IT Security News Weekly Summary – Week 45

• IT Security News Daily Summary 2019-11-10

• Windows 10 Insider Program: What You Need to Get Started

• 4 SecOps Challenges and How to Overcome Them

• How to Address Career Blind Spots

• Vulnerability Found In Amazon’s Ring Video Doorbell

• Major ASP.NET hosting provider SmarterASP hit by ransomware attack

• Multiple Security Issues Detected In Cisco Small Business Routers – Update Now!

• Major ASP.NET hosting provider infected by ransomware

• IT Admin’s Guide to Saving Money

• New Attack Strategy Against Smart Assistants Dubbed ‘LightCommands’

• Week in review: Active Directory security, Patch Tuesday forecast, stopping lateral phishing attacks

• Securing Data Beyond The Corporate Walls

• 10 Best Tips for Using Metasploit to Harden Your Network

• Cloud Adoption 2019: A for Adoption

• How Organizations Can Best Avoid GDPR Fines through Continuous Compliance

• The Fractured Terrorism Threat to America

• Security Affairs newsletter Round 239

• Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

• Five Emails you don’t want in your Inbox

• More Adware-Delivering Android Games And Camera Apps Removed From Google Play Store

• BSidesCT 2019 Video

• Mac Pro Spotted in Studio of DJ Calvin Harris Ahead of Launch

• 4 DMZ Best Practices to Shield You From Attackers

• Serious XSS Vulnerability Found In Avast Desktop Antivirus For Windows

• Did the recent malicious BlueKeep campaign have any positive impact when it comes to patching?, (Sun, Nov 10th)

• Titanium APT Hackers Inject New Hidden Backdoor on Windows Using Fileless Technique

• Boardriders and its subsidiarities QuikSilver and Billabong infected with ransomware

• Weekly Update 164

• Researchers Found Android Apps on Google Play that Steal Personal Data of Victims and Pose Other Threats

• Weekly Udpate 164

• 1.66 Billion Times Downloaded Free Antivirus Apps on Google Play Attempts to Track User Location and Access Camera

• Security Congress: Securing a Rapidly Changing Environment

• Vulnerable Versions of Adminer as a Universal Infection Vector

• Derbycon2019, Nicole Schwartz’ (aka CircuitSwan Formerly AmazonV) ‘Are You Ready To Leverage DevSecOps? Get Ready And Use It For Good’

• XKCD, Recombination And Reionization

• Why Cybersecurity Breach Survivors are Valued Assets

• Business Email Compromise (#BEC) Email Forwarding In Action

• Huge Data Leak Doxes Members of Notorious Neo-Nazi Forum

• Malware Meets Politics With Trump and Clinton Themed Infections

• US Govt Asks Users to Be Wary of Holiday Scams and Malware

• Facebook used user data to control competitors and rivals

• Life Cycle of a Security Bug

• How to Keep Your Customer’s Credit Card Information Safe

• In A World of External Threats, How Are Businesses Putting Themselves In Jeopardy?

• Fake Netflix Update Request by Text, (Sat, Nov 9th)

• The Platinum APT group adds the Titanium backdoor to its arsenal

• Security Congress Final Thoughts: Being There for Others (Part 2)

• Security Congress Day 2: From PAM to Cyber Insurance to Finding a Voice

• Sadfishing, Deepfakes & TikTok: Headlines You May Have Missed

• Does VDI protect against data leaks?

• Bugcrowd Breaks Its Weekly Bounty Payout Record

• Apple Mail On macOS Leaves Parts Of Encrypted Emails In Clear

• Morrisons Is To Blame For 100k Payroll Theft And Leak

• New Titanium Backdoor Debuted

• Understanding The Ripple Effect: Large Enterprise Data Breaches Threaten Everyone

• DHS CISA warns of Critical issues in Medtronic Medical equipment

• Cisco Talos discovered multiple flaws in the LEADTOOLS toolkits

• To the Moon and Back

• 7 Android Apps on the Google Play Drop Malware and Opens a Backdoor to Hackers

• How to Pick a Hosting Provider With Standard Cybersecurity Principles

• Privacy Regulations: More Work for Cyber Professionals

• Security Congress Keynote Speaker: Put Down Your Phone

• Binance to assist Ukraine in regulating the crypto currency industry

• Pwn2Own 2019 – Ethical Hackers Earned $315,000 for Hacking Galaxy S10, Xiaomi Mi9, TP-Link and Netgear WiFi Router

• How Do We Bring Equality to Data Ownership and Usage?

