Today's Headlines and the latest #cybernews from the desk of the #CISO:

FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks

Hacker steals government ID database for Argentina’s entire population

Suspected Chinese hackers behind attacks on ten Israeli hospitals

A New Variant of FlawedGrace Spreading Through Mass Email Campaigns

State-backed hackers breach telcos with custom malware

 

Story Links:

https://www.bleepingcomputer.com/news/security/fbi-cisa-nsa-share-defense-tips-for-blackmatter-ransomware-attacks/ (https://www.bleepingcomputer.com/news/security/fbi-cisa-nsa-share-defense-tips-for-blackmatter-ransomware-attacks/)

https://therecord.media/hacker-steals-government-id-database-for-argentinas-entire-population/ (https://therecord.media/hacker-steals-government-id-database-for-argentinas-entire-population/)

https://www.bleepingcomputer.com/news/security/suspected-chinese-hackers-behind-attacks-on-ten-israeli-hospitals/ (https://www.bleepingcomputer.com/news/security/suspected-chinese-hackers-behind-attacks-on-ten-israeli-hospitals/)

https://thehackernews.com/2021/10/a-new-variant-of-flawedgrace-spreading.html (https://thehackernews.com/2021/10/a-new-variant-of-flawedgrace-spreading.html)

https://www.bleepingcomputer.com/news/security/state-backed-hackers-breach-telcos-with-custom-malware/ (https://www.bleepingcomputer.com/news/security/state-backed-hackers-breach-telcos-with-custom-malware/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

US links $5.2 billion worth of Bitcoin transactions to ransomware

Over 30 Countries Pledge to Fight Ransomware Attacks in US-led Global Meeting (https://thehackernews.com/2021/10/over-30-countries-pledge-to-fight.html)

Windows 10, iOS 15, Ubuntu, Chrome fall at China’s Tianfu hacking contest

 

Story Links:

https://www.bleepingcomputer.com/news/security/us-links-52-billion-worth-of-bitcoin-transactions-to-ransomware/ (https://www.bleepingcomputer.com/news/security/us-links-52-billion-worth-of-bitcoin-transactions-to-ransomware/)

https://thehackernews.com/2021/10/over-30-countries-pledge-to-fight.html (https://thehackernews.com/2021/10/over-30-countries-pledge-to-fight.html)

https://therecord.media/windows-10-ios-15-ubuntu-chrome-fall-at-chinas-tianfu-hacking-contest/ (https://therecord.media/windows-10-ios-15-ubuntu-chrome-fall-at-chinas-tianfu-hacking-contest/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Apple Confirms iOS 15 Zero-Day Exploitation

Azure customer hit by record DDoS attack in August

GitKraken Vulnerability Prompts Action From GitHub, GitLab, Bitbucket

Iran-linked hackers target US defense tech companies

Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

 

Story Links:

https://www.securityweek.com/gitkraken-vulnerability-prompts-action-github-gitlab-bitbucket (https://www.securityweek.com/gitkraken-vulnerability-prompts-action-github-gitlab-bitbucket)

https://www.securityweek.com/apple-confirms-ios-15-zero-day-exploitation (https://www.securityweek.com/apple-confirms-ios-15-zero-day-exploitation)

https://www.bleepingcomputer.com/news/security/microsoft-iran-linked-hackers-target-us-defense-tech-companies/ (https://www.bleepingcomputer.com/news/security/microsoft-iran-linked-hackers-target-us-defense-tech-companies/)

https://www.bleepingcomputer.com/news/security/microsoft-azure-customer-hit-by-record-ddos-attack-in-august/ (https://www.bleepingcomputer.com/news/security/microsoft-azure-customer-hit-by-record-ddos-attack-in-august/)

https://thehackernews.com/2021/10/digital-signature-spoofing-flaws.html (https://thehackernews.com/2021/10/digital-signature-spoofing-flaws.html)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Google Patches Four Severe Vulnerabilities in Chrome

Amnesty International links cybersecurity firm to spyware operation

Apache Releases Another Patch for Actively Exploited HTTP Server Zero-Day

NSA warns of ALPACA TLS attack, use of wildcard TLS certificates

Attackers Encrypt VMware ESXi Server With Python Ransomware

Google announces new efforts to protect journalists and high-risk users from cyberattacks

 

