IT Security News Weekly Summary – Week 41

• IT Security News Daily Summary 2019-10-13

• Derbycon 2019, Will Schroeder’s & Lee Christensen’s ‘Not A Security Boundary: Breaking Forest Trusts’

• The Great Tech Transfer—A Success Story in Innovation

• What Can You Do To Secure Your Data In The Cloud?

• Startups with Information Security in Mind at Startup

• The Trials and Errors of Security Operations Revealed in New Report

• Derbycon 2019, Samantha Davison’s & Josh Schwartz’s ‘Behavioral Security And Offensive Psychology At Scale’

• Cyber Battle of the Emirates & Pro Capture the Flag Enthrall as HITB+Cyberweek Gets Underway in Abu Dhabi

• Luke Kingma’s & Lou Patrick-Mackay’s Futurism Comics, ‘Heat Tolerant’

• Business representatives proposed scheme to legalise eSIM in Russia

• Imperva Breach Update: Stolen AWS API Key Triggered The Breach

• Nitro PDF Pro to Get Micropatches for 7 Potential RCE Bugs

• Creating Custom Windows Sandbox Configurations in Windows 10

• Singapore, Australia begin talks on digital economy pact

• Using VPN to Secure IaaS Access

• Microsoft October Patch Tuesday Addressed 9 Critical Vulnerabilities

• HP Patches a Critical Vulnerability Targeting Windows Pcs

• Losing Control Over Returnees?

• Week in review: Umasking cybercriminals, improving incident response, macOS Catalina security

• Cyberattacks now cost small companies $200,000 on average, putting many out of business

• U.S. Veterans Targeted By Hackers

• Alabama Hospital chain paid ransom to resume operations after ransomware attack

• Sneaky Android adware hides its own icon to avoid removal – find out how to get rid of it!

• The MacOS Catalina Privacy and Security Features You Should Know

• Security Affairs newsletter Round 235

• A new Mac malware dubbed Tarmac has been distributed via malvertising campaigns

• Multiple Gaming And Photo Apps On Play Store Found to be Infected With Android Malware

• Data Breach – How Badly It Affect Your Business – Top 3 Negative Impact

• 861 Million SIM cards in 29 Countries are Vulnerable to Simjacker Attacks

• Six Reasons to Rethink Secure Remote Access

• Data Availability: Laying the Digital Foundation for a More Intelligent Business

• IT Security News Daily Summary 2019-10-12

• YARA v3.11.0 released, (Sat, Oct 12th)

• Earth-I announces the launch of SEVANT, using satellite for surveillance on Copper Smelters

• XKCD, Chemistry Nobel

• Derbycon 2019, Tim Tomes’ & Kevin Cody’s ‘To Cors! The Cause Of, And Solution To, Your Spa Problems!’

• Derbycon 2019, Nick Lehman’s & Steve Eisen’s ‘Defeating Next Gen AV And EDR Using Old And New Tricks On New Dogs’

• Multiple Vulnerabilities found in SATCOM internet access terminal Cobham EXPLORER 710

• Leafly Cannabis information platform suffered a data leak

• What is an Active Directory Bridge?

• Yandex.Money to reissue customer cards after hacking

• Attackers Create Elaborate Crypto Trading Scheme to Install Malware

• FIN7 Hackers group is back with a new loader and a new RAT

• Zero-Day Vulnerability in iTunes Being Exploited in the Wild via BitPaymer Ransomware

• 15 Easy, Effective Ways to Start Winning Back Your Online Privacy

• An iTunes Bug Let Hackers Spread Ransomware

• The Good, The Bad, And The Ugly Of Cybersecurity Awareness Month | Avast

• SIM cards used in 29 countries are vulnerable to Simjacker attack

• Click2mail Hacked – Hackers Starts Sending Spam Emails To Stolen Email Address of Users

• Organizations Fail to Implement Cloud Security Basics – And it Bites Them

• SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

• Weekly Update 160

• PSA: Apple Mail Bugs Can Lead to Data Loss in macOS Catalina

• Vulnerability found and fixed in HP bloatware

• eBay, Stripe, Mastercard, and Visa leave Facebook’s Libra Association

• Secret Court Rules That the FBI’s “Backdoor Searches” of Americans Violated the Fourth Amendment

• One Weird Law That Interferes With Security Research, Remix Culture, and Even Car Repair

• Microsoft Announced 16 New Roles to Enhance Azure Active Directory Security

• Good security advice from down under

• The Week in Ransomware – October 11th 2019 – Decryptors Released!