• 2019-11-06 – Data dump: Italian Word doc –> Ursnif –> Dridex –> infected host acts as proxy

• 2019-11-08 – Data dump: Emotet epoch 2 infection with Trickbot gtag mor40

• 2019-11-07 – Data dump: German Word doc –> Ursnif

• Threat Alert: TCP Reflection Attacks

• 2019-11-08 – Data dump: Word doc –> Ursnif –> Trickbot gtag lleo8

• LinkedIn cited as biggest target of spies

• Derbycon2019, Kate Mullin’s ‘One Woman’s Journey To CISO Leveraging Social Engineering’

• Arnaud Marlière: Awingu Gives You Your Enterprise in a Browser

• Case Study: Bahrain Petroleum Takes on Cybersecurity

• IT Security News Daily Summary 2019-11-08

• With a Raid on Javier Smaldone, Argentinian Authorities Have Restarted Their Harassment of E-Voting Critics

• Cloudflare CEO Matthew Prince on the Struggles of Policing the Web

• Friday Squid Blogging: 80-Foot Steel Kraken Deliberately Sunk

• Apple Mail on macOS leaves parts of encrypted emails in plaintext

• Platinum APT Shines Up New Titanium Backdoor

• The Week in Ransomware – November 8th 2019 – Now Targeting Passwords

• Top 14 AirPods Pro Tips and Tricks

• What Keeps NSA Cybersecurity Boss Anne Neuberger Up at Night

• Microsoft cybersecurity training to become mandatory for its workers

• Most Reliable Hosting Company Sites in October 2019

• What are 3 cloud backup security guidelines against cyberattacks?

• Here’s why almost 170,000 Valentine’s Day texts arrived nine months late

• VA’s pivot to agile

• How to obscure open ports with knockd

• Nvidia Geforce users need to patch their systems now

• VMware rolls out new Carbon Black security suite and Dell partnership

• Cryptocurrency tracking improves — but how?

• October Release: Q&A with Ari Weil

• U.S. Launches National Security Probe Into Chinese-Owned App TikTok

• WhatsApp Cofounder Brian Acton on Why Privacy Matters

• FBI adds dual-route feature to threat reporting system

• DISA edges toward mobile authentication

• QuikSilver and Billabong Affected by Ransomware Attack

• Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone

• 4 Ways to Soothe a Stressed-Out Incident Response Team

• Do Americans Think Their Phone Is Listening To Them? (Survey)

• The Chinese telecom equipment purge: Who’s going to pay?

• The Report, Episode Fifteen: Mueller’s Report

• Cybersecurity Workforce Gap: 145% Growth Needed to Meet Global Demand

• DHS Warns of Critical Flaws in Medtronic Medical Devices

• Phones and PCs sold in Russia will have to come pre-installed with Russian apps

• New Azure Security Center and Azure platform security capabilities

• US Company Accused of Selling Flawed Chinese Tech as “Made in USA” to US Military

• Bugcrowd Pays Out Over $500K in Bounties in One Week

• Report: Emotet Botnet Is Back, With a Vengeance

• Apple to Fix macOS Mail Vulnerability That Leaves Text of Some Encrypted Emails Readable

• How Zero Trust Architecture Keeps Your Data Safe

• Derbycon2019, Josh Rickard’s ‘Hunting Phish Kits’

• Defending the Perimeter Isn’t Enough on Election Hacking

• Law enforcement experts cite LinkedIn as the biggest target of spies

• The Joy of Tech® ‘Climate Emergency’

• Cybersecurity puts managed services industry at a crossroads

• CBP taps CACI for $1.8B modernization contract

• Art Imitates Life: Lessons from the Final Season of Mr. Robot

• Analyzing Matio and STB_VORBIS Libraries With Mayhem

• So, Ya Wanna Be A Pen Tester, Huh?

