IT Security News Weekly Summary – Week 01

• IT Security News Daily Summary 2021-01-10

• It is time to re-evaluate Cyber-defence solutions

• DEF CON 28 Safe Mode Lock Picking Village – Jared Dygart’s ‘Safecracking For Everyone’

• Apple and Hyundai to Sign Apple Car Deal by March With Production Beginning in 2024

• DEF CON 28 Safe Mode Lock Picking Village – N∅thing’s ‘ Intro To High Security Locks And Lockpicking’

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 141’ [From The Archive]

• Meet Oski Stealer: In-depth Analysis Of the Popular Credential Stealer

• CES 2021: Dell Introduces 40-Inch 5K2K Ultrawide Monitor With Thunderbolt 3 Connectivity for Macs

• Prospects for U.S.-Iran Relations at the Start of the Biden Administration

• TOP WEBINARS OF 2020

• SECURITY PREDICTIONS FOR 2021 FROM THE (ISC)² COMMUNITY OF SECURITY PROFESSIONALS (PART 1)

• NEW YEAR’S RESOLUTION: WRITE FOR THE (ISC)² BLOG

• OAuth 2: Pattern to Keep access_tokens Inside a Secured Zone at All Times

• Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets

• Apple Removes Parler From App Store Due to ‘Inadequate’ Measures to Address Dangerous Content

• New Zealand Central Bank Hit by Cyber Attack

• New Zealand central bank hit by a cyber attack

• Experts Weigh In on Cybersecurity Risks of Capitol-Like Attacks

• Security Affairs newsletter Round 296

• TeamTNT botnet now steals Docker API and AWS credentials

• Maldoc Analysis With CyberChef, (Sun, Jan 10th)

• Week in review: Fileless malware, key risk areas in 2021, Patch Tuesday forecast

• The RBI Warns Patrons of Unauthorized Money Lending Apps

• Critical Bugs in Firefox and Chrome Allow Exploitation

• Penetration testing

• Multilingual Cybersecurity Awareness Training adapted for your needs

• 2021 Cybersecurity in healthcare

• Catch the Unknown Cyber-Attacks with Threat Hunting

• How to Check Code Signing Installation: A Quick Guide

• Apple Removes Parler From App Store After Failing to Take ‘Adequate Measures’ to Address Dangerous Content

• Glofox – 2,330,735 breached accounts

• Apple Suspends Parler From App Store After Failing to Take ‘Adequate Measures’ to Address Dangerous Content

• Executive Branch Legal Process and the Self-Pardon

• YouTube and TikTok Put Human Rights In Jeopardy in Turkey

• IT Security News Daily Summary 2021-01-09

• New AirPods Pro and iPhone SE Rumored to Launch in April 2021

• Cloning Google’s Titan Key to bypass 2FA – Research

• DEF CON 28 Safe Mode Lock Picking Village – Preston Thomas’ ‘Law School For Lockpickers’

• The Joy of Tech® ‘Ready For Another Go-Round?’

• DEF CON 28 Safe Mode Lock Picking Village – John the Greek’s ‘Bobby Pins, More Effective Than Lockpicks’

• Maldoc Strings Analysis, (Sat, Jan 9th)

• Dassault Falcon Jet hit by Ragnar Locker ransomware gang

• What is next gen antivirus? NGAV explained

• Court in the United States has sentenced Russian Andrey Tyurin to 12 years in prison for cybercrime

• Hacking Group Earth Wendigo Exploits Emails via Spear-phishing Attacks

• The SolarWinds Investigation Ramps Up

• Cyber Criminals Leak Hackney Council Files on the Darknet Website

• SolarWinds hackers also used common hacker techniques, CISA revealed

• Top Stories: AirTags and Apple Car Rumors, Belkin’s 3-in-1 MagSafe Charger, Mac App Store Turns 10

• U.S. Army Launches Hack the Army 3.0 Bug Bounty Program with HackerOne

• US FBI Warned Organisations of the Egregor Ransomware Attacks

• A Penetration Tester’s Journey to the Code Analysis Camp

• Palo Alto Networks Cortex XSOAR: Prioritizing and Accelerating Remediation of Systems

• Cinco patrones de comportamiento de usuarios en el trabajo descentralizado

• Twitter has permanently suspended the account of President Donald Trump

• Some ransomware gangs are going after top execs to pressure companies into paying

• Fleeceware Apps Prey on Android Users

• ‘Build’ or ‘Buy’ your own antivirus product

• North Korean APT37 Hackers Use VBA Self Decode Technique to Inject RokRat

• Chrome, Firefox updates fix severe security bugs

• Week in security with Tony Anscombe

• ‘Twas the night before InfoSec

• IoT Cybersecurity Act successfully signed into law

• Russian hackers selling program in darknet that bypasses spam protection

• Intellyx Predictions for 2021: Cyberwar, Crypto Crash, and COVID End

• iPhone 13 Rumored to Feature ‘Thinner’ Notch, Overall Design to Remain Unchanged

• How Machine Learning and Artificial Intelligence Improve Your Cyber Security

• John Garing, former Air Force and DISA exec, dies at 78

• Weekly Update 225

• The ransomware threat to the healthcare sector

• Apple Threatens to Ban Parler From App Store as Twitter Bans Donald Trump

• How to Resolve the U.S.-ICC Conflict

• The Urgency of a Second Trump Impeachment

• California City’s Effort to Punish Journalists For Publishing Documents Widely Available Online is Dangerous and Chilling, EFF Brief Argues

• DISA to take over defense cloud implementation

• Excelerating Analysis – Tips and Tricks to Analyze Data with Microsoft Excel

• Nvidia releases security updates for GPU display driver and vGPU flaws

• GeniusU – 1,301,460 breached accounts

• IT Security News Daily Summary 2021-01-08

• Equifax will pay $640 million for Kount’s AI-driven identity and fraud prevention tools

• Best security key in 2021

• CISA: SolarWinds hackers also used password guessing to breach targets

• Malicious Software Infrastructure Easier to Get and Deploy Than Ever

• Top 10 cybersecurity interview questions and answers

• 2021 IT priorities require security considerations

• Russian Hacker Sentenced to 12 Years for Role in Breaches of JP Morgan, Others

• 20 Useful Tips for New Apple Watch Owners

• Prepare for more sophisticated security threats in 2021

• CrowdStrike CEO says 2020 was the worst year on record for cyberattacks

• 30 AI and ML sessions on demand from NetApp INSIGHT 2020

• Russian hacker jailed in US over $19M fraud, 100M users’ data theft

• How to Use Quarkus and Java to Secure Kafka Streams

• Judiciary systems compromised in SolarWinds breach

• Pentagon releases counterdrone strategy

• Ryuk Rakes in $150M in Ransom Payments

• A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

• NVIDIA Ships Patches for High-Severity Security Flaws

• APT Horoscope

• Apple Shares Trailer for ‘Losing Alice,’ Coming to Apple TV+ January 22

• Cybersecurity Ethics: Establishing a Code for Your SOC

• State Department creates bureau to reduce ‘likelihood of cyber conflict’

• How to use Dropbox Vault to secure sensitive files

• Equifax Buys Fraud Prevention Firm Kount in $640 Million Deal

• JPMorgan Chase Hacker Gets 12 Years

• Facebook Says That It Has “No Choice” But To Go Along With Apple Privacy Changes

• Malware Developers Refresh Their Attack Tools

• DEF CON 28 Safe Mode Lock Picking Village – Dylan The Magician’s ‘Doors, Cameras And Mantraps, Oh My!

• The Capital

• DEF CON 28 Safe Mode Lock Picking Village – Zeefeene’s ‘High Security Wafer Locks – An Oxymoron?’

• MacRumors Giveaway: Win a Super Fast SOHO USB-C Dock From CalDigit

• ACLU, EFF, and Tarver Law Offices Urge Supreme Court to Protect Against Forced Disclosure of Phone Passwords to Law Enforcement

• US courts system fears SolarWinds snafu could have let state hackers poke about in sealed case documents

• NVIDIA Fixes High Severity Vulnerabilities

• FBI Alert Warns Private Organizations Of Egregor Ransomware Attacks

• Aurora Cannabis Files Being Sold by Attacker

• Singapore to introduce law governing police use of COVID-19 contact tracing data

• How to use Dropbox Passwords as your password manager

• SolarWinds Hires Chris Krebs and Alex Stamos for Breach Recovery

• Cartoon: Shakin’ It Up at the Office

• WhatsApp Has Shared Your Data With Facebook for Years

• Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

• CISA Releases New Alert on Post-Compromise Threat Activity in Microsoft Cloud Environments and Tools to Help Detect This Activity

• Welcome Bureau of Cyberspace Security and Emerging Technologies (CSET)

• Bitglass Security Spotlight: Popular Messaging App Exposes Users’ Private Data.

