IT Security News Weekly Summary – Week 46

• IT Security News Daily Summary 2020-11-15

• How to address inefficiencies of using multiple cybersecurity systems

• Federal panel sides with VA on union contract

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 303’

• DEF CON 28 Safe Mode Voting Village Village – Ben Dubow’s ‘How Influence Warfare Subverts Democracy’

• DEF CON 28 Safe Mode Voting Village Village – Martin Mickos’ ‘See Something, Say Something’

• The Most Common API Vulnerabilities

• Apple Shares New ‘Everyday Experiments’ Shot on iPhone 12 Video

• Code42 Incydr Delivers Evolved Data Protection for Channel Partners

• New Book By Clearwater Founder and Executive Chairman Provides Healthcare Board Members and Executives With Practical Guidance for Overseeing an Enterprise Cyber Risk Management Program

• Tangoe Reveals its 2021 Technology Trends

• AuditBoard Survey: 81% of Audit and Risk Professionals Believe Risk Will Be Unpredictable In 2021

• QuoLab Technologies Announces Partnership with QGroup GmbH

• oledump’s ! Indicator, (Sun, Nov 15th)

• How Politics at Home Shapes Kuwait’s Foreign Policy

• Apple Unveils Security Features in New M1 Chip

• The North Face website suffered a credential stuffing attack

• Security Affairs newsletter Round 289

• macOS Big Sur Update Bricking Some Older MacBook Pro Models

• 7 Simple Tech Tips to Keep Your Family Safe This Holiday

• Chilean-based retail giant Cencosud hit by Egregor Ransomware

• Montana CISO Shares State Security Actions and Priorities

• ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

• Week in review: Cybersecurity workforce gap decreases, new issue of (IN)SECURE

• Who Caused 2018 Power Outages in Russia?

• Cit0day – 226,883,414 breached accounts

• HomePod Mini Begins Shipping to Customers, First Orders Arrive November 16

• Apple Begins Issuing Monthly Credits to Apple TV+ Subscribers Through January

• Reliable Leaker Says Apple Plans to Introduce ‘Christmas Surprise’

• Apple Says Hearing Aid Sound Issues With iPhone 12 Models Will Be Fixed in Future Software Update

• 123RF – 8,661,578 breached accounts

• Hackers can use just-fixed Intel bugs to install malicious firmware on PCs

• IT Security News Daily Summary 2020-11-14

• Op protected childhood: 113 online child predators arrested

• Feds investigate Zoom-bombings attack against Gonzaga University Black Student Union

• XKCD ‘Set In The Present’

• DEF CON 28 Safe Mode Voting Village Village – Amélie Koran’s ‘Hacking Democracy II: On Securing An Election’

• Akropolis Cryptocurrency Lending Service Lost $2 Million to Hackers In A Cyber Attack

• DEF CON 28 Safe Mode Ham Radio Village – Baloo’s ‘APRS Demo’

• Schneider Electric published a security advisory on Drovorub Linux Malware

• Upcoming Speaking Engagements

• Decentralized Finance (Defi) Protocol Akropolis Hacked For $2 Million In DAI

• iPhone 12 Mini Users Report Lock Screen Touch Sensitivity Issues

• New skimmer attack uses fake credit card form to steal data

• CISA Chief Chris Krebs expects to be fired by the White House

• Top Stories: Apple Silicon Macs, macOS Big Sur, iPhone 12 Mini and 12 Pro Max Launch

• Scams Ramp Up Ahead of Black Friday Cybercriminal Craze

• A Ransomware Gang Bought Facebook Ads to Troll Its Victim

• Schneider Electric Warns Customers of Drovorub Linux Malware

• The OS Big Sur Launch Might Have Slowed Down Macs Everywhere

• Biotech research firm Miltenyi Biotec hit by Mount Locker ransomware

• Traffickers supplying conflict zones with weapons and explosives disarmed in Spain

• Stick a fork in SGX, it’s done: Intel’s cloud-server security defeated by $30 chip and electrical shenanigans

• Cybersecurity careers: Which one is right for you?

• Week in security with Tony Anscombe

• 2020-11-13 – Traffic Analysis Exercise – Quiethub.net

• Weekly Update 217

• New TroubleGrabber malware targets Discord users

• Building digital trust with 5G

• Hands-On With the New iPhone 12 Pro Max and iPhone 12 Mini

• IT Security News Daily Summary 2020-11-13

• A Complete Guide to the Stages of Penetration Testing

• Biden’s GSA transition team brings deep agency ties

• Apple Issues Security Updates

• Hacker stole $2 million worth of Dai cryptocurrency from Akropolis

• Alexander Vindman Joins the Lawfare Team

• Image stock site 123RF hacked; 8.3M user database leaked

• Ransomware Groups Are Using Hacked Facebook Pages To Pressure Their Victims Into Paying

• CISA Director Expects to Be Fired Following Secure Election

• Inrupt’s Solid Announcement

• Deals: Apple’s Smart Keyboard Folio for 12.9-Inch iPad Pro Discounted to New Low of $119.97 [Updated]

• Universal Apps for Apple Silicon Macs: Pixelmator Pro, DaVinci Resolve, Darkroom, Ulysses, BBEdit, and More

• iPhone 12 and 12 Pro Users Complain of Missing SMS Text Messages and Message Notifications

• Ex-missile systems worker jailed for breaching Official Secrets Act after last-second guilty plea

• What To Look For In Your Next SIEM Provider

• 4 steps to DevSecOps in your software supply chain

• GNAP: OAuth the next generation

• Amazon Sues Instagram, TikTok Influencers Over Knockoff Scam

• Microsoft Issues Security Warning on SMS Multi-Factor Authentication

• Antivirus Software Flagging Dell Drivers as Malware

• Risk & Repeat: 2020 election security in review

• Threat Roundup for November 6 to November 13

• MacRumors Giveaway: Win a Luna Display Adapter and Turn Your iPad or Extra Mac Into a Second Screen

• First Impressions From New iPhone 12 mini and iPhone 12 Pro Max Owners

• Deals: Apple’s Smart Keyboard Folio for 12.9-Inch iPad Pro Discounted to New Low of $119.97

• API Security — 3rd-Party Key Manager Support In WSO2 API Manager 3.2.0

• How To Check the Encryption Certificate of an AS2 EDIINT Data

• Strengthen Enterprise Security Through Network Isolation Approach

• Unified Endpoint Management for the New Normal

• Reaching Strategic Outcomes With a Managed Detection and Response Service Provider: Part 2

• A new data-driven model shows that wearing masks saves lives – and the earlier you start, the better

• 2020 Reader Survey: Share Your Feedback to Help Us Improve

• Nation-State Attackers Actively Target COVID-19 Vaccine-Makers

• Botnet Attackers Turn to Vulnerable IoT Devices

• Adults and children should learn cybersecurity and safety practices

• STEM and cybersecurity training are critical for the future

• 6 training trends to watch that “will define the workplace in 2021”

• Under Analytics

• Feature Release 20.6

• Disconnect Your TCL Smart TV From the Internet—NOW

• Apple Seeds First Betas of iOS 14.3 and iPadOS 14.3 to Public Beta Testers

• Decrypting OpenSSH sessions for fun and profit

• Texas Drivers Impacted by Breach of Vertafore

• DarkSide Ransomware Group Makes New Storage System

• North Face Suffers Credential Stuffing Attack

• Attackers Target Gaming as the Latest ‘Always On’ Industry Impacted by Ransomware

• Vertafore data ereach exposes license details of 27.7M Texas drivers

• An AI tool can distinguish between a conspiracy theory and a true conspiracy – it comes down to how easily the story falls apart

• Aegis Secure Key 3NXC a Finalist in 2020 ‘ASTORS’ Awards Program

• Brazilian IT market on the road to recovery in 2021

• Ticketmaster Scores Hefty Fine Over 2018 Data Breach

• How to temporarily mitigate SAD DNS for Linux servers and desktops

• 4 phishing scams to watch out for during the holidays

• How to use the Mitre ATT&CK framework for cloud security

• New Center Supports Rail Cybersecurity

• Ticketmaster Fined £1.25m Over Data Breach

• ICE Operation Arrests 113 Child Predators

• Self-Service Security for Developers Is the DevSecOps Brass Ring

• Three APT groups have targeted at least seven COVID-19 vaccine makers

• Hasan Minhaj Joins the Cast of ‘The Morning Show’ for Season 2

• Apple Shares Teaser for ‘Servant’ Season 2, Premiering January 15

• Announcing our open source security key test suite

• EncroChat hack evidence wasn’t obtained illegally, High Court of England and Wales rules – trial judges will decide whether to admit it

• How to Use Activity Monitor to Troubleshoot Problems on a Mac

• Swedish Regulator To Challenge Court Order On Huawei Ban

• Hacker steals $2 million from cryptocurrency service Akropolis

• Credential-Stuffing Attack Hits The North Face

• Patch Tuesday, November 2020 Edition

• Report: Only 51% Of Facebook Employees Believe The Company Has A Positive Impact On The World

• Insurance Software Company Leaks 28 Million Texas Driver Records by Mistakes

• Apple Releases Security Updates for Multiple Products

• How Nonprofits Can Protect Themselves From Card-Testing Fraud

• Hitchcock’s “Decentering Whiteness”

• Fish Tanks: Defense in Depth for COVID19?