• Simple Ways SMBs Can Protect Themselves against Cyber-Threats

• Accenture Opens Cyber Ranges

• Hospital Cyberattacks Linked to Increase in Heart Attack Mortality

• New Stealthy Backdoor Used by Platinum APT in Recent Attacks

• Platinum Threat Group Using Titanium Backdoor

• Holiday Shopping, Phishing, and Malware Scams

• Das U-Boot Vulnerable

• Phishing Scam Poses as UK Ministry of Justice | Avast

• Clever WebEx Spam Use Cisco Redirect to Deliver RAT Malware

• Microsoft: BlueKeep Exploit Will Likely Deliver More Damaging Payloads

• The U.S. military, algorithmic warfare, and big tech

• Florida Police Want Access to Controversial Facial Recognition Network

• PWN2OWN 2019 (Day 1) – Ethical Hackers Earned $195,000 for Hacking Sony TV, Amazon Echo, Xiaomi Mi9, Galaxy S10

• Bugcrowd Paid Over $500K in Bug Bounties in One Week

• Adam Scott Cast as Lead in Upcoming Apple TV+ Thriller ‘Severance’

• Pwn2Own Tokyo Roundup: Amazon Echo, Routers and Smart TVs Fall to Hackers

• Avast Opens Internet Of Things Lab | Avast

• FCW Insider: Nov. 8

• Platinum APT’s new Titanium backdoor mimics popular PC software to stay hidden

• Ring Flaw Underscores Impact of IoT Vulnerabilities

• India’s ISRO became a victim of Malware Cyber Attack

• Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

• Surveillance Kits Company Slaps Made In America Sticker On Gear, Selling It To The US Government

• Kenya Passes Data Protection Law Crucial For Tech Investments

• Nvidia Patches Severe GeForce, GPU Vulnerabilities

• Q&A With New Avast CISO Jaya Baloo | Avast

• This 11-course Microsoft & Oracle SQL certification prep bundle is only $39 today

• Why IT Security and DevOps Teams Are Often at Odds

• Emotet resurgence packs in new binaries, Trickbot functions

• Italian police shut down darkweb Berlusconi market and arrested admins

• 9 Principles to Simplify Security

• Hackers Can Target LEADTOOLS Users With Malicious Image Files

• Chronicle Is Dead And Google Killed It

• DISA starts Fourth Estate IT consolidation

• Sepio Systems Raises $6.5 Million to Defend Against Rogue Hardware

• This Week in Security News: Amazon Echo Hacked at Pwn2Own Tokyo 2019 and Ransomware Attacks Hit Spanish Companies

• DISA inches closer to CAC alternative

• Apple Arcade Now Has 100 Games With Addition of New Titles Today, Including ‘Guildlings’

• Accenture Launches Cyber Ranges for Industrial Companies

• Week in security with Tony Anscombe

• 2019 Virtual Global Taskforce Releases Environmental Scan

• What Security Trends Are You Thankful For?

• Original Google Pixel to Get the Last Update this December

• DOD announces 5G military test sites

• Secure Browsing on Corporate-owned mobile devices: Need on the hour

• New and Enhanced Palo Alto Networks Support Offerings Elevate the Customer Experience

• (ISC)² Chapter Program Recognizes Outstanding Chapters

• BugCrowd Paid Over $500K in Bug Bounties in One Week

• 10 Myths and Misconceptions About Industrial Espionage

• Deepfake Videos: When Good Tech Goes Bad

• Texas HHS Commission Penalized $1.6M for HIPAA Violations

• Privacy Advocate On Apple’s New Privacy Offensive

• ConnectWise warns of ongoing ransomware attacks targeting its customers

• 6 Small-Business Password Managers

• A Better Way to Use Sanctions in Africa

• SECURITY ALERT: Remain Vigilant for More BlueKeep Attacks That Can Impact Vulnerable Windows Machines

• Security And Privacy Experts On Controversial Court Ruling Allows Police To Plunder DNA Database For Investigations

• Phishing emails are trying to use cybersecurity against you

• Nvidia patches severe GeForce, GPU vulnerabilities

• Security Intelligence Expert On Cisco Routers Embedded Encryption Keys Security Issue

• Cyber News Rundown: Nikkei BEC Scam

• Cyber-Attack on Indian Nuclear Power Plant Exposes Threat of “Snooping” Malware

• Expert Advise Or IoT In Wake Of Recent Ring Doorbells Expose

• Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

• Here’s why LinkedIn is a ‘gold mine’ for spies looking for corporate and government secrets

