IT Security News Daily Summary 2020-03-19

• WHO Chief Impersonated in Phishing to Deliver HawkEye Malware

• Rogers Data Breach Exposed Customer Info in Unsecured Database

• Misconfigured Elasticsearch Instance Exposes More Than 5 Billion Records

• ‘Dirty little secret’ extortion email threatens to give your family coronavirus

• Sodinokibi Ransomware Data Leaks Now Sold on Hacker Forums

• GDPR stand aside — meet CCPA!

• Playbook for Running a Global Work-from-Home Company

• Cybersecurity Predictions for Profitability During COVID-19 Pandemic

• 5 Ways Hackers Can Bypass Your MFA

• Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

• Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

• The Oatmeal’s ‘How To Be Socially Distant’

• Deepfakes: Security experts undecided on the threat level

• Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks

• Coronavirus Poll: Cyberattacks Ramp Up as Work from Home Takes Hold

• Contractors still waiting on consistent pandemic guidance

• Stopping Fraud and Threats with XTN

• Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

• What do you not want right now? A bunch of Cisco SD-WAN, Webex vulnerabilities? Here are a bunch of them

• Google Says It Doesn’t ‘Sell’ Your Data. Here’s How the Company Shares, Monetizes, and Exploits It.

• The 14 biggest data breaches of the 21st century

• Apple’s Podcasts App Features Coronavirus and Stay-at-Home Content

• Humans and Technology: An Insecure Mix

• Google Says It Doesn’t “Sell” Your Data. Here’s How the Company Shares, Monetizes, and Exploits It.

• Netflix Reduces Streaming Video Quality in Europe to Lower Data Usage and Ease Strain on Broadband Networks

• Phishing in the Time of COVID-19: How to Recognize Malicious Coronavirus Phishing Scams

• Ten Recommendations to Ensure a Healthy and Trustworthy 2020 Election

• Here’s How a Trackpad Works With an iPad Pro in iPadOS 13.4

• Security flaws found in popular password managers

• Six Facts about Address Space Layout Randomization on Windows

• Maze ransomware gang pledges to stop attacking hospitals

• What is the Cybersecurity Equivalent of Washing Your Hands for 20 Seconds?

• COVID-19: Cybersecurity Community Resources

• Heads Up Internet: A Dangerous Zombie CFAA Expansion Bill is Back

• Russian state-sponsored hackers have been sniffing Middle East defence firms, warns Trend Micro

• Android Surveillance Campaign Leverages COVID-19 Crisis

• Penetration testing for WordPress websites

• SpaceX Blasts Off More Satellites, Amid Pandemic

• Dark Web: Hackers launch Coronavirus sale to sell hacking tools

• Bring sanity and security to infection outbreaks with a malware response plan

• Drupal Updates CKEditor to Patch XSS Vulnerabilities

• Best-of-Breed Solutions or an All-in-One Platform? Addressing the Age-Old Question in the Modern Era

• A Random List of Free Resources

• Cybercriminals exploiting coronavirus outbreak with virus-themed sales on the dark web

• Chip-based devices improve practicality of quantum-secured communication

• Oxford University infectious disease experts provide evidence for a coronavirus mobile app for instant contact tracing

• APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT

• COVID-19 funding package includes federal building safety and security

• Coronavirus: What business pros need to know

• Raising Your Own APT: Purple Team Exercises to Drive Security Program Maturity

• COVID-19 demonstrates the need for disaster recovery and business continuity plans

• Europol Arrests 2 Dozen Suspects of SIM-Swap Fraud Following Cross-Border Investigations

• Netflix Reduces Video Quality in Europe by 25% to Lower Load

• Microsoft Delays Windows 10 1709 End of Service Due to Pandemic

• The Refugee Act of 1980: A Forlorn Anniversary

• NIST Updates Flagship SP 800-53 Security and Privacy Controls

• Coronavirus and the states: unemployment sites jam, evictions pause and more

• DHS unveils EIS plans to industry

• DEF CON 27 Monero Village – Daniel Kim’s ‘Keynote Speech: Monero Introduction And Investor Perspective’