• The Progression to Cloud Directory Services

• FIN7 Hackers Load New RAT Malware Into ATM Maker’s Software

• Windows 10 KB4517389 Update May Cause Start Menu and Edge Issues

• IT Security News Daily Summary 2019-10-11

• Friday Squid Blogging: Apple Fixes Squid Emoji

• Click2Mail Suffers Data Breach

• Top Five Ways You End Up With Open Shares: Part 2

• Tens of million PCs potentially impacted by a flaw in HP Touchpoint Analytics

• How We Developed Our EQR Plugins

• These are the 29 countries vulnerable to Simjacker attacks

• 7 SMB Security Tips That Will Keep Your Company Safe

• Access Revocation: A Content Provider’s Tool to Block Pirates in Real time

• How to Scale Addressable Advertising with Low Latency for Live Streaming

• How Should the House Handle Impeachment?

• Quick Retry: Per Request Route Optimization to Reduce Video Rebuffer Rates

• Software, Supply-Chain Dangers Top List of 5G Cyber Risks

• Watermarking: A Content Owner’s Mark to Prevent Piracy

• EFF to Court: Parody Book Combining Dr. Seuss and Star Trek Themes Is Fair Use

• Optimizing Video Streaming Performance with Origin-Assisted Prefetching

• AirPlay 2 Speakers Compared: Sonos Move vs. Bose Portable Home Speaker

• Ransomware attacks on hospitals will worsen if security doesn’t improve

• ‘Attor’ Cyber-Espionage Platform Used in Attacks Aimed at Russia

• I Have a New Book: We Have Root

• Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit

• A Simple MicroProfile JWT Token Provider With Payara Realms and JAX-RS

• SafeBreach catches vulnerability in controversial HP Touchpoint Analytics software

• Mitigating mobile supply chain threats in a post-perimeter world

• Google Patches 8 Vulnerabilities in Chrome 77

• Learn How to Secure your ASP.NET MVC App with SSO

• NSF, Energy Department invest in AI research

• Mississippi Shows Flagrant Disregard for Cybersecurity

• Imperva: Data Breach Caused by Cloud Misconfiguration

• FBI: Phishing Can Defeat Two-Factor Authentication

• Sony confirms the PlayStation 5 is coming in 2020, reveals new hardware details

• Combination of techniques could improve security for IoT devices

• Huawei hits record 5G speed of 3.67Gbps on live Swiss C-Band network

• Accountability for Islamic State Fighters: What Are the Options?

• Learn How to Use Your Primary Infrastructure to Improve Data Protection at Commvault GO

• Patching as a social responsibility

• FBI misused surveillance data, spied on its own, FISA ruling finds

• A Murderers’ Row of Poisoning Attacks

• The Joy of Tech® ‘No 32-Bits Allowed!’

• Securing the managed service provider (MSP)

• Most Americans Are Clueless About Private Browsing

• Derbycon 2019, Carl Hertz’ ‘Azure Sentinel – A First Look At Microsoft’s SIEM Solution’

• PCI Security Standards Council talks security awareness and training

• Cybersecurity Awareness Is Not Just For October!

• iTunes for Windows Being Used to Infect Networks With BitPaymer Ransomware

• iOS 13.2 Beta 2 Bricking Some iPad Pro Models, Update Now Unavailable

• Ransomware Victim Hacks Back

• US Homeland Security Wants to Subpoena ISPs to Hand Over Data

• Windows 10 1909 is Getting “Ready for Release”, Named November 2019 Update

• OPM urges agencies to rethink employee discipline

• Microsoft and NIST partner to create enterprise patching guide

• New Reductor Malware Tentatively Linked to Turla

• Cyberoam Firewall Flaw

• Online shopping made easy and secure | Avast

• Apple Releases First Beta of Upcoming macOS Catalina 10.15.1 Update

• How DataOps is Transforming How Business Handles Data

• Kovter – Malware of the Month, October 2019

• Muhstic Ransomware Victim Hacks Back | Avast

• The Cipollone Letter: Trouble in the White House Counsel’s Office

• Innovating with Security: NetApp and Ontrack win Flash Memory Summit award

• Fin7 Cybergang Retools With New Malicious Code

• The Complete Guide to Facial Recognition Technology

• One small policy change means a big difference for citizens

• World War II Drama ‘Masters of the Air’ Will Be Apple’s First In-House Apple TV+ Series

