IT Security News Daily Summary 2020-12-31

• SMBs: How to find the right MSP for your cybersecurity needs

• SolarWinds hackers gained access to Microsoft source code

• A Brief History of Adobe Flash Player: From Multimedia to Malware – Intego Mac Podcast Episode 168

• SolarWinds hackers accessed Microsoft source code

• XKCD ‘Flash Gatsby’

• DEF CON 28 Safe Mode Saturday – Michael Stay’s ‘How We Recovered Xxx,000 In Bitcoin From An Encrypted Zip File’

• Microsoft Says ‘SolarWinds’ Hackers Viewed Internal Code

• Microsoft Reveals That Russian Attackers Accessed Some of Its Source Code

• Adobe Flash Player Dies 01/01/2021

• Bill & Melinda Gates Charity “GetSchooled” Exposed Student Data

• T-Mobile Data Breach Exposes Customer Information

• Microsoft says Russians accessed account ‘used to view source code’ in Solorigate hack

• Data Breach: Stolen User Records from 26 Companies Being Sold Online

• Threat actor is selling 368.8 million records from 26 data breaches

• S3 Ep13: A chat with hacker Keren Elazari [Podcast]

• Crypto Trading App Voyager Hit By Cyberattack, Company Shuts Down Website

• SolarWinds/SUNBURST: Behavioral analytics and Collective Defense in action

• Fighting Abusive Patent Litigation During a Year of Health Crisis: 2020 Year In Review

• Microsoft Internal Solorigate Investigation Update

• Golang malware infecting Windows, Linux servers with XMRig miner

• The strangest cybersecurity events of 2020: a look back

• Ticketmaster to pay $10 million for fraudulently hacking competitor server

• Ticketmaster to Pay $10 Million Fine Over Hacking Charges

• The enterprise case for implementing live-fire cyber skilling

• 6 common types of cyber attacks and how to prevent them

• How to Build Cyber Resilience in a Dangerous Atmosphere

• Taking A Neighborhood Watch Approach To Retail Cybersecurity

• Two Foldable iPhone Prototypes Reportedly Pass Internal Durability Tests

• What to Expect From Apple in 2021: New Apple Silicon Macs, iPhone 13, AirTags and More

• Cyberbullying Monitoring in Online Learning

• New Golang-based Crypto worm infects Windows and Linux servers

• SamSam Ransomware 101: How It Works and How to Avoid It

• UK Operators Will Not Reinstate European Data Roaming Charges

• What’s Next for Ransomware in 2021?

• Get back into the cybersecurity groove for 2021

• Washington D.C. Attorney General Slams Facebook For Fueling Hate

• The Coolest Hacks of 2020

• Japanese Giant Kawasaki Admits Security Breach With Potential Data Leak

• Vulnerability In Google Docs Could Allow Hijacking Feedback Screenshots

• NSO Used Real Location Data Of People In Demo, Researchers Allege

• 20 for 2020: The Edge’s Top Articles of the Year

• Brexit Deal Mandates Old Insecure Crypto Algorithms

• Amazon Acquires Podcast Startup Wondery

• Apple Removes 39,000 Games From China App Store

• Coronavirus vaccine has created new opportunities for crime

• SolarWinds Compromise May Have Started Earlier Than First Thought

• Ticketmaster Pays $10m DoJ Fine For Accessing Rival’s Computer

• Apple Deletes 39,000 Games From Chinese App Store

• Gazelle’s Used Device Trade-In Program to End Next Year

• AESI Acumen Engineered Solutions International Inc./ AESI-US Inc. (‘AESI’) simplifies mission-critical security operations with Check Point Software

• Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

• Want to add antivirus to your existing portfolio?