• Coronavirus Sets the Stage for Hacking Mayhem

• US Launches First Political Campaign Information Sharing and Analysis Organization

• 4 Phishing Protection Gaps that SEGs Cannot Address

• Netflix Party Lets You Watch Shows With Friends to Fight Isolation

• Report: Facebook’s Misinformation Problem Is Rooted In Data Collection

• Congress passed $8.3 billion in emergency coronavirus funding, but first responders still can’t buy masks

• FLRA pushes ahead with union dues rule

• France Warns of New Ransomware Gang Targeting Government Agencies

• Forrester Names Bitdefender ‘the biggest EDR vendor you haven’t considered but should have’ in 2020 WAVE for EDR

• Apple Pledges Substantial Donation With Medical Supplies to Italy’s First Responders and Medical Personnel

• Microsoft Teams Reaches 44M Daily Users After 12M Weekly Gain

• Trend Micro Offers Six Months’ Free Use of Endpoint Protection Software

• Trend Micro Patches Multiple Vulnerabilities

• Some Ransomware Operators Vow to Leave Healthcare Alone During COVID-19 Crisis

• Is WhatsApp the new Coronavirus of Facebook?

• Hackers promise not to spread ransomware to healthcare providers during Covid 19 epidemic

• Coronavirus and climate change reveal systemic risk for third parties

• Conan O’Brien to Film Talk Show From Home Using iPhone

• How to listen to port traffic on a Linux server

• You Build An ICS… Out Of A Delorean?

• Welcoming more women into cybersecurity: the power of mentorships

• Whatever happened to cryptojacking?

• DEF CON 27 Monero Village – Cathie Yun’s ‘Bulletproofs Deep Dive’

• Cisco Warns of High-Severity SD-WAN Flaws

• Cisco Releases Security Updates for SD-WAN Solution Software

• Grab Bonuses from Google for Cloud Platform Vulnerabilities

• DDoS Attack Targets German Food Delivery Service

• NIST shared dataset of tattoos that’s been used to identify prisoners

• WhatsApp Tries to Keep It Real with New Information Hub

• Google Releases Security Updates for Chrome

• Drupal Releases Security Updates

• Are Your Identification Photos in a Face Recognition Database?

• COVID-19 Fears Bring Google Chrome Dev to Screeching Halt

• Everyone is Telecommuting. How to Ensure Cybersecurity

• Deals: Get the 64GB 11-Inch iPad Pro from 2018 for $649 ($150 Off, Lowest Price)

• Security tips for working from home (WFH)

• VPN Usage Surges as More Nations Shut Down Offices

• Coronavirus Conspiracies Go Viral On WhatsApp As Crisis Deepens

• CERT France – Pysa ransomware is targeting local governments

• How to Path Traversal with Burp Community Suite

• Coronavirus: Netflix Urged To Stream Low Definition To Ease Network Strain

• Android Surveillanceware Operators Jump On The Coronavirus Fear Bandwagon

• CarPlay May Support Wallpapers in iOS 14

• Google Patches High-Risk Chrome Flaws, Halts Upcoming Releases

• RedLine Info-Stealing Malware Spread by Folding@home Phishing

• Coronavirus: Tesla Suspends Production At Main Factory

• WordPress, Apache Struts Attract The Most Bug Exploits

• Coronavirus Lockdowns Trigger Privacy-Disrupting Location Tracking

• Coping with Remote Work during the COVID-19 Pandemic: Tips, Tricks, and Actionable Advice

• Cisco Tackles SD-WAN Root Privilege Vulnerability

• Do MSSPs Have What it Takes to Win Today’s Cybersecurity War?

• New Study Calls Common Risk Figure into Question

• Apple Sets Purchase Limits on New iPad Pro, New MacBook Air, and iPhones in Several Asian Countries

• COVID Phishing Update – Coronavirus wants your Bonus, too

• Work from home: Improve your security with MFA

• NetApp IT Podcast: Using Cloud Insights for NetApp’s Global Storage Footprint

• Deals: 2019 MacBook Air Models Discounted by Up to $300, Starting at $899 for 128GB

• COVID-19 and tech: New collaboration tools mean new security risks

• The Best and Worst Browsers for Privacy, Ranked

• Microsoft shuts down the infamous Necurs Botnet!

