Category: daily summary

US Lawmakers Told of Security Risks From China-owned TikTok Ryuk Ransomware Attacked Epiq Global Via TrickBot Infection Apple Retail Stores Warned About Replacement iPhone Shortages Due to Coronavirus .ORG Isn’t Broken, and We Don’t Need Private Equity to ‘Fix’ It…

Read more →

Hackers are using Word documents to drop NetSupport Manager RAT Gotta Patch ‘Em All? Not Necessarily, Experts Say Integration at the Heart of Everything Investing in as-a-service to light a SPARC under IT modernization Going viral: Considerations for agency tech…

Read more →

IT Security News Daily Summary 2020-03-01 Generated on 2020-03-02 23:55:12.307694

Read more →

Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm AFGE member alleges ex-president abused her adult son for years IT Security News Daily Summary 2020-02-29 Chrome and Firefox Extension Lets You View Deleted Web Pages DEF CON…

Read more →

Chrome and Firefox Extension Lets You View Deleted Web Pages DEF CON 27, Artificial Intelligence Village – Tal Leibovich’s & Shimon Noam Oren’s ‘From Noisy Distorted Data Sets To Excellent Prediction Models’ XKCD ‘Stargazing 3’ DEF CON 27, Artificial Intelligence…

Read more →

Friday Squid Blogging: Squid Eggs RSA Conference panel tackles Huawei security risks New Trickbot Delivery Method Focuses on Windows 10 FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data Microsoft antivirus software for Android, iOS a reflection…

Read more →

DEF CON 27, Artificial Intelligence Village – Jesus Solano’s ‘Behavioral Biometrics And Context Analytics’ From The Archive: Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 105’ DEF CON 27, Artificial Intelligence Village – Angelo Oliveira’s ‘Fighting Malware…

Read more →

Report: FedRAMP must evolve to meet demand, emerging tech DEF CON 27, Artificial Intelligence Village – Anna Skelton’s ‘Deep Fakes, Deep Trouble: Analyzing The Effects of Deepfakes On Market Manipulation’ DEF CON 27, Artificial Intelligence Village – Barton Rhodes’ ‘Securing…

Read more →

Top 9 Windows Server Roles and their Alternatives EFF Calls For Disclosure of Secret Financing Details Behind $1.1 Billion .ORG Sale, Asks FTC To Scrutinize Deal SSL Certificate Validity Will Be Limited to One Year by Apple’s Safari Browser Friday…

Read more →

Google Bans 600 Android Apps for Obnoxious Ads Attorney General: Facebook Could Potentially Be Held Liable For User Posts New Azure Firewall certification and features in Q1 CY2020 TSA shines a light on insider threats New Ponemon Survey — Why…

Read more →

US Questions Tech Firm Liability Exemption For User Posts User Have Risky Security Habits, but Security Pros Aren’t Much Better Microsoft Adds Enterprise Windows 10 Tamper Protection Controls U.S. Pipeline Disrupted by Ransomware Attack 2020-02-19 – Trickbot gtag wecan23 infection…

Read more →

FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter Augmented reality headset is the breakout star of Army’s 2021 budget request Users can now remove xHelper, the irremovable malware CoStar Group | Customer Case Study Hackers Attack IOTA’s Trinity Wallet, Company…

Read more →

Microsoft to deploy ElectionGuard voting software for the first time tomorrow The Consumer Data Right from Westpac’s perspective What are the cybersecurity benefits of zero trust? FC Barcelona and the International Olympic Committee Twitter accounts hacked Your Cloud Journeys is…

Read more →

NSW man faces charges of unauthorised accessed to data Tech-augmented democracy is about to get harder in this half-baked world Australian cyber policy-makers to face Audit Office probe Windows 10X to Feature Faster Updates, Win32 Apps Support Targeted Phishing Attack…

Read more →

NextMotion plastic surgery tech firm data leak PhotoSquared app leaks photos & home addresses of 100,000s of users DEF CON 27, Crypto And Privacy Village – Riana Pfefferkorn’s ‘Compelled Device Decryption And The Fifth Amendment’ DEF CON 27, Crypto And…

