Today's Headlines and the latest #cybernews from the desk of the #CISO:

Critical Flaw in NSS Cryptographic Library Affects Several Popular Applications

Researches Detail 17 Malicious Frameworks Used to Attack Air-Gapped Networks

Former Ubiquiti employee charged with hacking and extorting company

Emotet now spreads via fake Adobe Windows App Installer packages

80K Retail WooCommerce Sites Exposed by Plugin XSS Bug

 

Story Links:

https://www.securityweek.com/critical-flaw-nss-cryptographic-library-affects-several-popular-applications (https://www.securityweek.com/critical-flaw-nss-cryptographic-library-affects-several-popular-applications)

https://thehackernews.com/2021/12/researches-detail-17-malicious.html (https://thehackernews.com/2021/12/researches-detail-17-malicious.html)

https://therecord.media/former-ubiquiti-employee-charged-with-hacking-and-extorting-company/ (https://therecord.media/former-ubiquiti-employee-charged-with-hacking-and-extorting-company/)

https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/ (https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/)

https://threatpost.com/retail-woocommerce-sites-plugin-xss-bug/176704/ (https://threatpost.com/retail-woocommerce-sites-plugin-xss-bug/176704/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, Other Side of Cyber and CISOs Secrets

James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ (https://www.linkedin.com/in/james-azar-a1655316/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.