Story Links:

https://www.securityweek.com/google-patches-four-severe-vulnerabilities-chrome (https://www.securityweek.com/google-patches-four-severe-vulnerabilities-chrome)

https://www.bleepingcomputer.com/news/security/amnesty-international-links-cybersecurity-firm-to-spyware-operation/ (https://www.bleepingcomputer.com/news/security/amnesty-international-links-cybersecurity-firm-to-spyware-operation/)

https://www.securityweek.com/apache-releases-another-patch-actively-exploited-http-server-zero-day (https://www.securityweek.com/apache-releases-another-patch-actively-exploited-http-server-zero-day)

https://therecord.media/nsa-warns-of-alpaca-tls-attack-use-of-wildcard-tls-certificates/ (https://therecord.media/nsa-warns-of-alpaca-tls-attack-use-of-wildcard-tls-certificates/)

https://www.securityweek.com/attackers-encrypt-vmware-esxi-server-python-ransomware (https://www.securityweek.com/attackers-encrypt-vmware-esxi-server-python-ransomware)

https://www.zdnet.com/article/google-announces-new-efforts-to-protect-journalists-and-high-risk-users-from-cyberattacks/ (https://www.zdnet.com/article/google-announces-new-efforts-to-protect-journalists-and-high-risk-users-from-cyberattacks/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

In this episode of Tech Corner we talk with Perry Carpenter on all things around the Psychology of cybersecurity and enter an amazing discussion on a wide range of topics.  

Psychology of Social engineering or deception

Why do threat actors go after humans

Culture vs awareness

Compliance based awareness 

Information dismutation awareness

Shape behavior of awareness - Habits

Culture - collective establishment of norms around habits

Fog Behavior models - culture and break culture into seven different dimensions

Situational awareness in cybersecurity  

Measuring of behaviors - shredding bins - measure the effectiveness of security campaigns

 

Bio:

Perry Carpenter (author of, "Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors" and host of the "8th Layer Insights" podcast) currently serves as Chief Evangelist and Strategy Officer for KnowBe4, the world's most popular security awareness and simulated phishing platform.

Previously, Perry led security awareness, security culture management, and anti-phishing behavior management research at Gartner Research, in addition to covering areas of IAM strategy, CISO Program Management mentoring, and Technology Service Provider success strategies. With a long career as a security professional and researcher, Mr. Carpenter has broad experience in North America and Europe, providing security consulting and advisory services for many of the best-known global brands.

Perry holds a Master of Science in Information Assurance (MSIA) from Norwich University in Vermont and is a Certified Chief Information Security Officer (C|CISO).

 

https://www.linkedin.com/in/perrycarpenter/ (https://www.linkedin.com/in/perrycarpenter/)

 

Tech Corner is supported by these great partners please make sure to check them out:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Massive Twitch hack: Source code and payment reports leaked No credentials or card numbers exposed

Medtronic Recalls Medical Devices Due to Security Risks That Can Lead to Injury, Death

Iranian Hackers Abuse Dropbox in Cyberattacks Against Aerospace and Telecom Firms

European Parliament passes non-binding resolution to ban facial recognition

 

Story Links:

https://www.bleepingcomputer.com/news/security/massive-twitch-hack-source-code-and-payment-reports-leaked/ (https://www.bleepingcomputer.com/news/security/massive-twitch-hack-source-code-and-payment-reports-leaked/)

https://www.securityweek.com/medtronic-recalls-medical-devices-due-security-risks-can-lead-injury-death (https://www.securityweek.com/medtronic-recalls-medical-devices-due-security-risks-can-lead-injury-death)

https://thehackernews.com/2021/10/iranian-hackers-abuse-dropbox-in.html (https://thehackernews.com/2021/10/iranian-hackers-abuse-dropbox-in.html)

https://www.zdnet.com/article/european-parliament-passes-non-binding-resolution-to-ban-facial-recognition/ (https://www.zdnet.com/article/european-parliament-passes-non-binding-resolution-to-ban-facial-recognition/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Apache fixes actively exploited zero-day vulnerability, patch now

Chase Bank Heavily Targeted Via XBALTI Phishing Kit

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Arizona Launches Command Center to Combat Cyberattacks

New Study Links Seemingly Disparate Malware Attacks to Chinese Hackers

 

Story Links:

https://www.bleepingcomputer.com/news/security/apache-fixes-actively-exploited-zero-day-vulnerability-patch-now/ (https://www.bleepingcomputer.com/news/security/apache-fixes-actively-exploited-zero-day-vulnerability-patch-now/)

https://www.securityweek.com/chase-bank-heavily-targeted-xbalti-phishing-kit (https://www.securityweek.com/chase-bank-heavily-targeted-xbalti-phishing-kit)

https://thehackernews.com/2021/10/researchers-discover-uefi-bootkit.html (https://thehackernews.com/2021/10/researchers-discover-uefi-bootkit.html)

https://www.securityweek.com/arizona-launches-command-center-combat-cyberattacks (https://www.securityweek.com/arizona-launches-command-center-combat-cyberattacks)

https://thehackernews.com/2021/10/new-study-links-seemingly-disparate.html (https://thehackernews.com/2021/10/new-study-links-seemingly-disparate.html)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Facebook: Outage caused by faulty routing configuration changes