• How Data-Centric Security Enables Cross-Regulatory Compliance

• Apple Joins Industry Group Working Towards 6G

• Assessing International Law on Self-Determination and Extraterritorial Use of Force in Rojava

• CFIUS’s Excepted Foreign States Provision: U.S. Economic Security Policy Gets Longer Arms

• How Did a Trump Loyalist Come to be Named NSA General Counsel—And What Should Biden Do About It?

• Ticketmaster to pay penalty of £1.25m for chat bot Cyber Attack

• Google Address Two More Chrome Zero-Day Vulnerabilities

• PLATYPUS Attack: Novel Power Side-channel Attack Threatening Intel Devices

• Why does reproducibility matter in healthcare AI?

• Openreach Engineer Stabbed Five Times Amid 5G Violence

• Barracuda Acquires Zero Trust Solution Provider Fyde

• The Best Gifts For Hackers

• Ticketmaster Fined £1.25m Over Payment Data Breach

• Microsoft: North Korean, Russian Hackers Target COVID-19 Researchers

• Manufacturing Becomes Major Target For Ransomware Attacks

• People Could Be Asked To Prove They’ve Had Covid Vaccine To Get Into Sports Events And Concerts

• Ransomware-as-a-Service gang DarkSide creates server for data leaks

• Ticketmaster cops £1.25m ICO fine for 2018 Magecart breach, blames someone else and vows to appeal

• ICO Hits Ticketmaster With £1.2m Data Breach Fine

• The best gifts for hackers

• Microsoft says three APTs have targeted seven COVID-19 vaccine makers

• Microsoft: Russian, North Korean Hackers Target Vaccine Work

• A female wannabe martyr for the so-called Islamic State arrested in Spain

• The Sameness of Every Day: How to Change Up Audit Fatigue

• A Hacker’s Holiday: How Retailers Can Avoid Black Friday Cyber Threats

• RangeForce Becomes Crest Approved Training Provider

• As Screen Time Skyrockets, So Does Threat of Fake Apps

• What Expert Says On Chrome Adding Anti-hijacking Feature

• Experts Reacted On The North Face Credential Stuffing Attack

• Microsoft Advises To Stop Using Phone-Based 2FA – Security Expert Reaction

• Is Uber Safe? All Your Questions Answered

• This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

• Hackers-for-hire APT group found targeting businesses globally

• Manufacturing Sector Targeted by Five ICS-Focused Threat Groups: Report

• FBI Investigating Hack Involving Black Students at Gonzaga

• Cyber News Rundown: Flood of Phony IRS Emails

• Deals: Woot Discounts Large Collection of Open Box iPads and MacBooks Today Only

• iPhone 12 Upgrade Program Now Available in Scotland, Wales, and Northern Ireland

• Cloud-based Multi-factor Authentication: The Starting Point For Security, Compliance And User Experience

• 10 Best Vulnerability Scanning Tools For Penetration Testing – 2020

• The M140i project post – Part 11

• DHS rejects Trump’s fraud claims: ‘Election was most secure in US history’

• Manufacturing is becoming a major target for ransomware attacks

• Report: CISA Chief Expects White House to Fire Him

• DHS Says Voting Systems Not Compromised, Amid Departures at CISA

• Data Breach Hits 30 Million Texan Drivers

• Shutterstock Adds Single Sign-On Integration to its Platform

• Tick-Tock: Black Friday 2020 Could Turn into a Cybercriminal Medley as Retailers Adjust to Social-Distancing During COVID-19

• Finland Drafting New Legislation Following Cyber-Attack on Psychotherapy Center

• Government in Australia issues Clop Ransomware warning to Healthcare Organizations

• The iOS Covid App Ecosystem Has Become a Privacy Minefield

• 5 key benefits of using an IP scanner

• Successful Ransomware Attacks on Education Sector Grew 388% in Q3 2020

• New Zealand Election Fraud

• New ‘Vanish Mode’ in Messenger and Instagram Enables Disappearing Chats

• Virtual Engagement Activities at #ISC2Congress

• 5 open source intrusion detection systems for SMBs

• The North Face resets passwords after credential-stuffing attack

• Credential Stuffers Scaled The North Face to Access Accounts

• The Scammer Who Wanted to Save His Country

• Kuo: Mini-LED iPad and AirPods 3 Coming First Half of 2021

• Major retailers in the EU and US at risk to web attacks

• Inaccurate Predictions about Cybersecurity is Dangerous

• Quick Hits

• FCW Insider: Nov. 13

• Amazon files lawsuit against Instagram, TikTok influencers over ‘dupe’ sales scam

• Chainalysis launches program to manage cryptocurrency seized by law enforcement

• CISA’s Krebs Set to be Fired in Blow for Security Community

• 18 arrested and €4 million seized in large money-laundering bust in France

• Vertafore data breach exposed data of 27.7 million Texas drivers

• Menu Bar Controller App for Sonos Speakers Updated for macOS 11

• Experts Insight On Steelcase Suffers Ransomware Attack, Forces 2-week Shut Down Of Global Operations And Production

• Animal Jam Kids’ Virtual World Hit By Data Breach, Impacting 46m Accounts: Expert Commentary

• Stock photo service 123RD suffered major data breach

• Possible ransomware attack warnings from the Australian government

• Stressed employees behind data breaches survey finds

• Fraudulent Transactions a Bigger Worry for Online Retailers During #COVID19

• macOS Big Sur: Quick Start Video Plus 50 Tips and Tricks

• Group-IB opens HQ in Amsterdam as a central hub for research into the European threat landscape

• U.S. Election Misinformation Continues to Spread | Avast

• Avast Business Remote Control Announcement | Avast

• Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs

• Why Linux Should Factor Into Your Security Strategy

• Security flaws in Schneider Electric PLCs allow full take over

• Old Worm But New Obfuscation Technique, (Fri, Nov 13th)

• SAD DNS — New Flaws Re-Enable DNS Cache Poisoning Attacks

• 2020’s biggest innovators? Hackers and cyber-criminals, again, says Darktrace

• Info of 27.7 million Texas drivers exposed in Vertafore data breach

• Making history: The pandemic, disaster recovery and data protection

• Apple plans new data privacy guidelines to app developers

• US Cybersecurity Officials to be fired after elections

• How IoT insecurity impacts global organizations

• Enterprises embrace Kubernetes, but lack security tools to mitigate risk

• Swiss Spies Benefitted From Secret CIA Encryption Firm: Probe

• ML tool identifies domains created to promote fake news

• Malware activity spikes 128%, Office document phishing skyrockets

• Hungry for data, ModPipe backdoor hits POS software used in hospitality sector

• Google patches two new zero‑day flaws in Chrome

• DEF CON 28 Safe Mode Ham Radio Village – Typer Gardner’s ‘Single Board Computers In Amateur Radio’

• How to Choose an MDR Provider

• De SLA a XLA: de servicios a experiencias

• Keep Your Site Safe with the OWASP Top 10 List

• [CTO Interview] The Enterprise Movement to PKI as-a-Service

• ISC Stormcast For Friday, November 13th 2020 https://isc.sans.edu/podcastdetail.html?id=7252, (Fri, Nov 13th)

• Infosys delivers cloud-powered, cognitive-first managed services for IT operations

• Home Chef – 8,815,692 breached accounts

• Fantastical Updated for macOS Big Sur With New Design, Widgets, Native Support for Apple Silicon, and More

• Elastic enables customers to cost-effectively store and search data for deeper insights with no constraints

• Secure Code Warrior Missions: Interactive coding simulations of real-world applications

• AWS Glue DataBrew: Enabling customers to clean and normalize data without writing code

• Election security fears doused with reality: Top officials say Nov 3 ‘was the most secure in American history.’ The end

• “Nope, Go Phish” – How Organizations Can Finally Put a Stop to The Oldest Hacking Trick

• An Investigative Analysis of the Silent Librarian IoCs

• Apple Updates iWork, iMovie, and GarageBand With Refreshed Icons and Designs for macOS Big Sur

• Uptycs enhances detection and investigation for on-premises and cloud workloads

• SonicWall adds high-performance, low-TCO firewalls to its Capture Cloud Platform

• Resilience provides insurance coverage and patented cybersecurity tools for the mid-market

