El Diario del CISO El Diario del CISO (The CISO Journal) Edición 9 | Page 8

News1.1
EL DIARIO DEL CISO
(THE CISO JOURNAL)
Thinking and Working for a
Digital Security Leader
Unprotected MongoDB Database
Exposes Over 275 Million Personal
Records | Cyware Hacker News 190,000 Accounts in Docker Hub
Database May Have Been Exposed -
Security Now
An unprotected MongoDB database exposed over 275
Million personal records. Potentially poisoned images could be distributed
without the distributors realizing that this is occurring.
Airbnb user accounts allegedly hacked; previous bookings canceled and new
bookings made
Amazon Hit With Extensive Fraud Campaign Impacting Hundreds Of Seller
Accounts
Attackers delete GitHub, GitLab, and Bitbucket repositories and replace with
ransom notes
Baltimore City Hall and Potter County hit with ransomware attacks
Chinese threat actor group APT3 used NSA-linked tools to target organizations,
says new report
Cyware Weekly Threat Intelligence, May 06-10, 2019
Freedom Mobile exposed almost 5 million customer records due to a
misconfigured database
Hackers stole over $41 million from Binance cryptocurrency exchange
Iranian cyber espionage operations exposed via Telegram channels and Dark
Web websites
Mirrorthief cybercrime group targets online campus stores in the US and Canada
with card skimming malware
Scammers are adopting cloud services such as AWS, Azure, Alibaba, and Google
Docs to trick victims
Turla threat actor group hijacks Microsoft Exchange mail server using
sophisticated LightNeuron backdoor
Unprotected database belonging to Burger King exposes 37,900 records of Kool
King Shop customers MegaCortex' Ransomware Hunts 'Big Game' Enterprise
Cybercrime Study Finds Increasing Costs as Well as Changing Targets & Methods
Enterprise Resilience: It's the Ecosystem, Stupid
Quabot Trojan Evolves to Become Harder to Detect & Remove
Airbnb Superhost Secretly Recorded
Guests with Hidden Bedroom Camera Small businesses spent £13.6 billion
recovering from cyber crime in 2018 -
IT Governance Blog
The incident is only the latest in a string of disturbing
horror stories of guests finding live, recording cameras
hidden in their Airbnb flats.
Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak
FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug
Google Patches Critical Remote Code-Execution Flaws in Android
Lax Telco Security Allows Mobile Phone Hijacking and Redirects
Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig
The WannaCry Security Legacy and What’s to Come
Security Workforce 2019: Closing the Gap Builds a Bridge to the Future
Serverless Computing: A New World of Security Risks
Shadow IT & Unsecured Data Still Rampant Within the Digital Workplace
Top 5 Cyber Security Breaches of 2019
So Far
Each Friday, Cyber Security Hub scours the internet to
provide readers with a notable ‘incident of the week
4 Ways To Defend The Enterprise From Nation-State Attacks
Cyber Security Cross Over: What To Expect When Making That
Transition
How To Measure Cyber Risk On Your Digital Assets
Incident Of The Week: Impact Of Docker Security Breach
Risk Management At The Forefront Of Tech Enterprises
The Economic Side Of Cyber Security Risk Management
One in three UK companies fell victim to cyber attacks in
2018, with the majority of the damage occurring in
small businesses, according to a report by Beaming
Cyber criminals conned holidaymakers out of £7 million in 2018
Different types of cyber attacks
IT Governance Free Downloadable Green Papers
List of data breaches and cyber attacks in April 2019 – 1.34 billion records leaked
Survey reveals just how bad the UK is at creating passwords
Top 5 ways to get more women in
your workforce New MegaCortex Ransomware Targets
Corporate Networks | SecureReading
Creating a more diverse workforce can have many
benefits for tech companies. Tom Merritt shares five
tips for getting women interested in applying. Security researchers have discovered a new ransomware
called MegaCortex targeting corporate networks.
10 warning signs you're about to get fired or laid off
Communication breakdown: 10 tips to get users to listen to IT
The 10 highest-paying cybersecurity jobs
Why marketing teams are critical to successful cybersecurity efforts
Why older employees are less likely to get tricked by phishing attacks
Critical Flaw Discovered in Kaspersky Antivirus Engine that Allows Arbitrary Code
Execution
Critical Flaw discovered in SQLite allowing Remote Code Execution
Critical Flaws Discovered in Sierra Wireless AirLink Routers
Hackers Discovered Exploiting Microsoft Sharepoint RCE Flaw in the Wild
Hackers Stole over $41 Million worth Bitcoins from Binance Cryptocurrency
Exchange
Why IT departments miss basic IT
security hygiene What’s Behind the Wolters Kluwer Tax
Outage? — Krebs on Security
IT departments are failing to patch security holes in
software because of a disconnect between security and
operations teams, survey finds. Early in the afternoon on Friday, May, 3, I asked a friend
to relay a message to his security contact at CCH, the
cloud-based tax division of the global information
services firm Wolters Kluwer
Businesses unprepared for cyber breaches
Cyber criminals targeting C-suite, DBIR shows
Police down two dark web markets
Using simulated disaster management to tackle the security skills gap
Nine Charged in Alleged SIM Swapping Ring
Data: E-Retail Hacks More Lucrative Than Ever
Feds Bust Up Dark Web Hub Wall Street Market