• Experts Comments On Billabong And Quiksilver Hit By Cyber Attack

• Facebook: Here’s how we’re fighting fake news in the run up to the election

• News Wrap: Voice Assistant Laser Hack, Twitter Insider Threats, Data Breach Fine Fails

• Tech Firms React to Netizens’ Digital Privacy Concerns

• The Virtuous Circle of Product Placement in Apple’s TV+ Shows

• xHelper Malware for Android

• Comments On The Financial Industry’s Annual “Quantum Dawn” Exercise Highlights ‘Doomsday’ Cybersecurity Measures

• Amazon Fixes Ring Video Doorbell Flaw That Leaked Wi-Fi Credentials

• Leak of 4,000 Facebook documents heaps more trouble on internet giant

• Pipelining VT Intelligence searches and sandbox report lookups via APIv3 to automatically generate indicators of compromise

• IT services pro hacked former client’s email

• Spanish MSSP Targeted by BitPaymer Ransomware

• Aventura charged for flogging Chinese spy equipment to US gov’t with security vulnerabilities

• Behind the scenes: How Microsoft and Google work together for customers on Android Enterprise

• Morrisons Tells Supreme Court It Is Not Liable For Breach

• Another Facebook hoax: Robbers still throwing eggs at car windows?

• Apple Watch Sales Grew to 6.8 Million Units in Q3 2019, up 51% From Last Year

• Over 230 UK Police Disciplined for Computer Misuse

• Microsoft Ignite Cyber Security Takeaways

• How EDR stops hackers in their tracks

• The implications of Insider Threat

• What is low code?

• UK Government Spends £2M on Anti-Drone Projects

• Capesand is a new Exploit Kit that appeared in the threat landscape

• Virgin Media To Switch Mobile Customers To Vodafone

• Disney+ to Launch in Germany, France, Italy, Spain, and the UK on March 31, 2020

• Phishers’ Favorite Brand Upset by PayPal

• Twitter & Trend Micro become Victim to Malicious Insiders

• Active Emotet and BlueKeep Threats warning by Australian Govt

• Disk Cleanup Folder Removed from Microsoft

• Lawmakers Call For Pause On Targetted Political Adverts

• 30,000 affected by Maine’s InterMed suffers data breach

• Titanium: the Platinum group strikes again

• The Hartmann Group proves security starts with One Identity

• New Study: Hospital Breaches Could Be Killing Patients

• Cisco fixes small business routers, kills eavesdropping vulnerability in conferencing devices

• “Sextortion” Malware Evolves to Actually Record Target’s Audio and Video

• Pwn2Own Tokyo 2019 -Day2: experts hacked Samsung Galaxy S10 and Xiaomi Mi9 phones and TP-Link AC1750 routers

• DNA-testing startup Veritas Genetics disclosed a security breach

• Actively Developed Capesand Exploit Kit Emerges in Attacks

• How to Avoid an IoT Doomsday

• Cybersecurity workforce skills gap rises to over 4 million

• November 2019 Patch Tuesday Forecast: Out with the old, in with the new

• Inside the FBI’s quiet ‘ransomware summit’

• Microsoft Apps Diverted from Their Main Use, (Fri, Nov 8th)

• Riot Games’ Millionaire Founder Defrauded In $5 Million Amazon Cloud Cryptocurrency Mining Scam, DOJ Says

• Charges: Chinese Surveillance Goods Illegally Sold to US

• ‘Chronicle Is Dead and Google Killed It’

• First, Manage Security Threats to Machine Learning

• New infosec products of the week: November 8, 2019

• SIEM complexity and cloud visibility put companies at risk

• Microsoft Warns of More BlueKeep RDP Attacks to Deploy CoinMiner Malware – Patch Now!!

• Maze Ransomware Exploiting Exploit Kits

• New Cyber Threat to the US from Chinese Actors

• Mysterious DarkUniverse APT remained undetected for 8 years

• Amazon, Sony, Xiaomi, Samsung Devices Hacked at Pwn2Own Hacking Contest at Tokyo

• Only 47% of cybersecurity pros are prepared to deal with attacks on their IoT devices

• Global internet freedom declines for the ninth consecutive year

• Interesting Cybersecurity News headlines trending on Google

• What financial records do companies need to keep, and for how long?