• Critical RCE Bug in Windows 7 and Server 2008 Gets Micropatch

• Danger hiding in plain sight: the risks that your applications can pose

• RDP-Capable TrickBot Targets Telecoms Sectors in U.S. and Hong Kong

• Sladjana Jovanovic and Bill McArthur Move Silos to Communities [VIDEO]

• Maze Ransomware Continues to Hit Healthcare Units amid Coronavirus (COVID-19) Outbreak

• IT security report finds 97% have suspicious network activity

• Healthcare devices at higher cybersecurity risk now due to COVID-19

• Cyber Resilience Benchmarks 2020

• Cisco tackles root privilege vulnerability in SD-WAN software

• 9 Ways to Stay Sane During Work-From-Home | Avast

• What is the Best Defense Against Phishing Attacks?

• TA505 Targets HR Departments with Poisoned CVs

• Achieving DevSecOps Requires Cutting Through the Jargon

• UserTesting raises $100 million to grow its on-demand user feedback platform globally

• Cloud Misconfig Mistakes Show Need For DevSecOps

• NIST, DHS Publish Guidance on Securing Virtual Meetings, VPNs

• Hack the Box (HTB) machines walkthrough series — Chatterbox

• PWN2OWN 2020 – Researchers Earned $180K By Hacking Ubuntu, macOS, and Windows

• FCW Insider: March 19

• Judge Enjoins Trump Administration’s Easing of Restrictions on 3-D Gun Blueprints

• Cyber Work podcast: Election security issues for 2020

• Quick Hits

• New Cyber Attacks Variants Preying On Fear Of COVID-19

• #WeAreDuo Employee Spotlight with Ryan Williamson-Cardneau

• Student Loans Company Hit By 5.5 Million Cyberattacks In 2019

• California Man Gets Prison for Hacking Atlanta-Based Company

• Skyrocketing VPN Usage – Experts Input

• Patch for Recently Disclosed VMware Fusion Vulnerability Incomplete

• Cryptojacking is almost conquered – crushed along with coinhive.com

• 6 ways attackers are exploiting the COVID-19 crisis

• This cryptocurrency miner uses unique, stealthy tactics to hide from prying eyes

• Staying Cyber Resilient During a Pandemic

• Norsk Hydro Outage May Have Been Destructive State Attack

• Google Advanced Protection users get new protections against Android malware

• How to Protect Your VPN: Lessons From a DDoS Attack Test

• Is ICE’s Use of a Maryland Facial Recognition Database Lawful?

• Why Third-Party Risk Management Has Never Been More Important

• Quantifying Cyber Risk: Why You Must & Where to Start

• Experts Advise On Commercial Password Managers Vulnerable To Attack By Fake Apps

• February 2020 Cyber Attacks Statistics

• Oh-so-generous ransomware crooks vow to hold back from health organisations during COVID-19 crisis

• Work-from-Home Security Advice

• Experts Insight On NutriBullet.com Magecart Attack

• Free cyber resources for children during COVID-19

• Twitter Vaccinates Against COVID-19 Misinformation

• Working from home during the coronavirus crisis opens the door to hackers

• How CIAM Addresses the Challenges of Consumer Identity Management

• France warns of ransomware gang

• Delayed Adobe patches fix long list of critical flaws

• Thoughts on Server-Sent Events, HTTP/2, and Envoy

• Caution advised when tracking COVID-19’s spread

• Facebook Charged Over Data Privacy Breach

• Support for FTP protocol removed by Firefox

• Password managers vulnerable to fake app attacks

• EU Urges Netflix, YouTube to Consider Limiting Stream Quality to Ease Strain on Networks Amid Surge in Remote Working

• Food Delivery Website in Germany Targeted by DDoS Attackers

• More Business Websites Hit by Credit-card Skimming Malware

• 40% of Fortune 1000 Companies Will Suffer a Breach Every Year, New Research Suggests