• Windows 10 Update Assistant Vulnerability Needs Manual Fix, Here’s How

• Amazon employees spy on users of Cloud Cams

• Derbycon 2019, Ryan Elkins’ ‘Scientific Computing For Information Security – Forging The Missing Link’

• Apple’s Stock Sets New All-Time High

• The Value of Dark Web Coverage for Third-Party Risk Management

• S2 Ep12: Dark Web, O.MG Cable spying and securing new laptops – Naked Security Podcast

• Threat Roundup for October 4 to October 11

• Digital Innovation Thrives in Open Pastures

• How to enable SSH session recording in CentOS 8

• Army CIO teases data strategy

• Palo Alto launches new version of Demisto SOAR platform

• NIST and Microsoft Partner to Improve Enterprise Patching Strategies

• Singaporean Unlawful Mining Indicted in the United States

• Spamhaus Botnet Threat Update: Q3-2019

• Windows 10 1703 is Now End of Service, No More Security Updates

• Microsoft Improves Azure Active Directory Security with New Roles

• CDM and the 2019 Billington Cybersecurity Summit

• CYBERSECURITY INFRASTRUCTURE VIEWED AS A ‘TANGIBLE ASSET’ IN M&A

• Leafly Cannabis Website Leaked User Info via Exposed Database

• FCW Insider: Oct. 11

• Hospitals Resume Accepting Patients After Malware Attack

• Creative Wi-Fi Passwords

• Cyber News Rundown: E-Scooters Vulnerable

• We’re all at risk when 65% of stressed-out cybersecurity and IT workers think about quitting

• New Phishing Attack Sends Fake AWS Account Suspension Emails

• Tech ONTAP Podcast Episode 212 – Azure NetApp Files

• Google Releases Security Updates for Chrome

• Feds Arrest International ATM Skimmer Ring

• Here’s why more US employees self-censor social media posts

• Her iPhone died. It led to her being charged as a criminal

• Teenagers Arrested Over Hacks To Met Police Website

• Apple Arcade Adds Five New Games for iPhone, iPad, and Apple TV

• Planes, Gate, And Bags: How Hackers Can Hijack Your Local Airport

• Sophisticated Spy Kit Targets Russians With Rare GSM Plugin

• This Week in Security News: How a Partnership can Advance DevSecOps and Cybersecurity Issues in the Midwest and South U.S.

• The Report, Episode Eleven: A Special Counsel

• Fighting Cybercrime in a Connected Future

• New Blockchain Solution for IIoT Aims to Solve Scaling Problem

• How Cybersecurity Salaries Fit Experience and Specialization

• Putting the ‘C’ in Gartner’s CARTA

• Week in security with Tony Anscombe

• Misconfigured and Unsecure Servers Expose Sales, Instagram Records

• Researchers released a free decryptor for the Nemty Ransomware

• Close the Gap Between Cyber-Risk and Business Risk

• macOS users targeted with new Tarmac malware

• Magecart is back: hotels in the firing line

• Ghosts in the Machine: How Machine Learning is Transforming Business

• A Mutual Defense Treaty With the United States—A Complicated Proposition for Israel

• EU warns of cyber‑risks as 5G looms

• EU Takes Aim at China and Huawei in 5G Cybersecurity Report

• 11 top cloud security threats

• How to Setup Duo 2FA for Twitter

• Top cybersecurity certifications to consider for your IT career

• Planes, gates, and bags: How hackers can hijack your local airport

• Patches for Internet Explorer Zero-Day Causing Problems for Many Users

• Serbia is the 40th country to join the ProtonVPN network

• Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics

• US Homeland Security Wants Subpoena Power to Get Data from ISPs about Vulnerable Systems

• DomainTools App for Splunk Gives Security Teams Enhanced Domain Threat Intelligence for Detecting, Investigating and Predicting Cyber Attacks

