Personal Safety

IT Security News Daily Summary 2018-09-07

IT Security News Daily Summary 2018-09-07

Tor Project releases first alpha of Android mobile browser
SYNful Knock – A Cisco router implant – Part I
380.000 British Airways Customers Affected by Data Breach
Dear America: Want secure elections? Stick to pen and paper for ballots, experts urge
access control
8 Attack Vectors Puncturing Cloud Environments
What to Expect at Apple’s September 2018 Event: New iPhones, Apple Watch Series 4, AirPods, AirPower and More
US government releases post-mortem report on Equifax hack
Richard Bejtlich on His Latest Book, “The Practice of Network
Security Monitoring”
WannaCry Malware Profile
Acknowledgement of Attacks Leveraging Microsoft Zero-Day
Apple Removes Top Security App For Stealing Data and Sending it to China
Georgia Extradites Russian Data Theft Suspect to US
APT28: A Window into Russia’s Cyber Espionage Operations?
Hackers and Worms in the Singularity
ethical hacker
FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY
Russian hacker accused of historic data theft will face trial in U.S.
Phishing 101: Targeted Phishing Attacks
Key internet connections and locations at risk from rising seas
Another mSpy leak exposed millions of sensitive user records
Silicon Valley CEO admits $1.5m wire fraud: Bouxtie boss forged signatures to investors
FLARE VM: The Windows Malware Analysis Distribution You’ve Always Needed!
Threat Roundup for August 31 to September 7
Fake Beto O’Rourke Texts Expose New Playground for Trolls
Lazarus Group hacker charged in Wannacry, Sony attacks
Reddit AMA
Proposed Tariffs Will Impact Apple Watch, AirPods, HomePod, Mac Mini and More
Top antivirus tool nuked from macOS App Store – after it phoned browser histories to China
US Government releases post-mortem report on Equifax hack
Police arrested Apophis Squad member responsible for ProtonMail DDoS attack
No.1 Adware Removal Tool On Apple App Store Caught Spying On Mac Users
Golden State senators want answers on data throttling
IDG Contributor Network: How enterprise knowledge graphs can proactively reduce risk
Linus Torvalds: Changes in hardware change Linux development
Palestinian, Middle East Targets Hit with New Surveillance Attacks
DOD doubles down on CAC, expands supply-chain defense
IDG Contributor Network: Replication isn’t data protection. Here’s why
BSides Cleveland 2018, Mark Abrams’s ‘Go Back To The Basics With Your Processes: Improving Operations Without Technology’
Open .Git Directories Leave 390K Websites Vulnerable
One Year Since Equifax
Cybersecurity the right way
Temple of Doom 1: CTF Walkthrough Part 2
ICS Computer Attacks Steadily Rising
Fake Compromises, Real Threats in Next Week’s EU Copyright Vote
Mac App Store apps are stealing user data
Researchers Discover New “Fallout” Exploit Kit
CompTIA A+ Certification: An Overview
First Day on The Job [Comic]
Why You Should Be Fed Up With the Cycle of FUD
Facebook Censors Users For Saying “All Men Are Trash”
Industry Reactions to U.S. Charging North Korean Hacker: Feedback Friday
Channel Scoop: September 7, 2018
Bulldog: 2 CTF Walkthrough
Pentesting IoT devices (Part 1: Static Analysis)
OnBoard Security Expands TrustSentinel TSS 2.0 with SAPI middleware
New Windows 10 Preview Build 17755 & Your Phone Updated with SMS Support
Apple Music Gaining 116 Global ‘Top 100’ Music Charts
Revealed: British Airways was in talks with IBM on outsourcing security just before hack
MedSec’s Justine Bone on Medical Device Security Research
Israel keeps on growing as a major center of global cybersecurity innovation
German Researchers Spoof Certificate Authorities
Week in security with Tony Anscombe
Apple yanks top Mac app a month after learning it sends user info to China
Inside MSRC: Sharing Our Story & Customer Tips
Cyber News Rundown: Banking Trojans in Google Play
