El Diario del CISO El Diario del CISO (The CISO Journal) Edición 25 | Page 5

International InfoSec & Cybersecurity News
BEC Analysis Reveals Organization-Wide
Threat
www.infosecurity-magazine.com
Around half of those that receive and are impersonated in
Business Email Compromise (BEC) scams aren’t C-level or
finance/HR employees
Windows Zero-Day Flaw Disclosed Via
Twitter
www.darkreading.com
A previously undisclosed zero-day vulnerability in Microsoft's
Windows 10 operating system was published via Twitter this
week
Air Canada admits app data breach
included customers’ passport details
securityboulevard.com
All 1.7 million users of Air Canada’s mobile app have had their
passwords reset by the company following a security breach
which saw hackers compromise up to 20,000 accounts last
week.
.
Iranian
hackers target 70 universities
worldwide to steal research
www.zdnet.com
Researchers say the campaign is focused on stealing
credentials and access to library systems.
Cobalt Group Targets Banks in Eastern
Europe
threatpost.com
The infamous financial cybercrime gang known as Cobalt
Group has been spotted actively pushing a fresh campaign
that uses a peculiar tactic.
Bank of Spain Hit by DDoS Attack
www.databreachtoday.com
Spain's central bank says its website was intermittently offline
as it struggled to repel a distributed denial-of-service attack.
US-CERT issues malware analysis on
KEYMARBLE RAT ...
www.scmagazine.com
Through its US-CERT division, the U.S. Department of
Homeland Security yesterday issued a new analysis report on
a remote access trojan called KEYMARBLE.
Active Attacks Detected Using Apache
Struts Vulnerability
www.bleepingcomputer.com
After last week a security researcher revealed a vulnerability
in Apache Struts, a piece of very popular enterprise software,
active exploitation attempts have started this week.
WhatsApp warns that Google Driv After last
week a security researcher revealed a vulnerability in Apache
Struts, a piece of very popular enterprise software, active
exploitation attempts have started this week. e
backups
are not encrypted
www.helpnetsecurity.com
Facebook-owned WhatsApp has recently announced that,
The
dangers
of 12,
a false
starting
on November
2018. sense of security
www.itsecurityguru.org
Matt Ellard, EMEA Managing Director, Tanium Consumers
trust and expect businesses to keep their p