• Security Congress Final Thoughts: Being There for Others (Part 1)

• Microsoft warns users to stay alert for more BlueKeep attacks

• Vulnerability in Amazon’s Ring Doorbells Let Hackers Steal Your Home Wi-Fi Passwords

• Cisco’s platform enhanced with new zero trust, cloud, endpoint and breach defense capabilities

• Government Innovation Award top honors go to NOAA, DOD, Virginia and SAIC

• Government Innovation Award top honors go to Virginia, NOAA, DOD and SAIC

• Vulnerability in Amazon’s Ring Doorbell Let Hackers Steal Your Home Wi-Fi Passwords

• Accenture opens three “cyber ranges” to improve the security posture of industrial organizations

• Cyber Criminals Stealing Customer Data By Tricking Bank Employees

• Hiber’s IoT network becomes operational on a global scale

• IGEL Universal Management Suite 6.03 offers faster, more secure and flexible management of endpoints

• Semperis’ disaster recovery for Active Directory now available in the Microsoft Azure Marketplace

• ISC Stormcast For Friday, November 8th 2019 https://isc.sans.edu/podcastdetail.html?id=6744, (Fri, Nov 8th)

• TTEC and Cisco enable enterprises and government agencies to accelerate cloud adoption

• Hawkeye enters into a Cooperative Research and Development Agreement with the DOD

• Surveillance kit slinger accused of slapping ‘Made in America’ on Chinese gear, selling it to the US government

• Industrial partnership between NTT Research and Simons Institute provides framework for collaboration

• ExtraHop joins the Microsoft Intelligent Security Association to tackle cybersecurity threats

• Menlo Security and VMware SD-WAN integration offers flexible enterprise SD-WAN architecture

• DNS-over-HTTPS will eventually roll out in all major browsers, despite ISP opposition

• YouTuber Compares Original 2007 iPhone to New iPhone 11 Pro

• Apple Shares Featurette on the Creation of Apple TV+ Show ‘See’

• UAE announces Middle East defense giant in the wake of Aramco attacks

• SoftwareONE acquires BNW to strengthen and extend its SAP capabilities for public cloud migrations

• Reliance acsn enhances its service by adding Highlight’s network and app monitoring and reporting

• Data I/O advances the PSV7000 with NexTeach Pro, for faster job teaching and more accuracy

• What do you get when you allegedly mix Wireshark, a gumshoe child molester, and a court PC? A judge facing hacking charges

• Zurich releases cyber insurance coverages for the manufacturing industry

• APRA received 36 infosec breach notifications from financial services boards

• Snow Software appoints Sanjay Castelino as Chief Product Officer

• How Barracuda leverages Microsoft Azure to deliver application security to customers

• Australia’s Heavy Vehicle Regulator ups its security posture by partnering

• Microsoft wants to kill the password using FIDO2 security for better authentication

• How Malware Detected at India’s Nuclear Power Plant Could Have Been Prevented

• Handling endpoint security without overwhelming professionals with information overload

• Twitter & Trend Micro Fall Victim to Malicious Insiders

• TA542 Brings Back Emotet with Late September Spike

• The Senate Examines Threats to the Homeland

• Charles Eagan: Who Do You Trust? How About ZERO Trust?

• Security In Depth: Your Guide to SecTor 2019

• Microsoft Warns of More Harmful Windows BlueKeep Attacks, Patch Now

• California Announces Investigation Into Facebook’s Privacy Practices

• IT Security News Daily Summary 2019-11-07

• Deloitte Names Sonatype in ‘Technology Fast 500’ for Fourth Consecutive Year

• Microsoft works with researchers to detect and protect against new RDP exploits

• How Machine Learning is Changing the Face of Financial Services

• Not us, YOU: vendor email compromise explained

• Trend Micro insider threat steals, sells customer data

• Why Many People Got Mysterious Valentine’s Day Texts Today

• The financial industry just finished its annual ‘doomsday’ cybersecurity exercise

• US DOJ Charges Two (and One Other) Former Twitter Employees Under 18 United States Code 951 & 18 United States Code 1519

• Derbycon2019, Jamison Budacki’s ‘Choose Your Own TTX: Redefining The Incident Response Table Top Exercise’

• This may shock you but Adobe is shipping insecure software. No, it’s not Flash this time. Nope, not Acrobat, either

• The new CVE-2019-0708 RDP exploit attacks, explained

• Apple Renews ‘See,’ ‘For All Mankind,’ ‘Dickinson,’ and ‘The Morning Show’ for Season 2

• Is Your Social Media Being Watched? Probably, Says New Surveil Report

• DLL Search Order Hijacking Revisited

• Creating and managing a zero-trust security framework

• Summary: WhatsApp Suit Against NSO Group

• What the fxsst?