British Airways hacked- Private & financial data of 380,000 customers stolen
British Airways Issues Apology for Severe Data Breach
Private Data of Over Two Million Users Leaked by mSpy Spyware Maker
Trojanized Extension Uploaded to Google’s Chrome Store
Iranian APT Believed to Be Targeting Citizens
Invoice Phishing Campaign
Mac App Store App ‘Adware Doctor’ Discovered Stealing User Browsing History [Update: Removed]
British Airways Website, Mobile App Breach Compromises 380k
“Shifting Left” Requires Remediation Guidance
A Space Force & Experiences with Airpower and the Great War
Occam Technology Group and Syniverse partner to develop security for non-cellular IoT devices
MicroTik For Tat, Flawed Routers Join Proxy Army
Feel the shame: Email-scammed staffers aren’t telling bosses about it
Talking Global Cyberwar With Kaspersky Lab’s Anton Shingarev
Domestic Kitten APT Operates in Silence Since 2016
IDG Contributor Network: In the new ecommerce fraud landscape, every vertical is now at risk
Homeland Security Head: Colorado Tops US in Vote Security
Top Mac anti-adware software in App Store steals your browsing history
Security Experts Comments – British Airways Data Breach
The Role of Incident Response in ICS Security Compliance
Phishing alert: North Korea’s hacking attacks shows your email is still the weakest link
PowerShell for Pentesters Part 4: Modules with PowerShell
What is cyberwar? Everything you need to know about the frightening future of digital conflict
What consumers are doing to protect their data a year after the huge Equifax breach
Hotspot Honeypot
Member of Apophis Squad Cyberattack Group Arrested for Making Bomb Threats
Mac App Store App ‘Adware Doctor’ Discovered Stealing User Browsing History
Tor gets its first official mobile browser
Digital Security by ADT launches identity protection nationwide
Fifth Top Paid App on the Mac App Store Steals Users’ Browsing History
The Linux Foundation: Accelerating Open Source Innovation
Threatpost News Wrap Podcast For Sept. 7
Misconfigured Tor sites leave public IP addresses exposed
IDG Contributor Network: The hidden security problem we all need to know about
Tech ONTAP Podcast Episode 155: Trident 18.07 and… Goodbye Sully?
Vodafone hounds Czech customers for bills after they were brute-forced with Voda-issued PINs
2018 CEF Telecom Call– €13 million to reinforce the EU’s Cybersecurity capacity
Threat Actors Eyeing IQY Files To Peddle Malspam
How to Mitigate XXE Vulnerabilities in Python
Stolen Data from Chinese Hotel Chain and Other Illicit Products Sold in Deep Web Forum
How to Eliminate Secret Zero and Stop Nesting Secrets
Twitter, Facebook Face US Congress Over Misinformation
British Airways hacked: 400,000 customers affected
Phishing scams pick up the phone and MikroTik routers watch and listen | Avast
Third Party Tiering: The Cornerstone of a Strong Third-Party Risk Management Program
The Best Way To Secure US Elections? Paper Ballots
Vulnerability Spotlight: CVE-2018-3952 / CVE-2018-4010 – Multi-provider VPN Client Privilege Escalation Vulnerabilities
Finding the Middle Ground: Securing Smart Cities
Teen hacker admits to SWATting schools, airline flight
Sound, Fury, And Nothing One Year After Equifax
Job Outlook for CCSP Cert Holders
How does a WDC vulnerability put hardcoded passwords at risk?
A Forward-Looking View Into Security Performance
Microsoft to Charge for Windows 7 Security Updates
Making Cyber Threats Big Data Manageable
How Brad Olive Fights Fires With Security Awareness
Hacking a Serverless Application (Demo)
BusyGasper: An Android Spyware Loaded with Stand-Out Features
Cisco Products Receive Patches for Critical Struts Vulnerability
Traps Prevents In-The-Wild VBScript Zero-Day Exploit in Internet Explorer
BA Scrambles to Address Theft of Passenger Bank Details
Tor Browser 8 is out: What’s new?