• 10 Common Digital Threats to Businesses

• Australian government warns of possible ransomware attacks on health sector

• Code in iOS 14.3 Adds Support for Third-Party Bluetooth Trackers With Find My Integration

• First iPhone 12 Mini and iPhone 12 Pro Max Orders Arriving to Customers in New Zealand and Australia

• Apple Updates iWork and GarageBand With Refreshed Icons and Designs for macOS Big Sur

• SentinelOne raises $267 million to accelerate growth driven by demand for its Singularity XDR Platform

• Syniverse and NodeWeaver partnership delivers wireless services and enables the intelligent edge

• 2020-11-10 – Pcap and malware for an ICS diary (traffic analysis quiz)

• 2020-11-12 – Dridex activity

• OPM veterans on the Biden-Harris transition team

• DHS panel says 2020 vote was ‘most secure in American history’

• Manufacturing Sees Rising Ransomware Threat

• What’s New in iOS 14.3: ProRAW Support for iPhone 12 Pro, PS5 Controller Support and More

• iOS 14.3 Icon Hints at AirPods Studio Design

• Intel SGX users need CPU microcode patch to block PLATYPUS secrets-leaking attack

• Telework capabilities set stage for truly mobile DOD workforce

• Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software

• Credential Stuffing Fills E-commerce Pipeline in 2020

• ‘Pay2Key’ Could Become Next Big Ransomware Threat

• The GOP Keeps Proving There’s No Election Fraud

• Apple Seeds First Betas of iOS 14.3 and iPadOS 14.3 to Developers [Update: Pulled]

• Apple Card, Apple Pay, Maps and Messages Experiencing Outages [Updated]

• Apple Pulls iOS 14.3, watchOS 7.2, and tvOS 14.3 Updates Amid Slew of Server Issues

• IT Security News Daily Summary 2020-11-12

• Watch out: Fake celebrity endorsements advertising Bitcoin scam

• SASE consolidated integrated platform

• How COVID is driving smart city plans, budgets

• BlackBerry discovers new hacker-for-hire mercenary group

• Animal Jam Hacked, 46M Records Roam the Dark Web

• Swedish court suspended the ban on Huawei equipment

• Mac Apps Not Opening Due to Apple Server Issues: How to Fix For Now

• Apple Seeds First Beta of tvOS 14.3 Update to Developers

• Apple Seeds First Beta of watchOS 7.2 to Developers

• Apple Updates Final Cut Pro X and Logic Pro X for Apple Silicon Macs Ahead of M1 Launch

• Apple Seeds First Betas of iOS 14.3 and iPadOS 14.3 to Developers

• How China’s Control of Information is a Cyber Weakness

• Tell Trump’s Patent Office Director: Don’t Make Permanent Rule Changes Now

• Hat trick for Google as it patches two more zero-days in Chrome

• How to Configure and Use Control Center in macOS Big Sur

• Understanding User Accounts in macOS

• How to Prepare Your Mac to Upgrade to macOS Big Sur: the Ultimate Guide

• A Biden-Harris ‘reset’ for feds

• Smart concrete could pave the way for high-tech, cost-effective roads

• Hackers for hire target victims with cyber espionage campaign

• New ‘CostaRicto’ Hack-for-Hire Group Targets Global Businesses

• Apple Silicon M1 Mac Mini vs. Intel Mac Mini Buyer’s Guide

• Rosetta Mac App Translation Process Can Take 20 Seconds on First Launch

• Plague Inc. Gets New Game Mode That Lets You Save the World From a Pandemic

• New 2020 Duo Trusted Access Report Examines Securing Remote Work

• How and when to change your Google password

• Ethical Hacker’s Comic Dream Gets Backing

• Happy Birthday, Marine Corps!

• Employee Spotlight: From Building Code to Building Teams

• Popular iOS Camera App Darkroom Expands to Macs With Universal App Support

• One Step Beyond: Using Threat Hunting to Anticipate the Unknown

• Innovating for IT Specialists

• Google makes app to lock devices if users default on payment

• Data Security: Building for Today’s Hybrid Cloud World

• A Quick Guide to Effective SIEM Use Cases

• How Federal Agencies Can Reduce Cyber Risk Posed by Contractors

• DNS cache poisoning poised for a comeback: Sad DNS

• Digging into the Dark Web: How Security Researchers Learn to Think Like the Bad Guys

• Finland Fast-Tracks ID Code Law Change After Hacking Case

• Most Americans Reuse Passwords for Work Devices

• Cyber-Mercenaries Sell Espionage Campaigns

• Hackers Use Bugs To Attack iOS and Android Devices; Google Doesn’t Disclose Details

• Here’s why a Greece Hacker Easily Hacked Croatian University?

• DARPA and Academia Jumpstart 5G IoT Security Efforts

• Mcafee Announces Mvision Marketplace And Mvision Api To Enable Organizations To Quickly And Easily Adapt To Security Gaps

• The Hard Truth About Federal 2021 Bid Deadlines for Cloud-Based Software Vendors

• Apple Releases macOS Big Sur With Fresh Design, Control Center, Safari Privacy Report, Messages Updates, Maps Overhaul and More

• Apple Execs Talk M1 Chip, Touchscreen Macs and More in New Interview

• Researchers simulate privacy leaks in functional genomics studies

• Introducing “How to Fix the Internet,” a New Podcast from EFF

• Podcast Episode: Why Does My Internet Suck?

• Podcast Episode: The Secret Court Approving Secret Surveillance

• ModPipe Backdoor Targets Oracle Point of Sale System

• Comodo Releases Open Source EDR Solution

• Decompiled Source Code of Cobalt Strike Released on GitHub

• DEF CON 28 Safe Mode Ham Radio Village – Eric Escobar’s ‘Talking To Satellites’

• 46M accounts were impacted in the data breach of children’s online playground Animal Jam

• Apple Says HomePod Mini Won’t Leave Marks on Waxed or Oiled Wood Surfaces

• System Management Mode deep dive: How SMM isolation hardens the platform

• Kids’ gaming website Animal Jam breached after miscreants spot private AWS key on pwned Slack channel

• Apple Launches New Macs, and Big Sur Arrives – Intego Mac Podcast Episode 161

• Public Sector Leaders Admit Personal Toll From Pandemic

• Animal Jam data breach – Hacker leaks database with millions of accounts

• API Security Weekly: Issue #109

• Surviving college distance learning during the pandemic: a cybersecurity guide

• Check Point Software Technologies recognized as Leader in the 2020 Gartner Network Firewall Magic Quadrant

• Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks

• S3 Ep6: How not to get scammed [Podcast]

• Recommendations Accepted in Advancement for EU Data Protection Transfers

• Google Releases Security Updates for Chrome

• 3 Must-dos to Secure Your Applications

• Palo Alto Networks a Nine-Time Gartner Magic Quadrant Leader

• New Pay2Key Ransomware linked to Iran

• Microsoft November Patch Tuesday Comes With Much-Awaited Zero-Day Fix

• Introducing NetApp SnapCenter 4.4

• IBM Warns Global Business Services Staff Of Redundancies

• Querying Windows Event Logs for Faster Investigation and Response

• Menlo Security raises $100 million to beat back malware with algorithms

• Trump Administration Says Still Searching for TikTok Resolution

• The Term “Threat Intelligence” is Poisoned. It Does Not Mean What You Think it Means.

• #EdgeLive: The Emerging Role of SASE in Organizational Security

• KnowBe4’s Security Awareness Essentials Course Certified by the NCSC

• 5 Steps Every Company Should Take to Avoid Data Theft Risk

• Security in the Cloud: IAM and Data Access Control

• Managing Your Security Product in the Cloud, Like a Spartan

• Secure Code Warrior Takes Secure Coding Prowess to New Heights With Missions

• Sonatype and Fugue Partner to Shift Cloud Security Left and Ensure Continuous Policy Compliance

• Costaricto APT: Cyber mercenaries use previously undocumented malware

• Google Patches Two More Chrome Zero Days

• Nvidia Warns Gamers Of GeForce NOW Flaw

• DNS Cache Poisoning Is Back From The Dead

• Now-Patched Ubuntu Desktop Vulnerability Allows Privilege Escalation

• macOS Big Sur Features: Everything New in Today’s Release

• djay Pro AI for Mac Released With Support for M1 Chip

• First Apple Silicon Macs With M1 Chip Begin Shipping to Customers Ahead of November 17 Launch

• Advanced Bot Protection Handling More Traffic Than Ever

• Cyberattacks increase by 260% in the first nine months of 2020

• UK Conservative Party used 10 million people’s names to derive their country of origin, ethnicity and religion according to ICO report

• Google Photos To End Unlimited Cloud Storage

• Comodo open-sources its EDR solution

• 2 More Google Chrome Zero-Days Under Active Exploitation

• New survey details IT challenges, shadow IT risks, 2021 outlook, and more

• How to combat the latest and most aggressive botnets and malware

• Encryption Vulnerabilities Allow Hackers to Take Control of Schneider Electric PLCs