• Nissan source code leaked after it used “admin” as username, password

• White House task force says Russia likely to blame for SolarWinds hack

• SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack

• Red Hat to Acquire StackRox

• Ransomware Attack Costs Health Network $1.5m a Day

• Mozilla Firefox Disabling Backspace Key to Prevent Data Loss

• App Store Sales Saw Unprecedented Growth in 2020, Grossing Over $64 Billion

• Sixth-Generation iPad Mini to Feature 8.4-Inch Display With Slimmer Bezels, March Launch Expected

• Belkin’s 3-in-1 MagSafe Charger Now Available for Purchase

• Red Hat to acquire StackRox, enabling users to build, deploy and run apps across the hybrid cloud

• Open Policy Agent: Microservices Authorization Simplified

• The uncomfortable questions facing Capitol Police over the security breach by MAGA mob

• SolarWinds hires Chris Krebs and Alex Stamos as part of security review

• Should you worry about hackers cloning your 2FA hardware security keys?

• How to review App Privacy data on your iPhone, iPad, or Mac

• DoS Vulnerabilities Found in Rockwell’s FactoryTalk Linx and RSLinx Classic Products

• MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers

• New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

• Art Coviello to Join Identity Defined Security Alliance Webinar Series Hosted by Focal Point and SecZetta

• Unsecured Git server exposed Nissan North America

• Using the NIST Database and API to Keep Up with Vulnerabilities and Patches – Playing with Code (Part 2 of 3), (Fri, Jan 8th)

• Roku Acquires Rights to Quibi Content for Less Than $100 Million

• CES 2021: Sony Unveils New 4K and 8K LED TVs With HomeKit and AirPlay 2

• Red Hat snaps up Kubernetes security specialist StackRox

• Constella Intelligence Upgrades Hunter for Efficient, Targeted and Intuitive Investigations

• F5 to acquire Cloud based application security provider Volterra

• Google Faces UK Investigation Over Chrome Cookie Change

• How to Secure Your WordPress Site Against Brute Force Attacks

• SSL Offloading: A Solution For a Slow Website

• Cybersecurity: This ‘costly and destructive’ malware is the biggest threat to your network

• It’s time to put security and privacy front and center for virtual care

• A crypto-mining botnet is now stealing Docker and AWS credentials

• Firefox Improves Privacy Protections With Encrypted Client Hello

• SolarWinds Taps Firm Started by Ex-CISA Chief Chris Krebs, Former Facebook CSO Alex Stamos

• Continuous Updates: Everything You Need to Know About the SolarWinds Attack

• Nissan Source Code Compromised Online Due to Exposed Git Server

• Top 5 ‘Need to Know’ Coding Defects for DevSecOps

• MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewall and AP Controllers

• Safety Checking Locally Installed Package URLs

• ‘Oceanhorn: Chronos Dungeon’ Now Available on Apple Arcade

• Apple Pay Likely to Launch in South Africa This Year

• BrandPost: Episode 1: Balancing act

• FBI Warns of Egregor Attacks on Businesses Worldwide

• U.S. Department of State Approves New Cyberspace Security Bureau

• Hackers Can Clone Google Titan 2FA Keys

• Rioters Had Physical Access To Lawmakers’ Computers. How Bad Is That?

• Investigation Launched Into Vulns Found In US Judiciary Case System

• Google Chrome Browser Privacy Plan Investigated In UK

• New Apple Services Could Include ‘Podcasts+,’ ‘Stocks+,’ and ‘Mail+,’ Analysts Predict

• National Security Implications of Deferred Maintenance in Infrastructure

• New Year’s Resolution: Write for the (ISC)² Blog

• Elon Musk Now Richest Man In The World

• How Working From Home Has Changed Cybersecurity Awareness Training

• How IBM is using blockchain to transform the potential of enterprise data

• Ninja Cookie: This browser extension is the ultimate productivity hack

• Nvidia releases security update for high-severity graphics driver vulnerabilities

• FBI Warns Businesses of Egregor Ransomware Attacks

• Aurora Cannabis files sold on the dark web

• Edge, Chrome and Firefox bugs enable remote system hijacking

• Trump’s former cybersecurity chief hired by SolarWinds

• My 2020 Predictions Revisited: What Worked, What Didn’t

• It’s likely you already have low-code developers — get them into your security neighborhood

• This browser extension is the ultimate productivity hack

• Probe Launched Into Impact of SolarWinds Breach on Federal Courts

• Emotet Tops Malware Charts in December After Reboot

• Russia’s SolarWinds Attack and Software Security

• Spotify Starts Testing New CarPlay Interface With Queue System

• Expert Advice On Fraudulent NHS Vaccine Scam

• Sealed U.S. court records possibly accessed by SolarWinds attackers

• PIM vs PAM vs IAM: What’s The Difference?

• Facebook Bans Donald Trump ‘Indefinitely’ After Capitol Killings

• Ping Identity Appoints Acclaimed CIO Paul Martin to Board of Directors

• Personal Information of Aurora Cannabis Employees Up for Sale on Hacking Forum

• Encrypted Messaging App Signal Sees Surge in Popularity Following WhatsApp Privacy Policy Update

• The 15 biggest data breaches of the 21st century

• Hackers Can Use Telegram to Reveal Users’ Exact Locations | Avast

• Law Enforcement is Seduced by Big Cybercrime Cases

• Ryuk Ransomware Attackers Have Made $150m

• British Airways to Pay 3bn Pound as Compensation of the Data Breach

• CEO Refutes Reports of Involvement in SolarWinds Campaign

• Ryuk Ransomware: What Can We Learn From DCH Cyberattack?

• ALERT: North Korean hackers targeting South Korea with RokRat Trojan

• Ezuri memory loader used in Linux and Windows malware

• Experts Reacted On Hackney Council Leaked Documents

• Intel RealSense ID: Facial authentication designed with privacy as a priority

• How good are you at scoring security vulnerabilities, really? Boffins seek infosec pros to take rating skill survey

• Ezuri Crypter Being Used to Evade Antivirus Detection

• January 2021 Patch Tuesday forecast: New focus on security and software development

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• How Does Your AD Password Policy Compare to NIST’s Password Recommendations?

• Why A Risk Register Is Important for Cybersecurity Leaders

• We got used to SMS notifications and phishers are capitalizing on it

• Facebook takes data sharing pledge from WhatsApp Users

• OMG Children to be allowed to spy on their Parents in UK

• WhatsApp updates privacy policy to enable sharing more data with Facebook

• Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking

• Top 5 Cybersecurity Trends for 2021

• Kuo: No Significant Upgrades to iPhone Camera Lenses Through at Least 2022

• How to make sure the switch to multicloud pays off

• What is a software-defined perimeter and how does SDP work?

• New iPad Pro Said to Launch in March, 12.9-Inch Model Could Be Slightly Thicker for Mini-LED Display

• Confidence in FedRAMP driving cloud deployments

• Advancement of 5G and IoT tech to help the market reach $18.94 billion by 2025

• Hack the US Army for good with ‘Hack The Army’ bug bounty program

• ISC Stormcast For Friday, January 8th, 2021 https://isc.sans.edu/podcastdetail.html?id=7320, (Fri, Jan 8th)

• UJET now integrated with Oracle Cloud CX Service, available on Oracle Cloud Marketplace

• IPinfo Privacy Detection API: Detecting methods used to mask a user’s true IP address

• DOJ Says SolarWinds Hackers Accessed 3% of it’s Office 365 Mailboxes

• New side-channel attack can recover encryption keys from Google Titan security keys

• Investigation launched into vulnerabilities found within US Judiciary case file system

• Cryptography Research Centre in Abu Dhabi and Yale University to research post-quantum cryptography

• Wasabi integrates with BackupAssist to offer enterprise-grade cyber-resilience at lower cost

• SingleStore expands cloud data integration with the support for AWS Glue

• OPA and Gatekeeper: OPA or Gatekeeper?

