15 Bullet Friday – The Best Security News of the Week – 2019.11.01
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Avast, NordVPN Breaches Tied to Phantom User Accounts — Krebs on Security (Krebs on Security, Oct 25 2019) “Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated […]
15 Bullet Friday – The Best Security News of the Week – 2019.10.25
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Avast breached by hackers who wanted to compromise CCleaner again (Help Net Security, Oct 21 2019) Czech security software maker Avast has suffered another malicious intrusion into their networks, but the attackers didn’t accomplish what they apparently wanted: compromise releases of the […]
15 Bullet Friday – The Best Security News of the Week – 2019.10.18
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Attackers exploit an iTunes zeroday to install ransomware (Ars Technica, Oct 10 2019) Apple patches actively exploited flaw that let ransomware crooks evade AV protection. 2. McAfee, IBM join forces for global open source cybersecurity initiative (Tech Republic, Oct 10 2019) IBM, […]
15 Bullet Friday – The Best Security News of the Week – 2019.10.11
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Iranian Hackers Targeted Presidential Campaign, Microsoft Says (The New York Times, Oct 04 2019) Microsoft said in a security report Friday that journalists and other government officials were also targeted. It did not name the campaign. 2. Casbaneiro: Dangerous cooking with a […]
15 Bullet Friday – The Best Security News of the Week – 2019.10.04
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. German Cops Raid “Cyberbunker 2.0,” Arrest 7 in Child Porn, Dark Web Market Sting (Krebs on Security, Sep 28 2019) “German authorities said Friday they’d arrested seven people and were investigating six more in connection with the raid of a Dark Web […]
15 Bullet Friday – The Best Security News of the Week – 2019.09.27
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency (Graham Cluley, Sep 18 2019) the macOS-based malware can steal browser cookies from users’ Google Chrome and Apple Safari browsers. Specifically, cookies associated with the following cryptocurrency exchanges…The cookies are […]
15 Bullet Friday – The Best Security News of the Week – 2019.09.20
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Malware Linked to Ryuk Targets Financial & Military Data (Dark Reading, Sep 13 2019) A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information. 2. Intel: SSH-stealing NetCAT bug not really a problem (Naked Security – Sophos, Sep […]
15 Bullet Friday – The Best Security News of the Week – 2019.09.13
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Cyber-security incident at US power grid entity linked to unpatched firewalls (ZDNet, Sep 09 2019) Hackers used a DoS flaw to reboot firewalls at an electric power grid operator for hours. 2. Cisco Releases Guides for Analyzing Compromised Devices (SecurityWeek, Sep 03 […]
15 Bullet Friday – The Best Security News of the Week – 2019.09.06
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. How Researchers Track Malware (VICE, Aug 29 2019) What is malware, exactly? Well, ultimately just some lines of code. 2. WannaCry Remains No. 1 Ransomware Weapon (Dark Reading, Aug 27 2019) Of all of the ransomware variants spotted targeting victims in the […]
15 Bullet Friday – The Best Security News of the Week – 2019.08.30
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Five strategies to stop Magecart (SC Magazine, Aug 26 2019) The success of these Magecart campaigns comes from attackers picking the weakest link of a web supply chain: infecting third-party code suppliers rather than infecting target companies’ own code. With this methodology, […]