• How to Build an Effective Insider Threat Program: Part II, Technology

• Most Americans don’t have a clue what https:// means

• Dutch Website Hack Reveals Data Of 250000 Sex Workers’ Clients

• Apple Sets ‘Aggressive’ 2022 Deadline to Bring Custom 5G Modems to iPhones

• Facebook flags thousands of kids as interested in gambling, booze

• Details on Uzbekistan Government Malware: SandCat

• Hackers bypassing some types of 2FA security FBI warns

• Apple removes app that tracks Hong Kong police and protestors

• Feds arrest alleged members of international ATM skimmer ring

• Expert Insight On Cybersecurity Threats To Elections

• FIN6 Hacker Group Inject Skimmers into Thousand of E-commerce Sites to Steal Credit Card Data

• Google Wins Android Phone Maker Backing In EU Antitrust Appeal

• LPE Flaw In HP Touchpoint Analytics Threatened Numerous HP Devices

• Tim Cook Defends Removal of Hong Kong Mapping App From App Store in Leaked Memo

• UNIX Co-Founder Ken Thompson’s BSD Password Has Finally Been Cracked

• The egregious eleven: 11 top cloud security threats

• #SecTorCa: Finding a New Route to Solve Tomorrow’s Cyber-Attacks

• DeepFakeNess

• Commentary On EU Warning Over 5G Security Risks From State-Backed Entities

• Imperva explains how their recent security incident happened

• BAE Systems Pilots Tech to Support Child Protection Agencies

• Chinese Cyberwarfare Targets Uighur Population

• SAP’s Bill McDermott Steps Aside For Two co-CEOs

• New IDA Pro plugin provides TileGX support

• 15 New Ransomware Victims Hit Since the Start of October!

• Information stolen and sold from prostitution forums

• Increase in Phishing scams since the iPhone 11 Pro was launched

• October 2019  – Microsoft Patch Tuesday

• Ransomware attacks targeting flaw in iTunes for Windows

• WhatsApp used by Diplomats to discuss Ukraine Policy

• Diplomats are being targeted by a new malware software

• Boat raided from Brazil to Europe hiding over half a tonne of cocaine and narcotic substances

• Wildlife trafficking and environmental crime on the agenda in Latin America

• Patch Tuesday Lowdown, October 2019 Edition

• Almost 50% of Company Network Traffic Comes From Bots, Report Says

• “The ETF Did Not Meet the Necessary Requirements”- SEC

• #SecTorCa: Millions of Phones Leaking Information Via Tor

• Dyson Axes Plan For Electric Car, 500 Jobs At Risk

• Record seizures hit synthetic drugs during the large-scale Joint Action Days 2019

• Hacker breached escort forums in Italy and the Netherlands and is selling user data

• Apple iTunes for Windows Zero-day Exploited by BitPaymer Ransomware

• Sophos fixed a critical vulnerability in Cyberoam firewalls

• Establishing and Growing Your Security Framework

• Where’s the ROI in security?

• DevSecOps role expansion has changed how companies address their security posture

• New infosec products of the week: October 11, 2019

• DevOps Chat: Interactive App Testing, With Synopsys

• Microsoft and Hewlett Foundation host CyberPeace Institute

• BitPaymer Ransomware attack on Apple iTunes Windows

• Magecart Attack on eCommerce Platform Hits Thousands of Online Shops

• 11 steps organizations should take to improve their incident response strategy

• ICS cybersecurity investment should be a priority in protecting operations from disruption

• NCSC Cyber Essentials Scheme to be Streamlined

• New method validates the integrity of computer chips using x-rays

• Complying with APRA Prudential Standard CPS 234

• ‘Cyber social value’ could save lives from cyber incompetence: Report

• 5G is here, now what?