• Data breach response: How to plan and recover

• Microsoft says it’s time for you to stop using SMS and voice calls for multi-factor authentication

• An Engineer Gets 9 Years for Stealing $10M From Microsoft

• CRAT wants to plunder your endpoints

• Menlo Security Raises $100M for Security Service

• Sectigo Helps DevSecOps Teams Speed Application Deployment Securely with Five More PKI DevOps Integrations

• Security Intelligence Handbook Chapter 2: Examining Operational and Strategic Security Intelligence

• Watch: HomePod Mini Reviews, Sound Quality Tests, and Unboxing Videos

• HomePod Mini Reviews: ‘Remarkably Big Sound’ Despite Compact Design

• Serif Updates Affinity Apps for ‘Superfast Performance’ With M1 Chip

• Mercenary APT group CostaRicto hits organizations worldwide

• From Triton to Stuxnet: Preparing for OT Incident Response

• Menlo Security Raises $100 Million at $800 Million Valuation

• Like the Energizer Bunny, Trickbot Goes On and On

• WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques

• CRAT Aims To Plunder Your Endpoints

• JumpCloud’s Zero Day macOS Big Sur Support Gives Admins Options & Advantages

• Menlo Security Raises $100 Million in Latest Financing

• Experts Reacted Microsoft’s New Patch Tuesday Format: “A Bad Move” And “Disappointing”

• (ISC)2 Study Reveals The Cybersecurity Workforce Has Grown To 3.5 Million Professionals Globally

• Want To Avoid Ransomware Attacks? Start By Fighting Your Shadow IT

• Microsoft advises users to stop using SMS- and voice-based MFA

• Swiss spies knew about Crypto AG compromise – and kept it from govt overseers for nearly 30 years

• 2020 (ISC)2 Cybersecurity Workforce Study: Skills Gap Narrows in an Unusual Year

• Focus On Cyber Defence Rather Than Cyber Attack – Former NCSC Head

• KuCoin CEO says 84% of stolen cryptocurrency has been recovered

• Webinar Today: Strengthening Industrial Cybersecurity With Internal Segmentation

• Google Patches Two More Chrome Zero-Days Exploited in Attacks

• Huawei Wins Stay Against Exclusion From Sweden 5G

• ICO Demands Urgent Data Protection Changes from UK Parties

• #EdgeLive: Phishing Attacks Now Targeting Enterprise Specifics

• Uncovered: APT ‘Hackers For Hire’ Target Financial, Entertainment Firms

• New modular ModPipe POS Malware targets restaurants and hospitality sectors

• “Privacy Nutrition Labels” in Apple’s App Store

• Microsoft Releases Office for Mac Beta With Apple Silicon Compatibility

• Philips Hue Adds Support for HomeKit Adaptive Lighting to Ambiance Lights

• CEO Perspective On Muhstik IoT Botnet Infecting Cloud Servers & Mining Crypto

• Research Shows Why You Should Keep Your Netflix Password To Yourself

• People who have WOWED us over 25 years

• The rise of stalkerware

• Google Critics Urge EU Antitrust Action

• Implement Cloud Security Best Practices With This Guide

• Microsoft Urges Firms to Hang Up on Phone-Based MFA

• Update Your Chrome Browser Now! Google Says These High-Severity Bugs Have Exploits in the Wild

• 355 protected reptiles saved in Spain in hit against wildlife traffickers

• COVID-19 chiefs of police working group: fighting the pandemic and criminals together

• Managing Scans using Bash and the Acunetix API

• Advancing Security Leadership with $100M in Additional Funding

• Preventing Exposed Azure Blob Storage, (Thu, Nov 12th)

• Take Care – The Gin Is Circa 1984

• Zoom/FTC Settlement – Expert Source

• How A Delayed Presidential Transition Threatens US Cybersecurity

• Passage of California privacy act could spur similar new regulations in other states

• Assessing Security Operation Centers Using a Balanced Scorecard

• FCW Insider: Nov. 12

• New ModPipe malware targets hospitality, hotel point of sale systems

• Palo Alto Networks to Acquire Attack Surface Management Firm Expanse in $800 Million Deal

• Hackers Steal 46 Million Records from Kids’ Game Developer

• MISSIONS — The Next Level of Interactive Developer Security Training

• New ModPipe Point of Sale (POS) Malware Targeting Restaurants, Hotels

• Here’s When You Can Download macOS Big Sur in Time Zones Around the World

• Apple TV App Now Available to Download on PlayStation 4 and PlayStation 5

• Things 3.13.2 Update Brings Support for macOS Big Sur, Including New Widgets and Rich Notifications

• Ransomware Gang Hacks Facebook Account To Run Extortion Ads – Expert Comments

• Ransomware attacks targeting Israel are thought to be linked to Iranian threat actors

• Microsoft calls for users to stop using phone-based multi-factor authentication

• Former NCSC cyber-chief, Ciaran Martin, says ‘Don’t weaponise the net’

• Researchers discover POS backdoor targeting the hospitality industry

• #EdgeLive: Defending Against the Growing Threat of DDoS Attacks

• Ransomware gang takes out Facebook ads to apply pressure on victim

• Spam and phishing in Q3 2020

• 6 Ways to Reduce Your Cloud Attack Surface

• Google addresses two new Chrome zero-day flaws

• Perception Point X-Ray

• (IN)SECURE Magazine issue 67 released

• One Key Cyber Security Fact

• DOD to focus on Cybersecurity of Connected Weapons

• Ransomware attack on Timberline Billing Service

• Microsoft urges users to stop using phone-based multi-factor authentication

• The security consequences of massive change in how we work

• Cybersecurity workforce gap decreases, job satisfaction rates increase

• Samsung finally admitted to Google’s Enterprise Android Recommended club

• In Zero we trust

• Avionics Safety and Secured Connectivity: A Look at DO-326A/ED-202A, DO-355 and DO-356

• SAP Patches Several Critical Vulnerabilities With November 2020 Security Updates

• ISC Stormcast For Thursday, November 12th 2020 https://isc.sans.edu/podcastdetail.html?id=7250, (Thu, Nov 12th)

• Q&A session: Examples of what it takes to achieve DevSecOps maturity

• Fraudsters increasingly creative with names and addresses for phishing sites

• Holiday gifts getting smarter, but creepier when it comes to privacy and security

• Why you should keep your Netflix password to yourself

• Microsoft Patch Tuesday fixes 17 critical flaws, Windows zero‑day

• Two New Chrome 0-Days Under Active Attacks – Update Your Browser

• Lumu Agent for Windows: Measuring remote worker compromise levels in real time

• Critical Vulnerabilities Discovered in World’s Largest Android TVs Manufacturer

• Exposed Blob Storage in Azure, (Thu, Nov 12th)

• Imperva SD-SOC: How Using AI and Time Series Traffic Improves DDoS Mitigation

• HPE GreenLake for VDI cloud services provides solutions optimized for each type of remote worker

• Kount Event-Based Bot Detection protects the end-to-end customer journey from fraud

• Datadog’s new capabilities for monitoring DNS provide visibility into the health of business-critical apps

• Keyavi Data launches four apps that enable customers to transform any type of data file into intelligent data

• Animal Jam – 7,104,998 breached accounts

• Apple Silicon M1 Chip in MacBook Air Outperforms High-End 16-Inch MacBook Pro

• Ontic and DarkOwl provide Fortune 500 clients with the ability to surface actionable insights from dark net data

• ThreatQuotient and Infoblox enable orgs to accelerate response to emerging threat vectors

• What’s New In OAuth 2.1?

• Google patches two more Chrome zero-days

• Changes to Microsoft Security Bulletins

• Security Hiring Plans Remain Constant Despite Pandemic

• Want to Avoid an Extreme Cyberloss? Focus on the Basics

• NSF-Funded Research Aims to Help Disrupt Cybercrime Supply Chains

• Nexus Repository Helps Developers Overcome New Docker Hub Rate Limits

• Contrast Security’s Approach to SCA Enables Vulnerability Prioritization and Faster Remediation

• New to Identity Governance? Here’s What to Look for in a Modern Identity Governance Solution

• The alleged decompiled source code of Cobalt Strike toolkit leaked online

• Barack Obama Interview Airing November 17 on Apple TV+ Show ‘The Oprah Conversation’

• DataVisor appoints Steve Knopf and Jamshed Patel to its executive leadership team

• AnimalJam – 7,104,998 breached accounts

• IT Security News Daily Summary 2020-11-11

• Silver Peak SD-WAN Bugs Allow for Network Takeover

• How do VPN vs. cloud services compare for remote work?