Read more →

FBI: Business Email Compromise Cost Businesses $1.7B in 2019 Nexus Intelligence Insights CVE-2020-2100: Jenkins – UDP Amplification Reflection Attack Leading to Distributed Denial of Service (DDoS) WordPress Cookie Consent Plugin Fixes Critical Flaw for 700K Users Siemens fixed multiple DoS…

Read more →

FedRAMP moves toward formal authorization Emotet Trojan now exploits WiFi networks to infect Windows devices DEF CON 27, Crypto And Privacy Village – Cathie Yun’s ‘Implementing A Zero Knowledge Proof’ If you’re running Windows, I feel bad for you, son.…

Read more →

Unique Illinois Privacy Law Leads to $550M Facebook Deal White House floats 1% pay raise for civilian feds in 2021 budget Some Democrats Lead Trump in Campaign Domain-Security Efforts Kubernetes rollouts: 5 security best practices Israel’s Entire Voter Registry Exposed…

Read more →

Kuo Warns of Delays and Low Labor Return Rates at Apple Supplier Factories in China Due to Coronavirus Everything You Need to Know About the Apple Pencil Emergency call service in Australia to use AI to detect signs of heart…

Read more →

XKCD ‘Tax AI’ Microsoft’s Surface Duo Spotted in the Wild, Video Leaked Microsoft’s Surface Duo Spotted in the Wild DEF CON 27, Recon Village – Anthony Rose’s ‘Hack To Basics: Adapting Exploit Frameworks To Evade Microsoft ATP’ Upcoming Low-Cost iPhone…

Read more →

Wacom Tablet Data Exfiltration Raises Security Concerns DEF CON 27, Recon Village – Mitchell Parker’s ‘Building OSINT And Recon Program To Address Healthcare’ Friday Squid Blogging: An MRI Scan of a Squid’s Brain Is technology killing globalization? Why Monitoring Third-Party…

Read more →

U.S. Homeland Security has used facial recognition on over 43.7 million people The Iowa caucuses app had another problem: It could have been hacked How to use 7zip to encrypt files Japanese Defense Contractors Kobe Steel, Pasco Disclose Breaches New…

Read more →

The 11 Best Cyber Security Books — Recommendations from the Experts IoT Malware Campaign Infects Global Manufacturing Sites Governance is key to smooth the adoption of automation DHS looks to automate cyber compliance Army gets tactical with latest cloud pilot…

Read more →

Apple TV+ Competitor Disney+ Already Has Over 28 Million Subscribers Microsoft DART Finds Web Shell Threat on the Rise This is not Huawei to reassure people about Beijing’s spying eyes: Trivial backdoor found in HiSilicon’s firmware for net-connected cams, recorders…

Read more →

C-Level & Studying for the CISSP 3D map shows how the coronavirus is spreading worldwide Data breach costs hit hard; where are you most vulnerable? Threat intelligence offers promise, but limitations remain Fresh thinking on cybersecurity threats for 2020 Cisco…

Read more →

DEF CON 27, Voting Village – Brian Varner’s ‘Beyond the Voting Machine: Other High Value Targets’ The Joy of Tech® ‘Facebook, the Game!’ Cyber Security Roundup for February 2020 DEF CON 27, Recon Village – William Suthers’ ‘PIE HW Based…

Read more →

DEF CON 27, Voting Village – Christopher Krebs, Director of DHS’ CISA XKCD ‘Worst Thing That Could Happen’ DEF CON 27, Voting Village – Dr. Linton Salmon’s The DARPA SSITH Program Devious Spamhaus Phishing Scam Warns You’re on an Email…

Read more →

Advanced Obfuscation Marks Widespread Info-Stealing Campaign Watch Out for Coronavirus Phishing Scams Evil Corp Returns With New Malware Infection Tactic 10 recommendations for cloud privacy and security with Ponemon research Earn Beacon Gold While Becoming a Ninja at Using Our…