Avast Business named best antivirus 2018 | Avast Business
Malware on ICS Increasingly Comes From Internet: Kaspersky
Apple to Release an Online Tool for Police to Request User Data
British Airways suffers breach, 380,000 card details stolen
Managing the Customer Trust Crisis: New Research Insights
Chrome 69 kills off www in URLs: Here’s why Google’s move has made people angry
Dark web sites could be exposed by routine slip-up
U.K. Teen Involved in ProtonMail DDoS Attack Arrested
Remove Mimicry Ransomware. Restore .good Encrypted Files
IDG Contributor Network: The ethics of creating secure software
Uncertainty is widespread across companies over who takes the lead on cyber, says Willis Towers Watson
Firefox finally casts Windows XP users adrift
Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records
Troldesh Ransomware Spreading Via Weaponized Word Document and RDP Brute-force Attack
Popular Mac App Adware Doctor Actually Acts Like Spyware
Flaw in update process for BMCs in Supermicro servers allows to deliver persistent malware or brick the server
Users to Pay For Windows 7 Extended Security Updates
Security risks curb the adoption of online banking
Top MacOS App Exfiltrates Browser Histories Behind Users’ Backs
EOEO Virus Removal – Restore Infected Computers and .eoeo Files
New infosec products of the week: September 7, 2018
6 ways companies fail at security fundamentals
Tesla Encouraging “Good Faith” Security Research in Bug Bounty Program
UK Teen Hacker Arrested After DDoS-ing Own Email Provider
Healthcare Reports Highest Number of Breaches Over the Past Financial Year
ThreatList: Attacks on Industrial Control Systems on the Rise
Not Your Grandfather’s SIEM: 5 Signs That You Should Reconsider Your Current SIEM Deployment
VB2018 preview: Since the hacking of Sony Pictures
North Korean hacker charged with cyber attack on NHS
M-M-M-MONSTER KILL: Cisco’s bug-wranglers swat 29 in single week
The worst cyberattacks undertaken by nation-state hackers
What is a chaff bug? How adding bugs to apps may make them more secure
Researchers find Chainshot malware corrupting networks
US Treasury wants national data breach notification standard
July 2018 Cyber Attacks Statistics
US charges North Korea agent over Sony Pictures hack and WannaCry
Financial info of 380,000 British Airways customers stolen in site, app breach
CrackMapExec –Post Exploitation tool for Active Directory Networks
Gone phishing – Why Android and iPhone users are susceptible to cyber phishing scams
Teenage hacker admits making hoax bomb threats against schools and airlines
US Indicts North Korean Over Sony, Bank and WannaCry Attacks
Adding Authentication to Your HTTP Triggered Azure Functions
Apple is building an online tool that lets police request user data
Opsec Mistakes Allowed U.S. to Link North Korean Man to Hacks
Common IT Security Mistakes People Make
Weekly Update 103
A Brighter Future For DevSecOps? It’s Closer Than You Think
BA Breach Hits 380,0000 Card Payments
Malware figures for the first half of 2018: The danger is on the web
HITRUST program addresses security risks when leveraging cloud service providers
Schneider Electric may have shipped USB drives infested with malware
It looks like tech-savvy drivers will have to lead connected car data purge
U.S. Charges North Korean Spy Over WannaCry and Sony Pictures Hack
Back to school: Lessons in endpoint security
British Airways Hacked – 380,000 Payment Cards Compromised
Could you hack your bosses without hesitation, repetition or deviation? AI says: No
Supermicro wraps crypto-blanket around server firmware to hide it from malware injectors
Crypto Mining in a Windows Headless Browser, (Fri, Sep 7th)
How metrics can enhance the effectiveness of security programs
USB Drives shipped with Schneider Solar Products were infected with malware
WhiteHat Security unveils AI capabilities for Sentinel Dynamic DAST solution to empower DevSecOps
Putting the ‘Ops’ in DevSecOps: Why It’s Hard and How to Do It
(Report) Top Learning & Detailed Analysis From COSMOS Bank Breach
Zero-day Threats: Has Detection Become Deception?
How Blockchain Could Contain Customer Data Breaches
Crims not spooks dominate cybersecurity threats: Sophos CEO
Hackers Launching GandCrab Ransomware via New Fallout Exploit Kit using Malvertising Campaign
Microsoft releases new Windows 10 preview with To-Do ink support, Sticky Notes 3.0, and delay snip
Latest Hacking News Podcast #116
Beware of the New Way Crooks Can Drain Your Credit Card Account
Twitter permanently bans Alex Jones and Infowars
Hacker uses ProtonMail VPN. Hacker DDoSes ProtonMail. Hacker gets arrested.