• Russian Hacker Gets 12 Years in Massive Data Theft Scheme

• Post-Riot, the Capitol Hill IT Staff Faces a Security Mess

• Apple Negotiating with Hyundai for Apple Car Production [Updated]

• Nisos raises $6M to expand its marketing and operations, extend international footprint

• Dremio secures $135M to invest in educating a growing community of data lake practitioners

• Owl Cyber Defense acquires Trident ACS product line to enhance advanced network security capabilities

• archTIS acquires Nucleus Cyber to expand global footprint

• EFF’s Response to Social Media Companies’ Decisions to Block President Trump’s Accounts

• EEOC cancels official time for union reps in discrimination complaints

• Apple Allegedly Negotiating with Hyundai for Apple Car Production

• Anaplan expands executive team with the appointment of Bill Schuh as Chief Revenue Officer

• Malwarebytes promotes Thomas R. Fox to President

• Michel Ruefenacht joins YesWeHack as Chief Marketing Officer

• Ericom Software appoints Dr. Chase Cunningham as Chief Strategy Officer

• EFF’s Response to Social Media Companies’ Decision to Block President Trump’s Accounts

• Kubernetes Auditing

• Warner: White House ‘again’ holding back on naming Russia

• Red Hat Buys Container Security Firm StackRox

• Sealed U.S. Court Records Exposed in SolarWinds Breach

• Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020

• FBI alert warns private organizations of Egregor ransomware attacks

• Some AirPods Max Owners Complain of Condensation in Ear Cups

• Compiling the Criminal Charges Following the Capitol Riot

• Panaseer appoints Jonathan Gill as CEO

• Ashutosh Kulkarni joins Elastic as chief product officer

• SolarWinds hackers accessed DOJ email

• Capitol rioters planned for weeks in plain sight. The police weren’t ready.

• F5 to acquire multi-cloud security software maker Volterra for $500 million, raises financial outlook

• Biden to Appoint Cybersecurity Advisor to NSC – Report

• Homebrew: How to install exploit tools on macOS

• State Dept. to Create New Cybersecurity & Technology Agency

• FireEye’s Mandia: ‘Severity-Zero Alert’ Led to Discovery of SolarWinds Attack

• The Race to Preserve the DC Mob’s Digital Traces

• Ryuk ransomware operations already made over $150M

• Farewell Flash, Forevermore

• IT Security News Daily Summary 2021-01-07

• Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws

• F5 to Acquire Volterra in Deal Valued at $500 Million

• Trump Sex Scandal Video Is a RAT

• Even Small Nations Have Jumped into the Cyber Espionage Game

• The Top Cybersecurity Certifications in 2021

• Juspay data breach 35 million customers’ card data sold on dark web

• Chicago launches health analytics platform for COVID-19

• How government can rebuild digital infrastructure and support diversity and inclusion

• How AI helped California’s DMV adapt to COVID closures

• How to position state and local government workers for success in 2021

• 10 fastest-growing cybersecurity skills to learn in 2021

• Homebrew: How to install vulnerability tools on macOS

• All Aboard the Pequod!

• Apple Car Won’t Be Ready for At Least Half a Decade

• Hackers Actively Exploiting Leading VPN

• Security Experts Insight On Nissan Source Code Leaked

• Why Red Team Testing Rules the Cloud

• Volunteer civic techies help states with legacy systems

• Ryuk gang estimated to have made more than $150 million from ransomware attacks

• Fired Healthcare Exec Stalls Critical PPE Shipment for Months

• How to quickly check to see if your Linux server is under a DDoS attack from a single IP address

• Ezuri Memory Loader Abused in Linux Attacks

• Defending against SolarWinds attacks: What can be done?

• How the Shady Zero-Day Sales Game Is Evolving

• Ransomware Victims’ Data Published via DDoSecrets

• XKCD ‘Egg Strategies’

• DEF CON 28 Safe Mode Lock Picking Village – D1dymu5’s ‘Hybrid PhySec Tools’

• CES 2021: OWC Introduces Thunderbolt 4 Dock, New Storage Drives, and More

• Accessory Makers Begin Preparing for AirTags Launch

• Medical Equipment Packaging Company Hacker Sentenced

• Zyxel Backdoor Account Being Abused by SSH Scanners

• Nissan Source Code Leaked After Source Control Misconfiguration Discovered

• BrandPost: How to Create a Security-first Mindset

• Biometrics: Choosing the Right Option for Your Security

• CISA: Hackers access to federal networks without SolarWinds

• Months after this ‘serious’ cyber-attack, stolen data has been leaked online by hackers

• New Year, New Ransomware: Babuk Locker Targets Large Corporations

• Threatpost Poll: Weigh in on Ransomware Security

• Managed Intelligence Firm Nisos Raises $6 Million

• Top 5 SASE use cases balance network connectivity, security

• Army Reserve Gets First Cyber General

• North Korea-linked APT37 targets South with RokRat Trojan

• Satechi Launches New Backlit Keyboards, iPad Stand

• Here’s How the Capitol Mob Violated Federal Criminal Law

• Cybersecurity and the Occupation of the Capitol

• 3 Advanced Ways Cybercriminals Execute Cyberattacks Against the Banking and Financial Sector

• API Security Weekly: Issue #115

• Capitol rioters planned for weeks in plain sight. The police weren’t ready.

• Data stolen in cyber-attack has been leaked online by hackers, says council

• US Jails Cuban Credit Card Skimming Crew

• Security Expert listed the largest data leaks of Russian residents in 2020

• Critical Data Security Controls Every Organization Needs

• WhatsApp/Facebook Data Sharing: Pants On Fire?

• Review: Satechi’s Latest Wireless Charger Has a Magnet, But Isn’t MagSafe

• New Year’s Resolution: Cull Your Notifications – Intego Mac Podcast Episode 169

• How to Uninstall Flash Player

• Hackney Council Hackers Post Stolen Documents

• Fake Trump’s scandle video campaign spreading QNode RAT

• Bridge the Gap between Security and IT in Cloud Workload Protection

• Lacework Banks $525 Million as Cloud Security Market Heats Up

• Perseverance. Pushing Security Operations Forward in 2021

• Data Stolen from London Council Published Online

• New WhatsApp Privacy Policy Will Require Users To Share Data With Facebook

• Adobe Flash Player Reaches End of Life but Will Continue to Challenge Cybersecurity

• Researcher Exposes Telegram’s Location Bug, Company Say It’s a Feature

• Aurora Cannabis Breach Exposes Personal Data of Former, Current Workers

• Google Releases Security Updates for Chrome

• Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR

• #CiscoChat Live: Recapture Your Time and Get More Out of Secure Remote Working

• What is the ROI of Checkmarx Application Security Testing (AST)?

• How to Communicate Application Security Success to Your Executive Leadership

• Microsoft 365 Security for Extended Detection and Response

• Using the NIST Database and API to Keep Up with Vulnerabilities and Patches (Part 1 of 3), (Thu, Jan 7th)

• Directly related to today’s main story on CPE/CVEs – Code Exec in Cisco Jabber, all platforms https://nvd.nist.gov/vuln/detail/CVE-2020-26085, (Thu, Jan 7th)

• Trump Locked Out Of All Social Media Accounts As He Threatens The Security Of U.S. Democracy

• Hack The Army Bug Bounty Challenge Invites Hackers

• DoJ Says SolarWinds Hackers Accessed Their Email

• Disgruntled Former VP Hacks Company, Disrupts PPE Supply, Gets Jail

• JetBrains deny SolarWinds involvement

• Hackney Council documents stolen in ransomware attack

• “I have full control of your device”: Sextortion scam rears its ugly head in time for 2021

• What is Solorigate

• And the award goes to…NetApp

• WhatsApp Will Share Data With Facebook, Despite User Wishes

• Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020

• NSA Issues Guidance on Replacing Obsolete TLS Versions

• Panaseer Appoints Jonathan Gill as New CEO

• SolarWinds Hack Investigation Now Points to JetBrains as a Possible Weak Link in the Cyber Kill Chain, New York Times Reports

• Cisco Talos Researchers Discovered Multiple Susceptibilities in SoftMaker Office TextMaker

• The 3 Most Common Types of BEC Attacks (And What You Can Do About Them)

• Activists Leak Data Stolen in Ransomware Attacks

• Adversary Infrastructure Report 2020: A Defender’s View

• CES 2021: JBL Introduces New Dolby Atmos Sound Bar With AirPlay 2 Support

• Intel wheels out new face authentication product that works a lot like Apple’s FaceID

• NEC Facial Recognition Works Despite Masks

• What is a Self-Signed Certificate? | Keyfactor

• Quick Hits

• CHERRY on the Future of Work & Society – Gazing into the Crystal Ball

• You should install antivirus on your Android smartphone, but which one?