• Reversing Malware Command and Control: From Sockets to COM

• Malware Persistence without the Windows Registry

• Amazon’s Ring Video Doorbell could open the door of your home to hackers

• How Can I Help My Team Manage Security Alerts?

• How to control location tracking on your iPhone in iOS 13

• Communication, communication – and politics: Iowa saga of cuffed infosec pros reveals pentest pitfalls

• Social Media Account Takeover is as Vicious as a BEC Attack

• An Open Letter to State and Local Officials — Is the Front Door Locked?

• Bringing Recorded Future for Splunk Into Focus

• Ex-Twitter Employees Spied on Saudi Dissidents: DoJ

• Buran Ransomware; the Evolution of VegaLocker

• Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

• Five ways to strengthen employee cybersecurity awareness

• Canadian Government of Nunavut (GN) Suffered Ransomware Attack

• Android keyboard app caught red‑handed trying to make sneaky purchases

• Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers

• Bug Hunters Hack Samsung Galaxy S10, Xiaomi Mi9 at Pwn2Own

• To Prove Cybersecurity’s Worth, Create a Cyber Balance Sheet

• IDG Contributor Network: Combatting extreme weather and power outages, a growing need for AI

• Australian Govt Warns of Active Emotet and BlueKeep Threats

• How much do data breaches affect stock prices?

• Amazon Doorbell Camera Lets Hackers Access Household Network

• Weathering the cyber storm

• Moving agricultural data from silos to the cloud

• Cisco Patches Vulnerabilities in Small Business Routers, RoomOS Software

• Microsoft’s Rust experiments are going well, but some features are missing

• Meet Threat Stack at AWS re:Invent 2019

• DOD names 5G test sites

• New York company charged with illegal sale of Chinese-made surveillance and security equipment

• spyware

• CBP looks to blockchain to track Canadian energy imports

• “Why is SANS HackFest 2019 so offensive”

• DISA pushing apps to MilCloud 2.0

• Do data breaches hurt stock prices?

• Help Wanted: Cybersecurity Workers

• Apple Seeds First Beta of Upcoming macOS Catalina 10.15.2 Update

• Immersive Labs Raises $40M for Cybersecurity Training

• Capital One Shifts Its CISO to New Role

• Publishers Should be Making E-Book Licensing Better, Not Worse

• Apple Releases iOS and iPadOS 13.2.2 With Fix for Background Refresh Bug

• ‘Light commands’ attack: #hacking #Alexa, #Siri, and other #voiceassistants via Laser Beam

• Saudi Arabia Paid Twitter Staff to Spy on Dissidents, Alleges DoJ

• A Critical Update for Windows 10 Every Week – Is This the Way Forward?

• How to Address the Top 5 Human Threats to Your Data

• How to Suggest Your Manager to Invest into Cyber Defense?

• What’s So Dangerous About Spear Phishing?

• DOD’s innovation board recommends hiring shortcuts for tech talent

• PayPal Upsets Microsoft as Phishers’ Favorite Brand

• Amazon Kindle, Embedded Devices Open to Code-Execution

• 3 tips for standing up a CX function

• Facebook Makes Changes To Groups API Following Privacy Breach

• Microsoft is ending support for Windows 7 and Windows Server 2008: Here’s what you need to know.