• IAR Systems launches new version of its security development tool C-TrustTM

• Hacking Is Not a Crime! Additional Thoughts from DEFCON 2019

• Okta SecurityInsights enables large enterprises to take action across their orgs to improve security

• ISC Stormcast For Friday, October 11th 2019 https://isc.sans.edu/podcastdetail.html?id=6704, (Fri, Oct 11th)

• CCC’s Digital Key Release 2.0 specification to be completed by end of 2019

• Rancher Labs’ Rancher 2.3 brings the benefits of Kubernetes to Windows apps

• Twitter for Mac Now Available From Mac App Store

• Sectigo partners with SPYRUS to help universities and enterprises protect against ransomware attacks

• With MSPAlliance membership, Portnox aims to strengthen cybersecurity for businesses

• Apple can uphold basic human rights or become a Beijing accomplice: HK lawmaker

• Integration Partners adds the ability to resell technologies available in Cloud Marketplaces

• OPSWAT joins the VMware Technology Alliance Partner program

• Charming Kitten APT Hackers Group Abusing Google Services to Attack U.S Presidential Campaign Members

• Etisalat Digital productizes SonicWall technology in its “Business QuickStart” broadband bundle for SMBs

• What steps can companies take to adopt a Zero Trust approach to security?

• Why Use Cloud LDAP?

• Jack’s Unfortunate Accident, A Tale Of Greed – Disguised

• Trend Micro and Snyk provide open source vulnerability intelligence for DevOps

• Jeff Harrell joins Adaptiva as vice president of marketing

• Oracle Cancels Venezuela Partner Contracts Citing US Sanctions

• Mac Shipments Down in Q3 2019 Amid Overall Worldwide PC Market Growth

• Security spending up, but adoption of cutting-edge tools is slow

• AppSec ‘Spaghetti on the Wall’ Tool Strategy Undermining Security

• Apple Signs Multi-Year Deal With Director Alfonso Cuarón

• iTunes Zero-Day Exploited to Deliver BitPaymer

• China’s Global Reach: Surveillance and Censorship Beyond the Great Firewall

• Threat Spotlight: Citadel Banking Trojan

• IT Security News Daily Summary 2019-10-10

• Imperva blames data breach on stolen AWS API key

• Imperva Details Response to Customer Database Exposure

• Nemty Ransomware Decryptor Released, Recover Files for Free

• New and Improved CVE Pages

• Poor cyber hygiene haunts software supply chain

• Stalker attacks Japanese pop singer – after tracking her down using reflection in her eyes

• CISA requests administrative subpoena power over ISPs

• Microsoft adds per-app time limits to its parental controls

• Critical Microsoft Remote Desktop Flaw Fixed in Security Update

• iTunes Zero-Day flaw exploited by the gang behind BitPaymer ransomware

• vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach

• FDIC offers parental leave to agency employees

• Zingbox IoT Guardian: The Only IoT Cyber Insurance Winner Recognized in the Marsh Cyber Catalyst Program

• How state and local government can leverage hybrid cloud

• Hackers continue to exploit the Drupalgeddon2 flaw in attacks in the wild

• Cryptomining Crook Steals Game Developer’s Identity to Carry Out Dirty Work

• Avast’s Robin Selden On Rethinking Diversity | Avast

• New Malware Spies on Diplomats, High-Profile Government Targets

• Army, Colorado Springs partner on automated vehicle testbed

• Nexus Intelligence Insights Sonatype-2017-0312: jackson-databind, The End of the Blacklist

• Hacker Selling User Info Stolen From Prostitution Forums

• University of Minnesota announces three-year collaboration with Target on cyber security education

• Flaw in HP Touchpoint Analytics Could Impact Many PCs

• AnsibleFest 2019 Recap: Automation for All

• Akamai Snaps Up ChameleonX to Tackle Magecart

• $341M telecom task order key to IRS modernization

• New Reductor Nation-State Malware Compromises TLS

• Works of Art: Cybersecurity Inspires 6 Winning Ideas

• Everything New in iOS 13.2 Beta 2: Delete Apps From Home Screen, Emoji, Siri Privacy and More

• NSA chief explains new cyber directorate

• October 2019 security updates are available!

• The Cyber Security Awareness Show

• New ISF Paper Attempts to Demystify AI in Information Security

• Cisco Advances Communications Security with Completion of Automated Cryptographic Validation Protocol Testing

• Choosing between an SSL/TLS VPN vs. IPsec VPN

• JumpCloud® Announces Full Support for macOS® Catalina

• Designing a COM library for Rust

• Configuration Mistakes That Provide Field Days for Hackers

• Check Out New Cybersecurity Tools in the Black Hat Europe Arsenal

• Genesee County Systems Pwned!

