

• 5 Ways to Accelerate Security Confidence for AWS Cloud

• New TrickBot version can tamper with UEFI/BIOS firmware

• 8% of all Google Play apps vulnerable to old security bug

• Mysterious phishing campaign targets organizations in COVID-19 vaccine cold chain

• Google Authenticator for iOS gets a much-needed feature

• Google researcher: I made this ‘magic’ iPhone Wi-Fi hack in my bedroom, imagine what others could do

• Global Phishing Campaign Sets Sights on COVID-19 Cold Chain

• Open Source Tool Helps Secure Siemens PCS 7 Control Systems

• FBI Warns of Auto-Forwarding Email Rules Abused for BEC Scams

• New Law to Crack Down on Fraudulent Foreign Firms Listed in US

• #WebSummit: Balancing Security, Privacy and Free Speech in the Digital Age

• This Notorious Botnet Has an Alarming New Trick

• Hackers Are Targeting the Covid-19 Vaccine ‘Cold Chain’

• IBM Releases Report on Cyber Actors Targeting the COVID-19 Vaccine Supply Chain

• CVE-2020-13769: SQL Injection in Ivanti Endpoint Manager

• NIST Cybersecurity Recover Function for K-12

• What Does a Unified Security Strategy in the Public Cloud Look Like?

• Adopting a BYOD policy amid the COVID-19 era

• Apple Launches Redesigned Accessibility Site and New Support Videos

• Ecobee SmartCamera Firmware Update Adds HomeKit Secure Video Support

• Apple Could Be Forced to Include a Charger with Every iPhone Sold in Brazil

• iPhone Zero-click Wi-Fi Exploit Is One Of The Most Breathtaking Hacks Ever

• Experts Reaction On Dua Lipa And Other Spotify Artists’ Pages Hacked By Taylor Swift ‘Fan’

• Expert Commentary: Thousands Of U.S. Lab Results And Medical Records Spilled Online After A Security Lapse

• Black Friday 2020 Saw Retailers Capitalising On Publicly Available Data More Than Ever Before, Finds New Research

• Open source vulnerabilities go undetected for over four years

• October 2020 Cyber Attacks Statistics

• Apple Faces European Lawsuit Over Battery Slowdown

• IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain

• Widespread android applications still exposed to vulnerability on google play core library

• Check Point IoT Protect Firmware

• FCW Insider: Dec. 3

• Quick Hits

• Google Play Apps Remain Vulnerable to High-Severity Flaw

• Philly Food Bank Loses $1m in BEC Scam

• Lithuania to allot seven million euros to combat hackers

• Several Unpatched Popular Android Apps Put Millions of Users at Risk of Hacking

• TrickBot Malware Gets UEFI/BIOS Bootkit Feature to Remain Undetected

• Clop Ransomware gang claims to have stolen 2 million credit cards from E-Land

• APT annual review: What the world’s threat actors got up to in 2020

• Google Authenticator iOS App Gains New Export Accounts Option

• Neo Factory: The State of Industry 4.0

• New malicious NPM packages Used by Attackers Install njRAT Remote Access Trojan

• Sectigo Acquires SSL247 and Xolphin

• #WebSummit: Growing Acceptance of Ethical Hacking

• 5 Reasons Not to Rely on Bounty Programs

• What did DeathStalker hide between two ferns?

• Multiple iPhone 12 Users Report Sudden Drops in 5G and LTE Cellular Coverage

• Trump Threatens To Veto US Defence Bill Over Section 230 Protection

• Security and COVID-19: Securing the New Normal

• A scan of 4 Million Docker images reveals 51% have critical flaws

• How a nightmare wormable, wireless, automatic hijack-a-nearby-iPhone security flaw was found and fixed

• Want to add antivirus to your existing portfolio?

• U.S. Election Security (and Insecurities)

• Understanding the 2019 Capital One Attack

• Featured Use Case: Why a Large US Utility Company Turned to MixMode to Address Utility Grid Vulnerabilities

• How to reduce the risk of third-party SaaS apps

• Raising defenses against ransomware in healthcare

• AI can guess 100 billion Cyber Attacks before they take place

• Bioterrorists to trick COVID-19 Vaccine Developers with Malware

• USAF primed to launch new phase of data strategy

• Apple Shares 2020 Apple Music Highlights and Top Charts

• Face recognition software making progress at recognizing masked faces

• The challenges of keeping a strong cloud security posture

• Notable Enhancements to the New Version of NIST SP 800-53

• How to Protect Your Business From Multi-Platform Malware Systems

• Network slicing market to reach $1,284 million by 2025

• Cloud-native benefits stifled by critical security and networking issues

• Turla Crutch: Keeping the “back door” open

• Spamhaus Intelligence API: Free threat intelligence data for security developers

• Bitdefender launches cloud-based EDR solution for enterprises and MSPs

• 2020-12-03 – Pcap and malware for an ISC diary (traffic analysis quiz)

• Surveillance Bill to hand AFP and ACIC a trio of new computer warrants

• 3 Ways to Streamline Network Security Automation That Will Transform Your Organization

• ISC Stormcast For Thursday, December 3rd 2020 https://isc.sans.edu/podcastdetail.html?id=7276, (Thu, Dec 3rd)

• Traffic Analysis Quiz: Mr Natural, (Thu, Dec 3rd)

• AWS unveils three analytics capabilities to improve Amazon Redshift performance

• AWS releases four storage innovations to add storage performance, resiliency, and value to customers

• CloudBees releases first two modules of its Software Delivery Management solution

• The Statutory Authority for Barr’s Appointment of Durham as Special Counsel

• DFLabs IncMan SOAR to be available both on-premise and as a cloud package

• PagerDuty to action real-time critical observability data on AWS

• AWS offers new portfolio of compute offerings in the cloud

• Salesforce Hyperforce: Connecting customer data across systems, apps and devices

• DOJ’s China hack indictments offer businesses key threat intel, officials say

• Ivanti acquires MobileIron and Pulse Secure to deliver secure experiences across remote infrastructure

• FireMon integrates with Zscaler Internet Access to simplify enterprise adoption of SASE architectures

• Congressional leaders push back on NDAA veto threats

• Cybersecurity in the Biden Administration: Experts Weigh In

• Open Source Flaws Take Years to Find But Just a Month to Fix

• Looking forward to the 2021 cybersecurity landscape

• K12 education giant paid the ransom to the Ryuk gang

• $99 Speaker Showdown: HomePod Mini vs. Amazon Echo and Google Nest Audio

• Mastercard appoints Richard Verma as Executive VP of Global Public Policy and Regulatory Affairs

• Sherry Lowe joins Exabeam as chief marketing officer

Generated on 2020-12-04 23:55:13.082311

Liked it? Take a second to support IT Security News on Patreon!