British Airways hit with customer data theft
British Airways Hacked – More than 380,000 Payment Cards Compromised
Scammers pose as CNN’s Wolf Blitzer, target security professionals
Apple is building a portal to field police requests for data
New Chainshot Malware Found By Cracking 512-Bit RSA Key
British Airways Customer Data Stolen in Website and Mobile App Hack
Alex Stamos: Pretty clear GRU’s goal was to weaken a future Clinton presidency
Bug bounty alert: Musk lets pro hackers torpedo Tesla firmware risk free
EFF Urges Governor Brown to Sign Sensible California Law Imposing Stricter Requirements for DNA Collection From Minors
Load Balancer-Reverse Proxy Reconnaissance On Target Domain
2018-09-06 – Data dump (Emotet, Hancitor, and Trickbot)
Symantec-secured website shutdown coming soon
Wannabe Supreme Brett Kavanaugh red-faced after leaked emails contradict spy testimony
Check Point is a Leader in 2018 Next-Generation Firewall NFGW Test by NSS Labs
New Fallout Exploit Kit Drops GandCrab Ransomware or Redirects to PUPs
Twitter Finally Bans Alex Jones—Over a Publicity Stunt
U.S. Ties Lazarus to North Korea and Major Hacking Conspiracy
Why passwords are a terrible method of authentication
FAA preps traffic management for drones
British Airways Loses Customer Payment Card Data in Breach
Ola Sergatchov joins GuardiCore as VP of corporate strategy
Businesses Can Now Pay to Extend Windows 7 Security Updates Beyond 2020
Zeus Scanner – Dork Searching and Web Applications Vulnerability Assessment Tool
CAC is staying around for a while
Take (Industrial) Control: A Look at the 2018 ICS Threat Landscape
The Beginner’s Guide to External Penetration Testing Reconnaissance
How US authorities tracked down the North Korean hacker behind WannaCry
British Airways hacked, attackers stole details of 380,000 customers
Google’s New Pixel 3 and Pixel 3 XL Smartphones Likely to Debut at Upcoming October 9 Event
SecBI partners with Intelligent Wave to bring Autonomous Investigation technology to enterprises
Slicing and Dicing CVE-2018-5002 Payloads: New CHAINSHOT Malware
Back to paper ballots
Social Media Platforms Should be Accountable and Transparent About Content Removal, But DOJ’s Plan to Investigate Raises Concerns
IT Security News Daily Summary 2018-09-06
How US companies can defend against cyberattacks from state actors
U.S. charges North Korean programmer for WannaCry, Sony hack
How you can get low-tech hacked
VMware Releases Security Updates
Facebook Deleted 1.3 Billion Fake Accounts Over Six-Month Period
Report: Data Breaches Hit Share Prices, Too
400K Websites At Risk From Hacking And Data Theft Due To Open .Git Repos
US Charges North Korean Hacker For WannaCry, Sony Attacks
Windows 10 Build 18234 (19H1) Released to Insiders With Improvements
British Airways Hack ‘Compromises’ Customers’ Financial Details
Recently uncovered PowerPool Group used recent Windows Zero-Day exploit
DoJ Charges North Korean Hacker for Sony, WannaCry, and More
ISC Stormcast For Friday, September 7th 2018 https://isc.sans.edu/podcastdetail.html&# x 3f;id=6158, (Thu, Sep 6th)
&&# x 23;xa;Malicious PowerShell Compiling C&# x 23; Code on the Fly, (Wed, Sep 5th)
Study: Grid security needs to be a team sport
IDG Contributor Network: Why data loss prevention is a throwback technology
‘World’s favorite airline’ favorite among hackers: British Airways site, app hacked for two weeks
FBI fingers the Norks it wants to pinch for Sony hack, WannaCry attacks
Exposed .git Repositories Could Make Around 400,000 Websites Vulnerable
Why SIEM Is a Process, Not a Product
A quantum gate between atoms and photons may help in scaling up quantum computers
GAO: Data-driven management is stuck in neutral
Small businesses targeted by highly localized Ursnif campaign
Duo Security Re: Google Chrome Redesign Including A Password Manager
U.S. Charges North Korean Over Lazarus Group Hacks
São Paulo subway operator gets sued for collecting passenger data
Avast at IFA+ Summit | Avast
Why a Healthy Data Diet Is the Secret to Healthy Security
British Airways Hacked With Details of 380,000 Cards Stolen
Senate Hearing on Social Media and Foreign Influence Operations: Progress, But There’s A Long Way to Go
Open Source Summit: Innovation, Allies, and Open Development
Blockers Alone Won’t Cure Malvertising Woes
State of the Art Password Cracking
Fighting Alert Fatigue With Security Orchestration, Automation and Response
Developing With Corda: Flows
VA looks to stabilize tech team
North Korean hackers sanctioned, facing charges for Sony hack, Wannacry ransomware attack
U.S. to Charge North Korean Spy Over WannaCry and Sony Pictures Hack
PagerDuty CEO on cloud computing, cybersecurity and diverse leadership
FirstNet leadership shuffle
Tesla modifies product policy to accommodate “good-faith” security research
Security Expert’s Thoughts On Aim Of Attackers Using Mikrotik Routers
The SOC Gets a Makeover
Born2Root – Vulnhub CTF Challenge Walkthrough
Hakai IoT Botnet Hits D-Link, Huawei, Realtek, Includes Efficient Telnet Scanner
The Serverless Show: Is It Right for Startups? & More
ST18-247: Securing Enterprise Wireless Networks
Windows 10 support extended again: September releases now get 30 months
Your face to soon become your boarding pass at Bengaluru airport
30 network security Twitter feeds to follow
Leader of DDoS-for-Hire Gang Pleads Guilty to Bomb Threats
Cyber Security In The Cloud: Are You ‘Flying Blind’?