• How to Think Like a Hacker

• Attor malware was developed by one of the most sophisticated espionage groups

• Online Gaming Risks and Kids: What to Know and How to Protect Them

• Investing In SIEM: How Your Business Can Improve Threat Detection and Response

• Apple Software Update Zero-Day Used by BitPaymer Ransomware

• How to Build an Effective Insider Threat Program: Part I

• US will help Baltic states to secure Baltic energy grid

• Apple Adds Option to Delete Siri History and Opt Out of Sharing Audio Recordings in iOS 13.2

• Staying Hidden on the Endpoint: Evading Detection with Shellcode

• Indiana Hospital Data Breach

• McAfee, IBM join forces for global open source cybersecurity initiative

• Attackers Hide Behind Trusted Domains, HTTPS

• Intel NUC and Nvidia Shield High-Severity Flaws

• iTerm2 macOS App Found to Have Seven-Year-Old Flaw

• Finfisher malware authors fire off legal threats to silence German journos

• Fin6 Linked to Volusion Attack

• Phosphorus Group Found to be targeting Researchers in the U.S.

• Sophisticated Spy Kit Targets Russians with Rare GSM Plugin

• Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks

• iOS 13.2 Beta 2 Brings New Emojis

• Financial industry spends millions to deal with breaches

• CIS Azure Security Foundations Benchmark open for comment

• How MIT researchers use machine learning to detect IP hijackings before they occur

• Cowardly kowtowing to China means Hong Kong blood is on Apple’s hands

• Apple Seeds Second Betas of iOS 13.2 and iPadOS 13.2 to Developers

• 70% of businesses report Pass the Hash attacks directly impact operational costs

• Apple Shares New Trailer for Upcoming ‘Truth Be Told’ TV Show

• Data of 250K Users of Sex Industry Website on Sale for $300

• Magecart Attack on Volusion Highlights Supply Chain Dangers

• Watch Your Step: Insights on the TOMS Shoes Mailing Hack

• Ransomware: Prepare for hackers launching even more destructive malware attacks

• One Identity Report Highlights “Pass the Hash” Attack Prevalence, Impact and Uncertainty

• iTunes Zero-Day Vulnerability Exploited by BitPaymer Ransomware

• FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

• Verified Mark Certificate Issued to CNN

• Deep Dive Into OAuth2.0 and JWT (Part 2 OAuth2.0)

• The Four Best Programming Languages for Blockchain

• Understanding the Fundamentals of Web Application Security

• FBI Releases Article on Defending Against Phishing and Spear-Phishing Attacks

• What Is SSL Inspection? Why Use SSL Inspection?

• US FDA suggests 11 vulnerabilities in Medical Device Software

• What does the arrival of 5G technology mean for the world of gaming?

• Critical Security Vulnerability Disclosed in iTerm2 App

• Securing the Unsecured: State of Cybersecurity 2019 – Part II

• ACSC Releases Small Business Cybersecurity Guide

• Planting Tiny Spy Chips in Hardware Can Cost as Little as $200

• Cybersecurity Infrastructure Viewed as a ‘Tangible Asset’ in M&A

• Juniper Networks Releases Security Updates

• Escort forums in Italy and the Netherlands hacked, user data put up for sale

• Imperva Security Update

• Study: Most Americans Don’t Know Basic Digital Privacy Facts

• Cyber insurance: here to stay, whether we like it or not

• Ransomware Gang Uses iTunes Zero-Day

• Cobalt Hackers Linked Magecart Team

• Some fokken arse has bared the privates of 250,000 users’ from Dutch brothel forum

• Human Rights Activist Allegedly Targeted With NSO Malware

• Forum Cracks The Vintage Passwords Of Ken Thompson And Other Unix Pioneers

• Twitter Used Phone Numbers and Email Addresses Provided for Security to Target Ads

• Zero-Day Issued for Old CMS – Online Proof-of-Concept Code Available

• HP Touchpoint Analytics LPE Vulnerability Affects Most HP PCs

• Apple Drops Hong Kong Police Tracking App Used By Protesters

• Digitising Human Capital: How AI is Transforming HR

• What You Should Actually Know About Security in Ruby on Rails?