• Google Pays Out Over $100,000 for Vulnerabilities Patched With Chrome 87 Update

• Deepfake Technologies Set to Become Major Threat to Businesses

• Meet Oski Stealer: An In-depth Analysis of the Popular Credential Stealer

• Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack

• Can Trump Be Stopped?

• 16-31 December 2020 Cyber Attacks Timeline

• Lacework raises $525 million to automate cloud security and compliance

• Apply now to join Transform this July 2021

• Vulnerabilities in Fortinet WAF Can Expose Corporate Networks to Attacks

• S3 Ep14: Money scams, HTTPS by default, and hardcoded passwords [Podcast]

• Kaspersky and Alias Robotics Partner to Secure Robots in OT Infrastructure

• Principal Who Stole Students’ Nudes Fined $3.6 Million

• Threat Actor Posts Credit Card Info of 10,000 Amex Customers for Free on Hacking Forum

• Enhancing Customer Application Security: A Case Study

• Augmenting Legacy GRCs During Cyber Risk Transformation

• US Govt kicked off ‘Hack the Army 3.0’ bug bounty program

• Apple Watch May Display Incorrect Altitude Readings in Unusual Weather Conditions

• Anatomy of an Attack:  Password-Protected Files Attached to Emails

• CISSPs from Around the Globe: An Interview with Angus Macrae

• Nvidia Acquisition Of ARM Faces Competition Probe

• Former VP with an ax to grind hacks company, disrupts PPE supply, earns jail term

• Hack the Army bug bounty challenge asks hackers to find vulnerabilities in military networks

• Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire

• DoJ: SolarWinds Attackers Hit Thousands of O365 Inboxes

• NSA Issues Guidelines for Eliminating Obsolete TLS Protocols

• Extracting Personal Information from Large Language Models Like GPT-2

• Report: iPhone 12 is 21% More Expensive to Make Than iPhone 11

• British Airways to pay £3bn in breach settlement

• Covid-19 Vaccine Passports | Avast

• North Korean hackers launch RokRat Trojan in campaigns against the South

• Investigation Launched Into Role of JetBrains Product in SolarWinds Hack: Reports

• Social Media Neuters Trump’s Accounts After Fans Storm Capitol

• How and Why You Should Use Amazon Kinesis for Your Data Streams

• DigiTimes: Mini-LED MacBook Air to Launch in 2022

• Service NSW government app down after outage

• Funke Media Group suffers nationwide ransomware attack in Germany

• Twitter, Facebook Block Donald Trump After Four Die In Capitol Siege

• December 2020’s Most Wanted Malware: Emotet Returns as Top Malware Threat

• FCW Insider: Jan. 7

• Over a Third of TMT Firms Hit by Security Breach in 2020

• Creating A Strong Password Policy With Specops and NIST Guidelines

• TikTok Debuts Its First AR Effect to Use LiDAR in iPhone 12 Pro Models

• T-Mobile Got Hacked Again at the End of 2020

• 33 hardware and firmware vulnerabilities: A guide to the threats

• 4 ways attackers exploit hosted services: What admins need to know

• Bug Bounty Program Launched to Discover US Army Vulnerabilities

• What is Web Application Security and Why is it Important?

• The Connection Between GoldenSpy and MEDoc: Reducing the Security Risk of Doing Business

• Comment: Babuk Ransomware Operation – Ransomware Is The New Cybersecurity Fad

• 3 Powerful Ways To Keep Your Remote Workers Cybersafe And Secure

• Is Credit Karma Safe? Need to Know Before Creating Your Account

• WhatsApp Updates – Users Must Agree on New Privacy Policy to Continue Using the App

• Thallium Altered the Installer of a Stock Investment App

• Want to add antivirus to your existing portfolio?

• SolarWinds Hackers Also Accessed U.S. Justice Department’s Email Server

• RDP Attacks on the Rise During COVID-19 Pandemic

• What happens when a Chrome extension with 2m+ users changes hands, raises red flags, doesn’t document updates? Let’s find out

• A hacker’s predictions on enterprise malware risk

• Israel to build a Cybersecurity Headquarters serving manufacturers

• Joe Biden appoints new Cybersecurity chief for White House

• The NYSE ban on three Chinese telcos is back

• Digital transformation taking shape in 2021

• Hospitals under siege: 5 ways to boost cybersecurity as the COVID-19 vaccine rolls out

• JetBrains’ build automation software eyed as possible enabler of SolarWinds hack

• Why application-layer encryption is essential for securing confidential data

• How secured are touchless solutions?

• How have digital transactions become safer?

• Ghidra 101: Slice Highlighting

• JetBrains denies being involved in SolarWinds hack

• Over 500,000 Credentials of two Dozen Leading Gaming Firms Leaked Online

• ISC Stormcast For Thursday, January 7th, 2021 https://isc.sans.edu/podcastdetail.html?id=7318, (Thu, Jan 7th)

• JetBrains denies being the origin point of the SolarWinds hack

• Apple Launches Special Edition Ox-Themed AirPods Pro in China for Chinese New Year

• Iridium Edge Solar: A solar-powered remote asset tracking and management device

• SUNBURST Additional Technical Details

• Use el acceso condicional para mejorar la postura de seguridad de su fuerza de trabajo remota

• LogMeIn appoints Jamie Domenici as Chief Marketing Officer

• SolarWinds hackers had access to roughly 3% of US DOJ O365 mailboxes

• Greg Nicastro joins SmartBear as EVP/GM of Products and Technology

• 2021-01-06 (Wednesday) – Remcos RAT infection

• DOJ says it was hit by SolarWinds hackers

• NSA Urges SysAdmins to Replace Obsolete TLS Protocols

• Customizing your sudo password prompt

• How to customize your sudo password prompt

• Nissan Source Code Leaked via Misconfigured Git Server

• Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic

• CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise

• United States Congress stormed by violent followers of defeated president, Biden win confirmation halted

• IT Security News Daily Summary 2021-01-06

• It’s Not the Trump Sex Tape, It’s a RAT

• post-quantum cryptography

• WhatsApp will share your data with Facebook and its companies

• Apple Launches Annual ‘Back to University’ Promo in Australia, New Zealand, South Korea and Brazil

• Apple Releases Safari Technology Preview 118 With Bug Fixes and Performance Improvements

• United States Congress stormed by armed supporters of defeated president, Biden win confirmation halted

• Feds Issue Recommendations for Maritime Cybersecurity

• ‘Earth Wendigo’ Hackers Exfiltrate Emails Through JavaScript Backdoor

• The SolarWinds attacks: What we know so far

• Friction Affliction: How to Balance Security With User Experience

• DoJ’s Microsoft 365 Email Accounts Compromised in SolarWinds Attacks

• US Capitol Breached By MAGA Idiots With Guns

• SolarWinds fallout: DOJ says hackers accessed its Microsoft O365 email server

• Linux: How to create a new user with admin privileges

• Integrating Fraud Data Into Your Workflow

• Justice Department Says It’s Been Affected by Russian Hack

• Poor Software Quality Costs US $2.08tn

• DEF CON 28 Safe Mode Sunday – Ismail Melih Tas’ And Kubilay Ahmet Kucuk’s ‘Practical VoIPUC Hacking Using Mr SIP’

• Software Supply Chain Attacks: From Formjacking to Third Party Code Changes

• Customer Story | Oregon Youth Corrections Education Program Enables Connected Classrooms in Google for Education

• Next Low-Cost iPad Said to Feature Thinner, Lighter Design

• ElectroRAT Drains Crypto Wallets

• British Airways Plans £3bn Breach Settlement

• Google fixed a critical Remote Code Execution flaw in Android

• Intel Aiming to Bring Face ID-Like Authentication to ATMs, Gates, Door Locks, and More With ‘RealSense ID’

• Physicists observe competition between magnetic orders

• SolarWinds hackers accessed DOJ emails but there’s no indication they reached classified systems

• First New Enterprise Ransomware of 2021 Arrives

• New Phishing Campaign Delivering QRAT

• WhatsApp wants you to accept its new terms or call it quits

• In final days, Trump cracks down on Chinese apps

• Are security and connectivity on your 2021 to do list, yes? Here’s what to do first

• US government fingers Russia for SolarWinds-based cyberattack

• Researchers Warn of New Ransomware Targeting Enterprise Networks

• Zyxel hardcoded admin password found – patch now!

