IT Security News Monthly Summary – November

• IT Security News Daily Summary 2020-10-31

• DEF CON 28 Safe Mode ICS Village – Austin Scott’s ‘5 Quick Wins For Improving ICS Cybersecurity Posture’

• REvil ransomware gang hacked gaming firm Gaming Partners International

• The Halkbank Case Should Be a Very Big Deal

• Google reveals details on active vulnerability affecting Windows 10, 7

• DEF CON 28 Safe Mode BioHacking Village – Bill Hagestad’s ‘Chinese Military Lab Mission + COVID-19’

• The Joy of Tech® ‘No Halloween This Year?’

• DEF CON 28 Safe Mode Biohacking Village – Quaddi’s & Replicant’s ‘How COVID19 Changed Cyber Disaster Medicine’

• Companies paid $4.2M bug bounties for XSS flaws in 2020

• Alibaba’s Online Store Redmart Suffers Data Breach of More Than Million Accounts, Experts say Company’s Fault

• Achieving a zero-carbon economy requires end to end security

• LokiBot Malware: What it is and how to respond to it

• What is endpoint detection and response? EDR security explained

• Chrome will soon have its own dedicated certificate root store

• Emotet operators are running Halloween-themed campaigns

• Can Trump Sell U.S. National Security Secrets With Impunity?

• Apple neglects to fix “fake headlines” bug usable for election interference

• Smart Irrigation Systems Left Wide Open to Abuse

• Link Previews Make Chat Apps Vulnerable To Data Leak And RCE Attacks

• Maze Ransomware Announces Departure – Replacements Already Available

• US President’s Twitter Account Hacked; The Ethical Hacker ‘Guessed’ The Password

• Rising Ransomware Breaches Underscore Cybersecurity Failures

• The Wisconsin GOP Lost $2.3 Million in an Email Scam

• Top Stories: Apple One Launch, iPhone 12 Pro Camera Performance, AirPods and HomePod Rumors

• More File Selection Gaffes, (Sat, Oct 31st)

• U.S. Govt Released Advisory on how Iranian APT Group Obtained Voter Registration Data

• RedMart security breach should come as no surprise, highlights importance of integration plan

• (Limited free pass) Blackhat & DEFCON Trainings @’Best Of The Wolrd In Security’ 2020

• Four Days to the Election— Don’t Fall for These Phishing Scams

• Russian Cyber Criminals started using bots to deceive victims

• McAfee Named a Leader in 2020 Gartner Magic Quadrant for Cloud Access Security Brokers

• Three smart ways banks can secure instant issuance

• The results are in – what needs to happen to ensure 5G security

• What is FedRAMP? Compliance and certification explained

• SPAM text messages vs SMiShing and defending against it

• 5 scary data breaches that shook the world

• Election (in)security: What you may have missed

• Week in security with Tony Anscombe

• How to Design a Website? 3 Important Tips

• Performance Testing vs. Load Testing vs. Stress Testing

• Why Do You Need Continuous Data Protection

• 10 Best Practices for Data Encryption

• Facebook Taken Down Number of Political ads due to Technical Flaws in their System

• Weekly Update 215

• Operation Earth Kitsune: hackers target the Korean diaspora

• Apple Ordered to Pay VirnetX Another $502.8 Million for Patent Infringement

• Bans on Guns at the Polls Are Plainly Constitutional

• StarTribune – 2,192,857 breached accounts

• Why XDR (Extended Detection and Response)

• Third-Party Vendor Risk Management: A Look into Top Couriers’ Digital Footprint

• Crippling Cyberattacks, Disinformation Top Concerns for Election Day

• CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data

• Top 3 Risks Facing Manufacturers in the Age of Digital Transformation (and How You Can Mitigate Them)

• Why Cyber Risk and Compliance Needs to Be the Foundation for Healthcare Digital Transformation Initiatives

• Apple Launches AirPods Pro Service Program for Crackling/Static Problems and ANC Issues

• IT Security News Daily Summary 2020-10-30

• Safely Celebrate Halloween Online | Avast

• Predictions 2021: Privacy becomes an imperative in a year of transition

• The path to a new normal in 2021 demands increased cybersecurity resilience

• Using the Office 365 Recommended Configuration Analyzer

• Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

• Cisco Talos Advisory on Adversaries Targeting the Healthcare and Public Health Sector

• Threat Roundup for October 23 to October 30

• Google discloses unpatched Windows zero-day exploited in the wild

• Hands-On Comparison: iPhone 12 vs. iPhone 12 Pro

• Windows kernel zero-day disclosed by Google’s Project Zero after bug exploited in the wild by hackers

• Talk To Kids About Removing Photos

• Zoom Begins Using End-to-End Encryption | Avast

• WannaCry: How the Widespread Ransomware Changed Cybersecurity

• TAU Threat Advisory: Imminent Ransomware threat to U.S. Healthcare and Public Health Sector

• DARPA scouting for ‘revolutionary’ ideas

• Ransomware can interfere with elections and fuel disinformation – basic cybersecurity precautions are key to minimizing the damage

• Wisc. GOP’s $2.3M MAGA Hat Debacle Showcases Fraud Concerns

• Firestarter Android Malware Abuses Google Firebase Cloud Messaging

• WordPress Patches 3-Year-Old High-Severity RCE Bug

• Benefits of virtual SOCs: Enterprise-run vs. fully managed

• New Wroba Campaign Is Latest Sign of Growing Mobile Threats

• A Look Into JumpCloud’s Q3 2020: Surging Demand for Access in a Remote World

• Apple Seeds iOS 14.2 and iPadOS 14.2 ‘Release Candidate’ to Developers and Public Beta Testers With ‘New Update Available’ Bug Fix

• Vastaamo psychotherapy data breach sees the most vulnerable victims extorted

• Can AI and connected tech bring better disaster decision-making?

• Cybersecurity threats to the 2020 presidential election

• Google discloses Windows zero-day exploited in the wild

• Get greater protection with IoT security advances in authentication

• Study: Facebook Collects More Of Your Data Than Any Other Company

• $2.3M Stolen from Wisconsin GOP via BEC Attack

• Marriott Gets Data Breach Fine Lowered To $23.8 Million

• NVIDIA Patches Critical Information Disclosure Bug

• Google Discloses Windows Zero-Day Exploited In The Wild

• Experian’s GDPR Fine Leaves Companies Scrambling

• Apple Says Record 2020 Mac Sales Attributed Primarily to MacBook Pro

• Preparing for Election Night: Counting and Reporting the Vote in Battleground States

• Scammers stole $2.3 million from Republican Party in Wisconsin

• Making knowledge transfer work virtually

• Wroba Mobile Banking Trojan Spreads to the U.S. via Texts

• Halloween News Wrap: The Election, Hospital Deaths and Other Scary Cyberattack Stories

• AWS releases Nitro Enclaves, making it easier to process highly sensitive data

• Google Discloses Actively Targeted Windows Vulnerability

• U.S. Cyber Command Shares More Russian Malware Samples

• Cybersecurity Horror Stories That Make Us Scream with Fright

• DEF CON 28 Safe Mode BioHacking Village – Mix录 Laufer’s ‘Making Next Generation Drugs At Home’

• XKCD ‘Fall Back’

• Good idea, bad design: How the Diamond standard falls short

• DEF CON 28 Safe Mode BioHacking Village – Andrea Downing’s ‘Infodemic: Threat Models’

• 5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

• MacRumors Giveaway: Win a Qi Wireless Charging Pad for AirPods Pro From Choetech

• The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election

• Unit Testing Ethereum Smart Contract In Solidity: Tips and Tricks

• For Secure Code, Maintainability Matters

• The Biggest Endpoint Security and Deception Software Trends

• ProBeat: Huawei sanctions are a win for Xiaomi, but a loss for the tech industry

• GDIT hangs on to DEOS cloud contract

• Updated FFIEC ‘Business Continuity’ handbook highlights planning

• Marriott Fined £18.4m Over Data Breach

• Ransomware Protection and Containment Strategies: Practical Guidance for
  Endpoint Protection, Hardening, and Containment

• Black Friday Spotlight: Best Buy Kicks Off a Month of Apple Deals and More

• With Apple One, iCloud Users Can Get Up to 4TB Storage

• SECURITY ALERT: Donald Trump Campaign Website Temporarily Disrupted by Vigilante Hacking Group

• Is Telegram Secure? What You Need to Know Before Downloading the App

• What is Smishing? SMS phishing explained

• Mobile device security explained

• Internet of Things toys are fun but raise privacy and socio-political concerns

• Cloud firewall explained: what is firewall as a service?