• SANS Offers Free Kit to Secure Home Workers

• Cost of Cyber-Events Worsening for Large Businesses

• Facebook accidentally blocks genuine COVID-19 news

• COVID-19 Impact: As Retailers Close their Doors, Hackers Open for Business

• Slack Desktop App Update Introduces Major Platform Redesign

• Securing your home network in preparation for Working From Home

• Stantinko’s new cryptominer features unique obfuscation techniques

• Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

• A security guide for pandemic planning: 7 key steps

• 4 key problems with digital identity and why we need a new approach

• LDAPFragger: Command and Control over LDAP attributes

• Google Blocks Third-Party App Store Downloads for Android Users

• Coronavirus, Self-Isolation and Work From Home Security

• There is a Serious Lack of Corporate Responsibility During Breach Disclosures

• Europol Arrests SIM Swappers in Spain, Austria and Romania

• Navigating the pandemic

• Is APT27 Abusing COVID-19 To Attack People ?!

• Food Delivery Service in Germany Under DDoS Attack

• Coronavirus news used by Emotet and Trickbot to evade detection

• COVID-19 Themed Multistage Malware, (Thu, Mar 19th)

• Announcing Who Has Your Face

• Top 5 Open Source Serverless Security Tools

• Increase web application security without causing any user disruption

• Too many alarms and too few security analysts? Think SOAR

• France warns of new ransomware gang targeting local governments

• New TrickBot Module BruteForce RDP Connections Attacks Telecommunication Industry

• Exploring the risky behavior of IT security professionals

• Researchers Hack Windows, Ubuntu, macOS at Pwn2Own 2020

• Ransomware spreading gangs are targeting only at Nights n weekends

• Organizations still struggle to manage foundational security

• Merger and Acquisition deals to be affected by a Chinese Virus epidemic

• Australian Privacy Commissioner offers advice on staff privacy amid COVID-19

• Security Compass adds content to SD Elements to enable companies meet CCPA compliance

• ISC Stormcast For Thursday, March 19th 2020 https://isc.sans.edu/podcastdetail.html?id=6916, (Thu, Mar 19th)

• Hong Kong makes wearable trackers mandatory for new arrivals, checks in with ‘surprise calls’ too

• HYAS Insight: A threat intelligence solution for investigation and attribution

• Firefox to remove support for the FTP protocol

• Countering foreign interference and social media misinformation in Australia

• ICS Environments and Patch Management: What to Do If You Can’t Patch

• 5 Bugs in Cisco SD-WAN Allows Attackers to Inject Arbitrary Commands With Root Privileges

• Seagate IronWolf 510: An M.2 NVMe SSD for NAS needing 24×7 cache enabled multi-user storage

• Forget James Bond’s super-gadgets, this chap spied for China using SD card dead drops. Now he’s behind bars

• AI called up in coronavirus fight

• CoreStack raises $8.5M to expand sales and accelerate product development

• Balbix appoints Shelly Morales as Vice President of People

• Most Ransomware Gets Executed Three Days After Initial Breach

• All New 2020 iPad Pro Models Feature 6GB RAM and Ultra Wideband Chip

• Dark web: Child abuse, real-life blackmailing site DarkScandals seized

• Benefits of System-Based Password Management

• Ransomware Gangs to Stop Attacking Health Orgs During Pandemic

• Book Review: “InSecurity”

• Android malware uses coronavirus for sextortion and ransomware combo

• IT Security News Daily Summary 2020-03-18

• Agencies stress workflow, cyber basics in telework blitz

• Dear Adobe, Trend Micro users: Please vaccinate your software – at least some of these security holes were exploited in the wild

• Trump inches closer to exercising powers over medical supply chain

• Android malware uses coronavirus for sextortion/ransomware combo

• 7 Cybersecurity Threats and Trends to Watch for in 2020 (Multi-Video)

• 5 Ways to Identify Your Critical Trust Gap

• Libya-based hackers using coronavirus pandemic to spread mobile surveillance malware

• Unchecked Smart Cities are Surveillance Cities. What We Need are Smart Enough Cities.

