Today's Headlines and the latest #cybernews from the desk of the #CISO:

Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns

FinSpy Surveillance Spyware Fitted With UEFI Bootkit

Suspected Chinese state-linked threat actors infiltrated major Afghan telecom provider

NSA, CISA share VPN security tips to defend against hackers

Russia Detains Head of Cybersecurity Group on Treason Charges

 

Story Links:

https://thehackernews.com/2021/09/atlassian-confluence-rce-flaw-abused-in.html (https://thehackernews.com/2021/09/atlassian-confluence-rce-flaw-abused-in.html)

https://www.securityweek.com/finspy-surveillance-spyware-fitted-uefi-bootkit (https://www.securityweek.com/finspy-surveillance-spyware-fitted-uefi-bootkit)

https://therecord.media/suspected-chinese-state-linked-threat-actors-infiltrated-major-afghan-telecom-provider/ (https://therecord.media/suspected-chinese-state-linked-threat-actors-infiltrated-major-afghan-telecom-provider/)

https://www.bleepingcomputer.com/news/security/nsa-cisa-share-vpn-security-tips-to-defend-against-hackers-edited/ (https://www.bleepingcomputer.com/news/security/nsa-cisa-share-vpn-security-tips-to-defend-against-hackers-edited/)

https://www.securityweek.com/russia-detains-head-cybersecurity-group-treason-charges (https://www.securityweek.com/russia-detains-head-cybersecurity-group-treason-charges)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Quad Nations Commit to Fostering a Secure Technology Ecosystem

Frustrated Researcher Discloses Three Unpatched iOS Vulnerabilities

Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers (https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html)

FCC details $1.9 billion program to rip out Huawei and ZTE gear in the US

Ethereum dev admits to helping North Korea evade crypto sanctions

 

Story Links:

https://www.securityweek.com/frustrated-researcher-discloses-three-unpatched-ios-vulnerabilities (https://www.securityweek.com/frustrated-researcher-discloses-three-unpatched-ios-vulnerabilities)

https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html (https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html)

https://www.zdnet.com/article/fcc-details-1-9-billion-program-to-rip-out-huawei-and-zte-gear-in-the-us/ (https://www.zdnet.com/article/fcc-details-1-9-billion-program-to-rip-out-huawei-and-zte-gear-in-the-us/)

https://www.bleepingcomputer.com/news/security/ethereum-dev-admits-to-helping-north-korea-evade-crypto-sanctions/ (https://www.bleepingcomputer.com/news/security/ethereum-dev-admits-to-helping-north-korea-evade-crypto-sanctions/)

https://www.securityweek.com/quad-nations-commit-fostering-secure-technology-ecosystem (https://www.securityweek.com/quad-nations-commit-fostering-secure-technology-ecosystem)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

VMware Confirms In-the-Wild Exploitation of vCenter Server Vulnerability

New Android Malware Steals Financial Data from 378 Banking and Wallet Apps (https://thehackernews.com/2021/09/new-android-malware-steals-financial.html)

Chrome 94 Update Patches Actively Exploited Zero-Day Vulnerability

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices (https://thehackernews.com/2021/09/sonicwall-issues-patches-for-new.html)

Threat Actor Targets Indian Government With Commercial RATs

 

Story Links:

https://www.securityweek.com/vmware-confirms-wild-exploitation-vcenter-server-vulnerability (https://www.securityweek.com/vmware-confirms-wild-exploitation-vcenter-server-vulnerability)

https://thehackernews.com/2021/09/new-android-malware-steals-financial.html (https://thehackernews.com/2021/09/new-android-malware-steals-financial.html)

https://www.securityweek.com/chrome-94-update-patches-actively-exploited-zero-day-vulnerability (https://www.securityweek.com/chrome-94-update-patches-actively-exploited-zero-day-vulnerability)

https://thehackernews.com/2021/09/sonicwall-issues-patches-for-new.html (https://thehackernews.com/2021/09/sonicwall-issues-patches-for-new.html)

https://www.securityweek.com/threat-actor-targets-indian-government-commercial-rats (https://www.securityweek.com/threat-actor-targets-indian-government-commercial-rats)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Attacks on Russian Government Orgs Exploit Recent Microsoft Office Zero-Day

U.S. Issues Conti Alert as Second Farming Cooperative Hit by Ransomware

A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit (https://thehackernews.com/2021/09/a-new-bug-in-microsoft-windows-could.html)

New Android Malware Targeting US, Canadian Users with COVID-19 Lures (https://thehackernews.com/2021/09/new-android-malware-targeting-us.html)

Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

 

