El Diario del CISO El Diario del CISO (The CISO Journal) Edición 25 | Page 8

Andromeda Botnet Operator Released With a Slap on the Wrist Anonymous Catalonia Claims DDoS Attack On Bank of Spain Website Atlas Quantum Cryptocurrency Investment Platform Suffers Data Breach Beware of Fake "Shipping Docs" Malspam Pushing the DarkComet RAT Bitfi Wallet Is Vulnerable, No Bounty, No "Unhackable" Booz Allen Hamilton Researchers Detail New RtPOS Point-of-Sale Malware Cobalt Hacking Group Tests Banks In Russia and Romania Data of 130 Million Chinese Hotel Chain Guests Sold on Dark Web Forum Exploit Published for Unpatched Flaw in Windows Task Scheduler A DDoS Knocked Spain's Central Bank Offline Air Canada Forces Password Reset After App Security Snafu APT Uses Spear Phishing in New Campaign Website of Rapper Cardi B Littered with Spam BEC Detections Soar 80% Chinese Hotel Breach May Have Hit 100 Million+ Customers CISOs Reveal the Most Likely Culprits for Data Leaks Cryptocurrency Platform Suffers Data Breach Cryptojackers Exploit Critical Apache Struts Flaw Cryptomining Malware Soars 956% in a Year Firms Failing on Crucial Machine Identity Management Hearing Date Set in Georgia Election Security Case 0patch releases micropatch for Windows Task Scheduler zero-day 23% of UK SMBs still use USB drives as their primary data storage solution 80% of enterprises struggle to protect machine identities Air Canada confirms mobile app data breach, passport numbers were accessed Blocking compromised passwords: How and why to do it Cybercriminals shift tools, tactics and procedures to improve infection rates Emerging consensus for an ICS security approach Novel Attack Technique Uses Smart Light Bulbs to Steal Data OCR Software Dev Exposes 200,000 Customer Documents OpenSSH Versions Since 2011 Vulnerable to Oracle Attack Researchers Detail Two New Attacks on TPM Chips Stingray Devices May Interfere With 911 Emergency Calls Temporary Patch Available for Recent Windows Task Scheduler ALPC Zero- Day Unsophisticated Android Spyware Monitors Device Sensors US Government Takes Steps to Bolster CVE Program Windows 10 KB4100347 Intel CPU Update Causing Boot Issues & Pushed to AMD Users Hundreds of Banks Exposed from Fiserv Flaw ICO Breach Complaints Jump 160% in a Year Instagram Bids to Boost Transparency and 2FA Most NHS Trusts Provide No Alternative to Consumer IM NIS Directive Met, Polish Cybersecurity in Effect Over 50% of Top Sites Now on HTTPS Risks and Rewards of Google's Improving Security SMB Employees Fail to Take Cyber Threats Seriously Stamping Out Art Forgery with Cryptocurrency Two CERT Alerts, Only One With Known Solution Unprotected MongoDB Account Exposes 200K Files IoT failures plague most users worldwide Listening-Watch: Strong, low-effort, wearable 2FA scheme Old "Misfortune Cookie" flaw opens medical gateway and devices to attack PoC exploit for critical Apache Struts flaw found online Privacy Shield: Should I stay or should I go? The anatomy of fake news: Rise of the bots Incorporating sensitive asset data into your vulnerability and compliance program