• Don’t Get Comfortable: More Change is Coming

• Best of 2020: BlueLeaks is Huge FAIL for Anonymous and DDoSecrets

• DHS Urges US govt agencies to Update SolarWinds Orion Software

• Google Chrome to Display Warnings for Weak Passwords

• TikTok dragged to court by 12-year-old girl for data misuse

• Ransomware attack leaks Pharmacy data of more than 137,000 patients

• New warning issued over COVID‑19 vaccine fraud, cyberattacks

• Worldwide VPN market to reach $75.59 billion by 2027

• 2020 set the stage for cybersecurity priorities in 2021

• Four ways to improve the relationship between security and IT

• Emotet Returns with Updated Modules and New Campaign

• Kaspersky has reported hacker attacks on COVID-19 researchers

• OAuth2 Bearer Token Usage

• Canon U.S.A. Honored with Two 2020 ‘ASTORS’ Homeland Security Awards

• Multi-Factor Authentication (MFA) Configuration for Mulesoft Anypoint Platform Users

• 5 Cybersecurity Tips to Protect Yourself While Shopping Online

• T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

• QAnon and 8Chan Digital Footprint Analysis and Investigation Expansion

• Apple loses lawsuit against cyber security startup Corellium

• IT Security News Daily Summary 2020-12-30

• FBI Warn Hackers are Using Hijacked Home Security Devices for ‘Swatting’

• 15 benefits of outsourcing your cybersecurity operations

• Preparing for GIAC Certified Incident Handler certification

• Review 6 phases of incident response for GCIH exam prep

• Cloud Security Specialization Launched

• Hands-On With the AirPods Max Shield Case From WaterField Designs

• The Sunburst hack was massive and devastating – 5 observations from a cybersecurity expert

• 7 on-the-ground big data strategies for 2021

• Change your macOS power settings to prevent disconnecting from VPN/Wi-Fi when the computer is locked

• CISA demands US govt agencies to update SolarWinds Orion software

• Novel Points: Exploit the Heap Overflow Bug *CTF 2019 oob-v8

• The Joy of Tech® ‘The Evolution Of Internet Prayer’

• DEF CON 28 Safe Mode Saturday – Gal Zror’s ‘Don’t Ruck Us Again: The Exploit Returns’

• Israel, Cyberattacks and International Law

• Treasury Asks Financial Sector to Watch Out for COVID Vaccine Scams, Ransomware

• Pranksters Hijack Smart Devices to Live-Stream Swatting Incidents

• The Endgame for SolarWinds Attack Was Victim Cloud Data

• Italy’s Ho-Mobile database with 2.5m accounts allegedly stolen, sold

• CISA updates SolarWinds guidance, tells US govt agencies to update right away

• DEF CON 28 Safe Mode Saturday – James Pavur’s ‘Whispers Among The Stars’

• Apple and Prepear Negotiating a Settlement Over Disputed Pear Logo Trademark

• EFF’s Work in State Legislatures: Year In Review 2020

• Competitive Compatibility: Year in Review 2020

• Insider threat vs. insider risk: What’s the difference?

• Intel Urged to Take ‘Immediate Action’ Amid Threats From Apple Silicon and AMD

• Apple Removes App Promoting Parties During Pandemic

• AppSec Decoded: Threats to IoT devices and the role of government regulation

• Google Docs bug could have allowed hackers to hijack screenshots

• The most enticing cyberattacks of 2020

• Apple looses mobile security battle against Corellium

• Facial Recognition Blamed For False Arrest And Jail Time

• Hackers using smart home devices to live streaming swatting attacks

• Why stateful machine learning could help cybersecurity efforts

• Cybersecurity challenges in 2021 and how to address them

• Apple Loses In Lawsuit Against U.S. Security Bug Startup

• Bitcoin Surges To Record $28,500, Quadrupling In Value This Year

• A New Year, A New Administration: Doors Open In 2021 For Public-Private Cooperation

• FBI: Pranksters Are Hijacking Smart Devices To Live-Stream Swatting

• New Year’s Deals: Shop the Best Year-End Discounts on Apple Accessories From Twelve South, Mophie, Nomad, and More

• An Abridged History of America’s Terrorism Prevention Programs: Opposition Grows, Supporters Adapt

• 20 World’s Best Free Hacking Books For 2021 – Beginners to Advanced Level

• SolarWinds Hackers Aimed to Access Victim Cloud Assets after deploying the Solorigate Backdoor

• Taking a Neighborhood Watch Approach to Retail Cybersecurity

• Mobile Endpoint Security: Still the Crack in the Enterprise’s Cyber Armor

• SolarWinds Attribution: Are We Getting Ahead of Ourselves?

