El Diario del CISO El Diario del CISO (The CISO Journal) Edición 7 | Page 8
News1.1
EL DIARIO DEL CISO
(THE CISO JOURNAL)
Thinking and Working for a
Digital Security Leader
FEMA inadvertently exposed almost 2.3
million disaster victims’ private data
with a contractor | Cyware Hacker
News
FEMA inadvertently exposed almost 2.3 million disaster
victims’ private data with a contractor
A bug in Sprint website exposes other people’s account information
APT33 cyber-espionage threat group targets organizations in Saudi Arabia and
the United States
ASUS patches the Live Update software exploited in ‘Operation ShadowHammer’
campaign
Attackers hacked Israeli officials’ devices; stolen information sold to Iran
Canadian Internet Registration Authority’s parking garage hit with ransomware
Coding error in Lockergoga halts the ransomware even before performing
encryption
Cryptocurrency exchange platforms DragonEx and CoinBene hit by cyber attacks
Cyware Weekly Threat Intelligence, March 18-22, 2019
Cyware Weekly Threat Intelligence, March 25-29, 2019
DLL Hijacking attacks: What is it and how to stay protected?
Fluoroacetate team crowned as Master of Pwn2Own 2019 for finding multiple
zero-day bugs
Magecart group breaks into MyPillow and Amerisleep websites, potentially
stealing credit card information
Microsoft helping Norsk Hydro restore its IT systems without paying the ransom
Misconfigured spyware database exposes over 95K images and audio recordings
Modified version of Christchurch attacker's manifesto delivers ‘Trojan Haka’
payload
Over 110,000 Australians affected by cyberattack on Facebook last September
Pre-installed apps on Android riddled with malware and privacy issues, reveals
new study
South Korean websites targeted in new watering hole attack campaign dubbed
‘Soula’
Supply chain attack campaign ‘Operation ShadowHammer’ targets ASUS Laptop
users with backdoors
Verity Medical Foundation notifies of another security incident involving data
exposure
Why Should They Listen to the CISO? -
forbes.com
Reasons as to why certain people unbuckle before they are
told include a low risk of incident, uncomfortable seats and
being able to get into the aisle quicker.
5 Essential Cybersecurity Best Practices To Follow As A Remote Employee
Council Post: Five Tech Trends Driving Cybersecurity In 2019
Council Post: How To Hire And Train For IT Security In 2019
Council Post: Why Penetration Testing Is Critical To Bolster Your Cybersecurity
Efforts
Crowe BrandVoice: The 7 Biggest Cybersecurity Threats In An IoT World
Facebook Exposed Up To 600 Million Passwords -- Here's What To Do
Facebook Succeeded In Killing Cybersecurity Like It Did Privacy
Facebook's Password Breach Suggests The Public Sees Cybersecurity As
Obsolete
How To Begin A Career In Cyber-Security
In The Age Of AI, The Human Factor Still Matters For Cybersecurity
Are We Honestly Trying To Fill The InfoSec
Jobs Gap? Or Is Our Ego Stopping Us?
By Sean Martin Today I am joined by two long-time cyber
professionals doing great things to help fill the cyber talent
pool with candidates from all walks of life
Filling, Not Depleting, The InfoSec Talent Pipeline
My Digital Avatar: The Thin Line Between Utopia and Apocalypse
Unusual Gathering
A new age of warfare: How internet
mercenaries do battle for authoritarian
governments - ET CISO
Today even the smallest countries can buy digital espionage
services, enabling them to conduct sophisticated operations
like electronic eavesdropping
Aluminium maker Hydro battles to contain ransomware attack
Cloud is changing the data protection landscape: Dell EMC research
Cosmos Bank heist motivated from N Korea: UNSC report
facebook: Facebook admits storing passwords in plain text
Finland to investigate suspected Nokia Chinese data breach
Fraudsters hack Hyderabad firm’s emails, swindle $1.2 M
Hacking: Security at stake, again! Serial hacker returns, steals data of 26 mn users
HMD Global says it takes security and customer privacy seriously
How to nurture data driven culture in your organisation
Lithuanian man pleads guilty in $100M internet fraud case
State sponsored cyberattacks on banks on the rise: Report
Virus attacks Spain's defence intranet, foreign state suspected-paper
Medtronic's Implantable Defibrillators
Vulnerable to Life-Threatening Hacks -
thehackernews.com
The U.S. Department of Homeland Security Thursday issued an
advisory warning people of severe vulnerabilities in over a
dozen heart defibrillators that could allow attackers to fully
hijack them remotely
Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites
Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms
Hackers Steal $19 Million From Bithumb Cryptocurrency Exchange
Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack
Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely
Libssh Releases Update to Patch 9 New Security Vulnerabilities
Microsoft Announces Windows Defender ATP Antivirus for Mac
Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices
New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep
New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps
Ransomware Attack Forces Aluminum Manufacturer to Shutdown Systems
Worldwide
Turn Your Windows Computer Into A Hacking Machine
Data breaches rose by 11% last year,
despite increased defense spending |
Information Management
The expanding cyber threat landscape and new business
innovation are leading to an increase in cyber attacks, according
to a new report from the Ponemon Institute and Accenture
Facebook says users' passwords were visible to employees
Maintaining security control in the age of the mobile workforce
Organizations need to make mobile security a priority in 2019
Rise in cyber attacks placing greater focus on incident response
Securing data now means improving identity management
Security tips to help you handle the worst that 2019 has in store
The biggest data breaches and digital security threats of 2019
Understanding the role and need of a data protection officer
Unsecured portal causes breach for nearly 70,000
WiCyS event celebrates opportunities for women in data security field
A Month After 2 Million Customer Cards Sold
Online, Buca di Beppo Parent Admits Breach
— Krebs on Security
In a statement posted to its Web site today, Orlando, Fla. based
hospitality firm Earl Enterprises said a data breach involving malware
installed on its point-of-sale systems allowed cyber thieves
Alleged Child Porn Lord Faces US Extradition
Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years
Man Behind Fatal ‘Swatting’ Gets 20 Years