• Special Interrogation Gone Bad: The Samer Al-Arbeed Case

• SECURITY ALERT: New Credential Stealing Campaign Hits Nordic Countries

• EU Warns Of State-sponsored Attacks On 5G Networks

• DigiCert Issues Verified Mark Certificate to CNN, Laying Crucial Foundation for BIMI Email Standard

• Security Recruiter Directory

• China’s Sway Over Tech Companies Tested with Apple, Blizzard

• Just let us have Huawei and get on with 5G, UK mobe networks tell MPs

• Master data analytics and deep learning with this $35 Python certification bundle

• Post AnsibleFest 2019! *applause*

• Getting Past The Noise With Auto-Enrollment Certificates

• Singaporean Indicted in U.S. for Illegal Crypto-Mining

• Network Security Must Transition into the Cloud Era

• Thunderbird Will Start Using OpenPGP Encryption in 2020

• New espionage malware found targeting Russian-speaking users in Eastern Europe

• Tor to Reject End-of-Life Relays by Default

• Samsung Display Confirms Plans For $11 Billion Screen Investment

• Shift In Key Security Decision Makers Creates New Risks As Companies Migrate Applications Into Microservices

• Volusion Data Breach – Comments

• Microsoft NTLM vulnerabilities could lead to full domain compromise

• Gaming, photo apps in Google Play infect Android handsets with malware

• New espionage malware found targeting Russian-speaking users in Easter Europe

• time is running out

• Bricata Delivers Network Protection with Enhanced Customization Features

• Doxing: A comprehensive threat analysis

• Hack the Box (HTB) machines walkthrough series — SecNotes

• CVE-2019-16928: Exploiting an Exim Vulnerability via EHLO Strings

• SAP October 2019 Security Patch Day fixes 2 critical flaws

• Ransomware gang uses iTunes zero-day

• GSEC vs. CySA+

• Europol helps partners seize millions of counterfeit goods in OLAF – coordinated operation

• 1st Inter-EU ISACs meeting at ENISA

• Trump Encourages China to Investigate Biden Family, Clouding Trade Talks

• September 2019’s Most Wanted Malware: Emotet Botnet Starts Spreading Spam Campaigns Again After Three-Month Silence

• Thousands On Twitch See Gunman’s Shooting Spree In Germany

• Spanish Court Probes Alleged Spying of Assange at Ecuadorian Embassy

• Cisco Finds 11 Vulnerabilities in Schneider Electric Modicon Controllers

• Indiana Health System Breach Potentially Impacted More Than 68K Patients – Expert Commentary

• Three Lessons For Brands From The YouTube Phishing Attack

• Mining Live Networks for OUI Data Oddness, (Thu, Oct 10th)

• Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign

• Threat Extraction – A Preventive Method for Document-Based Malware

• Hull Becomes First UK City With Full Ultrafast Fibre

• New Comic Videos Take CISO/Security Vendor Relationship to the Extreme

• Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques

• 2FA, HTTPS and private browsing still a mystery to most Americans

• California outlaws facial recognition in police bodycams

• Twitter used 2FA phone numbers for targeted advertising

• Man charged for running crypto mining scam under the guise of game development

• Phishing Attack Possibly Affected 68K Patients of The Methodist Hospitals

• Tor Project is going to remove End-Of-Life relays from the network

• Governance and compliance in a hybrid cloud era

• Trade Talks Begin: US To Allow Select Firms To Sell To Huawei – Report

• Do humans listen to the recordings made by smart assistants?

• Wi-Fi Hotspot Tracking

• Patch now, Mac users: Critical 7-year-old flaw in open-source macOS app iTerm2

• Coleen Rooney and Rebekah Vardy in Public Spat Over ‘Leaked Stories’

• Global 1000 Enterprises are Set to Benefit Significantly from Industry-Defining Cybersecurity Collaboration

• Multiple Vulnerabilities Found in Satellite Internet Access Terminal Let Hackers Intercept the GPS Traffic

• Apple pulls police-tracking app used by Hong Kong protesters

• Clone or Swap? SIM Card Vulnerabilities to Reckon With

• 3 actions to take during cybersecurity awareness month

• Job seekers are scrubbing clean their social media accounts

• Volusion data breach impacts 6,500 sites including the Sesame Street store

• 5 reasons users hate cybersecurity awareness training, and how to make them love it

• Why Cities Shouldn’t Pay Ransomware Criminals

• iTerm2 Patches Critical Vulnerability Active for 7 Years

• FCW Insider: Oct. 10

• Quick Hits

• Ransomware Is Still the Leading Online Threat in Europe, According to Europol

• a personal look back

• Apple Pulls Hong Kong Protest App From App Store Following Chinese Criticism

• ESET discovers Attor, a spy platform with curious GSM fingerprinting

• Researchers Discover Spy Platform with GSM Fingerprinting

• Former BAE Systems contractor charged with ‘damaging disclosure’ of UK defence secrets

• Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

• Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!