• Cisco Releases Security Updates

• Consolidate your Security in the Cloud with Cisco Umbrella

• Detecting Account Takeover Botnets

• Find New Talent, Don’t Fight Over CISSPs: Insights from (ISC)2 COO

• Former Twitter Employees Suspected of Spying for Saudi Government

• Researchers Found a Way to Take over Google Home, Amazon’s Alexa or Apple’s Siri Devices through Laser Pointers

• Claims of North Korean Tampering with Indian Space Agency

• CobaltStrike – Hiding in plain sight

• DarkUniverse

• QNAP Warns Users to Secure Devices Against QSnatch Malware

• This is when holiday online shopping fraud is highest (it’s just two days)

• Using Rust in Windows

• Saudi King Hosts CIA Chief for Talks

• PayPal Tops List of Most Imitated Brands

• How to Opt Out of the Sites That Sell Your Personal Data

• Trend Micro Employee Sells Customer Data

• Microsoft to Remove Downloads Folder from Disk Cleanup

• Veterans Day U.S. – A McAfee MoM’s Reflection

• EU Hearing ‘Many Concerns’ About Potential Anticompetitive Issues With Apple Pay

• SECURITY ALERT: New Fake Subpoena Phishing Campaign Spotted, Installing Predator

• Uber Still Using Waymo Technology

• How cybercriminals trick you into giving your information over the phone

• 2019 FEVS reports on shutdown

• How can you protect yourself from hackers? An IBM social engineer offers advice

• How a hacker at IBM uses disguises and devices to steal private information

• Specially Crafted ZIP archives allow bypassing secure email gateways

• Don’t restart your computer after a ransomware attack

• Cyber-War Exercise held between US and Taiwan

• Veteran’s Day U.S. – A McAfee MoM’s Reflection

• S2 Ep16: BlueKeep, ransomware and sextortion – Naked Security Podcast

• Gamers Hit with Nvidia GPU Driver, GeForce Flaws

• The Cold Truth about Cyber Insurance

• Fun with Active Directory’s AdminCount Attribute

• This $387 Azure certification prep bundle is currently on sale for $29

• Google Teams Up With Security Firms to Fight Bad Android Apps

• Strengthening co-operation in the fight against IP crime

• SecureData CTO Names Three Pillars of Active Defense

• eCommerce Fraud Prevention Firm Riskified Raises $165 Million

• Phishing Campaigns Boosting Success with Google Analytics

• Judge Rules Law Enforcement Can Plunder DNA Database

• A Phish That Scans For Viruses

• Okay, This Parody Website Is Amusing

• Former Twitter Employees Charged With Spying On Users For Saudis

• Trend Micro Hit With Insider Attack

• Amazon fixes Ring Video Doorbell wi-fi security vulnerability

• Apple’s big privacy revamp: Genuine commitment or is it just for show?

• Bill Gates Claims Windows Mobile Could Have Beaten Android

• Law enforcement can plunder DNA profile database, judge rules

• 1-15 October 2019 Cyber Attacks Timeline

• UK government funds 18 projects to develop anti-drone technologies

• You’ve got malware: Malicious actors are waiting in your inbox

• Legitimate TDS Platform Abused to Push Malware via Exploit Kits

• IBM social engineer easily hacked two journalists’ information

• MITRE ATT&CK: Network sniffing

• Transitioning to a Security-Driven Networking Strategy

• Network traffic analysis for incident response (IR): What incident responders should know about networking

• Network traffic analysis for IR: Event-based analysis

• How to Secure Critical Infrastructure When Patching Isn’t Possible

• Amazon’s Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

• Specially Crafted ZIP Files Used to Bypass Secure Email Gateways

• Morrisons tells top court it’s not liable for staffer who nicked payroll data of 100,000 employees

• Container Security: Vulnerability Management from Build to Run

• App Defense Alliance – Google Partner with ESET, Lookout & Zimperium to Protect Android Users From Malicious Apps

• Data Breach Fines: Are They Working to Boost Consumer Safety?

• SECURITY CONGRESS FINAL THOUGHTS: BEING THERE FOR OTHERS (PART 1)

• 5 Key Ways to Effectively Communicate with Your Vendors

• Magento 1 End-of-Life Offers Opportunities for Hackers

• India’s Role in Global Cyber Policy Formulation

• How to Start Building an Insider Threat Program

• Texas Senate Bill 820: New Regulation Takes Aim at Cyber Threats in Education Sector

• 49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play

• Oracle Appeals Pentagon JEDI Contract Exclusion

• Pilot presses the wrong button, triggers airport hostage alarm

• Why The Reluctance In Adopting MFA?

