El Diario del CISO El Diario del CISO (The CISO Journal) Edición 30 | Page 9

As End of Life Nears, More Than Half of Websites Still Use PHP V5 AWS FreeRTOS Bugs Allow Compromise of IoT Devices Critical RCE Bugs Patched in Drupal 7 and 8 Facebook Expands Efforts to Squash Voter Suppression Facebook Offers Details on 'View As' Breach, Revises Numbers GreyEnergy Spy APT Mounts Sophisticated Effort Against Critical Infrastructure In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack New APT Could Signal Reemergence of Notorious Comment Crew NotPetya Linked to Industroyer Attack on Ukraine Energy Grid Gallmaker Attackers Living Off the Land, Symantec Finds Gartner: Cybersecurity & AI Are Top Spending Priorities for CIOs GreyEnergy Group Tied to Power Plant Attacks in Ukraine & Poland IBM's Ginni Rometty: We're the Blockchain & Quantum Computing Leader Living With Compromised Technology Supply Chains in a Post-Supermicro World McAfee: Seasalt Malware Raises Its Head Again 35 million voter records for sale on hacking forum 5 open source intrusion detection tools that are too good to ignore 7 best practices for negotiating ransomware payments Addressing the Modern Threat Landscape with Threat Intelligence Services Microsoft patch for JET flaw is ‘incomplete,’ Windows still vulnerable Ransomware attack hit North Carolina water utility following hurricane TheHackersNews Chrome, Firefox, Edge and Safari Plans to Disable TLS 1.0 and 1.1 in 2020 Critical Code Execution Flaw Found in LIVE555 Streaming Library Critical Flaws Found in Amazon FreeRTOS IoT Operating System Google to Encrypt Android Cloud Backups With Your Lock Screen Password LibSSH Flaw Allows Hackers to Take Over Servers Without Password LuminosityLink Hacking Tool Author Gets 30-Months Prison Sentence New iPhone Bug Gives Anyone Access to Your Private Photos Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy Podcast: A Utility Ransomware Attack, Post-Hurricane Privacy Regulation Could Be a Test for States' Rights Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers ThreatList: Half of Execs Feel Unprepared to Respond to a Cyber-Incident Trivial Post-Intrusion Attack Exploits Windows RID Tumblr Privacy Bug Could Have Exposed Sensitive Account Data Up to 35 Million 2018 Voter Records For Sale on Hacking Forum MIT Researchers Have a DAWG in the Fight Against Spectre & Meltdown Privacy & AI Changing the Digital Transformation Game Security Needs to Start Speaking the Language of Business Why Killing Off TLS 1.0 & 1.1 Is a Good Thing Your People Can't Secure Your Network? Try Tier 0 Automation The fix for IT supply chain attacks The IoT tsunami is coming Trend Micro shines a light on its new cybersecurity solutions What is Shodan? The search engine for everything on the internet Why I don’t believe Bloomberg’s Chinese spy chip report Healthcareinfosecuity 10 Cyberattacks Investigated Weekly by UK Aetna Hit With More Penalties for Two Breaches Anthem Mega-Breach: Record $16 Million HIPAA Settlement Cryptojackers Keep Hacking Unpatched MikroTik Routers Heads-Up: Patch 'Comically Bad' libSSH Flaw Now HHS Updates Security Risk Assessment Tool Review Shows Glaring Flaws In Xiongmai IoT Devices Tech Companies Bristle at Australia's Crypto Legislation