• Cisco addresses multiple issues in its SD-WAN product

• WordPress, Apache Struts Attract the Most Bug Exploits

• Skimmer May Have Put NutriBullet Customers’ Card Data at Risk for Nearly a Month

• Process Injection Tops Attacker Techniques for 2019

• Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’

• Unchecked Smart Cities are Surveillance Cities. What We Need Are Smart Enough Cities.

• Hackers Hide Malware C2 Communication By Faking News Site Traffic

• COVID-19 brings new security challenges and new allies, says HackerOne CEO

• The digital divide leaves millions at a disadvantage during the coronavirus pandemic

• Mass teleworking causes spike in DOD network attacks

• Enough is Enough—Let it Expire

• The COVID-19 outbreak could snag CMMC implementation

• Craig Federighi Demos New iPad Pro and Magic Keyboard

• EIS on the back burner

• New iPad Pro Supports Wi-Fi 6, New MacBook Air Still Has 720p Webcam, and Other Tidbits

• The Value and Ethics of Using Phone Data to Monitor Covid-19

• Google Prioritizes Security Updates After Halting Chrome Releases

• 500,000 Documents Exposed in Open S3 Bucket Incident

• DEF CON 27 Monero Village – Amir Montazery’s ‘The Cost Of Good Open Source Software’

• New Apple MacBook Air Also Drops Butterfly Keyboard

• Trickbot, Emotet Malware Use Coronavirus News to Evade Detection

• Crypsis Forms Threat Research Labs

• New Malicious Program ‘Nefilim’ Threatens to Release Stolen User Data

• How to better defend your organization against remote access threats

• Expercom Provides First Discounts for New MacBook Air and iPad Pro

• How a Nigerian cybercriminal earned more than $100,000

• Facebook Got Tagged, but not Hard Enough

• Cisco Patches Several Vulnerabilities in SD-WAN Solution

• CFPB mandates telework

• Royal Philips Scores a Cybersecurity First

• Show Support for Digital Rights During Video Calls with EFF Virtual Backgrounds

• Trickbot malware adds new feature to target telecoms, universities and finance companies

• Thousands of Coronavirus-related malicious domains are being created every day

• Companies Offer Free Cybersecurity Support to Combat Threats Posed by COVID-19

• A spike in home workers raises MFA resilience questions

• 9 Best Practices from X-Force Red for Organizations and Employees

• Blizzard hit by massive DDoS attack; EA Sports facing lagging issue

• Google pauses Chrome and Chrome OS releases due to coronavirus outbreak

• Contrast Security Advances DevSecOps

• SaaS-delivered Encrypted Traffic Analytics with Cisco Stealthwatch Cloud

• Trend Micro Fixes Critical Flaws Under Attack

• New Nefilim Ransomware

• APT36 Using Coronavirus “Health Advisory” Lures to Spread Crimson RAT

• TrueFire Guitar Teaching Website Fell Victim to Magecart-Style Attack

• 2020-03-18 – German malspam pushes Ursnif (Gozi/IFSB)

• Apple Seeds Sixth Beta of Upcoming tvOS 13.4 Update to Developers

• The Federal Courts Begin to Adapt to COVID-19

• How We Learned to Stop Worrying and Embrace Remote Work

• DOD looks to industry for anti-COVID-19 prototypes

• Researchers Track Coronavirus-Themed Cyberattacks

• VMware Released Security Updates

• Ransomware: A security expert explains what makes us vulnerable and how to prevent it

• Apple Seeds watchOS 6.2 Golden Master to Developers

• African WhatsApp Modders are the Masters of Worldwide Adversarial Interoperability

• TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal

• Apple Releases iOS and iPadOS 13.4 Golden Master With New Mail Toolbar, iCloud Folder Sharing, Trackpad Support for iPad and More

• Apple Seeds Sixth Beta of Upcoming macOS Catalina 10.15.4 Update to Developers

• The Top 5 Questions Organisations Should Ask About their VPN Connections

• Facebook Is Wrongly Marking Legitimate Coronavirus Articles As Spam

• VB2020 update – currently business as usual

• Analyzing Cyberspace Solarium Commission’s Blueprint for a Cybersecure Nation

• Forrester names Microsoft a Leader in 2020 Enterprise Detection and Response Wave