Apple to Launch a Global Law Enforcement Web Portal to Streamline Data Requests by End of 2018 [Updated]
Cyber Blackmail and Extortion Schemes
Chrome 69 Now Has a Random Password Generator
Global Leaders Join Security Expert Webinar Series
Tesla Will Restore Car Firmware/OS When Hacking Goes Wrong
Attackers Abuse Age Restrictions to Hide Apps on iOS Devices
Fallout Exploit Kit Used in Malvertising Campaign to Deliver GandCrab Ransomware
Vulnerability Spotlight: TALOS-2018-0560 – ERPNext SQL Injection Vulnerabilities
16-31 July Cyber Attacks Timeline
Microsoft to offer paid Windows 7 Extended Security Updates
A New Partnership
DOJ to charge North Korean officer for Sony hack and WannaCry ransomware
Fortnite’s Google Play rebuff sparks security concerns for Android users
174,000 Alerts per Week Besiege Security Teams
Kids Cyber Safety Training Pilot @APS, Colaba, Mumbai
IDG Contributor Network: It’s time to get off the treadmill: Why you should understand adversary playbooks
US to Charge North Korea for Sony Breach, WannaCry
Active Spy Campaign Exploits Unpatched Windows Zero-Day
Getting Better Together in Cybersecurity
Malware Found on USB Drives Shipped With Schneider Solar Products
Getting the most out of your branch local connection
Nearly 3 Million Phishing Incidents Since January In Japan
What is California AB 375, and What Does it Mean for You?
Firefox Drops Support for Windows XP
IBM collaborated with the NYDP on an AI system that can search for people by race
Preventing the Other Kind of Hack Back
What’s GRU? A Look at Russia’s Shadowy Military Spies
Developing Responses to Cyber-Enabled Information Warfare and Influence Operations
Vigilant Software adds personal data records to its data protection platform
Serial Dataleak Offender mSpy Spouts A New(ish) River of Data
Apple to Launch a Global Law Enforcement Web Portal to Streamline Data Requests by End of 2018
Cisco fixes a host of security holes, including latest Apache Struts flaw
3 Ways to Improve Incident Response Time with IATP
How to Clear the Cache on Your Mac
Understanding & Solving the Information-Sharing Challenge
How a data request turned into a data breach
Microsoft extends Windows 10 enterprise and education support, announces paid Windows 7 security updates
Multiple Critical Vulnerabilities Fixed With Firefox 62 and Firefox ESR 60.2
Another War in Lebanon?
Risk & Repeat: Fortnite flaw disclosure enrages Epic Games
Mozilla Patches Critical Code Execution Bug in Firefox 62
Here Are The Essential Security Tips To Stay Safe On Social Media
Could home appliances knock down power grids?