• Duped, deluded, deceived: How disinformation defrauds you

• University Email Accounts Used for Phishing

• Hall County in Georgia Stolen Data Leaked by Doppelpaymer

• Cyberattack Targets Networks of Vermont, New York Hospitals

• Facebook Apologises After Blocking Biden, Trump Ads

• OpenSSL Key and IV Padding

• McAfee CTO offers 6 cybersecurity warnings ahead of election

• Google Announces New VPN for Google One Customers

• Security automation tools and analytics reshape SecOps efforts

• Adobe Flash – it’s the end of the end of the end of the road at last

• US Sanctions Russian Institute Linked to TRITON

• Spain takes down terrorist cell recruiting online for the so-called Islamic State

• Microsoft Warns of Ongoing Attacks Exploiting Zerologon

• JavaScript Obfuscation Moves to Phishing Emails

• Privacy-preserving features in the Mobile Driving License

• macOS warns that HP, Amazon software “will damage your computer”

• Marriott data breach attracts $23.9 million penalty from ICO

• 21 More Android Apps Part Of HiddenAds Campaign – 3 Still Available On Play Store

• UK Watchdog Fines Marriott £18.4m For Data Breach

• Lazada confirms 1.1M accounts compromised in RedMart security breach

• Montreal Metro Hacker Demands $2.8m Ransom

• Streamlining Security with Cisco SecureX

• 5 Biggest Cyber Attacks of 2020 (So Far)

• iPhone 12 Camera Repairs Require Apple’s Proprietary System Configuration Tool

• Cyber Command’s Role in Election Defense: Important, But Not a Panacea

• 45% of IT security professionals aren’t ready for their organisations to return to work from their offices

• Most important election misinformation threat not from overseas: former Facebook security pro Stamos

• California’s Prop 24 splits data privacy supporters

• Discover NetApp video: SAP runs on NetApp

• This Week in Security News: Trend Micro Researcher Uncover Two Espionage Backdoors Associated with Operation Earth Kitsune and Trickbot and Ransomware Attackers Plan Big Hit on U.S. Hospitals

• Asset Discovery Startup Lucidum Launches With $4 Million in Seed Funding

• Microsoft Says Hackers Continue to Target Zerologon Vulnerability

• Britain Fines US Hotel Chain Marriott Over Data Breach

• Home Depot Confirms Data Leak after Canadian Shoppers Receive Random Order Confirmation Emails

• Hackers Stole $2.3M, Wisconsin Republicans Claims

• Public Safety & Cybersecurity Concerns Elevate Need for a Converged Approach

• The Legal Risks of Security Research

• MagSafe Wallet for iPhone 12 Now Available for Pickup at Select Apple Stores Internationally

• Apple One is Now Available: Save Money by Bundling Apple Music, iCloud Storage, Apple TV+, Apple Arcade, and More

• Comment: Wisconsin Republican Party Hacked For $2.3 Million

• Marriott fined £0.05 for each of the 339 million hotel guests whose data crooks were stealing for four years

• Apple Posts Biggest iPhone Sales Fall In Two Years, After Handset Delay

• Browsing from the coffee shop? You might want to try Google’s new VPN service

• Critical OpenEMR Vulnerabilities Give Hackers Remote Access to Health Records

• S3 Ep4: Now THAT’S what I call a fire alarm! [Podcast]

• Marriott data breach fine slashed to £18.4 million by UK regulator

• COVID-19: Latest Security News & Commentary

• The TRUMP crypto derivative – An insight into crypto derivatives

• Microsoft US election warning: Attackers hit Windows 10 Netlogon flaw

• Tech gifts for your favorite junior roboticists and hackers

• Why, yes, you can register an XSS attack as a UK company name. How do we know that? Someone actually did it

• Wisconsin Republican Party Says Hackers Stole $2.3 Million

• New York and Oregon Hospitals Hit by Ransomware as FBI Warns of Imminent Attacks on US Healthcare

• Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers

• DoppelPaymer ransomware gang leaked Hall County, Georgia, voter info

• DDoS attacks in Q3 2020

• Apple Slips to Fourth Place for Smartphone Market Share, Overtaken by Xiaomi

• Three Ways To Hack An Election: Election Security Is About Cybersecurity

• Election Security – Cybersecurity Experts Commentary

• Pktvisor: Open source tool for network visibility

• Want to add antivirus to your existing portfolio?

• Let’s Encrypt issues new Root and Intermediate Certificates

• Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

• What Does Bad Advice Look Like?

• ICO Slaps £250,000 Fine on Another Nuisance Call Company

• U.S Suffers A Massive Wave Of Cyberattacks In Healthcare Industry, FBI Issues Alert

• SecZetta and SecurePoint Announce Partnership to Strengthen Third-Party Identity Lifecycle and Risk Management in Africa

• US reveals information on Russian malware attacks

• Universities are suffering email hijacking attacks

• Georgia county residence have had their voter information leaked by ransomware gang

• The CSO guide to top security conferences, 2020

• Is Cybersecurity Awareness Month worth it?

• Number of “Breached” Records Hits 36 Billion in 2020

• SANS Launches New CyberStart Program for All High School Students

• Browsers Bugs Exploited to Install 2 New Backdoors on Targeted Computers

• California Privacy Rules Updated to Target Shady Practices

• On Friday the US starts Ender’s hacking game: All local teens can compete for scholarships in cybersecurity

• Bug Bounty Hunters Earned Over $4M for XSS Flaws Reported via HackerOne in 2020

• BEC Attacks Targeting Energy and Infrastructure Rise by 93%

• Scammers Spoof MAGA Hat Vendors to Steal $2.3m from Republicans

• A Navy SEAL, a Quadcopter, and a Quest to Save Lives in Combat

• Can good cybersecurity policies improve our quality of life?

• Brooklyn & Vermont US hospitals hit by ransomware attacks

• Quick Status of the CAA DNS Record Adoption, (Fri, Oct 30th)

• Narrative Adventure Game ‘South of the Circle’ Out Now on Apple Arcade

• PSA: Apple One Premier Bundle Only Available in US, UK, Canada, and Australia

• Do you fear the right thing? Probably not.

• Threat actors are actively exploiting Zerologon flaw, Microsoft warns

• 36 Billion Personal Records Exposed By Hacks In 2020 So Far

• FBI Alert: Imminent Threat Of Ransomware Attacks On U.S. Healthcare – Experts Comments

• Red Hat Enterprise Linux 8.3 delivers new security profiles and enhanced performance

• Looking for adding new detection technologies to your security products?

• Vermont Hospitals Now Latest Victim of Ransomware Attacks

• MS Teams: The Gateway Drug to Security Chaos

• The Threat of DDoS Attacks Creates A Recipe for Election Chaos

• Chatham County hit by a Cyber Attack

• Akamai strengthens its mobile security business with Asavie Acquisition

• Privacy Act review to examine privacy tort, direct action rights, and GDPR compliance

• How to plan a password security project

• What’s next for cloud backup?

• Breaches down 51%, exposed records set new record with 36 billion so far

• New infosec products of the week: October 30, 2020

• IPANDETEC’s Report on Panama’s ISPs Show Improvements But More Work Needed to Protect Users’ Privacy

• FCW Insider: Oct. 30

• NVIDIA Patches AMI BMC Vulnerabilities Impacting Several Major Vendors

• ‘A New iOS Update is Now Available’ Popping Up Repeatedly in iOS 14 Beta [Update]

• HITBCyberWeek virtual trainings: Mobile hacking, secure coding, bug hunting

• Network visibility critical in increasingly complex environments

• IoT security: Are we finally turning the corner?

• Over 100,000 machines remain vulnerable to SMBGhost exploitation

• Lessons from Teaching Cybersecurity: Week 5

• AWS Nitro Enclaves: Create isolated environments to protect highly sensitive workloads

• Thales unveils Identity Verification Suite to help onboard more users in a secure remote environment

• What NOT to Do in Your First 90 Days as a CISO

• ISC Stormcast For Friday, October 30th 2020 https://isc.sans.edu/podcastdetail.html?id=7232, (Fri, Oct 30th)

• Zentera secures enterprise apps and resources against external and internal cybersecurity threats

• AlefEdge EdgeNet: A compute and delivery network based on AlefEdge’s SD-ME platform

• Citrix introduces two workspace security solutions to secure access and protect apps anywhere

• ‘A New iOS Update is Now Available’ Popping Up Repeatedly in iOS 14 Beta

• FileCloud Aurora 20.2 features enhancements to user interface and navigation

• Terranova Security provides expanded tier options, special offers, enhanced partner portal interface

• CloudVector Enterprise Edition: Enhanced API discovery capability with AI-enabled monitoring

• Calix unveils two Support Services to extend the performance of network operations teams

• Securonix and Armis integrate to provide complete visibility into IoT and unmanaged devices

• U.S. hospitals hit with growing ransomware attacks

• NVIDIA Patches Critical Bug in High-Performance Servers

• FBI “ransomware warning” for healthcare is a warning for everyone!