• Google launches Android 11 Developer Preview 2 with foldable, call screening, and Neural Networks API improvements

• Microsoft Edge Finally Lets You Change the Default Search Engine

• Cyber Security Considerations for Protecting Remote Employee Devices and Remote Access Environments

• Apple Updates Certified Refurbished Storefront With Price Drops on 2018 MacBook Air and iPad Pro

• Open source software use grows in Germany, but compliance and risk management need improvement

• Hunting APTs with YARA

• Apklab.io Flags Malicious COVID-19 Apps | Avast

• Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book

• A Cybersecurity Guide for Small Businesses in Response to COVID-19

• Nefilim Ransomware Threatens to Release Victims’ Data within a Week

• Apple Planning Updates to Pages, Numbers, and Keynote Apps to Take Advantage of Trackpad Support on iPads

• Adobe Releases Security Updates for Multiple Products

• Adobe Patches Critical Flaws in Reader, ColdFusion, Other Products

• NutriBullet becomes a victim of Magecart Cyber Attack

• How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats

• Sixgill Introduces Dark Web Data Feed Product

• Microsoft Scales Back Office 365 Features to Handle High Loads

• Coronavirus: American Singer Blames 5G For Pandemic

• How to control what personal information people see in Android

• Coronavirus: Vodafone Confirms Mobile Data Traffic Up 50 Percent

• Vulnerabilities of Multi-Factor Authentication for Remote Working

• Coronavirus: Operators Share Location Data With Health Authorities

• Trend Micro Patches Two Zero-Days Under Attack

• VMware Fixes Privilege Escalation Vulnerability in Fusion for Mac

• Novel Coronavirus Brings New Challenges For Security Teams

• VMware fixes high severity privilege escalation and DoS in its products

• Celebrating International Women’s Day

• Planning for the challenges of citizen-centric government innovation

• Coronavirus Lockdowns: 24 Hours Of Confusion Around The World

• Work from home: How to set up a VPN

• Logitech Debuts Trackpad Keyboards for 10.2-Inch iPad and 10.5-Inch iPad Air

• House leaders join Senate in asking Trump to mandate telework

• With Everyone WFH, VPN Security Has Become Paramount

• The Human Element and Beyond: Why Static Passwords Aren’t Enough

• VMware Patches Privilege Escalation Vulnerability In Fusion, Horizon

• Coronavirus: Facebook Blames Bug For Incorrectly Marked Spam

• COVID-19: With everyone working from home, VPN security has now become paramount

• Deals: Woot Discounts Refurbished iPhone 7 and iPhone 8 Models Starting at $120

• Emsisoft, Coveware Offer Free Ransomware Help During Coronavirus Outbreak

• How to protect yourself from coronavirus-themed malware

• Apple Afterburner Card for Mac Pro Now Available as Separate Purchase

• 2020 MacBook Air Supports Up to 6K External Display, Including Pro Display XDR

• NutriBullet Experiences Multiple Magecart Skimmer Infections

• A week after Patch Tuesday, Adobe drops security fixes for six offerings

• How Security Intelligence Enables Risk-Prioritized Vulnerability Management

• Ransomware Is Mostly Deployed After Hours: Report

• What the Battle of Britain Can Teach Us About Cybersecurity’s Human Element

• How to Stay Safe as Online Coronavirus Scams Spread

• Hundreds Of Thousands Of Websites To Be Marked As Insecure In Latest Chrome Update – Response From Industry Expert

• Apple’s New Magic Keyboard With Integrated Trackpad Compatible With 2018 iPad Pro Models

• Financial Cryptography 2020 Recap

• Experts On Google Chrome 82 To Enhance Privacy Via New Cookie Settings

• The Other Virus Threat: Surge in COVID-Themed Cyberattacks

• Windows 10 or Mac user? Patch Adobe Reader and Acrobat now to fix 9 critical security flaws

• Freedom of Information coverup clerk stung for £2k after deleting council audio recording

• AWS Lambda Stateless & Ephemeral?