• 3 Tips For Successfully Running Tech Outside the IT Department

• Former Microsoft worker sentenced to nine years in prison for stealing $10+ million

• Microsoft warns against SMS, voice calls for multi-factor authentication: Try something that can’t be SIM swapped

• Common Ways to Avoid Hacking Your Personal Data on the Internet

• How Does Military Communicate on a Battlefield Today

• Black Friday vs Cyber Monday: Best Time to Buy a VPN Service

• Barracuda to Acquire Fyde for Zero-Trust Capabilities

• How Hard Is It to Overturn an American Election?

• RegretLocker, new ransomware, can encrypt Windows virtual hard disks

• Malicious Minecraft apps on Play Store scamming millions of users

• Nvidia Warns Windows Gamers of GeForce NOW Flaw

• Ransomware Attack on Medical Billing Company

• 9 New Tactics to Spread Security Awareness

• Google and Mozilla fixed issues exploited at 2020 Tianfu Cup hacking contest

• TestFlight App Gains Automatic Update Support

• AirBuddy App for Easily Connecting AirPods to Macs Gets Redesign and New Features

• Exploring the Exploitability of “Bad Neighbor”: The Recent ICMPv6 Vulnerability (CVE-2020-16898)

• Critical Vulnerabilities in Microsoft Software Fixed in November 2020 Patch Tuesday

• Ghimob – New Infostealer in the Cyber Arena

• Scammers Impersonating IRS to Steal Money

• Ransomware Group Used Facebook Ads to Pressure Victim

• Microsoft names former McAfee CEO Christopher Young as new Business Development chief

• Recent ransomware wave targeting Israel linked to Iranian threat actors

• Ragnar Locker Ransomware Gang Takes Out Facebook Ads in Key New Tactic

• TikTok Files Last-Minute Petition Against Trump Order

• Windows zero-day shut down on November Patch Tuesday

• Vatican Brings in Bots to Protect World’s Oldest Bible

• Gartner 2020 CASB Magic Quadrant – CipherCloud’s Visionary Performance

• How 2020 became Dana Deasy’s year of delivery

• Minecraft Apps on Google Play Fleece Players Out of Big Money

• IoT Security Foundation launches vulnerability platform

• “Instant bank fraud” hoax is back – don’t spread fake news!

• EC Finds Amazon Breached Antitrust Rules

• Walleon Smart Wallet – where Elegance, Fashion, and Innovation meet

• Former Microsoft Software Engineer Sentenced to 9 Years in Prison

• Muhstik botnet adds Oracle WebLogic and Drupal exploits

• Deals: Save Across Apple’s Entire iPad Lineup With Up to $166 Off iPad mini, iPad Pro, iPad Air, and iPad

• Apple Silicon MacBook Air vs. MacBook Pro Buyer’s Guide

• Future-proof attack protection

• This risk threatens retirees’ nest eggs. Here’s how advisors are protecting them

• Empowering employees to securely work from anywhere with an internet-first model and Zero Trust

• Facebook Extends US Political Ad Ban For Another Month

• #EdgeLive: Security Pros Can Harness Paul Rudd’s Superpower of Adaptation

• Patch Tuesday Update – November 2020

• The Predictions Dilemma

• The Security Failures of Online Exam Proctoring

• Future Apple Silicon Macs Rumored to Include Redesigned 14-Inch and 16-Inch MacBook Pro, 24-Inch iMac, and Smaller Mac Pro

• Try to avoid thinking of the internet as a flashy new battlefield, warns former NCSC chief

• Ragnar Locker team promotes its activities through Facebook Ads

• The source of truth – customers

• ByteDance Challenges Trump Over TikTok Ban

• Play Store identified as main distribution vector for most Android malware

• DDoS attacks are cheaper and easier to carry out than ever before

• Czech Republic’s Intelligence Agency Reveal on Russian And Chinese Spies Posing an Imminent Threat to The EU Member’s Security

• How to Avoid Getting Killed by Ransomware

• WhatsApp Using Up Your Phone Storage? Here’s How to Fix It

• Encryption to Double Extortion: Ransomware’s Rapid Evolution

• Enhancing internet and cloud security with Red Hat's contribution the Guide to IPsec VPNs

• Deals: Expercom Introduces First Discounts on M1-Enabled MacBook Pro, Air, and Mac mini

• AirPlay 2 and HomeKit Rolling Out to Select Roku Streaming Players and TVs

• September 2020 Cyber Attacks Statistics

• Elon Musk’ Starlink to Deliver Relatively Inexpensive Satellite Internet

• BrandPost: Fortinet Veterans Program Connects Participants to Employers

• Honda To Mass Produce Level 3 Self Driving Cars

• Ring Recalls 350,000 Smart Doorbells Over Fire Risk

• Ragnar Locker ransomware gang using Facebook ads to extort victims

• High-Severity Cisco DoS Flaw Can Immobilize ASR Routers

• SentinelOne Raises $267 Million at Valuation Exceeding $3 Billion

• CREST and CMMC Center of Excellence Partner to Validate DoD Contractor Security

• Understanding Bot Mitigation Limitations

• Redundant, Secure, and Open Short Domains: A Vision for Multi-Provider Apex Domain Aliases to Enable DNS Diversity

• Ragnar Locker ransomware gang advertises Campari hack on Facebook

• The Third-Party Ransomware Attack You Never Saw Coming

• Mysterious Bugs Were Used To Hack iPhones and Android Phones And No One Will Talk About It

• New Platypus Attack Can Steal Data From Intel CPUs

• Dutch Gov’t Orders Further Anti-Spying Measures For Telecoms

• Microsoft November 2020 Patch Arrives With Fix For Windows Zero Day

• COVID-19 Data Sharing App Leaked Healthcare Worker Info

• Patch Tuesday (November 2020): Microsoft Releases Fix for Zero-Day Vulnerability Found in Windows

• Apple Announces First Macs with Apple Silicon

• Palo Alto Networks acquires attack surface manager Expanse in $800m deal

• COVID-19 Data-Sharing App Leaked Healthcare Worker Info

• Vulnerabilities Exploited at Chinese Hacking Contest Patched in Firefox, Chrome

• Barracuda Acquires Zero-Trust Network Access Innovator Fyde

• A High-Level View of Today’s Cyber Threat Landscape

• Apple on Veterans Day: Apple Watch Activity Challenge, Extended Apple Music Trial, and More

• Now-patched Ubuntu desktop vulnerability allows privilege escalation

• Avast warns of Minecraft skin, mod apps fleecing ‘millions’ of Android users

• Microsoft Issues Security Warning on SMS Multi-Factor Authentication

• Antivirus Software Flagging Dell Drivers as Malware

• #EdgeLive: Stopping API Attacks with Bot Mitigation

• Federal Judge Tosses Apple’s Theft Claims in Ongoing Epic Games Legal Fight

• Fraudulent Minecraft-Related Apps Deceive Millions Of Google Play Users, Avast Warns

• Virtual Networking Lounges and Engagement Activities at #ISC2Congress

• 4 top deception tools and how they ensnare attackers

• How to take better control of applications running on your network

• 4 steps to DevSecOps in your software supply chain

• GNAP: OAuth the next generation

• Western Digital Finds Replay Attack Protection Flaw Affecting Multiple Vendors

• Cybersecurity Skills Shortage Falls for First Time

• Patch Tuesday: Dangerous Zero-Day Hides Among Another 100+ CVEs

• Hotel Reservation Platform Leaks 7 Years’ Worth of Customer Records, Exposes Millions to Fraud and Extortion

• Bravo-Cado: Cloud Forensics Defying COVID-19

• ISC Stormcast For Wednesday, November 11th 2020 https://isc.sans.edu/podcastdetail.html?id=7248, (Wed, Nov 11th)

• HomePod Mini Repair Fee is Only $20 Cheaper Than Buying a New One Without AppleCare+

• Apple Watch Cellular Models Now Available in Belgium, Telenet Exclusive Provider

• EU retailers are less vulnerable to web app attacks than US counterparts

• Facebook’s link preview feature abused for website-scraping scheme

• The Department of Work and Pensions leaves citizens personal data exposed for over 2 years

• Apple Unveils Mac Computers Powered By M1 Chip

• Fifth of UK Firms Planning to Downsize Security Teams

• Microsoft Releases Windows Security Updates For Critical Flaws

• Build Your 2021 Cybersecurity Plan With This Free PPT Template

• Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers

• EU bodies agree on new EU export rules for dual-use technology

• AnandTech Calls Apple’s Fastest CPU Core Claim for M1 ‘Extremely Plausible’

• Security Expert Re: Scammers Impersonate IRS, Threaten Legal Action As Tax Payment Deadline Looms

• EU Paper Hints At Further Steps Towards Banning Encryption

• Experts On 5.8 Million RedDoorz User Records For Sale On Hacking Forum

• Almost Four-In-Ten Data Breaches Are Caused By Stressed, Tired Employees

• Malicious Use Of SSL Increases As Attackers Deploy Hidden Attacks

• Decrypting OpenSSH sessions for fun and profit

• Czech Intel Report Targets Russian, Chinese Spies

• #EdgeLive: DDoS Attacks Are Evolving into Extortion-Led RDoS Campaigns

• United States Veteran’s Day 2020

• Canada Remembrance Day 2020 / Jour du Souvenir du Canada 2020

• Targeted ransomware: it’s not just about encrypting your data!