• Managed Detection and Response analytics report, H1 2019

• Apple Removes Hong Kong Police-Tracking App

• Apple Pulls Protest App From App Store Following Criticism From Chinese State Media

• The current threat landscape: How to prepare and protect your organisation

• Cyber threats are a top risk for most banks and corporations worldwide, expert says

• Personal Medical Information Of 60,000 Patients Exposed in Phishing Incident

• Singapore citizen charged for Amazon AWS Cryptomining Fraud

• 1 Million New Zealanders Health Data Exposed

• Sesame Street Online Store Targeted by Credit-Card Stealing Hack

• Twitter Spills MFA Phone Numbers to Advertisers

• FDA’s bill of materials creates a cybersecurity blind spot for medical devices

• DHS cyber unit wants to subpoena ISPs to identify vulnerable systems

• #DTXEurope: Defense Now Far Harder Than Attack, Warns Security Researcher

• Morocco Rights Advocates Targeted by Spyware: Amnesty

• How to stay safe while using Airport WiFi

• The Untold Story of the Sony Hack: How North Korea’s Battle With Seth Rogen and George Clooney Foreshadowed Russian Election Meddling in 2016

• Google Play Store Flooding with Spyware, Banking Trojan, Adware Via Games, and Utility Apps

• Panda Security and Infinigate France sign a distribution agreement.

• Ops, popular iTerm2 macOS Terminal App is affected by a critical RCE since 2012

• Automation: Moving from Detection to Enforcement

• A Closer Look at the Emotet Banking Trojan

• American intelligence follows British lead in warning of serious VPN vulnerabilities

• Build or buy: What to consider when deploying on-premise or cloud-based PKI

• EU 5G Mobile Networks are vulnerable to Cyber Attacks

• Cybercrime is maturing, shifting its focus to larger and more profitable targets

• EU: ATM jackpotting attacks earn crooks less than €1,000 in the first half of 2019

• Apple pulls HKmap.live from app store

• Only 32% of organizations employ a security-first approach to cloud data storage

• Twitter utilizes its users’ email addresses and phone numbers for advertising

• iTerm2 issues emergency update after MOSS finds a fatal flaw in its terminal code

• SAP Patches Critical Vulnerabilities With October 2019 Security Updates

• Does poor password hygiene still hamper your ability to achieve high security standards?

• Ransomware Attacks ‘Getting Bolder’: Europol

• Impact and prevalence of cyberattacks that use stolen hashed administrator credentials

• AI to ‘fundamentally shift’ global balance of power

• Looking to Break into Cybersecurity Without Direct Experience? Find Out How

• How AI and advanced analytics can further position MNOs as Trusted Digital ID service providers

• FireEye Digital Threat Monitoring: Visibility beyond your walls

• US reportedly plans to grant licenses for firms to sell goods to blacklisted Huawei

• The Current State of CCPA – What You Need to Know

• SolarWinds Identity Monitor helps orgs improve security posture and mitigate risk proactively

• ISC Stormcast For Thursday, October 10th 2019 https://isc.sans.edu/podcastdetail.html?id=6702, (Thu, Oct 10th)

• Europe warns 5G will increase attack paths for state actors

• Wind River unveils new VxWorks release to redefine embedded software development

• Medcurity expands intuitive and comprehensive approach for HIPAA compliance

• ‘Dumb attacks’ in software supply chain prevail, NSA official says

• Intel unveils its latest lineup of Intel Xeon W and X-series processors

• FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops

• 3 strategies DOD can use to plug security holes

• Signal Sciences’ WAF and RASP solution interoperates effectively with Pivotal Container Service

Generated on 2019-10-13 23:58:26.992487