• Camera Comparison: iPhone 12 Pro vs. iPhone 11 Pro

• Mail Voting Litigation in 2020, Part V: Efforts to Halt Vote-by-Mail Expansion

• A Brief Look at the Domain Attack Surface of Streaming Media Companies

• House Dems press OPM to block Trump’s civil service overhaul

• Interior IG: USGS director retaliated against whistleblower

• Government should make cybersecurity policy a priority

• Cybersecurity policy is a must in government

• First the Good News: Number of Breaches Down 51% Year Over Year

• Tim Cook Says Pandemic Boosting Contactless Payment Adoption in United States

• Apple Working ‘Really, Really Hard’ to Remedy Supply Constraints on iPhones, Macs, iPads and Some Apple Watches

• Congress Fails to Ask Tech CEOs the Hard Questions

• If you haven’t patched WebLogic server console flaws in the last eight days ‘assume it has been compromised’

• IT Security News Daily Summary 2020-10-29

• White House mulls CXO role at agencies

• Is Big Tech a big election security risk?

• How tech supports police accountability

• Firefighting robot joins LA force

• DOD lays foundation for permanent, secure telework

• Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals

• New Facebook Scam Fakes “Copyright Violations” To Get Around Two-Factor Authentication

• McAfee Launches XDR, Browser Isolation, Cloud App Security Tools

• US Cyber Command details implants used in attacks on parliaments and embassies

• Apple CEO Tim Cook ‘Optimistic’ About iPhone 12 Sales, Early Data ‘Quite Good’

• Apple’s Services Revenue Hits New All-Time High of $14.5 Billion in Q4 2020

• Apple CEO Tim Cook: ‘More Exciting Things’ in Store For This Year

• Apple’s Wearables, Home and Accessories Category Sets All-Time Revenue Record of $7.9 Billion

• Apple Sees All-Time High Mac Revenue of $9 Billion in Q4 2020

• TrickBot or Treat 2.0

• Americans living and serving overseas could tilt the 2020 election – if only they voted

• University Email Hijacking Attacks Push Phishing, Malware

• US: Collaboration Needed to Combat Online Child Exploitation

• Heading to the polls? Get the info on disinformation

• Ryuk Ransomware Targeting Healthcare

• iPhone 12 and iPhone 12 Pro Launch in More Countries, Including India and Korea

• Netflix Raises Prices, Premium 4K Plan Now Costs $18 Per Month

• Apple Reports 4Q 2020 Results: $12.7B Profit on $64.7B Revenue

• Apple One Service Bundles Set to Launch Tomorrow, Fitness+ Coming This Quarter

• Attacks exploiting Netlogon vulnerability (CVE-2020-1472)

• Days before the US election, phishers net $2.3m from Wisconsin Republicans

• CISA warns of disruptive ransomware attacks on US hospitals

• REvil Gang Promises a Big Video-Game Hit; Claims Massive Revenue

• Google Safari Workaround case inspires campaign to sue Facebook in UK’s High Court over Cambridge Analytica app

• Triple Data Breach Earns Insurer $1m Fine

• Hackers Make Off With Millions From Wisconsin Republicans

• Employee Spotlight: Nurul Mohd-Reza, Customer Retention Specialist

• Ransomware Hits Dozens of Hospitals in an Unprecedented Wave

• I’ve Joined the 1Password Board of Advisers

• McAfee Introduces MVISION XDR, the Industry-First Proactive, Data-Aware and Open Extended Detection and Response Platform

• FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

• iPhone 12 Models Don’t Pose Greater Risk of Magnetic Interference to Pacemakers and Medical Devices

• It’s Time to Kick Patent Trolls Out of the International Trade Commission

• Tell Us How You Want to Modify and Repair the Devices in Your Life

• Business Email Compromise attacks are on the rise

• How to install the FreeIPA identity and authorization solution on CentOS 8

• Community College Continues to Investigate Cyberattack

• Taiwanese Company Admits Stealing US Trade Secrets

• Russian Hackers Infiltrate U.S Government Networks and Steal Data

• US Security Department Issue Potential Trickbot and Malware Attack Warning to Health Department

• How Healthcare Organizations Can Combat Ransomware

• Ransomware Wave Targets US Hospitals: What We Know So Far

• CISA and CNMF Identify a New Malware Variant: Zebrocy

• MAR-10310246-1.v1 – ZEBROCY Backdoor

• McAfee Advances SASE Solution With First-Of-Its-Kind Integrated Remote Browser Isolation at MPOWER Digital 2020

• Apple’s Latest macOS Big Sur Beta References Unreleased Macs

• Crowdfunding the Women of the Islamic State

• Mail Voting Litigation in 2020, Part IV: Verifying Mail Ballots

• Antitrust Suit Against Google is a Watershed Moment

• It’s Cybersecurity Awareness Month and there is still a lot to do

• Ryuk this for a game of soldiers: Ransomware-flingers actively targeting hospitals in the US, cyber agencies warn

• Microsoft To ‘Reinvigorate’ Windows 10 User Interface – Report

• Migrating to the Cloud: Compliance Issues When Transitioning from a Traditional Data Center

• Securing the Future of Connected Devices | Avast

• Buer Loader “malware-as-a-service” joins Emotet for ransomware delivery

• Cybercriminals Aim BEC Attacks at Education Industry

• Why Defense, Not Offense, Will Determine Global Cyber Powers

• Ransomware’s malevolent heyday

• What Is Proactive Cyber Defense?

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 130’ (From The Archive – Published July 23, 2017)

• Deals: More Early Black Friday Sales Appear With Low Prices on AirPods Pro ($195) and Apple Watch SE/Series 6

• HP printer issue on Mac: What happened?

• Vulnerability scanning vs. Penetration testing: comparing the two security offerings

• Observations from the digital trenches

• Iranian group Phosphorus Targeting High Profile Conferences, Warns Microsoft

• Sky Lakes Medical Center Responding to Ransomware Incident

• FBI Announces Joint Statement Concerning Imminent Threat Against the Healthcare Industry

• Trend Micro HouseCall for Home Networks: Giving You a Free Hand in Home Network Security

• VirusTotal += Gridinsoft

• Marvell Acquires Inphi For Cloud Push

• Mount Locker ransomware group leaks 18Gb worth Gunnebo AB data

• Threat Analysis: How the Rapid Evolution of Reporting Can Change Security

• Hospitals Targeted in Rising Wave of Ryuk Ransomware Attacks

• Looking for good news on COVID-19? That’s exactly what cyber attackers want you to do

• Microsoft Introduces Device Vulnerability Report in Defender for Endpoint

• How to Increase Voter Turnout & Reduce Fraud

• MAR-10310246-2.v1 – PowerShell Script: ComRAT

• CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

• Get SASE Your Way with a Platform Approach to Security

• How to Firewall: Small Business Edition

• How to make the future IoT more secure

• Critical Oracle WebLogic flaw CVE-2020-14882 actively exploited in the wild

• MagSafe: Everything About Apple’s New iPhone 12 Charging Technology

• Make a Pledge for EFF Through CFC Today!