“Five Eyes” Nations Demand Tech Companies Provide Encryption Backdoors
Collaborate Confidently With Analyst Notes in Recorded Future
Robservations on Black Hat 2018
Twitter Algorithms Were Not Always Impartial
CISSP Certification Course — Become An IT Security Professional
Cisco Warns Customers Of Critical Flaws, Including Struts
Fifteen Years After Launch, Skype Gets Call Recording
Apple to Launch a Global Law Enforcement Web Portal by End of 2018
How GDPR is Unintentionally Driving the Next Decade of Technology
Lloyds Debit Card Glitch – Expert Analyses The Latest String Of Software Glitches
Russian Hacking Group “Silence” Made Over $800,000 From Attacking Bank ATMs
Mobile spyware maker mSpy leaks millions of records – AGAIN
Deploying Stealthwatch Cloud in a Google GKE Kubernetes Cluster
Social Security numbers exposed on US government transparency site
Now Available: CISSP-ISSAP and CISSP-ISSEP Training
19-Year-Old Hacker Arrested Over Making Hoax School and Flight Bomb Threats
Most Reliable Hosting Company Sites in August 2018
UK TV Licensing Site Pulled Offline Over Insecure Transit
How osquery helps secure your cloud with these two critical CIS Benchmark controls
The CSO guide to top security conferences
Accessing Volume Shadows, re-revisited
Meterpreter – An Advanced and Powerful Metasploit Payload
HTTPS crypto-shame: TV Licensing website pulled offline
Denial: why do small businesses turn a blind eye to their biggest threat? | Avast Business
Card Not Present (CNP) Fraud in Real Life: An Account of a Trial Court
Vulnerabilities found in the remote management interface of Supermicro servers
Mobile Spyware Maker mSpy Leaked Millions of Sensitive Data Online in Plain Text
Security Compass expands support for OpSec, adding Microsoft Azure to its knowledge library
In Ulyanovsk, the Deputy Director was detained for hacking the Education Management Server
The iPhone security enhancements you need to know about
Top 5 New Open Source Security Vulnerabilities in August 2018
How the STARTTLS Everywhere initiative will affect surveillance
Cisco fixes 32 security vulnerabilities in its products, including three critical flaws
Necurs Spews 780,000 Emails With Weaponized IQY Files
Gartner SOAR Adoption Rate Prediction: From 1% to 15% by 2020 – Why Should You Care?
IonCube malware: Who do these malicious files put at risk?
The ultimate guide to finding and killing spyware and stalkerware on your smartphone
Trend Micro Survey Finds IoT Deployment Decisions Made Without Consulting Security Teams
Flaw in Schneider PLC Allows Significant Disruption to ICS
Singapore moots ‘essential’ cybersecurity rules for financial firms
High-Severity Flaws in Cisco Secure Internet Gateway Service Patched
F5 Labs analysis reveals growing global phishing menace and application security vulnerabilities
Use This NERC CIP v6 Standards Summary to Stay Compliant
Tor Browser gets a redesign, switches to new Firefox Quantum engine
How to Leverage Your Digital Footprint to Improve Your Threat Intelligence
4 New Smart Office Security Risks and How to Mitigate Them
Apache Struts 2 Exploit Being Used By Cyber Criminals For Crypto Mining Campaigns
Tripwire Patch Priority Index for August 2018
Five-Eyes Intelligence Services Choose Surveillance Over Security
Making the Business Case for Managed IAM Solutions
How to discover and destroy spyware on your smartphone (in pictures)
Russia ‘front of the queue’ when it comes to hacking, says security minister
Top 3 Issues at Gartner Security & Risk Management Summit 2018
Thousands of unsecured 3D printers discovered online
Growing focus on compliance could leave businesses vulnerable to fraud
Microsoft Warns EU Copyright Proposal Could Stunt Digital Growth
Axiomatics Federal Competes in 2018 ‘ASTORS’ Awards Program (Videos)
Ungagged Google warns users about FBI accessing their accounts
HP Launches First Bug Bounty Program for Printers
Announcing the Plugin Password Policy Manager for WordPress
Qualys Community Edition: Discover IT assets, manage vulnerabilities, scan web apps
Why security pros are addicted to FUD and what you can do about it
3 IAM deployment models: Which will work for your organization?
Schneider Electric Modicon vulnerability impacts ICS operation in industrial settings
Schneider Electric Modicon vulnerability impacts ICS operation in industrial settings
Using just a laptop, boffins sniff, spoof and pry – without busting browser padlock
Hu-manity.co uses IBM blockchain to give you the right to control your personal data
Millions of home Wi-Fi networks at risk of hacking, cybersecurity firm claims
Silence hacking group suspected of having links to cyber-security industry
International clothing chain C&A in Brazil suffered a data breach
CroniX CryptoMiner Kills Rivals to Reign Supreme
Vodafone Tells Hacked Customers with “1234” Password to Pay Back Money
16 Security Alerts Rated Critical and High Released by Cisco
Vodafone: Users with “1234” passwords to pay for the stolen money
This Engineer Hacked a Retro Knitting Machine to Create a Giant Stellar Map
Silence Please: Researchers Uncover Two-Man Bank Heist Group
Threat Landscape for Industrial Automation Systems in H1 2018
EDR is dead! Long live XDR!
