Curated Daily News for January 20, 2021

Chronicles of a CISO Daily News for January 20, 2021. Today’s 12 newsworthy articles include: Millions of devices hijacked thanks to DNS, Qakbot comes back from holiday break, Understanding CVSS scores, Malwarebytes hit by SolarWinds attackers, and FBI warns of Voice Phishing attacks.

Curated Daily News for January 19, 2021

Chronicles of a CISO Daily News for January 19, 2021. Today’s newsworthy articles include: Microsoft turns on O365 Enforcement Mode by default, Botnet actively going after Linux vulnerabilities, NSA release guidance on Encrypted DNS, Security as Code, and Eliminating unsupported TLS.

Curated Daily News for December 22, 2020

Chronicles of a CISO Daily News for December 22, 2020. Today’s 12 newsworthy articles include: Apple zero-day zero-click used in spy attack, Sunburst DGA/DNS Tunneling, Look-alike domain mitigation, Critical Dell thin client vulnerability, What are Insider Threats, and 3 million users impacted by malicious browser extensions.

Curated Daily News for December 21, 2020

Chronicles of a CISO Daily News for December 21, 2020. Today’s 12 newsworthy articles include: Zero-hour abuse of Google’s App engine attacks Office365 users, A second threat actor has access to SolarWinds, PyMICROPSIA Trojan continues to spread, Second stage Sunburst analysis reveals more victims, and NSA warns of federated local-to-cloud attacks.

Curated Daily News for December 18, 2020

Chronicles of a CISO Daily News for December 18, 2020. Today’s 12 newsworthy articles include: The future of cyberconflicts, The value of fully homomorphic encryption, One step closer to a Quantum internet, 5m WordPress sites under attack, Zombie malware earning big money, and New SocGholish attack framework powers drive-by attacks.

Curated Daily News for December 17, 2020

Chronicles of a CISO Daily News for December 17, 2020. Today’s 12 newsworthy articles include: Massive fraud operation facilitated mobile emulator farms, 65% increase in High-risk vuls during 2020, Security spend increases, but efficacy does not,DoppelPaymer gang harassing those who dont pay, Gifpaste-12 worm grows, and Critical Infra dealing with millions of unpatched IoT devices.

Curated Daily News for December 15, 2020

Chronicles of a CISO Daily News for December 15, 2020. Today’s 12 newsworthy articles include: Botnet attacking Postgre DB’s, New Windows Trojan goes after Outlook, Getting past air-gaps using WiFi, Office365 Fax Attack, and 20 million malware samples released for research.

Curated Daily News for December 14, 2020

Chronicles of a CISO Daily News for December 14, 2020. Today’s 12 newsworthy articles include: Three branches of Identity Governance, Cybersecurity’s New Normal, Pastebin used to spread njRAT, New DNS privacy standard supported by major players, Mountlocker gets an upgrade, and 8 insights from the ISC2 workforce study.

Curated Daily News for December 11, 2020

Chronicles of a CISO Daily News for December 11, 2020. Today’s 12 newsworthy articles include: MoleRats espionage via Facebook, Microsoft exposes Adrozek malware, Facebook doxes APT32, 85k MySQL servers hit with ransomware, The blurry lines between physical and digital security, and the Misery of healthcare ransomware.

Curated Daily News for December 9, 2020

Chronicles of a CISO Daily News for December 9, 2020. Today’s 12 newsworthy articles include: FireEye’s red-team tools compromised, Krebs sues Trump campaign for defamation, D-Link Router critical advisory, Adobe issues warning for macOS users, and Google patches critical Wi-Fi bugs.

Curated Daily News for December 10, 2020

Chronicles of a CISO Daily News for December 10, 2020. Today’s 12 newsworthy articles include: Global cybercrime passes $1 trillion, Spammers up their impersonation game, What does ‘exceeding’ computer authorization really mean, The new era of cyberthreats, and Adobe issues the final Flash update ever.

Curated Daily News for December 8, 2020

Chronicles of a CISO Daily News for December 8, 2020. Today’s 12 newsworthy articles include: Wormable MS Teams bug identified, Quantum computing breakthrough is a warning, Healthcare cybersecurity shortcomings, Targeted awareness training, and Phishing campaign targets 200M O365 accounts.