• Unilever CISO on balancing business risks with cybersecurity

• Insufficient Staffing Hindering States’ Cybersecurity Efforts

• Cyber Attack news headlines trending on Google

• Huawei Lawyers Question Border Officials In US Extradition Case

• What’s My Priority? The Key Pillars of Threat Intelligence

• Home Depot Confirms Data Breach in Order Confirmation SNAFU

• FBI: Hospitals and healthcare providers face imminent ransomware threat

• Oracle WebLogic Vulnerability Targeted One Week After Patching

• The Nastiest Malware of 2020

• Maintain Cloud Security Posture with Cisco Secure Cloud Analytics

• Best Practices for Protecting Your Organization’s Dynamic Cloud Infrastructure

• Untangle SD-WAN Router Wins Gold in 2020 Golden Bridge Business and Innovation Awards®

• Open Source Security Foundation Announces Education Courses and Participation Initiatives to Advance its Commitment to Securing the World’s Software Infrastructure

• Now You Know – Q&A about Bricata with CEO John Trauth

• Why WordPress admin notices matter (and how to manage them effectively)

• New Pentesting Course: PEN-300

• When Leaders Override Term Limits, Democracy Grinds to a Halt

• Expert Reacted On Microsoft Says Iranian Hackers “Phosphorus” Targeted Conference Attendees

• 1-15 September 2020 Cyber Attacks Timeline

• Zerologon Vulnerability: Analysis on This Dangerous Vulnerability

• Will Quantum Computing Change Computer Security? – Intego Mac Podcast Episode 159

• How to Get the Maximum Value From Your EDR Solution

• The Windows Bad Neighbor vulnerability explained — and how to protect your network

• Built-In, Not Bolted-On—What It Takes To Build-In Info Security

• FCW Insider: Oct. 29

• Singapore taps iris, facial biometrics as primary identifiers at immigration checkpoints

• Oracle WebLogic Server RCE Flaw Under Active Attack

• The 10 vulnerabilities most commonly discovered by bug bounty hunters in 2020

• Understanding the zero trust-SDP relationship

• FBI and CISA Caution of APT Attack that Already Exfiltrated Data from Government Systems

• Is Your Encryption Ready for Quantum Threats?

• ‘Act of War’ Clause Could Nix Cyber Insurance Payouts

• All the Ways Slack Tracks You—and How to Stop It

• Tracking Users on Waze

• SANS@MIC Schedule

• Hacker Changed Florida Governor’s Address In Voter Registration Database

• Facebook Sued Over Cambridge Analytica Data Scandal

• FBI Warns Ransomware Attackers Planning Big Hit On Hospitals

• Researchers Extract Secret Key Used To Encrypt Intel CPU Code

• How The Pandemic Is Reshaping The Bug Bounty Landscape

• Apple Maps Now Provides Transit Directions Across Italy

• Apple and Amazon Face Antitrust Scrutiny in Germany Over ‘Brandgating’

• Deals: New All-Time-Lows Hit Powerbeats Pro ($160) and Beats Solo Pro ($170) in Early Black Friday Sales

• Zerologon: BitSight Observations on a Dangerous Vulnerability

• Testy Grilling Of Tech CEOs Dominates Senate Hearing

• Attack Surface Reduction: Scrutiny of the Top Payment Processing Companies

• Bug-Bounty Awards Spike 26% in 2020

• Turla Cyber-Spies Target European Government With Multiple Backdoors

• Name Resolution

• Protect Your Employees from Business Email Compromise Attacks

• Exabeam Extends Security Management Platform with AWS, Google Cloud Platform and Microsoft Azure Cloud Storage Monitoring

• Security Intelligence Handbook Chapter 1: Why Security Intelligence Matters

• iPhone 12 Demand Linked to Increased Air Pollution in China

• Deals: Brand New 64GB iPad Air Gets $40 Discount at Amazon

• Positive Technologies: 84 Percent Of Companies Have High-Risk Vulnerabilities On The Network Perimeter

• The View Up Here Is Great – Introducing Our New Cloud-Based SSO

• Lenovo to slap ThinkShield security standard for laptop line-up on its Motorola mobiles

• 14 controls for securing SAP systems in the cloud

• Approaches to Deploying Post-Quantum Cryptography | Keyfactor

• Microsoft gives Excel cells a third dimension with Power BI data types

• FBI warning: Trickbot and ransomware attackers plan big hit on US hospitals

• How phishing attacks are targeting schools and colleges

• Microsoft Says Iranian Hackers Targeted Attendees of Major Global Policy Conferences

• Chronicle Co-Founder Launches New Cybersecurity Company Stairwell

• FBI Warns Healthcare Sector of Increased Ransomware Activity Commanded by Ryuk Gang

• DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread

• Beachhead Solutions Adds to Cloud-Managed Device Encryption Platform with New Capabilities Built to Secure Business’ Increasingly Remote Workforces

• Identity Management for Developers: Why it’s required more than ever

• Expert Reaction On Zoom End-to-end Encryption

• Enel Group Hit Again By Ransomware And Netwalker Demands $14 Million

• Security Blueprints Of Many Companies Leaked In Hack Of Swedish Firm Gunnebo – Experts Reaction

• Five Scary Good Cybersecurity Awareness Month Tips For Consumers To Keep In Mind

• Post-COVID Cobot Security Is Looking Good

• Akamai sees doubling in malicious internet traffic as remote world’s bad actors boom

• ‘Build’ or ‘Buy’ your own antivirus product

• How Quantum Computing Will Affect Computer Security and Passwords

• Numerous points of entry lead to multi-million euro penalties for data security breaches.

• Cloud Security Alliance issues guidance on securing SAP ERP systems in the cloud

• One Million Brits Sue Facebook For Cambridge Analytica Scandal

• Trula Hacker Group Uses Custom Malware & Legacy Tools to Attack Government Organizations

• Don’t Torpedo Your Data Security Program: 5 Best Practices to Consider

• McAfee debuts remote browser isolation solution, XDR platform

• Maze Ransomware Gang to Shut Down Operations

• U.S. Hospitals Warned of Imminent Ransomware Attacks From Russia

• Education Sector Facing Disproportionate Level of Spear-Phishing Attacks

• COVID-19, Zoom and Bedroom Lewdness Make for Sly (S)extortion Tactic

• Federal Agencies Warned the US Healthcare System on Facing An “Increased and Imminent” Threat of Cybercrime

• Iran-linked Threat Actor Targets T20 Summit Attendees

• Expert On News: Experian Misuse Millions Of Peoples Data

• Remote Working – Malware Is NOT Spread By People

• Expert Commentary: True, The Social Networking App That Promises To ‘protect Your Privacy,’ Exposed Private Messages And User Locations

• Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)

• What is a supply chain attack? Why you should be wary of third-party providers

• Internet Day: Are the Days of Internet Freedom Numbered?

• Red Alert as US Hospitals Are Flooded with Ryuk Ransomware

• Employee Awareness Recognized as Biggest Lockdown Security Failing

• KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

• Russia-linked Turla APT hacked European government organization

• Apple Set to Increase LiDAR Chip Orders on Strong Demand for iPhone 12 Pro

• Social networking app True reveals private messages and user locations

• Home Depot sends customers emails containing strangers data

• SMEs can be the weak link in the cyber-security chain – and we should help them

• Iranian attackers hack conference attendees’ emails according to Microsoft

• HITB Throwback Thursday: Look At Me – I’m The Captain Now

• Don’t Let Hackers Throw Your Brand Integrity Down the Drain

• Microsoft: These Iranian attackers are targeting high-profile conference attendees

• Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns

• Microsoft Defender ATP Users Get False Positive Alerts for Mimikatz, Cobalt Strike

• ICO Still Failing to Collect Fines from Unlawful Companies

• How to Run Google SERP API Without Constantly Changing Proxy Servers

• Protecting the healthcare industry from cyber threats

• Can we stop megacorps from using and abusing our data? That ship has sailed, ex-NSA lawyer argues in new book

• There is a long history of cybersecurity issues in the automotive history

• Scanning a GraphQL API for Vulnerabilities

• Iran-linked Phosphorous APT hacked emails of security conference attendees

• The Case Against Using a Frankenstein Cybersecurity Platform

• A Return to Logs to Unjam the Security Deficit

• French services outfit Atos told to pay $855m in trade secret pinching case

• Egregor: Sekhmet’s Cousin

• Can automated penetration testing replace humans?

• Reincubate – 616,146 breached accounts

• Malware never switches off – so why should your security supplier?

• US Federal agencies issue fresh warning on ransomware attacks on the healthcare sector

• AI to protect Power companies from Cyber Attacks

• Reaching Strategic Outcomes With A Managed Detection and Response Service Provider: Part 1

• FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems

• Pivoting to help our Cyber Community stay strong in times of uncertainty

• Political campaigns adopt surveillance capitalism at their own peril

• What the IoT Cybersecurity Improvement Act of 2020 means for the future of connected devices

• PSPs vs. OPA Gatekeeper: Breaking down your Kubernetes Pod security options

• U.S. Shares Information on North Korean Threat Actor ‘Kimsuky’

• Businesses struggle with data security practices

• Biggest WAN pain points: Security and service flexibility

• BrandPost: Rapidly and Securely Transitioning 7,000+ Employees to Telework

• ESET Threat Report Q3 2020

• PIVOTING TO HELP OUR COMMUNITY STAY STRONG WITH CYBER SKILLS IN 2020

• Data I/O offers simple, cost-effective and integrated method to deploy IoT security

• Most companies have high-risk vulnerabilities on their network perimeter

• 5 Essential Steps to Improve Cybersecurity Maturity

• Rambus IPsec Packet Engine secures 5G network traffic at data rates from 1 to 10 Gbps

• SpyCloud VIP Guardian helps protect executive accounts without compromising privacy

• PATCH NOW: CVE-2020-14882 Weblogic Actively Exploited Against Honeypots, (Thu, Oct 29th)

• AST TaaS 3.0 enables orgs to accelerate release, patch, and upgrade test cycles across Oracle Cloud apps

• Siren 11.0 helps investigative teams quickly conduct SIGINT, CYBINT, and OSINT investigations

• Calix GigaSpire BLAST u6x: A Wi-Fi 6 system that offers CSPs operational simplicity and efficiency

• 10 Reasons to Switch to Ruby

• Is Roku Worth It? How Can I Link My Roku With My Cable Internet?