• US Intelligence Task Force Accuses Russia Of Cyber Attack

• Telecommunication Security Use Cases

• Apple Reportedly Reached Agreement to Support Paris Metro Navigo Cards in Wallet

• Review: Jackery’s Explorer 500 Portable Power Station is Useful for Power Outages, Emergencies and Camping

• Samsung’s 2021 Q7 TVs Offer ‘Smart Trainer’ Option That Analyzes Posture in Real Time During Workouts

• Russia Behind SolarWinds Hack – US Intelligence

• Intel launches RealSense ID for on-device facial recognition

• Nissan source code leaked online after Git repo misconfiguration

• Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

• Dragos Hires Former PepsiCo Deputy CISO Steve Applegate

• 10 cybersecurity best practices and tips for businesses

• Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact

• Ethical hackers training for Tokyo 2020 Olympics and Paralympic Games

• YouTube Reinstates TalkRadio Channel After Ban Decision

• Proactive Hunting with Intezer

• This new phishing attack uses an odd lure to deliver Windows trojan malware

• Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack

• SoftMaker Office Vulnerabilities Allow Code Execution via Malicious Documents

• The human firewall’s role in a cybersecurity strategy

• Juspay, the Payment Platform of Leading Online Merchants Amazon and Swiggy Suffers Data Breach

• How to Protect Your Organization’s Digital Footprint

• A Cyber Risk Mentality Shift in the Midst of a Pandemic

• Fake Trump sex video used to spread QNode RAT

• Telegram Triangulation Pinpoints Users’ Exact Locations

• SMS Phishing Is Getting Out Of Control

• US Intelligence Task Force Accuses Russia Of Cyber-Hack

• Ho Mobile To Replace SIM Cards After Massive Data Breach

• Apple Glasses Reportedly Progressing Towards Engineering Verification Stage With Focus on Battery Life and Weight

• Sonnet Announces New eGPU Docks With AMD Radeon RX 5000 Series GPUs and Support for Pro Display XDR

• Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat

• What should you do with an old Android smartphone? And how old is too old?

• U.S. Government Announces ‘Hack the Army 3.0’ Bug Bounty Program

• Secure Chorus Transfers Ownership of Encrypted Messaging App Standards to ETSI

• Vodafone Subsidiary Issues Replacement SIMs for 2.5 Million Customers Amid Major Data Breach

• Ticketmaster Pays Up for Hacking a Rival Company

• A Deep Dive into Lokibot Infection Chain

• What is the cost of poor software quality in the U.S.?

• Scans for Zyxel Backdoors are Commencing., (Wed, Jan 6th)

• Apple Highlights Services in 2020 as App Store Sets Single-Day Spending Record on New Year’s Day

• 14-Inch and 16-Inch MacBook Pro Models Expected to Boost Apple Silicon’s Market Share in Second Half of 2021

• Deals: Get Up to $150 Off iPad Pro and Up to $50 Off iPad Air in New Sales

• The DCH Ransomware Attack: A Teachable Moment in Cyber-History

• Julian Assange Denied Bail, Despite Extradition Halt

• NCSC Releases Consumer Guide for Purchasing or Selling Second-Hand Devices

• Russian experts give tips on how to prevent personal data leakage

• Hackers Using Fake Trump’s Scandal Video to Spread QNode Malware

• Security Outcomes Report: Top Findings from Around the World

• Nucleus Cyber Announces Close of Acquisition by archTIS

• Mandatory WhatsApp Privacy Policy Update Allows User Data to be Shared With Facebook

• Common Vulnerabilities Associated With Remote Access

• President Trump Blacklists Eight Chinese Apps

• Cloud Security vs. Network Security: What’s the Difference?

• Class Action Lawsuit Filed Against SolarWinds Over Hack

• BlueVoyant Enters Strategic Partnership with Third Party Risk Management Consultancy

• India the Internet Blackout Capital of the World

• 6 Open Source Tools for Your Security Team

• Activists Publish a Vast Trove of Ransomware Victims’ Data

• Manage IT on the go with our incredibly effective mobile apps

• Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

• Microsoft Edge History and Tab Sync Features Start Rolling Out

• Cybersecurity Expert Reacted On Banking Trade Body Calls For Increased Contactless Payment Limit

• Russia possibly behind government agency hacks

• New phishing scam impersonates government officials

• Tokyo Olympics train ethical hackers to protect against cyber-attacks

• Google CAPTCHA broken by speech-to-text AI

• unCAPTCHA3 evades Google Audio reCAPTCHA with Speech-to-Text API

• How to prepare for and respond to a SolarWinds-type attack

• SolarWinds hack is a wakeup call for taking cybersecurity action

• Google To Add Privacy Labels To Its iOS App Portfolio

• FBI, CISA, ODNI, and NSA Says Russian Threat Actors Behind SolarWinds Hack

• FCW Insider: Jan. 6

• Cyber criminals are taking aim at online gaming for their next big pay day

• Most Public Sector Victims Refuse to Pay Ransomware Gangs

• Dark Web User Numbers Spiked During #COVID19 Lockdown

• Trump Administration Prohibits Use of Eight Chinese Apps

• NameSouth’s Data Leaked for not Paying Ransom to Cybercriminals

• CKS Certification Study Guide: Minimize Microservice Vulnerabilities

• The Significance of Q in Communications

• Backdoor in Zyxel Firewalls and Gateways

• ‘Minecraft Earth’ Mobile AR Game to Shut Down Later This Year

• iPhone 13 Pro Models to Use Samsung LTPO Technology for 120Hz Display

• A Connection Between Carers And Patients, Requires Connected Technologies

• Expert On US intel Agencies Blame Russia For Massive SolarWinds Hack

• CISA Cites Likely Russian Solar Winds Involvement – Expert Perspective

• Zero Trust Against Nation-State Attacks: Expert Explains What It Is Vital

• Cloud security provider iboss raises $145 million

• Adobe Flash Player reaches end-of-life

• Singapore Admits Police Can Access Contact-Tracing Data

• US: Fewer Than 10 Govt Agencies Hit by SolarWinds Attack

• Trump Signs Executive Order to Ban US Transactions With WeChat Pay and 7 Other Chinese Apps

• WhatsApp Will Delete Your Account If You Don’t Agree Sharing Data With Facebook

• Today Marks the 10th Anniversary of the Mac App Store

• Looking for adding new detection technologies in your security products?

• FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack

• How to Choose the Right SOC 2 Auditor

• Security Analysis: The Rise of Cybercrime Underworld and Hacking Groups

• A Quick Look Into Cloud Access Security Brokers (CASB)

• A Quick Look Into Cloud Workload Protection Platforms (CWPP)

• Why you should make cyber risk a business gain, not a loss

• Cyber Attacks on healthcare sector increased by 45% across the globe

• China APT27 hacking group starts Ransomware campaign

• Stolen employee credentials put leading gaming firms at risk

• The 5G toolbox of defense

• ‘Tis the season for session hijacking – Here’s how to stop it

• ‘Twas the night before InfoSec

• Keeping Your Garage Secure Using a Raspberry Pi

• NIST SP 800-128 – Because Patching May Never Fix Your Hidden Flaws

• Video surveillance trends that will shape 2021

• 60% of companies’ IT modernization programs not ready for the future

• Trump administration bans eight Chinese apps

• Trump Widens US Ban on Chinese Apps as His Term Nears End

• ISC Stormcast For Wednesday, January 6th, 2021 https://isc.sans.edu/podcastdetail.html?id=7316, (Wed, Jan 6th)

• Ninth Circuit Says President Trump Can Ban Immigrants Without “Approved” Health Insurance

• Exium launches Secure 5G NaaS powered by a zero-trust Intelligent Cybersecurity Mesh

• ElectroRat crypto-stealing malware hits MacOS, Windows, Linux devices

• Alipay among eight Chinese apps banned in latest Trump executive order

• Caveonix raises $7.3M to continue innovation, market expansion and strategic partnership development

• CommScope releases NVG578LX 2.5G GPON Wi-Fi 6 residential gateway

• Oakland Privacy and the People of Vallejo Prevail in the Fight For Surveillance Accountability

• Has Cyber Risk Increased Due to the Rapid Rise in Telehealth Use?