• Adobe releases new security fixes for Connect, Reader Mobile

• Widely used illegal streaming platform switched off from Switzerland

• Interview with Shanmugavel Sankaran, founder of FixNix – The Entrepreneur who sold his house

• Secure Enclaves: Data Protection So Secure, No One Knows About It

• Microsoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitation

• Operation Tovar: What It Was and How A Key Botnet Was Eliminated

• Europe clamps down on cybersurveillance exports, pushes human rights focus

• Facebook link preview feature used as a proxy in website-scraping scheme

• Stop thinking of cybersecurity as a problem: Think of it as a game

• Ransomware Attack on Brazil Court System

• Tips to prevent Cyber Attack risks

• Encryption-based threats grow by 260% in 2020

• Finding 365 bugs in Microsoft Office 365

• SecTor 2020, Canada’s biggest cybersecurity event: Day one

• Attackers vs. Hackers – Two *Very* Different Animals

• Apple debuts M1, the first in a family of Mac-specific ARM processors

• Data on millions of hotel guests exposed in cloud storage leak

• Report: Only 51% Of Facebook Employees Believe The Company Has A Positive Impact On The World

• BotRx widgets provide analytical context on how attacks impact business operations

• ZeroNorth unites security and DevOps teams with Defect Density Dashboard

• xHunt Hackers Uses New Backdoor to Attack Exchange Servers

• Apple Selling New Solo Loop and Sport Bands in Kumquat, Northern Blue and Plum

• Palo Alto Networks introduces Enterprise Data Loss Prevention

• New Kasada API protects from botnet attacks and targeted fraud

• Patch Tuesday, November 2020 Edition

• Traffic Analysis Quiz: DESKTOP-FX23IK5, (Wed, Nov 11th)

• Nanoleaf Launches HomeKit-Compatible ‘Essentials’ LED Bulb and Lightstrip

• Viavi enables installation and maintenance of 5G NR and legacy 4G-LTE cell sites

• ADTRAN announced Mosaic One, a cloud-based network and service optimization platform

• Microsoft emits 112 security hole fixes – including the cure for a Google-disclosed kernel vuln exploited in the wild

• Guardsquare Releases 2020 Global Report Highlighting Mobile Application Insecurity Across Operating Systems

• Apple’s New M1 Chip Brings 6K Display Support to Mac Mini and Base 13-Inch MacBook Pro For the First Time

• Jim Barkdoll becomes CEO of Stealthbits Technologies

• PKWARE acquires Dataguise to expand global footprint

• Election Security: When to Worry, When to Not, and the Takeaway from Antrim County, Michigan

• Microsoft emits 112 security hole fixes – including the cure for a Google-disclosed vuln exploited in the wild

• Cyber and AI investments could trend up in defense spending

• VA reports smooth go-live from $16B electronic health record system

• VERT Threat Alert: November 2020 Patch Tuesday Analysis

• Malware Hidden in Encrypted Traffic Surges Amid Pandemic

• Flaws in Privileged Management Apps Expose Machines to Attack

• 12th November 2020: Identity Methods partners with ColorTokens to Provide UK Enterprises with Industry-Leading Zero Trust Security in the Cloud

• Apple Launches Extended Holiday Return Policy, Returns Accepted Until January 8 in U.S.

• How to Overcome Cybersecurity Challenges for Remote Workers

• ICANN Doubles Down on Technical Internet Governance Label: What Are the Implications?

• Android TVs from top manufacturer plagued with ‘extraordinary’ flaws

• Senate nixes pay hike for feds in funding bill

• Microsoft Patches Windows Kernel Flaw Under Active Attack

• Claroty Details Vulnerabilities in Schneider PLCs

• Adobe Releases Security Updates for Multiple Products

• M1 Macs Support WiFi 6, MacBook Air Has Updated Function Keys

• IT Security News Daily Summary 2020-11-10

• New Pay2Key Ransomware Emerges As The Latest Threat For Organizations

• AI helps Toledo get the lead out

• Army to evaluate facial recognition in day care centers

• Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

• Cisco Releases Security Update for IOS XR Software

• November Patch Tuesday 2020 fixes 112 vulnerabilities

• Recorded Webinar: the Next Generation Cyber Threats of E-Commerce

• Adobe fixes flaws in Connect and Reader Mobile

• Everything Announced at Today’s Apple Event in 6 Minutes

• M1 MacBook Air, MacBook Pro, and Mac Mini Not Compatible With eGPUs

• Nicolas Sarkozy’s No Good, Very Bad Campaign Finance Scheme

• Getting to Know Cloudjacking and Cloud Mining Could Save Your Business

• Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers

• Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs

• Cloud Usage, Biometrics Surge As Remote Work Grows Permanent

• New M1 Mac Models Feature Thunderbolt 3 Ports, Not Newer Thunderbolt 4

• Apple Ends Today’s Mac Event With Return of Totally Jealous PC Guy

• Apple’s M1 Chip Brings Massive Battery Life Improvements for MacBook Air and MacBook Pro

• November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw

• 11 Android settings that’ll strengthen your security

• Chicago launches a challenge to extend outdoor dining into winter

• Radio Frequency fingerprinting of aircraft ADS-B transmitters? Boffins reckon they’ve cracked it

• Phishing, deepfakes, and ransomware: How coronavirus-related cyberthreats will persist in 2021

• Microsoft Patches Windows Vulnerability Chained in Attacks With Chrome Bug

• Hacker Sells Access to Pakistani Airlines’ Network

• Overlooked Security Risks of the M&A Rebound

• How To Prepare for a CMMC Audit

• Microsoft November 2020 Patch Tuesday, (Tue, Nov 10th)

• VM-Series Virtual Firewalls Integrate With AWS Gateway Load Balancer

• New MacBook Air, 13-Inch MacBook Pro, and Mac Mini With M1 Chip Available to Order, Launch November 17

• Apple Seeds Second macOS Big Sur 11.0.1 Release Candidate to Developers

• MacBook Air and MacBook Pro M1 Chips Have Same 8-Core CPUs, No Upgrades Available

• New MacBook Air and MacBook Pro Still Have 720p Camera, But Apple Promises Better Quality From M1

• M1 MacBook Pro Replaces Low-End Model, Higher-End Intel Options Still Available

• New Platypus attack can steal data from Intel CPUs

• Microsoft November 2020 Patch Tuesday arrives with fix for Windows zero-day

• Phishing, deepfakes, and ramsomware: How coronavirus-related cyberthreats will persist in 2021

• PLATYPUS: Hackers Can Obtain Crypto Keys by Monitoring CPU Power Consumption

• Adobe Patches Vulnerabilities in Connect, Reader Mobile

• Smishing attack tells you “mobile payment problem” – don’t fall for it!

• Zix Acquires CloudAlly

• Vulnerabilities Affect 100,000 Sites Using WordPress Plugin

• Microsoft Releases November 2020 Security Updates

• Intel, Please Stop Assisting Me

• Flaws in WordPress Ultimate Member plugin expose 25K sites to hack

• How to Triage Splunk Alerts Faster

• New MacBook Air Announced as First Apple Silicon Mac With M1 Chip and Fanless Design

• Apple Unveils New Mac Mini Powered By M1 Apple Silicon

• Apple Announces New 13-inch MacBook Pro With M1 Apple Silicon

• Apple Releasing macOS Big Sur on November 12

• New MacBook Air, 13-Inch MacBook Pro, and Mac mini With M1 Chip Now Available to Order, Launch Next Week

• New side-channel attacks allow access to sensitive data on Intel CPUs

• BrandPost: The State of Healthcare Cybersecurity During Covid-19

• Apple to Deliver ‘Privacy Labels’ for Apps, Revealing Data-Sharing Details

• One more reason for Apple to dump Intel processors: Another SGX, kernel data-leak flaw unearthed by experts

• Ransomware Group Turns to Facebook Ads

• Vulnerabilities Affect 100k Sites Using WordPress Plugin

• The Double-Edged Sword of Cybersecurity Insurance

• The roles and responsibilities that lead to better software security initiatives

• ConnectWise Acquires Perch Security and StratoZen, Two Cybersecurity Firms Focused on MSP Space to Address Needs of SMBs

• Frost & Sullivan Honors PerimeterX with 2020 Best Practices Award

• Apple Event Live Coverage: Apple Silicon Macs Expected

• Don’t Sleep on China’s New Blockchain Internet

• Ultimate Member WordPress Plugin Vulnerable to Privilege Escalation

• Malicious Npm Package Stealing Discord Credentials and Browser Data

• Google Adds Tab-Nabbing Protection to Next Chrome Release

• Ghimob banking trojan targeting hundreds of Android apps

• Check Point CloudGuard integrates with AWS Gateway Load Balancer at Launch

• Microsoft and OpenAI propose automating U.S. tech export controls

• Ghimob Android Banking Trojan Targets 153 Mobile Apps

• DDoS attacks: How to combat the latest tactics

• PKWARE Acquires Dataguise to Expand Data Security Offering

• Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

• SAP Releases November 2020 Security Updates

• Tetration Updates – New capabilities for microsegmentation and workload security

• Experts Reaction On Latest Mashable Data Breach

• Sir Tim Berners-Lee Proposes ‘Fix’ For NHS Data Problem

• 10 Years of HTTPS Everywhere

• EA Games’ Origin client contained privilege escalation vuln that anyone with user-grade access could exploit

• Cyber Attacks increase in Britain because of Coronavirus Pandemic Lockdown

• Video: Are you in?