• The coronavirus scams are on the rise

• Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws

• Barr: FBI Probing If Foreign Gov’t Behind HHS Cyber Incident

• Apple Refreshes iPhone Silicone Cases, Apple Watch Bands, and iPad Cases With New Spring Color Options

• Industry Leader Comments On Truefire Hacked, Credit cards And Personal Info May Have Been Compromised

• Research Exposes Severe Security Flaws In 40% Of Password Managers

• Endpoint Security: Chain Of Trust Or Chain Of Fools?

• How Microsoft Dismantled the Infamous Necurs Botnet

• SHARED INTEL: FireMon survey shows security lags behind fast pace of hybrid cloud deployments

• Experts On Intel Processors Vulnerable To Newly Discovered “Snoop” Threat

• Don’t Take Our Word for It – Listen to Our Customers

• 4 strategies for balancing cybersecurity and business continuity planning during the coronavirus outbreak

• Google APP users won’t be allowed to install apps from outside the Play Store

• Authorities Eye Using Mobile Phone Tracking COVID-19’s Spread

• iPadOS 13.4 Coming March 24 With Trackpad Support Ahead of $299 Magic Keyboard for iPad Pro Launching in May

• Malware spotlight: Ekans

• Trend Micro fixes two actively exploited zero-days in enterprise products

• Skimming code battle on NutriBullet website may have risked customer credit card data

• Apple Shares Two Ads Showcasing New iPad Pro Capabilities

• Google makes Play Protect mandatory in Advanced Protection program, blocks non Google Play apps

• VMware patches virtualisation bugs

• The Insecurity of WordPress and Apache Struts

• The Halloween Spot – 10,653 breached accounts

• Staying Secure While Working Remote: One User’s Story

• Android Stalkerware MonitorMinor spies, steals & evades

• Expert Insight On Hackers Hit NutriBullet Website With Credit Card-Stealing Malware

• New iPad Pro Announced With A12Z Bionic Chip, Magic Keyboard With Trackpad, LiDAR Scanner, and More

• Using Mystery Novel Techniques to Track Down Cyberthreats

• Experts Insight On Financial Companies Leak 425GB In Company, Client Data Through Open Database

• Trend Micro Finds and Fixes Zero-Day Bugs

• Expert Comments: Over 25% Of Security Alerts Are False Positives

• (ISC)2 Membership of More Than 150,000 is Helping to Close the Skills Gap

• Apple Updates Mac mini With Double the Storage Capacity in Standard Configurations

• Uber to file federal suit against LA over users’ real-time location data

• The Cyberspace Solarium Commission’s Mandate to Fix Congressional Oversight

• New MacBook Air Announced With Magic Keyboard, Up to 2x Faster Performance, and Lower $999 Starting Price

• New Powerbeats With H1 Chip and Up to 15 Hours of Battery Life Now Available

• Stealthbits Combines Ease of Use and Security for a Unique Approach to Privileged Access Management

• Adobe releases out-of-band patches for critical issues in Acrobat Reader, Photoshop, Bridge, ColdFusion

• Windows 10: This kernel malware is why you need Secured-core PCs, says Microsoft

• DDoS attack on US Health agency part of coordinated campaign

• VMware patches privilege escalation vulnerability in Fusion, Horizon

• How destructive ransomware attacks could represent the future of cyberwarfare

• How scammers exploit Spring Break in the time of COVID-19

• Israel Passes Emergency Law to Track and Trace Mobile Users With Suspected COVID-19

• Was your Facebook post on the coronavirus deleted? This is why

• Secure Virtual Coffee – Top of Mind?

• Small business loans app blamed as 500,000 financial records leak out of … you guessed it, an open S3 bucket

• Everything is Cyber-Broken, The Online Edition!

