El Diario del CISO El Diario del CISO (The CISO Journal) Edición 26 | Page 25

Firmware Weakness In Modern Laptops Exposes Encryption Keys Five Weakest Links in Cybersecurity That Target the Supply Chain Flaws in firmware expose almost any modern PC to Cold Boot Attacks Forcepoint Launches Critical Infrastructure Business Unit Former Detroit IT boss sent down 20 months for bathroom bung bonanza Fortnite: Why Kids Love It and What Parents Need to Know FragmentSmack Vulnerability Also Affected Windows, But Microsoft Patched It Freshmenu Fails To Inform Users Of Data Breach Friday Squid Blogging: Dissecting a Giant Squid GCHQ Found To Be In Breach Of Privacy Rules German manufacturers lose $50B to cyber attacks, SMBs at greatest risk Germany and Sweden take action against cyber fraud gang Google Expands Chilean Data Centre With $140m Investment Google reinstates www to URLs in Chrome after user backlash, but only temporarily Google whitepaper explains GCP data deletion policies Google’s China Search Project Concerns US Lawmakers Google’s top fraud fighter explains why it’s risky to brag about owning bitcoin Government Mass Surveillance Breached Human Rights, Says European Court Government web snooping: Why the latest court ruling won’t change much – at least not yet Greek Supreme Court Approves Russian Request for Bitcoin Suspect GrrCon 2018, Carl Hertz, Robert Wagner & Scott Thomas’ ‘Data Data Everywhere But No One Stops To Think’ GrrCon Augusta 2018, Chad Calease’s ‘Life, Death + The Nematodes: Long Live Cyber Resilience!’ GrrCon Augusta 2018, Corey Batiuk’s ‘PwnBook: Penetrating With Google’s Chromebook’ GrrCon Augusta 2018, Kelley Robinson’s ‘Analyzing Pwned Passwords With Apache Spark’ GrrCon Augusta 2018, Matthew Eidelberg’s ‘Vibing Your Way Through An Enterprise: How Attackers Are Becoming More Sneaky’ Guccifer to Be Extradited to US for Prison Sentence Gurucul introduces managed security analytics service Hackers Spreading New Malware with Powerful Obfuscation Technique to Bypass Antivirus Software Hackers Uploaded 42M Record that Contains Email Address and Credit Card Data to Free Anonymous Hosting Service Hackers wage a new Cold War Hacking a Web Application: Authentication (Part 1) Hacking Security Episode 1: What is Hacking Security? Has the DOD-VA interagency office outlived its usefulness? Healthcare’s Many Cybersecurity Challenges — Security Awareness (CyberSpeak Podcast) Heimdal Security Is Nominated for Anti Malware Solution of the Year Here’s Every Apple Watch Series 4 Collection Going Up for Pre-Order on September 14 HMRC phish swipes email login, payment details HMRC Tax Refund Phishing Scam Running Out-Of-Season House Committee on Homeland Security Advanced DHS Bug Bounty Program Bill How Apple’s Safari Browser Will Try to Thwart Data Tracking How does Telegram malware bypass end-to-end encryption? How does the SynAck ransomware use Process Doppelgänging? How identity layering improves data flow Security procedures are good – follow them and you get to keep your job Security Risks of Government Hacking Senators Bash State Department on Cybersecurity Senators Concerned About State Department’s Cybersecurity Failures September 2018 Security Update Release September Patch Tuesday: Windows Fixes ALPC Elevation of Privilege, Remote Code Execution Vulnerabilities Sextortion – Follow the Money Update, (Fri, Sep 14th) SigAnalyzer: Signature analysis with CASC Sly malware author hides cryptomining botnet behind ever-shifting proxy service Solid password practice on Capital One’s site? Don’t bank on it Sony Finally Admits It Doesn’t Own Bach and It Only Took Public Pressure SPECIAL REPORT: Going Beyond HIPAA Compliance: A Case Study Specially Crafted Webpage Crashes Almost All Browsers Specially Crafted Webpage Reboots and Crashes Almost All Browsers State Department Shamed For Poor Adoption Of Multi-Factor Authentication Status: Verified. Cisco AMP for Endpoints Hits the Mark Street gang members indicted for stealing POS terminals Talking UK Cyberwar With Sir David Omand Tech ONTAP Podcast Episode 156: SnapCenter 4.1 Tech support scamme