• The best free VPN for unblocking Netflix 2020

• API Security Weekly: Issue #107

• FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

• Ransomware Activity Targeting the Healthcare and Public Health Sector

• Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser

• Data Access Requests Under GDPR and CCPA

• The Most Inspirational Women in Cyber UK 2020 – winners announced:

• Trenton Systems and FUTURA Cyber provide encryption key management of FIPS 140-2 SEDs

• Cymatic names Stuart McClure to its advisory board

• Stairwell secures $4.5M to help security teams defend against the most sophisticated threats

• NSA: We’ve learned our lesson after foreign spies used one of our crypto backdoors – but we can’t say how exactly

• Alliant2 replacement will have CMMC requirements

• Facebook Called Before Senate To Discuss Censorship, Legal Liability

• TrickBot operators employ Linux variants in attacks after recent takedown

• EFF Files Amicus Brief Arguing That Law Enforcement Access to Wi-Fi Derived Location Data Violates the Fourth Amendment

• IT Security News Daily Summary 2020-10-28

• RBAC for SSH and Kubernetes Access With Teleport [Webinar Sign-up]

• DOD could get permanent telework capability in 2021

• More Hospitals Hit by Growing Wave of Ransomware Attacks

• Breaches are like break-ins: Don’t wait until after to protect yourself

• Don’t wait for a breach before implementing cybersecurity, expert says

• US Government Issues Warning on Kimsuky APT Group

• Breaking the Glass Ceiling: Tough for Women, Tougher for Women of Color

• ‘Watch Dogs: Legion’ Tackles Surveillance Without Humanity

• For National Cybersecurity Awareness Month – A Better Way to Secure Your Distributed Workforce!

• How to Measure Someone’s Height with iPhone 12 Pro

• First iPhone 12 Mini Hands-On Video Surfaces [Update: Video Pulled]

• Apple Invites Developers to Get One-on-One Guidance From Engineers Ahead of Apple Silicon Mac Launch

• New Emotet delivery method spotted during downward detection trend

• Cybersecurity Awareness Month: 2020 in Retrospect

• Army IT chief mulls risk management reform

• NOAA partners with Google on AI

• IoT protocol helps drones collaborate

• Leverage AI to unlock data’s potential during electronic records transition

• How the Army’s DORA bot cuts manual work for contracting professionals

• ‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass

• Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems

• Guide to Cloud Network Security Basics

• Nitro Data Breach Could Spell Trouble for Google, Apple, Microsoft and Others

• iPhone 12 Pro: How to Measure Someone’s Height

• First iPhone 12 Mini Hands-On Video Surfaces

• Open Source is Revolutionizing Careers in Cybersecurity – What You Need to Know>

• Final Elections Update | Avast

• Cybersecurity Awareness Checklist

• Cyber Insecurity: Securing the Vote in the 2020 Election

• A tribute to micro-innovations

• How the cloud could improve vendor access management

• DEF CON 28 Safe Mode Biohacking Village – Vidya Murthy’s ‘The Underestimated Threat Vector: Homogeneity’

• All the MagSafe Accessories You Can Buy for iPhone 12

• UK’s Coronavirus Contact Tracing Apps To Share Data

• Trump campaign website defaced with “site seizure” notice

• tokenization

• The 5 biggest cybersecurity threats for the healthcare industry

• StackRox Releases Open Source Tool for Finding Kubernetes Misconfigurations

• Ping Identity launches passwordless authentication system

• COVID-19, Zoom and Bedroom Lewdness Make for Sly Sextortion Tactic

• 6 Ways Passwords Fail Basic Security Tests

• Moving Beyond Traditional EDR

• Review: Eight Sleep ‘Pod Pro’ iPhone-Connected Mattress Offers Temperature Controls and Sleep Tracking

• Apple Renews Jason Sudeikis Show ‘Ted Lasso’ for Third Season

• Foreign Influence Operations After 2020

• Can Trump Order the FDA to Approve a Treatment for Unscientific Reasons?

• Mail Voting Litigation in 2020, Part II: Submission of Mail-In Ballots

• Mail Voting Litigation in 2020, Part III: Challenges Seeking to Expand Delivery Options

• New York County Affected by Cyber-Attack

• TrickBot Linux Variants Active in the wild Despite Recent Takedown

• Steelcase Furniture Ransomware Attack

• Tesla Autopilot Rated ‘Distant Second’ By Consumer Reports

• Protect Yourself Against Election Data Brokers | Avast

• Quick Hits

• Russian Espionage Group Updates Custom Malware Suite

• How the Pandemic is Reshaping the Bug-Bounty Landscape

• Scammers “Seize” Trump Campaign Site

• UK Recruiting Youths for “Digital Army”

• Rethinking Security for the Next Normal — Under Pressure

• Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

• Google Drive Trash Retention Reduced by 10,000 Years

• 5 Places Where You’d Never Expect to Get Hacked

• SANS Cloud Security Curriculum

• How Unprecedented Intelligence Drives Stockholm Public Transportation’s Need for Speed

• Apple Releases First macOS Big Sur 11.0.1 Beta to Developers

• Software engineer leaked UK missile system secrets and refused to hand cops his passwords, Old Bailey told

• LokiBot Malware: What it is and how to respond to it

• What is endpoint detection and response? EDR security explained

• Take part in the 2021 IT Salary Survey

• Big Tech CEOs Defend Section 230 Online Protection Law

• WannaCry: How the Widespread Ransomware Changed Cybersecurity

• ‘Lives at stake’: How ransomware impacts hospitals

• Hackers Leak Swedish Security Firm’s Data

• Joint Network Established to Combat E-Commerce Fraud

• Hackers stole the personal data of patients in Finland

• Tracking Down the Web Trackers

• Trump Campaign Website Defaced by Unknown Attackers

• What’s next for Cisco SecureX?

• AttackIQ Launches New Informed Defenders Executive Council to Share Expertise and Improve Cybersecurity Effectiveness

• Back to the future: What the Jericho Forum taught us about modern security

• Beware of this Phishing Microsoft Teams Email

• The Top IoT Vulnerabilities in Your Devices – Keyfactor

• Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees

• The 5 biggest cybersecurity risks for hospitals and healthcare organizations

• Welcome to ThreatPursuit VM: A Threat Intelligence and Hunting Virtual Machine

• Cisco’s Duo Security launches Trust Monitor to simplify access monitoring

• Cisco Secure – Conquering Complexity with Simplified Security

• Cisco Takes a Simple, Secure, and Scalable Approach to SASE

• Strengthen customer relationships with Cisco SecureX

• ISE 3.0 Makes Its Move on the Cloud to Simplify the Zero-Trust Workplace

• Trump Campaign Website Defaced In Apparent Hack

• Experian Told To Stop Sharing Data Without Consent

• Facebook, Twitter, And Google Face Questions From US Senators

• ICE, IRS Explored Using Hacking Tools, New Documents Show

• iOS 14’s Upcoming Anti-Tracking Prompt Sparks Antitrust Complaint in France

• Apple Updates Clips App With New Design, HDR Video Recording With iPhone 12, Improved iPad Experience, and More

• Why Biden: Principle over Party

• Fake COVID-19 survey hides ransomware in Canadian university attack

• BrandPost: Getting Smart About Campus Security

• Episode 14: How COVID-19 changed security priorities at Bristol Myers Squibb

• Are You Protected? Oracle Database Protection and Availability

• Trump Campaign Website Defaced Briefly By Hackers

• A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods

• Back to Basics: Pandemic Cybersecurity Trends and Solutions

• Hackers Can Open Doors by Exploiting Vulnerabilities in Hörmann Device

• Payment and Data Security Firm Bluefin Raises $25 Million

• SHe CISO Exec. to Host Second Virtual Cybersecurity Boot Camp This Year

• World’s Largest Office Furniture Maker Hit with Ryuk Ransomware

• Enel Group attacked by Netwalker, demanding a whooping $14 million

• Physical Security Has a Lot of Catching Up to Do

• Is It Worth It to Defend Your Service from Video Piracy?