• EC Hits Amazon With Competition Rule Violations

• TSMC Seeds Arizona Subsidiary With $3.5 Billion

• Attackers Using Image Inversion Technique to Bypass Office 365 Filtering Mechanism

• #EdgeLive: Selecting the Right Approach to Securing a Remote Workforce

• How Hackers Blend Attack Methods to Bypass MFA

• In the Financial Services Industry, 74% of Apps Have Security Flaws

• Prioritize your Threat Alerts with our Actionable Threat Intelligence

• Malicious NPM project steals browser info and Discord accounts

• Demand for Apple TV+ Shows Increasing With Second-Wave Series Like ‘Defending Jacob’ and ‘Truth Be Told’

• Expert Comment On Big Basket Data Breach

• AI, ML, or just automation?

• Mozilla patches critical security issues in Firefox and Thunderbird

• BrandPost: Cloud Security Topics: Using Network Threat Protection to Decrease Vulnerability

• Huawei To Offload Honor Smartphone Division – Report

• Gitpaste-12 Malware via GitHub and Pastebin Attacks Linux Servers and IoT Devices

• Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin

• IoT security is a mess. These guidelines could help fix that

• Big Tech Welcomes Biden Presidency, But Battles Loom

• New APT32 Malware Campaign Targets Cambodian Government

• New Ghimob Malware Can Spy On 153 Android Mobile Applications

• Microsoft Teams Users Under Attack With FakeUpdates Malware

• FTC Orders Zoom To Implement Stricter Security Standards

• Apple Store Goes Down Ahead of Apple Event Today, Apple Silicon Macs Expected to Debut

• November 2020 Apple Event: Spoiler-Free Video Stream

• Magecart and the Inter Skimmer threat

• SECURITY ALERT: Zoom Video Phishing Emails Targeting Corporate HVTs

• Extend data loss prevention to your devices with Microsoft Endpoint Data Loss Prevention, now generally available

• Virgin Hyperloop Pod Enjoys Successful Passenger Test

• CVE-2020-16995: Microsoft Azure Network Watcher Linux Extension EoP

• Fraudulent Minecraft Apps On Google Play | Avast

• Microsoft Teams Users Under Attack in ‘FakeUpdates’ Malware Campaign

• Dark web: Underground forums remain a hotbed of COVID-19 scams

• Developers: This is Google’s new idea for keeping your open-source projects secure

• ZeroNorth Unveils New Defect Density Dashboard to Unite Security and DevOps Teams

• JumpCloud Raises $75M to Advance Zero-Trust Security Based on Identity

• Latest Version of Unisys Stealth® Features New Automation and Visualization Tools to Accelerate Deployment and Simplify Management

• Cybrary Offers More Free Courses To Offer Paths To Employment and Better Defense Against Increased Cyber Attacks

• US Signal Launches Vulnerability Scanning and Management for Proactive Detection and Remediation of Critical IT Security Threats

• Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike

• A Way Forward for U.S. Policy on TikTok

• SECURITY ALERT: New Norwegian Campaign of Scam Phone Calls (Impersonating Microsoft)

• New 2020 Duo Trusted Access Report Examines Securing Remote Work

• How Do Security Controls Help Implement a Corporate Security Policy?

• Brazil Court System Went Down Following Cyber Attack

• Welcart e-Commerce Plugin Bug Exposed WordPress Sites To Code Injection Attacks

• New worming botnet Gitpaste-12 infecting IoT devices, Linux servers

• Tim Berners-Lee: This new Solid privacy server will help secure your data

• Ukrainian Gets 9 Years in Prison for Trying to Steal $10M from Microsoft

• EU Agrees on Tighter Rules for Surveillance Tech Exports

• US Retailers More Vulnerable to Web App Attacks Than EU Counterparts

• Malicious Use of SSL Increases as Attackers Deploy Hidden Attacks

• Fake Discord npm Package Is a Malware that Steals Browser Data

• Happy Birthday, Marine Corps!

• The 245th United States Marine Corps Birthday: Honor, Courage, and Commitment

• 2020 Was a Secure Election

• Apple Backs AirPods Assembler Luxshare to Move into iPhone 12 Production Early

• One Step Beyond: Using Threat Hunting to Anticipate the Unknown

• Developing a multicloud security strategy

• Inside Atlassian’s zero trust implementation

• Apple Issues Warning To Key iPhone Supplier

• Singapore moots mandatory offsite verification for financial institutions

• Zoom Settles with FTC After Charges it Misled Customers

• Tetrade hackers target 112 financial apps with Ghimob banking Trojan

• Heart Analyzer App Gains Blood Oxygen Complication for Apple Watch Series 6

• Stressed Employees Behind 4 In 10 Data Breaches

• Mashable suffers data breach exposing users’ details

• Privacy Refresh Overview | Avast

• FCW Insider: Nov. 10

• Ex-Microsoft Engineer Gets Nine Years for $10m Digital Theft

• Report: ‘iPhone 13 Pro’ Models to Feature Low-Power LTPO Display Technology

• 5 Cybersecurity Predictions For 2021

• Experts Insight On Hotel Booking Firm Leaks Info From Millions Of Guests

• World’s largest eyewear company suffers data breach

• RedDoorz user record for sale by threat actor on hacking forum

• FTC orders Zoom to enhance security practices

• Check Point Software´s predictions for 2021: Securing the ‘next normal’

• Dana Deasy’s year of delivery

• Chrome to block tab-nabbing attacks

• Cadbury Social Media Scammers Take Chocoholics for a Ride

• Ransomware’s Brutal ‘Second Wave’

• Prestige reservation platform exposes millions of hotel guests

• Watch Out! New Android Banking Trojan Steals From 112 Financial Apps

• Identity Verification: Is Your Potential Employee Who They Say They Are?

• Threat Stack Cloud Security Platform gets machine learning capabilities

• Tim Berners-Lee asks everyone to do new biz a Solid and let him have another crack at fixing the Web’s privacy

• New ‘Ghimob’ malware can spy on 153 Android mobile applications

• Pandemic-driven digital economy will frame regulation ‘more positively’: Temasek

• Checkpoint offers world first autonomous cyber threat prevention platform

• New Research suggests 2 pattern mobile security on Android phones

• Critical Vulnerability in Windows OS – Check Point customers remain protected

• Cyber criminals scam bank customers pretending to be from bank security

• Product showcase: Specops Password Auditor

• The evolving role of the CTO

• Best data security practices when offboarding employees

• What is a Cloud Access Security Broker? CASB explained

• Quick Hits

• What is Policy Compliance? Four Tips to Help You Succeed

• Flaws in PcVue SCADA Product Can Facilitate Attacks on Industrial Organizations

• Most UK businesses using Oracle E-Business Suite are running old systems

• Guide: Security measures for IoT product development

• Former Microsoft engineer sentenced to nine years in prison for stealing $10 million

• Tasmania makes big leaps in Cisco Australian Digital Readiness Index

• ISC Stormcast For Tuesday, November 10th 2020 https://isc.sans.edu/podcastdetail.html?id=7246, (Tue, Nov 10th)

• Mashable – 1,414,677 breached accounts

• Lawmakers demand answers from GSA on transition

• Former Microsoft Worker Gets 9 Years in $10M Fraud Scheme

• CoSoSys enhances Endpoint Protector 5.2.0.9 with enterprise features

• Lazada RedMart – 1,107,789 breached accounts

• Npm package caught stealing sensitive Discord and browser files

• Tech giants not convinced Australia’s critical infrastructure Bill is currently fit for purpose

• Photo Depicts Alleged AirTag Keychain

• HPE optimizes the partner experience with extensive enablement opportunities

• Remove excessive cloud permissions with CyberArk Cloud Entitlements Manager

• 2020-11-09 – Trickbot from malspam (gtag rob2 and gtag tar2)