• Coronavirus: AI Takes Over Social Network Moderation As Staff Sent Home

• Six-Month Data Breach on Guitar Site

• Rights Group: APP Bank Fraud Cost Consumers £1bn

• New Malware Lets Hackers Control Browsing

• NutriBullet Hacked By Credit Card Skimmers

• Fox Corporation Buys Ad-Supported Tubi Streaming Platform for $440 Million

• Monitor Minor Stalkerware Discovered

• Crimson RAT spread via Coronavirus Phishing

• Classified data at discount prices

• Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

• Human traffickers use social media oversharing to gain victims’ trust

• Some commercial password managers vulnerable to attack by fake apps

• SoftIron HyperSwitch: Built to maximize the flexibility of an open source network OS

• EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

• Detecting Fileless Attacks with Enterprise EDR’s AMSI Visibility

• Trend Micro addresses two issues exploited by hackers in the wild

• Free security resources for work-from-home employees during the COVID-19 crisis

• A German Army Laptop Sold for €90 on eBay – With Military Secrets

• Toward a common UI for security operations

• Sumo, StackRox, and Goldilocks – Hitting the Sweet Spot in Securing Business Insights

• Opera Browser Now Lets U.S. Users Buy Bitcoin With Apple Pay

• Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion

• Cloud Database Leak Exposes 425GB of Small Biz Financial Data

• New GitHub App Brings Collaboration Tools to Mobile

• US Government Goes After Hackers Exploiting COVID-19 Fears

• TrickBot Now Exploits Infected PCs to Launch RDP Brute Force Attacks

• Magecart Cyberattack Targets NutriBullet Website

• TrueFire Guitar tutoring website was hacked, financial data might have been exposed

• Blisk Browser Vendors Leaked Data Via Unsecured Database Server

• New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong

• Tencent Keen Security Lab joins GENIVI Alliance

• ASPI wants statutory authority to prevent foreign interference through social media

• 5 Good Reasons to Outsource Security Testing

• Pervasive digital surveillance of citizens deployed in COVID-19 fight, with rules that send genie back to bottle

• Security is leaving the data center and moving to the edge

• MonitorMinor app is a Stalkware lurking in Google Playstore

• Beware of Android Coronavirus Tracker app that Lock’s Your Device & Asks Ransom Payment

• Healthcare cybersecurity in the time of coronavirus

• Cyber Attack risk on IoT devices is too high says report

• Over 60% of the Fortune 1000 had at least one public breach over the last decade

• Trend Micro Patches Two Vulnerabilities Exploited in the Wild

• How financial services firms are handling data privacy

• ISC Stormcast For Wednesday, March 18th 2020 https://isc.sans.edu/podcastdetail.html?id=6914, (Wed, Mar 18th)

• Malicious Actors and Medical Data: Where Are We Heading?

• Contrast Security simplifies DevSecOps with Route Intelligence

• ESET: hackers used the Adobe brand to attack government websites

• Securely Work From Home With CASB

• Pradeo makes its mobile security services available for free

• RepRisk upgrades its ESG Risk Platform allowing users to conduct in-depth risk research on companies

• New version of HCL AppScan offers fast, accurate, and agile security testing

• How Organizations Can Achieve Security Availability

• Trickbot gtag red5 distributed as a DLL file, (Wed, Mar 18th)

• White House rolls out operational pivot to manage pandemic

• Onfido’s AI-powered identity verification solution brings inclusiveness with accessible conscious SDK

• Microsoft Defender ATP integrates with Delta Risk’s SOAR platform, ActiveEye

• 2020-03-17 – Pcap and malware for an ISC diary (Trickbot as a DLL))

• Box builds interoperability within Microsoft 365 environments to transform the way users work

• SecZetta and Focal Point provide clients with a 360° view of third-party identity and lifecycle management

• Alto’s Odyssey, Alto’s Adventure and Kingdom Rush Available for Free Right Now

• NS1 appoints Ryan Davis as CISO and Jay Liu as vice president of product strategy

• Hellman & Friedman acquires Checkmarx to bolster growth

• DOD to reconsider JEDI award

• NIST offers tips for secure telework

• Samsung begins mass production of 512GB eUFS 3.1 for use in flagship smartphones

• LeanIX appoints Claudine Bianchi as global Chief Marketing Officer

• Two Trend Micro zero-days exploited in the wild by hackers

• Adobe Fixes Nine Critical Vulnerabilities in Reader, Acrobat

• Dale Cabaniss quits as OPM chief

Generated on 2020-03-19 23:55:14.330518