• SolarWinds Breach is the Rule, Not an Exception

• Google Planning to Update iOS Apps With Privacy Labels Soon

• MTI promotes Mary Jesse to Chief Executive Officer

• Vertiv appoints Stephanie Gill as Chief Legal Counsel and Corporate Secretary

• VPN usage is increasing, says December 2020 survey

• FBI, CISA, ODNI and NSA blames Russia for SolarWinds hack

• Apple to Announce Q1 2021 Earnings on January 27

• Comparison: M1 MacBook Pro vs. Razer Book 13

• Angira Agrawal joins Skylo as COO

• Ah, right on time: Hacker-slammed SolarWinds sued by angry shareholders

• Reshaping Cyberspace: Beyond the Emerging Online Mercenaries and the Aftermath of SolarWinds

• What Are the Connected Assets of Confirmed Fake FBI Domains?

• FedRAMP authorization bill passes House

• RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework

• U.S. Releases Cybersecurity Plan for Maritime Sector

• US: Hack of Federal Agencies ‘Likely Russian in Origin’

• China’s APT Groups May Be Looking to Cash In

• Dark Web Forum Activity Surged 44% in Early COVID Months

• NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations

• Apple CEO Tim Cook Earned $14.8 Million in 2020, Not Counting Stock Awards

• U.S. feds say Russians likely behind SolarWinds hack that breached government networks

• IT Security News Daily Summary 2021-01-05

• The U.S. Department of Homeland Security tested technology that can recognize masked faces

• Delivering on the DOD Data Strategy with DataOps

• White House task force says Russia likely to blame for SolarWinds hack

• House passes FedRAMP bill

• More visible data helps drive DOD decision-making

• Harnessing the power of machine learning for improved decision-making

• Rip and replace no more

• Broadband access moves up government’s priority list

• US government formally blames Russia for SolarWinds hack

• Cyberattacks on Healthcare Spike 45% Since November

• CIA’s New Recruitment Website Aims to Diversify Spy Agency

• Study: Facebook Messenger Collects A Stunning Amount Of Your Information

• FBI, CISA, NSA & ODNI Cite Russia in Joint Statement on ‘Serious’ SolarWinds Attacks

• SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

• New ElectroRAT employed in a wide-ranging operation targeting cryptocurrency users

• Verizon Again Delays Plans to Shut Down 3G Network

• Apple’s Annual Shareholders Meeting to Take Place Virtually on February 23

• Lawfare Live: Lessons from the 2020 Election With Nate Persily and Charles Stewart

• Counting Ballots and Stealing Elections

• COVID-19 and Surveillance Tech: Year in Review 2020

• Blackberry Cylance’s consumer antivirus product won’t work with macOS Big Sur until end of January

• Implementing One-Time Passwords in Crystal

• PCI DSS: SSL Certificate Management Requirements | Keyfactor

• Iboss raises $145 million as pandemic and WFH push security to the cloud

• COVID, black swans and gray rhinos

• Google Warns of Critical Android Remote Code Execution Bug

• Telegram Triangulation Pinpoints Users’ Exact Locations

• Crypto-Hijacking Campaign Leverages New Golang RAT

• UK Jails Cyber-Voyeur

• Financial Data Security: Deep Dive on SOC Reports

• Summing Up 2020 for Security Operations Pros, Siemplify … and Everyone: A Year Like No Other

• iPhone 12 Mini Sales Lackluster Compared to Other Models

• NTFS Remote Code Execution (CVE-2020-17096) Analysis

• Top 5 Home Apps for a Seamless Home Experience

• 6 Tips On Preventing IT Failures

• Why Cloud Engineers Matter For The Success Of Your Website

• How To Assess Your Business IT Structure

• Singapore police had used COVID-19 contact tracing data in murder probe

• Why you should use SCP to securely transfer files

• Cybercriminals use psychology–cybersecurity pros should, too

• SASE Provider iboss Banks $145 Million Equity Funding

• Hamas May Be Threat to 8chan, QAnon Online

• FBI Warns of Swatting Attacks

• iboss Raises $145m in Funding

• DEF CON 28 Safe Mode Sunday – Christopher Wade’s ‘Beyond Root’

• Citrix Adds NetScaler ADC Setting to Block Recent DDoS Attacks

• Data from 10,000 American Express Cardholders Shared for Free on Criminal Forum

• Backdoor Account Discovered in Zyxel Networking Devices

• 10 of the biggest cyber attacks of 2020

• One month after ransomware attack, Metro Vancouver’s transit system still not up to speed

• DEF CON 28 Safe Mode Sunday – Ayoub Elaassal’s ‘Only Takes A Spark: Popping A Shell On 1000 Nodes’

• XKCD ‘Depth And Breadth’

• Review: Belkin’s 3-in-1 Boost Charge Pro Offers Hassle-Free 15W MagSafe Charging for iPhone 12

• Cybersecurity stocks in focus as businesses face breaches

• How to Make Personalized Marketing Effective With Consumer Identity Programs

• Italian mobile operator offers to replace SIM cards after massive data breach

• How to enable biometric login with Bitwarden

• Data Security Providers Netwrix and Stealthbits Merge

• SolarWinds Attack Update: Russian Hackers Breached 250 US Agencies and Top Companies

• Google Hasn’t Updated Its iOS Apps Since the Day Before Apple’s New Privacy Labels Requirement

• Tile Plans to Introduce Item Trackers With Ultra Wideband Support

• Court Upholds Legal Challenge Under California Statewide Stingray Law

• Bug? No, Telegram exposing its users’ precise location is a feature working as ‘expected’

• YouTube Axes TalkRadio Channel

• SolarWinds supply chain attack affected 250 organizations

• Citrix Releases Updates to Prevent DDoS Attacks Abusing Its Appliances

• Increase Security Policy Accuracy with IPAM Integration

• Netfox Detective: An Alternative Open-Source Packet Analysis Tool , (Tue, Jan 5th)

• Apple Researching Wireless Charging Ecosystem for MacBook, iPad, iPhone, and Apple Watch

• Expert Advise On Expiring Android Versions Leave Individuals Open To Cyber Threats

• 2020 Ends With A Bang

• The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1

• VPN usage is increasing, says survey

• Amey London hit by a ransomware attack

• Will the real legacy storage vendor please stand up?

• Slack Starts 2021 With Outage

• Most Reliable Hosting Company Sites in December 2020

• CISA updates on SolarWinds compromise

• Hackers target cryptocurrency users with new ElectroRAT malware

• Major Gaming Companies Hit with Ransomware Linked to APT27

• Google Releases January 2021 Security Updates for Android

• 10 must-have cybersecurity skills for career success

• Chrome browser has a New Year’s resolution: HTTPS by default

• Finnish Parliament Was Targeted in Cyberattack in 2020

• Warning: Cross-Platform ElectroRAT Malware Targeting Cryptocurrency Users

• Keeping Emissions in Check During Unprecedented Internet Use

• Securing the Software Supply Chain Goes Beyond Application Development

• Data From August Breach Of Amazon Partner Juspay Dumped Online

• Criminals Are Going To Great Lengths To Steal Bitcoin

• SolarWinds, Top Executives Hit With Class Action Lawsuit Over Orion Software Breach

• Malware Uses WiFi BSSID For Victim Identification

• Apple Reportedly Moving Into ‘Second Phase’ of AR Glasses Development

• Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets

• Facebook’s foolish attack on Apple

• ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands

• Hackers Exploiting Recently Disclosed Zyxel Vulnerability

• Ericom Appoints First Ever Chief Strategy Officer

• “Not Amazon” Canadian Website Takes on the Online Giant

• What You Need to Know About California’s New Privacy Rules

• Healthcare organizations faced a 45% increase in attacks since November

• Security Intelligence Handbook Chapter 6: How to Prioritize Patching with Vulnerability Intelligence

• Apple Names Former Newspaper Editor Monica Lozano to Board of Directors

• Ticketmaster Admits To Hacking Rival Company

• Alibaba’s Founder Jack Ma Absence Triggers Concern

• Facebook bug exposed identity of page admin using group doc feature

• Buying a second-hand laptop? Here’s how to stop a bargain becoming a security disaster

• How to lock down your Microsoft account and keep it safe from outside attackers