• (ISC)² ESTIMATES CYBERSECURITY WORKFORCE AT 2.8 MILLION

• Linux users warned to update libarchive to beat flaw

• Why Your Legacy PKI Solution Isn’t Working

• SECURITY CONGRESS FINAL THOUGHTS: BEING THERE FOR OTHERS (PART 2)

• Two former Twitter employees charged of spying on Users for Saudi Arabian Government

• Mobile security firms will help protect Google Play

• Kaspersky Lab Analysis Shines Light on DarkUniverse APT Group

• Security Expert Comment: US Homeland Security Official Says Russia Will Try To Interfere In 2020 Election: “They’re Going To Be Back”

• Experts Comments On Facebook Reveals Another Privacy Breach, This Time Involving Developers

• Google Enlists Help to Fight Bad Android Apps

• DarkUniverse – the mysterious APT framework #27

• California Says Facebook Impeding Privacy Probe

• Law debated allowing confiscation of Bitcoin by the police

• Microsoft Demands Privacy Protection To Safeguard Rights

• Facebook confesses 100 devs may have accessed leaked Groups data

• Phishing Campaign Used Subpoena-Themed Email to Deliver Infostealer

• VB2019 paper: DNS on fire

• Gartner Says the Future of Network Security Lies with SASE

• 9 suspects arrested in Poland for luxury car theft

• Warrant let police search online DNA database

• Black Hat Q&A: Hacking a ’90s Sports Car

• Expert Comments On After Brexit, Europe Wants Cybersecurity Pact With UK

• 17 tonnes of food infected with listeria seized in Spain

• Eavesdropping on SMS Messages inside Telco Networks

• Mobility of Frontline Workforce: Why Your Field Employees Need Mobile Devices

• Mac users warned that disabling all Office macros doesn’t actually disable all Office macros

• Cloud-Native Application Security Challenges

• NVIDIA Patches Flaws in GPU Display Driver, GeForce Experience

• Best Android antivirus? The top 9 tools

• Facebook scam steals famous faces and BBC branding

• Rogue TrendMicro Employee Sold Customer Data to Tech Support Scammers

• Microsoft Unveils New Security Tools for Azure Platform

• You Don’t Know What You Don’t Know: 5 Best Practices for Data Discovery and Classification

• Expert On Trend Micro Insider Threat

• Apple details new Safari, Location Services, Sign in with Apple privacy features

• Cisco: All these routers have the same embedded crypto keys, so update firmware

• Former Trend Micro Staffer Sold Customer Data

• What are the signs of video game addiction in children?

• Top SAST and DAST tools that can fix app security problems before deployment

• Europe’s Cybersecurity Skills Gap Has Doubled: Report

• Talk Cloud with NetApp at Google Cloud Next London 2019

• Two Former Twitter Employees Caught Spying On Users For Saudi Arabia

• Trend Micro rogue employee sold customer data to tech support scammers

• US: Saudi Government Recruited Twitter Staff to Spy

• BritBox UK Streaming Service Launches for £5.99 per Month

• Cybersecurity Skills Shortage Tops Four Million

• FCW Insider: Nov. 7

• GUI Now Available for Kamerka ICS/IoT Reconnaissance Tool

• Quick Hits

• Quick Hits

• Getting the best value out of security assessments, (Thu, Nov 7th)

• Industrial sector targeted by Adversary harboring DopplePaymer ransomware

• Sneaky purchases being made by Android keyboard app

• Thousands of Drivers Spill Data from California DMV Leak

• Thunder on the Horizon: 4 Security Threats for the Cloud

• Group member info advised to be deleted by Facebook app developers

• Bilk Businesses attacked by accounting Scams

• Bug Hunters Earn $195,000 for Hacking TVs, Routers, Phones at Pwn2Own Tokyo 2019

• Facebook cut off developer access to user data to squash potential rivals

• Documents Show Facebook Controlling Competitors With User Data: Report

• Inside the Microsoft team tracking the world’s most dangerous hackers

• We’re almost into the third decade of the 21st century and we’re still grading security bugs out of 10 like kids. Why?

• HSTS From Top to Bottom or GTFO

• Why Organizations are Failing to Deal With Rising Bot Attacks

• 5 factors to consider when choosing an encryption key management system

• The promise and peril of post quantum computing

• CipherCloud CASB+ Mobile Connect

• Can Zero Trust Solutions Protect Hybrid, Multi-Cloud Networks?

• Mobile Security firms ESET, Lookout, Zimperium to clean up Google Play Store

Generated on 2019-11-10 23:58:25.294541