Spyware App mSpy Leaked Data Of App Users And Monitored Devices
Cisco warns customers of critical security flaws, advisory includes Apache Struts
VPN Company AnchorFree Raises $295 Million
Nope, the NSA isn’t sitting in front of a supercomputer hooked up to a terrorist’s hard drive
Vodafone: You used 1234 as your password and were hacked? You cover the cost
Remotely exploitable flaw in Schneider Electric PLCs is a danger to OT networks
Organizations Face Ongoing Security Risks in the Cloud
Cisco Issues Security Patch Updates for 32 Flaws in its Products
Implementing One-Time Passwords in Crystal
Nielsen Shareholder Sues Over GDPR Statements
European Commission Set To Force Removal Of Militant Content Within One Hour
Google Play Has Been Hosting a Fake Yandex Voice Assistant Application
Vuln: Tor Browser CVE-2017-16541 Information Disclosure Vulnerability
BitSight unveils cybersecurity performance planning and analytics solution
NASA ‘sextortionist’ allegedly tricked women into revealing their password reset answers, stole their nude selfies
MEGA Chrome browser extension hacked, bogus version stole users’ credentials
Kick-off of Project CARGO – Putting the brakes on cargo theft
Book review: Click Here to Kill Everybody
New OilRig APT campaign leverages a new variant of the OopsIE Trojan
Hackers Started Exploiting the Unpatched Windows Task Scheduler Zero Day Flaw using Malware
Rattle – an Ethereum EVM binary analysis framework
Is it Unlawful to Collect or Store TCP/IP Log Data for Security Purposes?
Malicious PowerShell Compiling C&# x 23; Code on the Fly, (Wed, Sep 5th)
Open Source Security: Can Security Be Open?
Vuln: Opto 22 PAC Control CVE-2018-04154 Remote Stack Based Buffer Overflow Vulnerability
The ‘deep web’ may be 500 times bigger than the normal web. Its uses go well beyond buying drugs
How leadership implements cyber resiliency across their organizations
Do you really think crims would do that? Just go on the ‘net and exploit a Windows zero-day?
Software-defined networking is turning concern about security in the cloud on its head
Take a pinch of autofill, mix in HTTP, and bake on a Wi-Fi admin page: Quirky way to swipe a victim’s router password
Microsoft releases new Windows 10 preview with 15 bug fixes ahead of October 2018 Update
IT security teams are being locked out of IoT projects
7 Ways to Secure Your Public Cloud Experience
Cisco Releases Security Updates that Covers 16 Vulnerabilities that had Critical and High Impact
Latest Hacking News Podcast #115
2018-09-06 – Malspam with password-protected Word doc pushes AZORult then Neutrino
Man Charged With Cyberstalking Women for Explicit Photos
You: The First, Last and Best Data Protection and Privacy Defense – Part 2
DISA pulls MilCloud migration RFI
JEDI deadline pushed to Oct. 9
Warner hints at new regs for social media
Premera Blue Cross hacker victims claim insurer trashed server to hide data-slurp clues
2018-09-05 – Emotet infection with IcedID banking Trojan and AZORult
7 Ways Blockchain is Being Used for Security
2018-09-05 – Quick post: Hancitor malspam stops using PDF attachments after 1 day
SinoTech: Huawei Appeals to U.S. Agencies for Market Access
Hackers Hijacked 7,500+ MikroTik Routers and Redirecting User Traffic to Attackers
5 Must-read Resources for SOC and Threat Intelligence Professionals
Google fixes Chrome issue that allowed theft of WiFi logins
EICAR – The Most Common False Positive in the World
Browser Extensions: Are They Worth the Risk?
Generated on 2018-09-07 23:45:09.642756

Read More…