El Diario del CISO El Diario del CISO (The CISO Journal) Edición 10 | Page 8

News1.1
EL DIARIO DEL CISO
(THE CISO JOURNAL)
Thinking and Working for a
Digital Security Leader
The second Meltdown: New Intel CPU
attacks leak secrets Cisco's 'Thrangrycat' Router Flaw
Tough to Neuter
Intel has done some mitigations for these
vulnerabilities that can leak secrets from virtual
machines, secure enclaves and kernel memory. Here's
how the attacks work. Researchers report finding a vexing vulnerability in Cisco
routers that could invisibly undermine device integrity
and allow attackers to take full control
200 million-record breach: Why collecting too much data raises risk
Can the re-use of identity data be a silver bullet for industry?
Cybersecurity professionals are no match for cyber-adversaries
Digital ethics rising in importance
Does your cyber insurance cover social engineering? Read the fine print
GDPR and the Cloud
Haas F1 team leans on service providers as security force multipliers
How Microsoft builds empathy between its security and development teams
How to defend against scams: 14 red flags everyone needs to be aware of
How to implement and use the MITRE ATT&CK framework
In the Dark Trying to Trace Attacks Inside Your Network?
IT services giant HCL left employee passwords, other sensitive data exposed
online
Microsoft urges Windows customers to patch wormable RDP flaw
Moving beyond template-based notifications
Over 90% of data transactions on IoT devices are unencrypted
Review: How Awake Security uncovers malicious intent
Tapping Veterans’ Unique Skillset to Fill the Cybersecurity Talent Pool
The most stressful aspects of being a cybersecurity professional
Threat Intelligence and the Evolving Threat Landscape
What Do We Want? Wi-Fi Protected Access! When Do We Want It? WPA3 Now!
What is malware? How to prevent, detect and recover from it
Why reported breaches are the tip of the iceberg
Why security needs to be involved early during mergers and acquisitions
Will the U.S. government draft cybersecurity professionals?
Assange Indicted in US Under Espionage Act
Attackers Exploit WhatsApp Flaw to Auto-Install Spyware
Bestmixer Cryptocurrency Laundering Site Shuttered
Cybersecurity's Week From Hell
Database May Have Exposed Instagram Data for 49 Million
E-Commerce Skimming Attacks Evolve Into iFrame Injection
Equifax's Data Breach Costs Hit $1.4 Billion
FBI and Europol Disrupt GozNym Malware Attack Network
GDPR: Europe Counts 65,000 Data Breach Notifications So Far
Google Restricts Huawei’s Access to Android
Hack of Japanese Retailer Exposes 460,000 Customer Accounts
Intel's 'ZombieLoad' Fixes May Slow Processors by 9 Percent
MuddyWater APT Group Upgrades Tactics to Avoid Detection
Owner of Defunct Firm Fined in LeakedSource.com Case
Ransomware Increasingly Hits State and Local Governments
Researchers: Aircraft Landing Systems Vulnerable
ScarCruft APT Group Targets Bluetooth With Malware: Report
Surge in JavaScript Sniffing Attacks Continues
To Prevent Another WannaCry, Microsoft Patches Old OSs
Whistleblower Everett Stern: ‘Do the Right Thing’
Google stored unhashed passwords
due to an implementation error |
Cyware Hacker News With A Second WannaCry Looming,
More Than Half Of Industrial Sites Are
Vulnerable - forbes.com
Ryan Stewart. Ryan is a senior cybersecurity and
privacy analyst Microsoft issued an urgent warning to users of older
Windows systems to apply an update in order to protect
against a potential widespread cyber attack.
Cancer Treatment Centers of America suffered data breach compromising
patients’ PHI
Coventry High School in Ohio cancels classes due to Trickbot infection
Cybercriminals break into production systems of Stack Overflow
Cyware Weekly Threat Intelligence, May 13-17, 2019
Cyware Weekly Threat Intelligence, May 20-24, 2019
DHS warns of Chinese-made drones stealing sensitive data
Equitas Health suffered data breach compromising members’ personal
information
Fake missed call alerts target Android users
IT Giant HCL Exposed Employee Passwords and Customer Project Details Online
Mailing error leads to confusion among the Inmediata Health Group’s breached
patients
Medicare details of Australians available for sale in the darknet
Multiple Russian government sites leak passport and personal data of over 2.25
million citizens
New spam campaign uses fake legal threats to lure victims
Oklahoma City Public Schools hit with ransomware attack
Oregon Contractors Construction Board hit with security breach impacting
contractor accounts
Redtail Technology exposes sensitive client data
Unprotected database exposes the personal information of almost 8 million
people in the US
Websites of at least eleven institutions in Sri Lanka hit by cyber attacks
WhatsApp fixes a critical vulnerability that let attackers install spyware on phones
A Laptop With 6 Of The Most Destructive Malware Threats Ever Is Up For Auction
Council Post: DevSecOps: One CISO's Journey
Council Post: Five Things To Consider When Reporting To Your Board On
Cybersecurity
Council Post: Frequent Breaches Have Brought Cybersecurity Change To The
Forefront. What's Next?
Council Post: Solving The Cybersecurity Talent Gap Today, Tomorrow And Beyond
ExtraHop BrandVoice: The Truth About (Cyber) Insurance: Do You Feel Lucky?
First American Financial Leaked 800-plus Million Sensitive Mortgage Documents
New Windows 10 Security Exploit Can Read All Your Files -- What You Need To
Know
Oracle BrandVoice: The ‘Unprecedented Challenge’ Of Cybersecurity Today
Shubert Organization Suffers Data Breach
When Cybersecurity And Trade Wars Collide
First American Financial Corp. Leaked
Hundreds of Millions of Title Insurance
Records — Krebs on Security
The Web site for Fortune 500 real estate title insurance
giant First American Financial Corp
A Tough Week for IP Address Scammers
Account Hijacking Forum OGusers Hacked
Feds Target $100M ‘GozNym’ Cybercrime Network
Legal Threats Make Powerful Phishing Lures
Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003
BestMixer.io Service Shut Down For Laundering $200 Million+
Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
GozNym Cybercrime Group Behind $100 Million Damages Dismantled
Hackers Accessed Stack Overflow's Production Systems
Over 12,000 MongoDB Databases Deleted by Unistellar Attackers
TeamViewer Confirms Undisclosed Breach From 2016
Lapse in LinkedIn security certificate update
No real change a year into GDPR, says privacy expert
Security Think Tank: How to realise the benefits of security zoning
Security Think Tank: Surviving the existential cyber punch, part 3
Spyware targets WhatsApp users
Why IT departments miss basic IT security hygiene