El Diario del CISO El Diario del CISO (The CISO Journal) Edición 6 | Page 6

News0 EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader International InfoSec & Cybersecurity News Citrix Breach Underscores Password Perils MongoDB Privacy Error Leaks 808m Records Attackers used a short list of passwords to knock on every digital door to find vulnerable systems in the vendor's network. Security researchers have discovered a massive trove of over 808 million records, including email addresses, phone numbers and other personal information (PII) left exposed on a MongoDB instance 3 Places Security Teams Are Wasting Time 4 Reasons to Take an 'Inside Out' View of Security 4 Ways At-Work Apps Are Vulnerable to Attack 763M Email Addresses Exposed in Latest Database ... Anomaly Detection Techniques: Defining Normal Autism, Cybercrime, and Security's Skill Struggle Care and Feeding of Your SIEM Citrix Hacked by 'International Cybercriminals' Companies Having Trouble Translating Security to ... Consumers Care About Privacy, but Not Enough to Act ... Could Beto O'Rourke Become the First Hacker President? Criminals Use One Line of Code to Steal Card Data ... Cryptominers Remain Top Threat but Coinhive's Exit ... Cybercriminals Target Young Gamers Debunking 5 Myths About Zero Trust Security DHS: No Investigation Planned for Electrical Grid ... Fighting Alert Fatigue with Actionable Intelligence Georgia's Jackson County Pays $400K to Ransomware ... GPS Spoof Hits Geneva Motor Show Hackers Break into System That Houses College ... How China & Russia Use Social Media to Sway the West How the Best DevSecOps Teams Make Risk Visible to ... IoT Anomaly Detection 101: Data Science to Predict ... IT Security Administrators Aren't Invincible It Takes an Average of 3 to 6 Months to Fill a ... It's Time to Rethink Your Vendor Questionnaire Lazarus Research Highlights Threat from North Korea Meet the New 'Public-Interest Cybersecurity ... Microsoft Patch Tuesday: 64 Vulnerabilities ... New Malware Shows Marketing Polish NSA, DHS Call for Info Sharing Across Public and ... On Norman Castles and the Internet Organizations Taking Less Time to Detect Breaches Phishing Attacks Evolve as Detection & Response ... Proof-of-Concept Tracking System Finds RATs ... Ransomware's New Normal Security Pros Agree: Cloud Adoption Outpaces Security Shifting Attacks Put Increasing ID Fraud Burden on ... 'SimBad': Android Adware Hits 210 Apps with 150M ... The 12 Worst Serverless Security Risks The Case for Transparency in End-User License ... There May Be a Ceiling on Vulnerability Remediation Three in Five Politicians' Websites Don't Use HTTPS Tina Fey, RSAC, and Parallels Between Improv and Cyber To Improve Security, We Must Focus on Its People Trust, or Lack of It, Is a Key Theme on RSAC ... Twitter, Facebook, NSA Discuss Fight Against ... Ultrasound Machine Diagnosed with Major Security Gaps US Prosecutors Investigate Facebook's Data-Sharing ... Word Bug Allows Attackers to Sneak Exploits Past ... #DPI19: Data Regulators Reflect on First Months of GDPR #DPI19: Privacy Playbooks Can Help Navigate Data Protection Act Rules #Infosec19 Poll: Men Still Have More Opportunities in Cyber #RSAC: C&C Malware Can be Detected for Free #RSAC: Fixing the Mess of IoT Security #RSAC: How to Get and Maintain Your Risk Appetite #RSAC: Innovation Sandbox 2019 Winner Crowned #RSAC: The Most Dangerous New Attack Techniques & How to Counter Them ‘Cryptocurrency’ Founder Indicted Over Alleged $6m Scam Breaches and Leaks Soared 424% in 2018 Businesses Go Passwordless into Cloud Security China’s APT40 Group Stole Navy Secrets Chinese Hackers Backdoor Gaming Titles Cyber-Attacks Increasing for Canadian Orgs Cybercrime Costs Firms $13m Each as Malicious Insider Threat Grows E-Com Site Gearbest Exposed Millions of Records Europe’s Open Source Bug Bounty: A Wrong Start Facebook Fixed, but Did Outage Hurt Trust? Fraudsters Band Together, Shift to Bot Attacks FTSE 350 Boards Still Struggling on Cyber Awareness Global Privacy Study Finds Firms Failing on Accountability ICS Ethernet Switches Littered with Flaws Iranian Group Stole 6TBs of data from Citrix Is 'The Cybersecurity 202' Poll a Political Play at RSA? Kathmandu Investigates Possible Card Skimming Breach Lawmakers Call for Senate Breach Alerts MAGA App Dev Mad After Security Snafu McAfee Confirms Operation Sharpshooter Link to North Korea Multiple Healthcare Orgs Warn of Third-Party Attack NAO Criticizes UK’s Failing National Cyber Program New Ursnif Variant Bypasses Japanese AV No More Stickups, Bank Heists Have Gone Cyber OIG Warns NASA’s Poor Cybersecurity is Operational Threat Organizational Leadership and Cybersecurity Success Orgs Say Yes to AI Use But Ask “What Is It?” Over 80% of Firms Suffer Security Skills Shortages Over 80% of UK Students Have Never Considered an Infosec Career Pakistani Gov. Site under the Eye of Attackers Patch Tuesday Fixes Two Zero Days Phishing Attacks Spiked by 250% in 2018 Quarter of Firms Suffer Breach via Open Source Components Researchers Hack the 'Unhackable' Smart Car Alarm Spectrum Healthcare Latest to Issue Breach Notice The Benefits to Hiring a Diverse Cyber Team Trump's 2020 Budget Asks for $11bn for Cyber-Defense WordPress Comprises 90% of Hacked Sites Hackers Easily Can Reach Education Data Breach Education Cybersecurity Weekly is a curated Pakistani Government Site Compromised, Logs Visitor Keystrokes 257K Legal Documents Leaked By weekly news overview for those who are concerned about Unprotected Elasticsearch Server. Over 100 Exploits Found for 19-Year Old WinRAR RCE Bug. How Blockchain Can Improve InfoSec IBM Report Details Shifting Cybersecurity Threat Landscape International Women’s Day: Supporting gender diversity in cybersecurity, putting the skills gap into the history books Beauty Out of Chaos: Elevating Cybersecurity to an Art Form How many of you can remember what it was like managing IT security 10 years ago? How about two decades? A Look Back at the 2018 Security Landscape This Week in Security News: IoT Threats and Risks Creepy Database Lists 'BreedReady' Status for 1.8 Million Women Intel Fixes High Severity Vulnerabilities in Graphics Driver for Windows Advanced phishing tactics reel in a massive catch Universities across the US, Canada and Southeast Asia are the latest victims in a string of cyber attacks that appear to have originated in China. The not-so-secret ingredient for accelerating your business Treasure trove of hacking tools discovered on eBay