Read more →

Russian Cybercrime Forum Contests Bring Cash, Visibility to Winners At hearing, IGs look to curb reprisals against whistleblowers As states prepare for disasters, they acknowledge things will get worse Google open-sources the firmware needed to build hardware security keys 200K…

Read more →

Inside the Check Point Research Team’s Investigation Process If you could build an Air Force base from scratch… U.K. Police Will Soon be able to Search Through U.S. Data Without Asking a Judge 25 Must-Know macOS Tips for Beginner, Intermediate…

Read more →

FirstNet on track, but could use more transparency, GAO says Do you need certifications to get an InfoSec job? ‘Think different’ about your agency’s cloud migration Running an Eco-friendly IT business California taps utility data to flag cannabis fraud RSA…

Read more →

How To Block Bots From Spamming You With Friend Requests Data Telemetry Across Mac, Windows, & Linux Risk managers: Here are the must-have skills for 2020 Spotlight on election security Did H&M spy on its German employees? Privacy watchdog opens…

Read more →

XKCD ‘Networking Problems’ DEF CON 27, Voting Village – Kartikeya Kandula’s ‘Unclear Ballot Automated Ballot Image Manipulation’ DEF CON 27, Voting Village – Joseph Marks’ Panel Discussion Universal Directory Replacement Mary Davie: Exit interview Another LastPass Outage After Chrome Extension…

Read more →

Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks Daniel Stori’s ‘To Save The DevOps World’ DEF CON 27, Voting Village – Kate Trimble’s ‘Ideas Whose Time Has Come: CVD, SBOM And SOTA’ PayPal, American Express Phishing Kits Added…

Read more →

Friday Squid Blogging: More on the Giant Squid’s DNA Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws ‘CardPlanet’ Operator Pleads Guilty in Federal Court 7 Steps to IoT Security in 2020 ThreatList: Ransomware Costs Double in Q4,…

Read more →

Sophos adds mobile threat defense app to Intercept X line 5 Reasons K-12 School Districts Should Replace Active Directory Prominent dating & menstrual help apps selling your data to 3rd parties FFIEC IT Handbook Updates: Business Continuity Is 2020 Focus…

Read more →

Tale of Jailbreaking Disobedient IoT Appliances Shortlisted for the National Canada Reads Prize Vivin Nets Thousands of Dollars Using Cryptomining Malware Multiple Vulnerabilities Found in AMD ATI Radeon Graphics Cards Security clearance backlog continues to drop Safari’s Intelligent Tracking Protection…

Read more →

16Shop Phishing Gang Goes After PayPal Users Internet routers running Tomato are under attack by notorious crime gang Microsoft, DHS Warn of Zero-Day Attack Targeting IE Users Senators propose state cyber coordinators Unlocking the Key to the Cloud Block Access…

Read more →

How to access your 2FA Docker Hub account from the command line InSecurity Podcast Mixtape: The Year That Was – 2019 Volume One FTCode Ransomware Now Steals Saved Login Credentials CyCognito turning tables by using botnets for good Leaving your…

Read more →

End-to-end encryption means Huawei bans are about availability, not interception New Nest Video Extortion Scam Plays Out Like a Spy Game Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 DEF CON 27, Aviation Village, Dr. Will Roper’s and…

Read more →

DEF CON 27, Aviation Village, Karl Koscher’s ‘An Introduction To The ARINC Standards’ Microsoft provides mitigation for actively exploited CVE-2020-0674 IE Zero-Day Gurucul Webinar to Present Roadmap for Implementing a Zero Trust Model How Modern Technology is Making Business Life…

Read more →

Imperva Launches New Data Center in Argentina Latest iOS 13.3.1 Beta Includes Toggle for Disabling U1 Ultra Wideband Chip Friday Squid Blogging: Giant Squid Genome Analyzed New JhoneRAT Malware Targets Middle East Amazon Mysteriously Pulls All New Apple Watch Series…

Read more →

Cybersecurity Terms and Threats You Need to Know in 2020 Five Mac Apps Worth Checking Out – January 2020 Critical Cisco Flaws Now Have PoC Exploit Cybersecurity firm McAfee names new CEO Google Chrome Adds Protection for NSA’s Windows CryptoAPI…