Expired Let's Encrypt Root Certificate Causes Problems

Largest mobile SMS routing firm discloses five-year-long breach

Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services

Atom Silo ransomware operators target vulnerable Confluence servers

UK plans to invest £5 billion in retaliatory cyber-attacks

Google Patches Over 50 Serious Vulnerabilities in Android

 

Story Links:

https://www.bleepingcomputer.com/news/technology/facebook-outage-caused-by-faulty-routing-configuration-changes/ (https://www.bleepingcomputer.com/news/technology/facebook-outage-caused-by-faulty-routing-configuration-changes/)

https://www.securityweek.com/expired-lets-encrypt-root-certificate-causes-problems-many-companies (https://www.securityweek.com/expired-lets-encrypt-root-certificate-causes-problems-many-companies)

https://www.bleepingcomputer.com/news/security/largest-mobile-sms-routing-firm-discloses-five-year-long-breach/ (https://www.bleepingcomputer.com/news/security/largest-mobile-sms-routing-firm-discloses-five-year-long-breach/)

https://thehackernews.com/2021/10/poorly-configured-apache-airflow.html (https://thehackernews.com/2021/10/poorly-configured-apache-airflow.html)

https://www.zdnet.com/article/atom-silo-ransomware-operators-target-vulnerable-confluence-servers/ (https://www.zdnet.com/article/atom-silo-ransomware-operators-target-vulnerable-confluence-servers/)

https://www.bleepingcomputer.com/news/security/uk-plans-to-invest-5-billion-in-retaliatory-cyber-attacks/ (https://www.bleepingcomputer.com/news/security/uk-plans-to-invest-5-billion-in-retaliatory-cyber-attacks/)

https://www.securityweek.com/google-patches-over-50-serious-vulnerabilities-android (https://www.securityweek.com/google-patches-over-50-serious-vulnerabilities-android)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Hackers rob thousands of Coinbase customers using MFA flaw

US to work with 30 countries to tackle ransomware problem

PoC Exploit Released for macOS Gatekeeper Bypass

Transnational fraud ring stole millions from Army members, veterans

Academics discover hidden layer in China’s Great Firewall

 

Story Links:

https://www.bleepingcomputer.com/news/security/hackers-rob-thousands-of-coinbase-customers-using-mfa-flaw/ (https://www.bleepingcomputer.com/news/security/hackers-rob-thousands-of-coinbase-customers-using-mfa-flaw/)

https://therecord.media/us-to-work-with-30-countries-to-tackle-ransomware-problem/ (https://therecord.media/us-to-work-with-30-countries-to-tackle-ransomware-problem/)

https://www.securityweek.com/poc-exploit-released-macos-gatekeeper-bypass (https://www.securityweek.com/poc-exploit-released-macos-gatekeeper-bypass)

https://www.bleepingcomputer.com/news/security/transnational-fraud-ring-stole-millions-from-army-members-veterans/ (https://www.bleepingcomputer.com/news/security/transnational-fraud-ring-stole-millions-from-army-members-veterans/)

https://therecord.media/academics-discover-hidden-layer-in-chinas-great-firewall/ (https://therecord.media/academics-discover-hidden-layer-in-chinas-great-firewall/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack

Facebook open-sources tool to find Android app security flaws

CISA releases tool to help orgs fend off insider threat risks

Turkish National Charged for DDoS Attack on U.S. Company

As China creates a new narrative for a great society, it is starting by ‘purifying’ its world online

 

Story Links:

https://thehackernews.com/2021/09/new-tomiris-backdoor-found-linked-to.html (https://thehackernews.com/2021/09/new-tomiris-backdoor-found-linked-to.html)

https://www.bleepingcomputer.com/news/security/facebook-open-sources-tool-to-find-android-app-security-flaws/ (https://www.bleepingcomputer.com/news/security/facebook-open-sources-tool-to-find-android-app-security-flaws/)

https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/ (https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/)

https://www.cisa.gov/publication/insider-threat-mitigation-resources (https://www.cisa.gov/publication/insider-threat-mitigation-resources)

https://therecord.media/as-china-creates-a-new-narrative-for-a-great-society-it-is-starting-by-purifying-its-world-online/ (https://therecord.media/as-china-creates-a-new-narrative-for-a-great-society-it-is-starting-by-purifying-its-world-online/)

https://www.securityweek.com/turkish-national-charged-ddos-attack-us-company (https://www.securityweek.com/turkish-national-charged-ddos-attack-us-company)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.