• Shared services gaining traction, PSC reports

• New Brazilian Banking Trojan Targets Mobile Users in Multiple Countries

• Rob Theis joins Avaya’s Board of Directors

• Laptop mega-manufacturer Compal hit by DoppelPaymer ransomware – same one that hit German hospital

• BrandPost: Certifications Advance Security Professionals and Help Address the Skills Gap

• Attack Surface Analysis: Most Blacklisted IP Addresses Scrutinized

• How to securely donate old Windows 10 PCs

• Top 5 things to do with old gadgets

• Facebook Announces Probation For Groups That Spread Misinformation

• FTC Announces Consent Agreement With Zoom

• Discord.dll: successor to npm “fallguys” malware went undetected for 5 months

• Hands-On With Apple’s Intercom Feature for HomePod and HomePod Mini

• IT Security News Daily Summary 2020-11-09

• Zoom lied to users about end-to-end encryption for years, FTC says

• Free online cybersecurity classes, with certificates

• Keeping classified geospatial analysis on track during the pandemic

• 3 keys to managing cyber risk in state, county and city agencies

• Bug hunter wins ‘Researcher of the Month’ award for DOD account takeover bug

• Apple Gets FCC Approval for MagSafe Duo Wireless Charger

• Vulnerability Descriptions in the New Version of the Security Update Guide

• Zoom strong-armed by US watchdog to beef up security after boasting of end-to-end encryption that didn’t exist

• Account Takeover Risks During Pandemic: Solutions for Small Businesses

• Why Are Leading Market Research Firms So Excited About XDR?

• Security-driven networking: The foundation of digital transformation

• GSA’s mismanagement of PIV cards puts facility, data security at risk, watchdog says

• Cyberattack on UVM Health Network Impedes Chemotherapy Appointments

• Trump Site Alleging AZ Election Fraud Exposes Voter Data

• Data Privacy Gets Solid Upgrade With Early Adopters

• Photographer Austin Mann Shares iPhone 12 Pro Max Camera Review

• U.S. Dept of Justice seizes $1 billion in Bitcoin

• Zoom settles FTC charges for misleading users about security features

• Ultimate Member Plugin for WordPress Allows Site Takeover

• WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques

• 01 Communique Signs a Co-operation agreement with PwC to Implement Quantum-Safe IronCAP Cryptography Technolog

• xHunt hackers hit Microsoft Exchange with two news backdoors

• Review: iBoy is a Must-Have Desk Toy for iPod Fans

• Luxottica Data Breach

• SMS Text Message Phishing Campaign Targeting UK Residents

• Compal, the Second-Largest Laptop Manufacturer in the World, Hit by Cyber Attack

• X-Cart Infected with Ransomware

• New RansomEXX Ransomware Variant Emerges That Targets Linux Systems

• BrandPost: Developing Cybersecurity Career Pathways for Veterans

• Tianfu Cup 2020: Hackers pwn Windows, iPhone, Chrome for big bucks

• Data Security by the Numbers: How a Smarter Approach Saves Time and Money

• Esper out at DOD

• FTC Says Zoom Misled Users on Its Security for Meetings

• 7 key cybersecurity metrics for the board and how to present them

• CISA: No election hacking, but plenty of misinformation

• Paralegal Admits Role in Outing Iowa Witnesses

• Insecure APIs a Growing Risk for Organizations

• Vulnerability Summary for the Week of November 2, 2020

• Three DevSecOps challenges and how to mitigate them

• The Joy of Tech® ‘Congrats America’

• How to Watch the Mac-Focused Apple Event on November 10, 2020

• Nigeria’s #ENDSARS Campaign is About More Than One Police Unit

• Better Informing a President’s Decision on Nuclear Use

• Lock and Code S1Ep19: Forecasting IoT cybersecurity with John Donovan and Adam Kujawa

• UK in Cyber-War Against Anti-vaccine Propaganda

• Threat Actors Stole Source Code from SonarQube Instances of US Government Agencies, Says FBI

• Securing VPN and RDP access to sensitive resources [Free e-book and webinar]

• ShiftLeft Engineering — Integrating your Go services with JIRA

• Great British Prank: Company Name Contains XSS Hack

• RansomEXX trojan variant is being deployed against Linux systems, warns Kaspersky

• BigBasket data breach – 20 million customer data sold on dark web

• Rights Activists Slam EU Plan for Access to Encrypted Chats

• Try this cybersecurity quiz, test your cyberdefense smarts

• Mashable Customer Data Leaked Online

• Trickbot is Down But Not Out

• iPhone 12 Pro Max Reviews: ‘The Best Smartphone Camera’ You Can Get, But 6.7-Inch Display Isn’t for Everyone

• Apple Executives Discuss iPhone 12 and Apple’s Approach to Camera Design

• Experts Reacted On WhatsApp To Introduce Disappearing Messages

• Managing Decreasing Public Tolerance For Cyberattacks

• Your organization doesn’t have time and resources to do research, POCs, evaluations?

• Ransomware news trending on Google

• Confidently manage medical imaging on FlexPod

• This new malware wants to add your Linux servers and IoT devices to its botnet

• Older Android phones will start failing on some secure websites in 2021

• Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

• Microsoft Exchange Attack Exposes New xHunt Backdoors

• Open University Targeted With Over a Million Malicious Email Attacks So Far This Year

• 7 Online Shopping Tips for the Holidays

• Preventing and Mitigating DDoS Attacks: It’s Elementary

• The Origin Is No More

• Compal, the Taiwanese giant laptop manufacturer hit by ransomware

• iPhone 12 Mini Reviews: The Best Small Smartphone but Battery Life ‘Leaves Much to Be Desired’

• Deals: Purchase Parallels Desktop for Mac and Get One Year of Fantastical Premium for Free

• Somebody’s Russian to meddle with UK coronavirus vaccine efforts, but GCHQ won’t take it lying down

• VMware Carbon Black Named a Finalist in the 2020 CRN Tech Innovator Awards

• Computer Manufacturing Company Compal Discloses Security Incident

• Let’s Encrypt Warns Some Android Users of Compatibility Issues

• Campari staggers to its feet following $15 million Ragnar Locker ransomware attack

• Worried About SaaS Misconfigurations? Check These 5 Settings Everybody Misses

• Watch: iPhone 12 Mini, iPhone 12 Pro Max, MagSafe Duo Charger, and Leather Sleeve Unboxing Videos and Reviews

• Deals: AirPods Pro Available for New Low Price of $194 at Amazon

• 16-30 September 2020 Cyber Attacks Timeline

• ‘Build’ or ‘Buy’ your own antivirus product

• COVID-19 made IT modernization a priority

• Compal, the second-largest laptop manufacturer in the world, hit by ransomware

• Lessons from Teaching Cybersecurity: Week 6

• RDP and the remote desktop

• A Zero Trust Approach to Protecting Cloud Identities Begins with Least Privilege

• Source codes stolen from US government agencies by hackers

• Millions of hotel guests have data exposed after Hotel Booking firm experiences breach

• Western Digital unveils new NVMe SSDs for scaling data-centric architectures

• Duo Security and Datto: More Than Just Another MSP Integration

• Beverage Giant Campari Went Offline Following Ransomware Attack

• Apple Patched Three iOS Zero-Day Bugs Following Google’s Discovery

• Capcom Latest Multinational To Be Hit By Disruptive Cyber-Attack

• Veteran Game Maker Codemasters Set For US Acquisition

• Google Will Not Move To Dismiss US Antitrust Case

• European Commission Warns Of Rising Pandemic Scam Risk

• Apple Faces 5G iPhone 12 Supply Shortages As Holidays Loom

• Bug Bounty Hunters Earn $1.2 Million at Chinese Hacking Competition

• Emotet and TrickBot Top the Malware Charts Yet Again

• Paul Collyer to Join HTB as New Chief Risk Officer

• Online Grocery Store BigBasket faces Data Breach of 2 Crore Users

• CybersecAsia Awards 2020 recognizes ManageEngine for its leadership in cybersecurity

• YouTube App Adds HDR Support for iPhone 12

• From pranks to APTs: How remote access Trojans became a major security threat

• Using open source for identity projects: 8 considerations

• Naked Security Live – Shop safe online (you know why!)

• Price Dropped on Hacked Educational RDP Details

• Hacker Spotlight: Interview with ‘Cyberboy’, Bug Bounty Hunter who Won $3000

• SecZetta and LevelUP Announce New Partnership in Third-Party Identity and Risk Management

• Ransomware hits Brazil’s Superior Court & other Federal agencies – Security Experts Perspectives

• Expert On Italian Beverage Vendor Campari Knocked Offline After Ransomware Attack

• UK banking customers targeted by HMRC smishing tax scam

Generated on 2020-11-15 23:58:21.978909