• Data from August Breach of Amazon Partner Juspay Dumped Online

• Massive Data Dump of 10 Crore Indian Card Holders Leaked on Dark Web

• Introducing: Cisco’s Innovated Transparency Report

• Jump-Start the Cyber Insurance Market to Drive Better OT Security

• Deals: Save Up to $120 on Apple’s 2020 iMac Lineup With Amazon’s Latest Sales

• Microsoft to Replace Outlook for Mac With New Universal Client

• Google Staff Form Company’s First Ever Trade Union

• Print Your Own: The State of 3D Printing

• As coronavirus cases surge, so do cyberattacks against the healthcare sector

• US-Built Center in Cyprus to Offer Region Security Training

• Ransomware Surge Drives 45% Increase in Healthcare Cyber-Attacks

• Top VPN Provider Zyxel Hacked, Here’s a Quick Look into the Security Incident

• Latest on the SVR’s SolarWinds Hack

• Experts Reacted On Payment Processor Juspay Leaks 100 Mil+ Cardholders’ Data

• GDPR Fines Exceeded €170 Million in 2020

• Chinese APT Group Linked to Ransomware Attacks

• Cyberattacks Against K-12 Schools Expected to Rise in 2021, FBI Warns

• PayPal Phishing Scam 2021, Here’s How to Stay Guarded

• Healthcare Industry Witnessed 45% Spike in Cyber Attacks Since Nov 20

• How to Avoid the Phishing Bait in 2021?

• Over 500,000 credentials for tens of gaming firm available in the Dark Web

• App Store Spending Reached $72 Billion in 2020, Says Sensor Tower

• Scotland waves £15m for low-code partner to help with social security overhaul as technical debt mounts

• Egregor ransomware group explained: And how to defend against it

• Julian Assange Extradition To US Denied By UK Judge

• Top 2020 Cybersecurity Lessons for Cryptocurrency

• Attacks targeting healthcare organizations spike globally as COVID-19 cases rise again

• FCW Insider: Jan. 5

• HelpSystems Acquires FileCatalyst to Boost Data Transfer Portfolio

• Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

• New Lockdown Measures Close All Remaining Apple Stores in the UK

• NYSE U-Turn Means Chinese Telcos Escape Delisting

• How to bypass the Google Audio reCAPTCHA with a new version of unCaptcha2 attack

• 1 Mil Gamers’ Acctounts Compromised By Major Gaming Firms – Expert Perspectives

• Are US And Russia Engaged In Cyber Conflict Or Cyber War? Expert Comments

• Cyber-attacks On Hospitals Spike By 45% Worldwide

• New Phishing Campaign Targets PayPal Users

• How DNS Attack Dynamics Evolved During the Pandemic

• The Top Cybersecurity Certifications in 2021

• Application security testing is not just buzzwords

• Most Advanced CrowdSec IPS v.1.0.x is out: how-to guide

• Think you’re hot stuff when it comes to infosec? Prove it

• Check Point: What to expect from hackers in 2021

• Weak Zero Trust Exposes Enterprises to More Cyber Threats

• The fight to stymie adversarial machine learning is on

• Google Union might put off Pentagon AI Project permanently

• Cyber Attack on Apex Laboratory n ransomware suspected

• PayPal users targeted in new SMS phishing campaign

• Ransomware Attacks Linked to Chinese Cyberspies

• 2021 key risk areas beyond the pandemic

• Review: Code42 Incydr – SaaS data risk detection and response

• Chinese telcos spared delisting as NYSE backtracks on decision

• Everything You Need to Know About CI/CD and Security

• Fighting Cybercrime: We Are Stronger Together than We Are Individually

• Ransomware Gang Collects Data from Blood Testing Lab

• Top five technology trends for the year ahead

• Users can be manipulated to share private information online

• Tech Resume Library: 23 downloadable templates for IT pros

• FBI warns of Swatting Attacks Targeting smart home devices with voice and video Capabilities

• Singapore changes the rules and will now use COVID-19 contact-tracing app data in criminal cases

• ISC Stormcast For Tuesday, January 5th, 2021 https://isc.sans.edu/podcastdetail.html?id=7314, (Tue, Jan 5th)

• AutoHotkey-Based Credential Stealer Targets US, Canadian Bank Customers

• EFF to FinCEN: Stop Pushing For More Financial Surveillance

• UK court rejects US extradition of Assange

• Innovation During a Crisis: A story of PIE and Ice Cream

• ePlus acquires System Management and Planning to broaden its technology solution offerings

• Happy New Year: Jan 1, 2021 security cert expiration causes havoc for some Check Point VPN users

• Experts linked ransomware attacks to China-linked APT27

• Substack’s Curious Views on Content Moderation

• Richard Sands joins Cyble as General Manager for the North America region

• Thoma Bravo invests in Venafi to deliver machine identity protection to an expanded customer base

• Happy New Year: Cert expiration causes havoc for Check Point VPN customers

• Microsoft Source Code Exposed: What We Know & What It Means

• Bringing R to Swift on macOS

• 5 Cybersecurity Protocols That Matter

• Expert Advise On PayPal Smishing Campaign

• Banner Bank appoints Janet Brown as Executive Vice President and CIO

• Investor launches class-action lawsuit against SolarWinds over hack

• Apex Laboratory disclose data breach after a ransomware attack

• IT Security News Daily Summary 2021-01-04

• Three ways to get ahead in the new year

• Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API

• Top 5 essential open source cybersecurity tools for 2021

• Selena Gomez Slams Facebook For Misinformation, Says The Company Will Be “Responsible For Thousands Of Deaths”

• Apple Enterprise Company Jamf Now Manages 20 Million+ Devices Worldwide

• Google ReCaptcha flaw lets bots bypass audio captcha challenge

• SolarWinds: The more we learn, the worse it looks

• Leading Game Publishers Hit Hard by Leaked-Credential Epidemic

• DEF CON 28 Safe Mode Sunday – Mickey Shkatov’s And Jesse Michael’s ‘Bytes In Disguise’

• 6 Practical Fraud Prevention Tips for 2021

• Military Cryptanalytics, Part III

• Judge halts enforcement of diversity training crackdown on contractors

• Hershman critical of CMO cut in NDAA

• Malware uses WiFi BSSID for victim identification

• Cyber-Attack on US Laboratory

• T-Mobile Hacked — Again

• Netwrix and Stealthbits Merge to Tackle Data Security

• Vulnerability Summary for the Week of December 28, 2020

• Over 250 Organizations Breached via SolarWinds Supply Chain Hack: Report

• UK Rejects Assange Extradition Request

• Netwrix and Stealthbits Announce Merger

• Don’t get overwhelmed with trivial defects. Manage them!

• Zyxel’s Ridiculous Backdoor: Happy New Year, Now Patch Your Gear

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 310’

• AI Enables Predictability and Better Business

• Apple Reportedly Planning Smaller and Lighter GaN-Based Chargers

• 21 WeLeakInfo customers arrested for buying breached data

• How to Easily Set Up Mutual TLS

• T-Mobile Faces Yet Another Data Breach

• Getting SASE, Without the Hyperbole

• Ransomware ‘businesses’: Does acting legitimate pay off?

• Learn how to Hide your WhatsApp Profile Picture and Why ?

• DEF CON 28 Safe Mode Sunday – Zhipeng Huo’s And Chuanda Ding’s ‘Hack Windows Machines With Printer Protocol’

• A Comprehensive Data Recovery Solution

• Best Practices for Securing Modern Data Architecture

• Singapore police can access COVID-19 contact tracing data for criminal investigations

• Slack Outage Causing Enterprise Security Hiccups

• Introducing the Cisco Secure Network Analytics Data Store!

