El Diario del CISO El Diario del CISO (The CISO Journal) Edición 5 | Page 6

News0
EL DIARIO DEL CISO
(THE CISO JOURNAL)
Pensando y Trabajando por
un Líder de Seguridad Digital
International InfoSec & Cybersecurity News
500 million WinRAR users open to
compromise via a 19-year-old flaw -
Help Net Security Russian State Hackers Take Minutes to
Move Laterally - Infosecurity Magazine
A vulnerability affecting all versions of the WinRAR file
archiver utility could be exploited to deliver malware
via specially crafted ACE archives. operationally effective, according to the latest report
40% of malicious URLs were found
on good domains - Help Net Security Australian PM Blames “Sophisticated
State Actor” for Parliament Hack -
Infosecurity Magazine
While tried-and-true attack methods are still going
strong
(ISC)² Secure Summit EMEA will welcome hundreds of the best minds in
cybersecurity
2018 saw 6,515 reported breaches, exposing 5 billion sensitive records
74% of organizations face outages due to expired certificates
92% of organizations rank users as their primary security concern
Attackers continue to enhance their performance, apply smart business
techniques
Businesses need to rethink security priorities due to shifting trends
By 2025 workforce most likely to consist of humans and bots
Cisco SOHO wireless VPN firewalls and routers open to attack
CISO's guide to an effective post-incident board report
Consumer attitudes towards security breaches are changing significantly
Criminal groups promising salaries averaging $360,000 per year to accomplices
Detecting Trojan attacks against deep neural networks
ENISA provides recommendations to improve the cybersecurity of EU electoral
processes
Enterprises are blind to over half of malware sent to their employees
European standards org releases consumer IoT cybersecurity standard
Exposure of sensitive data via cloud applications and services increases 20%
Formjacking is the new get rich quick scheme for cybercriminals
Free decryption tool could save victims millions in ransomware payments
Global mobile networks to support 12.3 billion devices and IoT connections by
2022
Half of business leaders say a breach could end their business, others remain
unaware
Healthcare industry: Key trends and cybersecurity challenges
Highly critical Drupal RCE flaw could lead to new Drupalgeddon, patch now!
How are businesses facing the cybersecurity challenges of increasing cloud
adoption?
How to combat delivery ramifications after a data breach
ICANN calls for wholesale DNSSEC deployment
Increasing security measures are driving cybercriminals to alter their
techniques
Insights on modern adversaries and their tactics, techniques, and procedures
IT security incidents affecting German critical infrastructure are on the rise
Latest WinRAR, Drupal flaws under active exploitation
Many computers are vulnerable to hacking through common plug-in devices
Modern browser APIs can be abused for hijacking device resources
Most IoT devices are being compromised by exploiting rudimentary
vulnerabilities
Phishers' new trick for bypassing email URL filters
Phishing, software supply chain attacks greatest threats for businesses
Prevent shadow IT: Companies need security covering multiple communication
vectors
Privileged credential abuse is involved in 74% of data breaches
Researchers and businesses need to work together to expose IoT
vulnerabilities
Rockwell Automation industrial energy meter vulnerable to public exploits
Ryuk: What does the helpdesk tell us?
Social media-enabled cybercrime is generating $3.25 billion a year
Tech companies fret over data privacy, but ready to bet on IPO market
The importance of consumer trust in the second-hand mobile market
The risks associated with the influx of unauthorized collaboration tools
Webinar: Defending account takeovers at Remitly
There was a major rise in Chinese state-sponsored cyber-
activity in 2018 while Russian actors were by far the most
from CrowdStrike..
Australian Prime Minister Scott Morrison has blamed a
“sophisticated state actor” for the recent attempt to hack
the parliament’s computer network
#CPX360 Prepare for Next Generation of Attacks with Prevention Focus
19-Year-Old Awarded More than $1M in Bug Bounties
APT Uses Arsenal of Tools to Evade Detection
Aussie Heart Hospital Hit by Ransomware Blitz
Australian PM Blames “Sophisticated State Actor” for Parliament Hack
Blacklist Fail Allows Hacker to Steal $7m in Cryptocurrency
Breaking Silos Could Reduce Breach Costs
Cloud Adoption on the Rise, IT Pros Unsure of Risk
Coinhive Monero Miner Set to Close
Criminals Phishing for Porn Site Credentials
Domain Squatting a Problem for Many Media Outlets
Dow Jones Leaks Global Watchlist Data
Europe Intros Global IoT Security Standard
Flaws Discovered in Popular Password Managers, Report Claims
Former Grad Destroys Computers with Killer USB
GCHQ Boss: China’s Tech Rise a “First Order” Cyber Challenge
Global Spam Calls Hit 85 Billion in 2018
Half of UK Firms Have Unknown Devices on the Network
Healthcare Breaches Affected 11.5 Million People in 2018
Hiring, Threats and Budget Cause Biggest Security Headaches
ICANN: We Need DNSSEC Everywhere to Combat Hijackers
Labour Issues GDPR Warning After Breach Rumors
Lazarus Suspected of Targeting Russian Orgs
MassCyberCenter Says State Faces Increased Threats
Microsoft: Russians Hacking Again Ahead of Euro Elections
Most UK IT Security Leaders Fear CNI Attack
NCSC Boss: Huawei Security Concerns Aren’t About China
POS Firm Hacked, Data-Stealing Malware Deployed at 100+ Outlets
Ransomware Revenue Earning Does Not Match Infection Decline
Scarlet Widow Targets K-12 Schools, Nonprofits
Sextortion Accounts for 10% of Spear-Phishing Emails
Social Media Drives $3.2bn+ in Black Hat Profits
Sweden’s Patient Hotline in Privacy Snafu
Swedish Privacy Snafu Affected More Companies
Threat Report Tries to Change Security's Narrative
Tik Tok Kids’ App Hit by Record $5.7m FTC Fine
Trend Micro Blocks Over 48 Billion Threats in 2018
Trojan Attack Masked as Payment Confirmation
TurboTax Users Hit by Credential Stuffing Attack
UK Banks Reported 480% More Breaches in 2018
Value of Stolen Card and Amazon Account Details Rockets
Web Application Security Poses Greatest Risk