Read more →

Why government is a breeding ground for insider threats Rights Groups to European Commission: Prioritize Users’ Rights, Get Public Input For Article 17 Application Guidelines Cybersecurity front and center in Iran threat hearing What to watch in federal IT in…

Read more →

Microsoft’s new tool detects & reports pedophiles from online chats Windows 10 Has a Security Flaw So Severe the NSA Disclosed It Windows Terminal Adds Retro CRT Effects and Console Search VMware Releases Security Update Welcome to the 2020s: Booby-trapped…

Read more →

Cryptic Rumblings Ahead of First 2020 Patch Tuesday US officials meet UK peers to remark the urgency to ban Huawei 5G tech Securing Interactive Kiosks IoTs with the Paradox OS Mac Shipments Down in Q4 2019 Amid Overall PC Market…

Read more →

New Bill prohibits intelligence sharing with countries using Huawei 5G equipment Sodinokibi Ransomware threats Travelex to release data, if ransom not paid. One More Threat For Organizations – The Ako Ransomware MageCart attack hit Australia bushfire Donors DEF CON 27,…

Read more →

BtoBet – 444,241 breached accounts DOD tries to shut down Oracle’s JEDI appeal Why the Air Force put Kubernetes in an F-16 5G powers Air Force ‘smart base of the future’ Cyber Solarium to back CISA as the lead response…

Read more →

Maze Ransomware Publishes 14GB of Stolen Southwire Files Friday Squid Blogging: Stuffed Squid with Vegetables and Pancetta Threat Roundup for January 3 to January 10 Facebook Says Encrypting Messenger by Default Will Take Years Facebook Again Says It Will Do…

Read more →

Making Compliance and Risk Part of DevOps – 2020 Trend #4 Chinese Malware Found Preinstalled on US Government-Funded Phones Google scolded for depriving the poor of privacy after Chinese malware bundled on phones for hard-up Americans Peter Thomas Kirstein, CBE,…

Read more →

Do federal agencies need to collect more data from social media platforms? More antitrust probes of government procurement likely, thanks to new task force The city of Las Vegas announced it has suffered a cyber attack Hash snag: Security shamans…

Read more →

CISA cautions on Iran threats That Pulse Secure VPN you’re using to protect your data? Better get it patched – or it’s going to be ransomware time Medical info of 49,351 patients exposed in Alomere Health hospital breach DEF CON…

Read more →

Insight Partners Acquires IoT Security Firm Armis at a $1.1 Billion Valuation Researchers unearth malicious Google Play apps linked to active exploit hackers CES 2020: Sony Unveils New 4K and 8K TVs with HomeKit and AirPlay 2 Support Malicious Google…

Read more →

Kali Linux Announced New Kali 2020.1 Comes With “Non-Root Users By Default” US Restaurant Chain Landry Discloses POS Malware Attack 5 Best Cybersecurity Practices for Your Offshore Development Team Austria’s foreign ministry is facing a ‘serious cyberattack’ 5 predictions for…

Read more →

U.S. CISA Agency warns of possible cyber attacks from Iran Iranian Cyberattacks Feared After Killing of Top General Google Chrome Extension, Shitcoin Wallet found stealing passwords and crypto-wallet keys Shitcoin Wallet Extension Isn’t A Crypto Wallet But A Crypto Stealer…

Read more →

Friday Squid Blogging: Giant Squid Video from the Gulf of Mexico India’s Reaction to the Killing of Iranian Commander Qassem Soleimani Clop Ransomware Now Kills Windows 10 Apps and 3rd Party Tools Iran could conduct cyberattacks as retaliation Did the…

Read more →

Mysterious Drones Are Flying over Colorado IoT Company Wyze Discloses Data Leak Affecting 2.4 Million Users Ransomware Scuttles Coast Guard Facility for 30+ Hours Responders get hands-on look at latest tech Reflections on an Amazing 2019 at Balbix Maze Ransomware…

Read more →