• The Darkness and the Light

• Apple Rumored to Expand LiDAR Scanner to Entire iPhone 13 Lineup

• Kuo: Apple to Unveil AirTags, Augmented Reality Device, and More in 2021

• iPhone 13 May Feature Faster mmWave 5G Connectivity in More Countries

• In Pakistan, a Tale of Two Very Different Political Movements

• Putting security first – a case study

• EFF Statement on British Court’s Rejection of Trump Administration’s Extradition Request for Wikileaks’ Julian Assange

• Forcepoint and Microsoft: Risk-based access control for the remote workforce

• A week in security (December 28 – January 3)

• Vulnerability alert as Adobe Flash support ends from January 2021

• Healthy (Storage) Habits for the New Year

• Be warned: COVID-19 vaccine scams are now appearing online, over text, and by email

• Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business

• Hardcoded Credentials Expose Zyxel Firewalls and WLAN Controllers to Remote Attacks

• Japanese Games Publisher Koei Tecmo Suffers Cyber Attack, 65,000 Users Account Compromised

• COVID-19’s Acceleration of Cloud Migration & Identity-Centric Security

• The UK Denies Assange’s Extradition, Citing Suicide Risk

• The Evolution of the FIN7 JSSLoader

• British Court rejects the US’s request to extradite Julian Assange

• From a small BAT file to Mass Logger infostealer, (Mon, Jan 4th)

• Ticketmaster Fined $10 Million After Staff Hacked Competitor

• Assange’s US Extradition Blocked On Health Grounds

• Bitcoin Hits Record High On Twelfth Anniversary Of Its Creation

• Malvuln Launched Focusing On Exploiting Malware

• Deals: Apple Watch Series 6 Discounted by Up to $60, Starting at $339 for 40mm GPS

• AirTags Shown Off in 3D Animation That Could Appear During Pairing Process

• Video Hearing Tuesday: ACLU, EFF Urge Court to Require Warrants for Border Searches of Digital Devices

• British judge says Julian Assange will not be extradited to the US

• iPhone privacy checklist (2021 edition)

• Apex Laboratory Says Patient Data Stolen in Ransomware Attack

• UK Judge Refuses US Extradition of WikiLeaks Founder Assange

• Nefilim Hits Whirlpool with Ransomware, Publishes Some Stolen Data

• Ticketmaster Fined $10 Million after Accessing Competitor’s Network using Stolen Credentials

• ‘Pascal’s Wager’ Becomes First iPad Game to Add Mouse and Keyboard Support

• Multi-Platform Credit Card Skimmer Discovered- Expert Offers Perspective

• Best Gaming Laptop under $1500 – 2021 Review

• 9 Best 2-in-1 Laptop Under $200 – 2021 Buying Guide & Reviews

• Best Laptop for Artists 2021 – Buying Guide & Reviews

• Best Laptop for DJ 2021 – Buying Guide with Reviews

• 8 Best Gaming Laptop Under $2000 – 2021 Buying Guide

• Linux Pentesting: What Is It and How Can It Improve Network Security?>

• Quick Hits

• FCW Insider: Jan. 4

• Software factories must be protected like ‘crown jewels,’ AF official says

• Remote work and disposable tech may put government data at risk

• New year, new rant: Linus Torvalds rails at Intel for ‘killing’ the ECC industry

• Old Attack Method Against Google’s Audio-Based reCAPTCHA Resurrected

• CISO New Year’s Resolutions for 2021

• New York Subway Completes Rollout of Apple Pay Support

• The IT skills gap is a giant problem. Help fix it with these smart management moves

• British Court Rejects U.S. Request to Extradite WikiLeaks’ Julian Assange

• Amazon Has Trucks Filled with Hard Drives and an Armed Guard

• Rebranding Perception Point

• Slow Email Protection Software Got You Down?

• Zooming in on Zoom

• Apple’s ‘Ring in the New Year’ Activity Challenge Now Available

• Apple Launches New Weekly Fitness+ Series and Apple Music Playlists

• Customers’ call records access in T-Mobile breach

• Hacker sells 368.8 million stolen user records on the dark web

• Ticketmaster fined $10m for hacking their competitor

• Julian Assange will NOT be extradited to the US over WikiLeaks hacking and spy charges, rules British judge

• UK Drone Regulation Update ‘Clarifies Rules’

• Microsoft Says SolarWinds Hackers Viewed Its Source Code

• T-Mobile discloses its fourth data breach in three years

• Ticketmaster fined $10 million after staff hacked competitor to ‘choke off’ presale ticket business

• Microsoft: SolarWinds Attackers Viewed Our Source Code

• Appliance Giant Whirlpool Smacked by Nefilim Attack

• Virtual Website Neopets Exposes Sensitive Data

• 35% of External Attacks Occur Through a Web Application

• Instilling Values In Machine Learning | Avast

• Slow Email Protection Software Got You Down?

• Rebranding Perception Point 2

• WikiLeaks founder Julian Assange cannot be extradited to U.S., judge rules

• FBI Warns Users Of Swatting Attacks By Hacking Smart Devices

• Differential privacy: Pros and cons of enterprise use cases

• 5 questions CISOs should ask prospective corporate lawyers

• Our New Year’s Resolution for You: Protect Your IoT Networks and Devices!

• One Million Compromised Accounts Found at Top Gaming Firms

• Senior Citizens, the Victims of Airline Ticket Fraud

• Samsung to Unveil New Smartphones at Galaxy Unpacked Event on January 14

• NYSE to Delist Chinese Telcos on National Security Grounds

• Cache Poisoning Denial-of-Service Attack Techniques

• NYSE To Delist Chinese Telecoms Companies

• China accuses US of breaching market rules in NYSE delisting

• New alleged MuddyWater attack downloads a PowerShell script from GitHub

• Trying to register your antivirus in Windows Security Center?

• Over 100K Zyxel Firewall Devices Found With A Backdoor Account

• Online Gaming Adds More Risk to WFH

• SolarWinds mess flared in the holidays – company confirms malware targeted crocked Orion product

• A closer look at fileless malware, beyond the network

• Hackers’ data breach T Mobile servers for second time in 2020

• Russian data hack saga on SolarWinds seems to be a never-ending story

• How to Break Into to a Cybersecurity Career – Part 1

• As holiday mobile commerce breaks records, retail apps display security red flags

• Three ways formal methods can scale for software security

• ERI Featured in CNBC Story on Conquering the Challenges of Electronic Waste

• Enterprises waste $5.5 million on failed DX projects

• Review: Alice & Bob Learn Application Security

• ISC Stormcast For Monday, January 4th 2021 https://isc.sans.edu/podcastdetail.html?id=7312, (Mon, Jan 4th)

• GenRx Pharmacy Ransomware Attack Resulted In Data Breach

• Facebook ads Abused to Steal 615000+ Logins in Phishing Campaign

• Secret Backdoor found Installed in Zyxel Firewall and VPN

• NYSE to remove trio of Chinese telcos as Trump order enters into force

• New Golang Worm Targets Windows And Linux Systems To Mine Monero

• IT Security News Weekly Summary – Week 53

• IT Security News Daily Summary 2021-01-03

• DEF CON 28 Safe Mode Saturday – Patrick Kiley’s ‘Reverse Engineering A Tesla Battery Mgmt. System For Moar Power’

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – From The Archive – ‘WEEK 111’

• DEF CON 28 Safe Mode Saturday – Jake Labelle’s ‘Getting Shells On zOS With Surrogat Chains’

• Voyager Cryptocurrency Broker Suffered Brief Outage Following Cyber Attack

• Second T-Mobile Data Breach Reported Within A Year

• Banning Government Use of Face Recognition Technology: 2020 Year in Review

• A Smorgasbord of Bad Takedowns: 2020 Year in Review

• Axio Offers Free Coverage Analysis for SolarWinds Impacts

• New Web Skimmer Targets Shopify, WooCommerce, And Other Online Stores To Steal Payment Data

• Decode JWT Tokens With Dataweave and MuleSoft

• Converting Your Android Smartphone into Penetration Testing Device

• 2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud

• Important Documents Related to the Covid-19 Vaccine Leaked on the Darkweb

• Russians ‘InfoWarrior’ Hackers New Game Changer for the Geopolitical Agenda ?

• Ticketmaster Fined $10 Million by Department of Justice for Unlawful Business

• Where Next For Government Cybersecurity in Colorado?

• Validating XML Schema of OVAL Documents with Python

• Top data breaches of 2020 – Security Affairs

• Over 200 million records of Chinese Citizens for Sale on the Darkweb

• Protecting Home Office and Enterprise in 2021, (Sat, Jan 2nd)

• Adobe Flash Player Has Reached Its End-of-Life – Uninstall It Now If Haven’t Done Already

• AIDA Ships Face Service Disruptions – Ransomware Attack Suspected

• New Laws for Drone Users Across Europe and UK

• Security Affairs newsletter Round 295

• Hackers Hijacked Smart Devices and Live-Streamed Swatting Incidents

• COVID-19 themed attacks December 19, 2020– January 02, 2021

• NCA arrested 21 customers of the WeLeakInfo service

• Penetration testing

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Booz Allen Leads New Frost & Sullivan Security Report

Generated on 2021-01-10 23:58:25.614425