• Enso Previews Application Security Posture Management Platform

• The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products

• SMBGhost – the critical vulnerability many seem to have forgotten to patch, (Wed, Oct 28th)

• Insta360 Launches New ONE X2 360-Degree Camera

• iPhone 12 Ceramic Shield Still ‘Scratches at Level 6 With Deeper Grooves at Level 7’ in Mohs Hardness Test

• ‘Warp Drive – Teleport Racing!’ Coming Soon to Apple Arcade

• Advancing Beneficial Ownership Transparency in the United States

• Donald Trump Campaign Website Temporarily Disrupted by Vigilante Hacking Group

• Is Telegram Secure? What You Need to Know Before Downloading the App

• Scammers are spoofing bank phone numbers to rob victims

• Election Security: How Mobile Devices Are Shaping the Way We Work, Play and Vote

• Three steps to data-centric security: Discovery, protection, and control

• Compromised CMS Credentials Likely Used to Hack Trump Campaign Website

• EXCLUSIVE: Medical Records of 3.5 Million U.S. Patients Can be Accessed and Manipulated by Anyone

• Application Security Posture Management Firm Enso Security Emerges From Stealth

• Report: Application Flaws Being Fixed Faster Although Bugs Persist

• Akamai Boosts Mobile Security Offering with Asavie Acqusition

• Donald Trump’s Campaign Website Seized by Hackers Running Cryptocurrency Scam

• New Research Reveals the Hidden Downsides of Link Previews

• The XDR Perspective: RSA?s View on Extended Detection and Response

• Update on DoD’s Cloud-Based Internet Isolation

• A Potion for PCI Compliance

• Trump campaign website defaced by scammers

• Eve Adds Support for iOS 14’s HomeKit Adaptive Lighting to Eve Light Strip

• Top EU Antitrust Investigator Warns Against Break Up of Big Tech Companies

• Healthcare network security is slowly improving

• Report: The need for pervasive email security

• Experian vows to drag UK’s Information Commissioner’s Office to court after being told off for data-slurping practices

• Nitro PDF Suffered A Data Breach Impacting Google, Apple, Amazon, And More

• BT Signs 5G Deal With Ericsson For EE Network

• Beyond passwords: How to use multi-factor authentication – aka 2FA – to improve your security

• North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn

• Isentia Reeling After Suspected Ransomware Attack

• 3 Phenomena Emerging from the Pandemic

• Deals: Woot Offering Discounts on Refurbished iPhone 11, 11 Pro, and 11 Pro Max Models

• Mujjo Debuts New Range of Leather Cases for iPhone 12 Series

• Expert Reacted On Isentia Breach And Its Impact On Government Departments

• How Voice Control is Coming to Your Enterprise

• President Trump’s Campaign Website Defaced by Cryptocurrency Scammers

• Trump Campaign Website Defaced by Cryptocurrency Scam

• Experts Weigh in on E-Commerce Security Amid Snowballing Threats

• Security firm identifies 5 biggest cybersecurity risks for hospitals and healthcare organizations

• Poland and Spain take down international drug trafficking network associated with Kraków football hooligans

• 352 stolen vehicles seized in JAD Mobile 3 operation spanning across 22 countries

• [Webinar and eBook]: Are You’re Getting The Best Value From Your EDR Solution?

• The TRUMP crypto derivative – An insight into crypto derivatives

• Enel Group suffer another ransomware attack

• Cybereason announces $1 million comprehensive breach protection warranty

• Trump’s campaign website has been defaced by hackers

• Hackers post pornography in virtual classroom

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• Is this the end of privacy – What your life insurance company has on you

• Windows 10 security: Are you on the right version?

• Check Point Software Provides Over 1,000,000 eLearning Minutes since the Covid-19 Outbreak

• Furniture Giant Steelcase Hit by Suspected Ransomware Attack

• [Webinar and eBook] Learn How to Get the Best Value From Your EDR Solution

• New Research report “Connected Medical Device Security” shows health networks still exposed to significant risk of attack and disruption

• Finnish Psych Patients Blackmailed Following Breach – CEO Perspective

• Understanding Known Adversary Tactics And Techniques

• Manipulation by Disinformation: How Elections are Swayed

• Learn to Combat These Three Cybersecurity Monsters This Halloween and Beyond

• Shipping Logistics Leader IMC Deploys Check Point SandBlast Agent to Safeguard Supply Chain Data

• FCW Insider: Oct. 28

• Amazon Warns Users of Insider Disclosing Details to Third Party

• Experian Threatened With Massive GDPR Fine After Acting Unlawfully

• DDoS attacks in Q3 2020

• Report: Apple ‘Stepping Up Efforts’ to Develop Alternative to Google Search

• PJCIS stops short of recommending warrants to access metadata as scheme is tightened

• Humans are Bad at URLs and Fonts Don’t Matter

• TrickBot Linux Variants Active in the Wild Despite Recent Takedown

• Steelcase office furniture giant hit by Ryuk ransomware attack

• What to Do if You Think You Have Malware on Your Mac

• Internet of Things (IoT): Greater Threat for Businesses Reopening Amid COVID-19 Pandemic

• How the Past 6 Months Have Shaped ICS Risk

• VA High Court: License Plate Database Not Personal Data

• How to apply data protection best practices to the 2020 presidential election

• Donald Trump’s Election Website hacked

• Cyber Attacks on IoT devices are increasing says Nokia survey

• How important are vulnerability management investments for a cybersecurity posture?

• 76% of applications have at least one security flaw

• The Bitglass Blog

• Duped, deluded, deceived: How disinformation defrauds you

• SPAM text messages vs SMiShing and defending against it

• 21 Malicious Apps Downloaded 8 Million Times From Google Play

• Attacks on IoT devices continue to escalate

• As offices emptied and remote work became the norm, security teams struggled

• 4 Considerations for a Secure Cloud Environment

• How Containers Support the IT-OT Convergence

• GrammaTech CodeSentry: Identifying security blind spots in third party code

• Can Your Software Development Processes Withstand a Software Supply Chain Attack?

• ISC Stormcast For Wednesday, October 28th 2020 https://isc.sans.edu/podcastdetail.html?id=7228, (Wed, Oct 28th)

• Index Engines announces new release of CyberSense to help orgs tackle cyberattacks

• Citrix expands its Citrix Ready Workspace Security Program to include zero trust solutions

• Cyemptive Technologies cautions of limitations of AI for cyber protection, provides solution

• Trump’s official campaign website vandalized by hackers who ‘had enough of the President’s fake news’

• APT groups aren’t all from Russia, China, and North Korea

• Trump Campaign Website Broken Into by Hackers

• iPhone 12 Models Might Support Reverse Charging of Future Apple Accessories According to FCC Filing

• Catalogic Software adds direct offload to cloud from storage arrays to its ECX CDM solution

• AttackIQ integrates Security Optimization Platform with Microsoft Azure Sentinel cloud-native SIEM platform

• WekaIO WekaFS: Unified storage solutions with cloud-native ecosystem partners

• Aqua Security unveils Kubernetes-native security capabilities

• India and USA to share high-quality satellite imagery and more under new pact

• Black Friday and Cyber Monday scams are calling – Let it ring

• Get Hands-On with Tech Tuesday Workshops

• VMware and Samsung collaborate to help CSPs accelerate the roll-out of 5G

• Gigamon and Zscaler join forces to provide NDR for the distributed devices of a fluid workforce

• Hackers blackmail vulnerable patients after psychotherapy clinic hack

• Cybersecurity Strategy: Building Trust on Shifting Sands

• After Mocking Apple, Samsung May Remove Power Adapter From Galaxy S21 Box

• Eagle Eye Networks raises $40M to accelerate growth and AI investment for its Cloud VMS

• Survey Uncovers High Level of Concern Over Firewalls

• 2020 iPad Air vs. iPad Pro: Hands-On Comparison

• The Last Smash and Grab at the Federal Communications Commission

• IT Security News Daily Summary 2020-10-27

• incident response

• New Army IT chief mulls risk management reform

• 5 security strategies for a distributed DOD

• Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe

• US elections are still vulnerable to email spoofing

• Chinese Attackers’ Favorite Flaws Prove Global Threats, Research Shows

• Enel Group suffered the second ransomware attack this year

• iOS 14 Poised to Surpass iOS 13 Installations as Adoption Nears 50%

• Initiatives to close the digital divide must last beyond the COVID-19 pandemic to work

