El Diario del CISO El Diario del CISO (The CISO Journal) Edición 9 | Page 8

News1.1 EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader Unprotected MongoDB Database Exposes Over 275 Million Personal Records | Cyware Hacker News 190,000 Accounts in Docker Hub Database May Have Been Exposed - Security Now An unprotected MongoDB database exposed over 275 Million personal records. Potentially poisoned images could be distributed without the distributors realizing that this is occurring. Airbnb user accounts allegedly hacked; previous bookings canceled and new bookings made Amazon Hit With Extensive Fraud Campaign Impacting Hundreds Of Seller Accounts Attackers delete GitHub, GitLab, and Bitbucket repositories and replace with ransom notes Baltimore City Hall and Potter County hit with ransomware attacks Chinese threat actor group APT3 used NSA-linked tools to target organizations, says new report Cyware Weekly Threat Intelligence, May 06-10, 2019 Freedom Mobile exposed almost 5 million customer records due to a misconfigured database Hackers stole over $41 million from Binance cryptocurrency exchange Iranian cyber espionage operations exposed via Telegram channels and Dark Web websites Mirrorthief cybercrime group targets online campus stores in the US and Canada with card skimming malware Scammers are adopting cloud services such as AWS, Azure, Alibaba, and Google Docs to trick victims Turla threat actor group hijacks Microsoft Exchange mail server using sophisticated LightNeuron backdoor Unprotected database belonging to Burger King exposes 37,900 records of Kool King Shop customers MegaCortex' Ransomware Hunts 'Big Game' Enterprise Cybercrime Study Finds Increasing Costs as Well as Changing Targets & Methods Enterprise Resilience: It's the Ecosystem, Stupid Quabot Trojan Evolves to Become Harder to Detect & Remove Airbnb Superhost Secretly Recorded Guests with Hidden Bedroom Camera Small businesses spent £13.6 billion recovering from cyber crime in 2018 - IT Governance Blog The incident is only the latest in a string of disturbing horror stories of guests finding live, recording cameras hidden in their Airbnb flats. Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug Google Patches Critical Remote Code-Execution Flaws in Android Lax Telco Security Allows Mobile Phone Hijacking and Redirects Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig The WannaCry Security Legacy and What’s to Come Security Workforce 2019: Closing the Gap Builds a Bridge to the Future Serverless Computing: A New World of Security Risks Shadow IT & Unsecured Data Still Rampant Within the Digital Workplace Top 5 Cyber Security Breaches of 2019 So Far Each Friday, Cyber Security Hub scours the internet to provide readers with a notable ‘incident of the week 4 Ways To Defend The Enterprise From Nation-State Attacks Cyber Security Cross Over: What To Expect When Making That Transition How To Measure Cyber Risk On Your Digital Assets Incident Of The Week: Impact Of Docker Security Breach Risk Management At The Forefront Of Tech Enterprises The Economic Side Of Cyber Security Risk Management One in three UK companies fell victim to cyber attacks in 2018, with the majority of the damage occurring in small businesses, according to a report by Beaming Cyber criminals conned holidaymakers out of £7 million in 2018 Different types of cyber attacks IT Governance Free Downloadable Green Papers List of data breaches and cyber attacks in April 2019 – 1.34 billion records leaked Survey reveals just how bad the UK is at creating passwords Top 5 ways to get more women in your workforce New MegaCortex Ransomware Targets Corporate Networks | SecureReading Creating a more diverse workforce can have many benefits for tech companies. Tom Merritt shares five tips for getting women interested in applying. Security researchers have discovered a new ransomware called MegaCortex targeting corporate networks. 10 warning signs you're about to get fired or laid off Communication breakdown: 10 tips to get users to listen to IT The 10 highest-paying cybersecurity jobs Why marketing teams are critical to successful cybersecurity efforts Why older employees are less likely to get tricked by phishing attacks Critical Flaw Discovered in Kaspersky Antivirus Engine that Allows Arbitrary Code Execution Critical Flaw discovered in SQLite allowing Remote Code Execution Critical Flaws Discovered in Sierra Wireless AirLink Routers Hackers Discovered Exploiting Microsoft Sharepoint RCE Flaw in the Wild Hackers Stole over $41 Million worth Bitcoins from Binance Cryptocurrency Exchange Why IT departments miss basic IT security hygiene What’s Behind the Wolters Kluwer Tax Outage? — Krebs on Security IT departments are failing to patch security holes in software because of a disconnect between security and operations teams, survey finds. Early in the afternoon on Friday, May, 3, I asked a friend to relay a message to his security contact at CCH, the cloud-based tax division of the global information services firm Wolters Kluwer Businesses unprepared for cyber breaches Cyber criminals targeting C-suite, DBIR shows Police down two dark web markets Using simulated disaster management to tackle the security skills gap Nine Charged in Alleged SIM Swapping Ring Data: E-Retail Hacks More Lucrative Than Ever Feds Bust Up Dark Web Hub Wall Street Market