• Study Finds More Than $100 Billion Spent on App Stores in 2020

• Apple Loses Corellium Lawsuit

• Alibaba Faces Antitrust Probe By Chinese Authorities

• Scalable remote access with VMSS enhances Azure security, while working from home

• Shields Up: How to Tackle Supply Chain Risk Hazards

• FBI: Home Surveillance Devices Hacked to Record Swatting Attacks

• DDoS Attacks Spiked, Became More Complex in 2020

• On-Demand, Always-On or Hybrid? Well, It Depends on the Use Case.

• Cloud-Native Threats in 2020

• How to Prove Your Organization’s Cybersecurity Investment is Paying Off

• Facebook Ads Phishing Campaign Stole Facebook Credentials Of 615K Users

• Appliances Giant Whirlpool Suffered Ransomware Attack

• Intel Urged To Consider Strategic Options

• Someone Is Spying On You | Avast

• U.S. Treasury Warns Financial Institutions of COVID-19 Vaccine-Related Cyberattacks, Scams

• The Most Dangerous People on the Internet in 2020

• On the Evolution of Ransomware

• TLS 1.3 is now supported by about 1 in every 5 HTTPS servers, (Wed, Dec 30th)

• AirPods Max Switching to ANC in Only One Cup? Here’s How to Fix It

• How to block malicious JavaScript files in Windows environments

• Apple Pulls App That Promoted Secret Parties During Ongoing Pandemic

• Using Cybersecurity Analytics to Make a Case for Risk Management

• Apple loses copyright infringement claims against security startup Corellium

• Acceso Remoto Seguro: Por que es importante y por que hay que hacerlo bien

• Lessons from Teaching Cybersecurity: Week 13

• The curse of knowing a bit about IT: ‘Could you just…?’ and ‘No I haven’t changed anything‘

• Privacy is at risk when security fails – especially for surveillance cameras

• Looking for adding new detection technologies in your security products?

• Best of 2020: Was This Huawei’s Failed Attempt at a Linux Backdoor?

• The Advantages and Risks of Serverless Computing

• US Treasury warns of ransomware attacks on COVID-19 vaccine research

• 2021 will overburden already stressed infosec teams

• Russian businesses lose $49 billion to Cyber Attacks

• Ransomware Attack on Whirlpool and the Funke Media Group of Germany

• 21 arrested after allegedly using stolen logins to commit fraud

• The head of Group-IB Mr. Sachkov described the portrait of a typical Russian hacker

• Declaring War Against Cyber Negligence

• Server market revenue reached $22.6 billion in 3Q20

• Microsoft Issued a Fix for Zero-Day Six Months Ago but It Didn’t Work

• ISC Stormcast For Wednesday, December 30th 2020 https://isc.sans.edu/podcastdetail.html?id=7310, (Wed, Dec 30th)

• Time is running out for Federal 100 nominations

• ‘Bullet has left the chamber’: Biden will not likely roll back Trump campaign against China tech

• Deadline extended for Federal 100 nominations!

• Happy 11th Birthday, KrebsOnSecurity!

• Zero-Day Spear Phishing Attack Targeting Covid-19 Pharmaceuticals—Likely Nation-State Threat Actors

• Are Trump’s Pardons a Blessing in Disguise?

• Apple Pay Promo Offers 20% Off Grubhub Purchase of $10 or More

• FBI: Pranksters are hijacking smart devices to live-stream swatting incidents

Generated on 2020-12-31 23:55:07.865668