• FirstNet updates roadmap for data-driven responders

• Speed vs capacity: Fermilab pilots solid-state storage

• How HHS used agile to improve oversight

• FireEye Q3 results beat expectations, raises year view, shares jump 6%

• Amazon Fires Employee Who Leaked Customer Names, Emails

• Jon Stewart Current Affairs Series Coming to Apple TV+

• Zoom finally adds end-to-end encryption for all, for free – though there are caveats

• Guide Your Digital Native Children With Tech | Avast

• Avast Earns “Best Consumer Anti-Malware” Award | Avast

• DARPA tests autonomous vehicles’ ability to tell friend from foe

• Dems brace for internal defense budget fight

• DISA delays $11.7B IT ‘Enclave’ contract

• DHS, Coast Guard acquisition officials need closer watch, report finds

• National Guard on hand for election cybersecurity

• Virtual industry days are here to stay

• Akamai Acquires Asavie for Its Mobility, IoT Services

• Zero-trust methodology’s popularity a double-edged sword

• Zero-trust network policies should reflect varied threats

• How URL Tracking Systems are Abused for Phishing

• NewsBites Drilldown for the Week Ending 23 October 2020

• Apple Files Mystery ‘Personal Computer’ With Placeholder ‘B2002’ Name in Bluetooth Product Database

• Apple Acquires AI Startup Vilynx to Improve Siri

• New House bill aims to halt Trump’s civil service revamp

• Mitre ATT&CK: How it has evolved and grown

• Facebook “copyright violation” tries to get past 2FA – don’t fall for it!

• Schools Admit Security Gaps

• MITRE Shield Matrix Highlights Deception & Concealment Technology

• Gartner’s report on innovation insight for XDR

• Therapy Center Hacked, 40,000 Patients Sent Ransom Demands

• Peanuts Fans Unhappy With Specials Being Limited to Apple TV+, Petition Tops 100,000 Signatures

• Profit Margin Tensions Souring Relationship Between Apple and Foxconn

• Mail Voting Litigation During the Pandemic: Introduction

• Mail Voting Litigation: Application and Eligibility to Vote By Mail

• Preventing and Countering Election-Motivated Violence Without Causing Panic

• Hacker Steals $24 Million worth of Cryptocurrency from “Harvest Finance” Service

• KashmirBlack Botnet Attacking Outdated Content Management Systems

• Hundreds of Patient Records Leaked in Vastaamo Breach

• Nitro software data breach: Hackers claim selling customer data

• In Election Hacking, Perception May be as Good as the Real Thing

• Index Engines hones CyberSense for backup data protection

• Student Teacher Jailed for Sexting Children

• Floridian Arrested for Hacking Home Camera System

• Ping Identity Appoints Emma Maslen to Lead EMEA and APAC Growth

• Report: Facebook’s QAnon Ban May Actually Be Effective

• Developers’ Approach to App Testing Could Cut Flaw Fix Times by 80 Days

• Poll: Always Learning

• Akamai Acquires Asavie

• Google removes a set of 21 malicious apps from the Play Store

• New Backbone One Controller Brings a Console-Like Gaming Experience to iPhone

• Keeping ransomware cash away from your business

• Bitglass Leads the Pack in KuppingerCole’s CASB Market Compass

• Bitglass Security Spotlight: Ransomware Attack Affects more than 320K Students in Nevada School District

• The Bitglass SASE Triangle: ZTNA for Internal Applications

• The Bitglass SASE Triangle: SWG for Securing Web Traffic

• Cloud firewall explained: what is firewall as a service?

• Google’s Waymo Strikes Self-Driving Lorry Deal

• Researchers: LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes

• Going passwordless might be safer for organizations

• Top 5 things to know about EU-US data privacy

• Microsoft Introduces New Password Spray Detection for Azure

• Choosing ZTNA vendors amid zero-trust confusion

• Employees Aware of Emailed Threats Open Suspicious Messages

• North Korean Advanced Persistent Threat Focus: Kimsuky

• Data Exfiltration Via IPv6 | Avast

• Linksys Velop AX4200 WiFi 6 Mesh System Now Available

• T-Mobile Announces New TVision Streaming Service, Offers Free Apple TV+ With Subscription

• Psychotherapy Clinic Data Breach – No Data Is Safe

• Brit accused of spying on 772 people via webcam CCTV software tells court he’d end his life if extradited to US

• Cyber Threat from QR Codes

• NASA Confirms Water On Sunlit Surface Of Moon

• Zero Trust adoption gains traction in Asia Pacific, not a minute too soon

• LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes

• How foreign actors are trying to undermine the US presidential election

• FBI: Hotel Wi-Fi is not safe

• Louisiana National Guard Called in to Deal with Cyberattacks, Report Claims

• Impact of Covid-19 Web Threats on Cybersecurity, A Report from Beginning to End

• How to Make the Most of Your Budding Cybersecurity Career

• Introducing Axio’s Most Popular Free Assessment Tools

• How To Cyber Security: Put the Sec in DevOps with Intelligent Orchestration

• Getting Started with Bot Management

• Apple TV+ Orders Comedy Series ‘Platonic’ Starring Rose Byrne and Seth Rogen

• Expert Commentary: Massive Nitro Data Breach Impacts Microsoft, Google, Apple, More

• Experts Opinion On Amazon Sacking Insiders Over Data Leak

• Red Canary enters cloud workload protection space

• Nozomi Networks Pioneers SaaS Security and Visibility Solution for Dynamic IoT and OT Networks

• WannaCry Ransomware Explained

• Brit accused of spying on 772 people using webcam CCTV software tells court he’d end his life if extradited to US

• Speed up your data science initiatives

• Finnish Therapy Patients Blackmailed After Data Breach

• Migrating to the Cloud: Compliance Issues When Transitioning from a Traditional Data Center

• Uber releases new privacy features for riders and drivers

• Majority of Microsoft 365 Admins Don’t Enable MFA

• Personal Information of Google Employees Exposed in Data Breach at Immigration Law Firm

• What’s inside Tufin R20-2: Enhanced NGFW support, Azure visibility, and doubled risk analysis

• Insikt Group Discovers Global Credential Harvesting Campaign Using FiercePhish Open Source Framework

• Apple Music for Android Updated With ‘Listen Now’ Tab, Improved Search, Autoplay, and Crossfade Feature

• Deals: Save Up to $75 on Apple’s Entire 2020 iPad Pro Lineup

• Apple Researching Stronger Displays for Foldable Devices to Resist Cracking

• The Limited Room for Russian Troll Influence in 2016

• Facebook’s Election-Week War on Accountability is Wrong, Wrong, Wrong

• Mobile Operators Banned From Selling Locked Phones

• Law Firm Says Google Employee Information Compromised in Data Breach

• Cyber Espionage Detection Firm Strider Technologies Raises $10 Million

• Some Ballot Requests May Be Affected by County Cyber Attack

• Amazon Fires Employee For Leaking Customer Data

• Atomicorp & EstateSpace Join Forces with RunSafe Security to Supercharge Cyber Defenses

• RangeForce and 7 Eagle Group Join Forces to Boost Veterans’ Hands-on Cybersecurity Skills

• Fragomen law firm data breach exposed Google employee’s data

• Hackers Are Holding Psychotherapy Data Ransom

• Google Boots 21 Bogus Gaming Apps From Play Marketplace

• Zoom Rolls Out Encryption For All Desktop And Mobile Users

• Nando’s Hackers Feast On Customer Accounts

• When the EMEA Duo Partner Kick-Off Goes Virtual

• Insufficient Staffing Hindering States’ Cybersecurity Efforts

• Trend Micro HouseCall for Home Networks: Giving You a Free Hand in Home Network Security

• A Guide for Multi-Cloud SSH Key Management | Keyfactor

• Zoom rolls out encryption for all desktop and mobile users

• Google Boots 21 Bogus Gaming Apps from Play Marketplace

• Holiday Shopping Craze, COVID-19 Spur Retail Security Storm

• Code42 Incydr Series: Secure Data in the Age of Remote Work

• Flaws in Winston Privacy Devices Can Expose Networks to Remote Attacks

• #NCSAM: Organizations at Higher Risk of Cyber-Attacks Due to IoT Expansion

• The Nastiest Malware of 2020

• OSINT Gathering Key to Keeping Up With Financial Crime

• Axis Security Names New Channel Leader

• New AttackIQ Solution Integrates with Microsoft Azure Sentinel to Strengthen Cyber Threat Detection and Investigation for Security Customers