Curated Daily News for December 7, 2020

Chronicles of a CISO Daily News for December 7, 2020. Today’s 12 newsworthy articles include: Lessons learned from Flash’s demise, Cloudflare’s WAF bypass attack, Understanding BEC/EAC’s, Key OT cybersecurity challenges, A new VMWare SD-WAN attack, and Developing a true path to cybersecurity.

Curated Daily News for December 1, 2020

Chronicles of a CISO Daily News for December 1, 2020. Today’s 12 newsworthy articles include: Planning for Zero Trust, TrickBot sputters back to health, US Supreme Court to review CFAA, Backup strategies during Work-from-home, and WannaCry is making a resurgence.

Curated Daily News for December 4, 2020

Chronicles of a CISO Daily News for December 4, 2020. Today’s 12 newsworthy articles include: Bypassing next-gen endpoint protection, Trickbot gets firmware attack, Securing Kubernetes, 80% of cyber criminals use HTTPS, Targeting the COVID-19 Vaccine Cold Chain, and A new Obfuscation-As-a-Service platform uncovered.

Curated Daily News for December 3, 2020

Chronicles of a CISO Daily News for December 3, 2020. Today’s 12 newsworthy articles include: Notable NIST 800-53 changes, Good IT hygiene wins over silver bullets, The Microsoft privacy backlash, Protecting yourself against multi-platform malware, Deathstalker hiding in plain sight, and The buzz about SASE.

Curated Daily News for December 2, 2020

Chronicles of a CISO Daily News for December 2, 2020. Today’s 12 newsworthy articles include: Oracle WebLogic under active botnet attack, Docker servers targeted by new malware, Wormable Windows RCE, North Korea’s rise to cyber-power, and Preparing for a crisis in 2020 and beyond.

Curated Daily News for November 30, 2020

Chronicles of a CISO Daily News for November 30, 2020. The time to quantum-proof is now, Updating your Remote Access Policy, Drupal releases patch for critical vulnerability, Pay2Key is exploding, and 50k passwords leaked for Fortinet VPN’s.

Curated Daily News for November 25, 2020

Chronicles of a CISO Daily News for November 25, 2020. Today’s 12 newsworthy articles include: Attackers spoofing FBI domain, Critical GIT vulnerability, New Trickbot tricks, Evolving ransomware defense, Stantinko botnet targeting Linux devices, and Navigating the Treasury’s OFAC advisory.

Curated Daily News for November 24, 2020

Chronicles of a CISO Daily News for November 24, 2020. Today’s 12 newsworthy articles include: Imminent RYUK threat for hospitals, More AWS API vulnerabilities, New critical VMware zero-day with no patch, DDoS prep ahead of Black Friday, and TA416 has new PlugX variant.

Curated Daily News for November 23, 2020

Chronicles of a CISO Daily News for November 23, 2020. Today’s 12 newsworthy articles include: New NIST baseline controls, The 2020 ISC2 workforce study results, Digging into Apple-notarized malware, GoDaddy employees tricked into fraud, ESXi critical vulnerabilities, and The efficacy of security tools.

Curated Daily News for November 20, 2020

Chronicles of a CISO Daily News for November 20, 2020. Today’s 12 newsworthy articles include: Maximizing 2021 spend, Managing remote insider threats, The evolution of Emotet, Managing multiple security tools, 2020’s worst password list, and Criminals leveraging Google services.

Curated Daily News for November 19, 2020

Chronicles of a CISO Daily News for November 19, 2020. Today’s 12 newsworthy articles include: Ransomware operators open file storage service for stolen data, Identifying ‘Cobalt Strike’ on your network, Worlds fastest IDS/IPS released, WordPress under massive attacks, and AWS API’s vulnerable to abuse.

Curated Daily News for November 18, 2020

Chronicles of a CISO Daily News for November 18, 2020. Today’s 12 newsworthy articles include: Cisco RCE patched, APT10 implicated in attacks, Vulnerability prioritization top concern, Insecure SMS MFA, Top abused TLD’s, and a Legal view on paying ransom.