El Diario del CISO El Diario del CISO (The CISO Journal) Edición 7 | Page 8

News1.1 EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader FEMA inadvertently exposed almost 2.3 million disaster victims’ private data with a contractor | Cyware Hacker News FEMA inadvertently exposed almost 2.3 million disaster victims’ private data with a contractor A bug in Sprint website exposes other people’s account information APT33 cyber-espionage threat group targets organizations in Saudi Arabia and the United States ASUS patches the Live Update software exploited in ‘Operation ShadowHammer’ campaign Attackers hacked Israeli officials’ devices; stolen information sold to Iran Canadian Internet Registration Authority’s parking garage hit with ransomware Coding error in Lockergoga halts the ransomware even before performing encryption Cryptocurrency exchange platforms DragonEx and CoinBene hit by cyber attacks Cyware Weekly Threat Intelligence, March 18-22, 2019 Cyware Weekly Threat Intelligence, March 25-29, 2019 DLL Hijacking attacks: What is it and how to stay protected? Fluoroacetate team crowned as Master of Pwn2Own 2019 for finding multiple zero-day bugs Magecart group breaks into MyPillow and Amerisleep websites, potentially stealing credit card information Microsoft helping Norsk Hydro restore its IT systems without paying the ransom Misconfigured spyware database exposes over 95K images and audio recordings Modified version of Christchurch attacker's manifesto delivers ‘Trojan Haka’ payload Over 110,000 Australians affected by cyberattack on Facebook last September Pre-installed apps on Android riddled with malware and privacy issues, reveals new study South Korean websites targeted in new watering hole attack campaign dubbed ‘Soula’ Supply chain attack campaign ‘Operation ShadowHammer’ targets ASUS Laptop users with backdoors Verity Medical Foundation notifies of another security incident involving data exposure Why Should They Listen to the CISO? - forbes.com Reasons as to why certain people unbuckle before they are told include a low risk of incident, uncomfortable seats and being able to get into the aisle quicker. 5 Essential Cybersecurity Best Practices To Follow As A Remote Employee Council Post: Five Tech Trends Driving Cybersecurity In 2019 Council Post: How To Hire And Train For IT Security In 2019 Council Post: Why Penetration Testing Is Critical To Bolster Your Cybersecurity Efforts Crowe BrandVoice: The 7 Biggest Cybersecurity Threats In An IoT World Facebook Exposed Up To 600 Million Passwords -- Here's What To Do Facebook Succeeded In Killing Cybersecurity Like It Did Privacy Facebook's Password Breach Suggests The Public Sees Cybersecurity As Obsolete How To Begin A Career In Cyber-Security In The Age Of AI, The Human Factor Still Matters For Cybersecurity Are We Honestly Trying To Fill The InfoSec Jobs Gap? Or Is Our Ego Stopping Us? By Sean Martin Today I am joined by two long-time cyber professionals doing great things to help fill the cyber talent pool with candidates from all walks of life Filling, Not Depleting, The InfoSec Talent Pipeline My Digital Avatar: The Thin Line Between Utopia and Apocalypse Unusual Gathering A new age of warfare: How internet mercenaries do battle for authoritarian governments - ET CISO Today even the smallest countries can buy digital espionage services, enabling them to conduct sophisticated operations like electronic eavesdropping Aluminium maker Hydro battles to contain ransomware attack Cloud is changing the data protection landscape: Dell EMC research Cosmos Bank heist motivated from N Korea: UNSC report facebook: Facebook admits storing passwords in plain text Finland to investigate suspected Nokia Chinese data breach Fraudsters hack Hyderabad firm’s emails, swindle $1.2 M Hacking: Security at stake, again! Serial hacker returns, steals data of 26 mn users HMD Global says it takes security and customer privacy seriously How to nurture data driven culture in your organisation Lithuanian man pleads guilty in $100M internet fraud case State sponsored cyberattacks on banks on the rise: Report Virus attacks Spain's defence intranet, foreign state suspected-paper Medtronic's Implantable Defibrillators Vulnerable to Life-Threatening Hacks - thehackernews.com The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms Hackers Steal $19 Million From Bithumb Cryptocurrency Exchange Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely Libssh Releases Update to Patch 9 New Security Vulnerabilities Microsoft Announces Windows Defender ATP Antivirus for Mac Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps Ransomware Attack Forces Aluminum Manufacturer to Shutdown Systems Worldwide Turn Your Windows Computer Into A Hacking Machine Data breaches rose by 11% last year, despite increased defense spending | Information Management The expanding cyber threat landscape and new business innovation are leading to an increase in cyber attacks, according to a new report from the Ponemon Institute and Accenture Facebook says users' passwords were visible to employees Maintaining security control in the age of the mobile workforce Organizations need to make mobile security a priority in 2019 Rise in cyber attacks placing greater focus on incident response Securing data now means improving identity management Security tips to help you handle the worst that 2019 has in store The biggest data breaches and digital security threats of 2019 Understanding the role and need of a data protection officer Unsecured portal causes breach for nearly 70,000 WiCyS event celebrates opportunities for women in data security field A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach — Krebs on Security In a statement posted to its Web site today, Orlando, Fla. based hospitality firm Earl Enterprises said a data breach involving malware installed on its point-of-sale systems allowed cyber thieves Alleged Child Porn Lord Faces US Extradition Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years Man Behind Fatal ‘Swatting’ Gets 20 Years