• Veracode State of Software Security: Half of Application Security Flaws Remain Open Six Months After Discovery; Apps with Technical Debt Take Two Times as Long to Fix

• Hacker was identified after the theft of $24 million from Harvest Finance

• New Pentesting Course: PEN-300

• Deals: AirPods Pro Hit $199.99 at Amazon and B&H Photo ($50 Off)

• How the 2020 election war on bots and trolls differs from 2016

• Threat modeling , Application security testing, Pentesting are not just buzzwords

• AMD Targets Data Centres With $35 Billion Purchase Of Xilinx

• Delete Now! – These 21 Apps With More Than 7 Million Downloads Contains Malware

• Ransomware vs WFH: How remote working is making cyberattacks easier to pull off

• Amazon Discloses Security Incident Involving Customers’ Email Addresses

• Government-Focused Cyber Defense Company Toka Raises $25 Million

• Swedish Authorities, Banks Hit by Security Data Leak: Report

• Reverse-Engineering the Redactions in the Ghislaine Maxwell Deposition

• Report: Apple Silicon iMac Featuring Desktop Class ‘A14T’ Chip Coming First Half of 2021

• Hackers blackmailing psychotherapy patient following Vastaamo breach

• 1-15 September 2020 Cyber Attacks Timeline

• Sopra Steria hit by a ransomware attack

• Virgin media data breach could fetch customers £5000

• State Dept. awards EIS data network contract

• FCW Insider: Oct. 27

• Experts Slam Perp and Clinic at Center of Extortion Scandal

• Government Threatened with Legal Action Over Track and Trace

• Remote Workers Ignore Training to Open Suspicious Emails

• Cybercrooks Hijack Nando’s Customer Accounts to Make Fraudulent Meal Purchases

• Crash Bandicoot Coming to iPhone and iPad in Spring 2021

• Law firm used by Google confirms data breach

• Amazon fires insiders over recent data leak

• Zerologon: BitSight Observations on a Dangerous Vulnerability

• Brit startup would like to beam 5G connectivity down at you from hydrogen-fuelled drones

• The Windows Bad Neighbor vulnerability explained — and how to protect your network

• CISM certification guide: Requirements, prerequisites, and cost

• Measuring the Global Impact of the NSA’s Top 25 Vulnerabilities Being Exploited In the Wild

• Mental Health Patients Blackmailed by Data Thieves

• Numerous fraudulent sites disguised as well-known brands have appeared on the Runet

• Google Removes 21 Malicious Android Apps from Play Store

• UK Ban on Sale of Locked Handsets to Come into Effect December 2021

• Over 100 irrigation systems left exposed online without protection

• A new threat matrix outlines attacks against machine learning systems

• Trying to register your antivirus in Windows Security Center?

• Improving on the Typical SIEM Model

• Ransomware’s Next Target: Backup Data

• ADHA records two My Health Record security incidents in FY20

• Cyber Awareness Training a Must for Third-Party Contractors

• Work from home strategies leave many companies in regulatory limbo

• Santander downplays ‘hack’ of PagoFX cash transfer biz, says nothing to worry about

• Some of Europe’s most dangerous sex offenders in the spotlight

• Organizations struggle to obtain quality threat data to guide key security decisions

• MDR service essentials: Market trends and what to look for

• Internet of Things toys are fun but raise privacy and socio-political concerns

• CMMC compliance explained: what is the Cybersecurity Maturity Model Certification?

• Attack Surface Reduction: Scrutiny of the Top Payment Processing Companies

• Link Previews in Chat Apps Pose Privacy, Security Issues: Researchers

• Cyber risk literacy should be part of every defensive strategy

• 78% of Microsoft 365 admins don’t activate MFA

• Data breaches upping ATO fraud ‘red flags’

• ‘Among Us’ players hit by major spam attack

• Sonrai Security Raises $20M to Uncover and Map Cloud Platform Security Risks

• Public Cloud Security Company Sonrai Security Raises $20 Million

• Cloud Security Start-up With Irish Co-founder Bags $20m Funding

• What’s New In Gartner’s Hype Cycle For Cloud Security, 2020

• ISC Stormcast For Tuesday, October 27th 2020 https://isc.sans.edu/podcastdetail.html?id=7226, (Tue, Oct 27th)

• NSW government sets up cyber and privacy resilience group to keep customer data safe

• How to Best Secure the Industrial Network for EMEA Organizations

• iPhone 12 Lineup Enables Personal Hotspot Over Faster 5GHz Wi-Fi

• Imperium RelevantID helps market research and panel orgs combat synthetic identity frauds

• Phone scamming – friends don’t let friends get vished!

• HackerOne introduces integrations and partnerships to connect and defend customers

• Confluera 2.0: Enhanced autonomous detection and response capabilities to protect cloud infrastructure

• Google Mending Another Crack in Widevine

• P.A.S. Fork v. 1.0 — A Web Shell Revival

• Protegrity supports Amazon Redshift to provide advanced data protection

• Deeptree selects Stellar Cyber to deliver intelligent next generation SOC

• Dropbox qualifies Western Digital Ultrastar 20TB SMR HDD to meet growing cloud storage demands

• Defending Fair Use in the Omegaverse

• Apple Raising App Store Prices in Brazil, Colombia, India, Indonesia, Russia and South Africa

• Content Moderation and the U.S. Election: What to Ask, What to Demand

• Leading French IT firm Sopra Steria hit ry Ryuk ransomware

• Hacker steals $24 million from cryptocurrency service ‘Harvest Finance’

• Microsoft IE Browser Death March Hastens

• Neural Networks Help Users Pick More-Secure Passwords

• Nitro PDF data breach might impact major companies, including Microsoft, Google, and Apple

• Excel 4 Macros: “Abnormal Sheet Visibility”, (Mon, Oct 26th)

• Prisma Cloud 2.0 Just Launched: Why a Comprehensive CNSP is Essential

• MagSafe Charger Only Charges at Full 15W Speeds With Apple’s 20W Power Adapter

• IT Security News Daily Summary 2020-10-26

• French IT Firm Sopra Steria Suffered Ransomware Attack

• Malicious Apps Repeatedly Bypassed Apple App Notarization

• Few Easy Tips to Improve Your Website Design

• Easy Ways to Ensure Your New Business is Protected

• OPM directs agencies on civil service overhaul

• F5 Networks fiscal Q4 results top expectations, Q1 revenue outlook beats, shares jump

• PE Firm to Acquire Forcepoint From Raytheon

• A Hacker Is Threatening to Leak Patients’ Therapy Notes

• Mitigating IoT security threats

• Georgia election system hit with ransomware

• Enterprises confident Chief Sustainability Officer (CSO) will improve cybersecurity

• Facebook Demands NYU Researchers Stop Using The Company’s Data

• Cybercriminals Extort Psychotherapy Patients Following Vastaamo Breach

• The Russian Hackers Playing ‘Chekhov’s Gun’ With US Targets

• The Future of Connected Devices

• How agencies can ensure continuity of operations

• Making privacy an easier conversation

• ‘Among Us’ Mobile Game Under Siege by Attackers

• 3 ways to balance biometric voter registration promise, concerns

• The Unsinkable Maddie Stone, Google’s Bug-Hunting Badass

• The 4 strategic goals behind recent Iranian cyber attacks

• Microsoft Updates Office Apps for iPad With Mouse and Trackpad Support

• Apple Shares New ‘Make Movies Like the Movies’ iPhone 12 Pro Ad Highlighting Dolby Vision Recording

• The Media Has Overcorrected on Foreign Influence

• Foreign Interference is a Strategy, Not a Tactic

• Block YouTube On School Devices | Avast

• Rethinking technology governance

• Adware found in 21 Android apps with more than 7 million downloads

• New Report Links Cybersecurity and Sustainability

• Microsoft Releases Security Update for Edge

• XKCD ‘Curbside’

• DEF CON 28 Safe Mode BioHacking Village – Mitchell Parker Panel ‘Advancing Medical Device Security’

• Plaintext Podcast Ep. 4 Featuring Akamai CSO Andy Ellis

• Why Getting Paid for Your Data Is a Bad Deal

• US Treasury Department Sanctions Russian Government Research Institution Connected to the Triton Malware

• Six Malicious Flash Installer Apps Discovered and Fixed by Apple

• Emotet Malware Uses Fake Microsoft Word Update Message

• Guest WiFi Explained + Simple Set-up for Visitor Connectivity

• Hacker steal $24M, returnes $2.5M to DeFi protocol Harvest Finance

Generated on 2020-11-01 00:01:27.494513