Story Links:

https://www.securityweek.com/attacks-russian-government-orgs-exploit-recent-microsoft-office-zero-day (https://www.securityweek.com/attacks-russian-government-orgs-exploit-recent-microsoft-office-zero-day)

https://www.securityweek.com/us-issues-conti-alert-second-farming-cooperative-hit-ransomware (https://www.securityweek.com/us-issues-conti-alert-second-farming-cooperative-hit-ransomware)

https://thehackernews.com/2021/09/a-new-bug-in-microsoft-windows-could.html (https://thehackernews.com/2021/09/a-new-bug-in-microsoft-windows-could.html)

https://thehackernews.com/2021/09/new-android-malware-targeting-us.html (https://thehackernews.com/2021/09/new-android-malware-targeting-us.html)

https://www.bleepingcomputer.com/news/security/hackers-are-scanning-for-vmware-cve-2021-22005-targets-patch-now/ (https://www.bleepingcomputer.com/news/security/hackers-are-scanning-for-vmware-cve-2021-22005-targets-patch-now/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

VMware Calls Attention to High-Severity vCenter Server Flaw

Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation (https://thehackernews.com/2021/09/microsoft-warns-of-wide-scale-phishing.html)

US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs (https://thehackernews.com/2021/09/us-sanctions-cryptocurrency-exchange.html)

New macOS zero-day bug lets attackers run commands remotely

High-Severity RCE Flaw Disclosed in Several Netgear Router Models (https://thehackernews.com/2021/09/high-severity-rce-flaw-disclosed-in.html)

Democracy advocate finds internet freedom has declined globally for 11th consecutive year

 

Story Links:

https://www.securityweek.com/vmware-calls-attention-high-severity-vcenter-server-flaw (https://www.securityweek.com/vmware-calls-attention-high-severity-vcenter-server-flaw)

https://thehackernews.com/2021/09/microsoft-warns-of-wide-scale-phishing.html (https://thehackernews.com/2021/09/microsoft-warns-of-wide-scale-phishing.html)

https://thehackernews.com/2021/09/us-sanctions-cryptocurrency-exchange.html (https://thehackernews.com/2021/09/us-sanctions-cryptocurrency-exchange.html)

https://www.bleepingcomputer.com/news/apple/new-macos-zero-day-bug-lets-attackers-run-commands-remotely/ (https://www.bleepingcomputer.com/news/apple/new-macos-zero-day-bug-lets-attackers-run-commands-remotely/)

https://thehackernews.com/2021/09/high-severity-rce-flaw-disclosed-in.html (https://thehackernews.com/2021/09/high-severity-rce-flaw-disclosed-in.html)

https://www.zdnet.com/article/democracy-advocate-finds-internet-freedom-has-declined-globally-for-11th-consecutive-year/ (https://www.zdnet.com/article/democracy-advocate-finds-internet-freedom-has-declined-globally-for-11th-consecutive-year/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/) Use code ATP50 for 50% off right now!

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Attacks Targeting OMIGOD Vulnerability Ramping Up

New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin (https://thehackernews.com/2021/09/new-capoae-malware-infiltrates.html)

BlackMatter strikes twice in a row! Ransomware Group on the raise!

 

Story Links:

https://www.securityweek.com/attacks-targeting-omigod-vulnerability-ramping (https://www.securityweek.com/attacks-targeting-omigod-vulnerability-ramping)

https://thehackernews.com/2021/09/new-capoae-malware-infiltrates.html (https://thehackernews.com/2021/09/new-capoae-malware-infiltrates.html)

https://www.bleepingcomputer.com/news/security/us-farmer-cooperative-hit-by-59m-blackmatter-ransomware-attack/ (https://www.bleepingcomputer.com/news/security/us-farmer-cooperative-hit-by-59m-blackmatter-ransomware-attack/)

https://www.bleepingcomputer.com/news/security/marketron-marketing-services-hit-by-blackmatter-ransomware/ (https://www.bleepingcomputer.com/news/security/marketron-marketing-services-hit-by-blackmatter-ransomware/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Mirai Botnet Starts Exploiting OMIGOD Flaw as Microsoft Issues More Guidance

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years (https://thehackernews.com/2021/09/malware-attack-on-aviation-sector.html)

AMD Chipset Driver Vulnerability Can Allow Hackers to Obtain Sensitive Data

Europol Busts Major Cybercrime Ring, Arrests Over 100 Online Fraudsters (https://thehackernews.com/2021/09/europol-busts-major-cybercrime-ring.html)

Ongoing Phishing Campaign Targets APAC, EMEA Governments

 

Story Links:

https://www.securityweek.com/mirai-botnet-starts-exploiting-omigod-flaw-microsoft-issues-more-guidance (https://www.securityweek.com/mirai-botnet-starts-exploiting-omigod-flaw-microsoft-issues-more-guidance)

https://thehackernews.com/2021/09/malware-attack-on-aviation-sector.html (https://thehackernews.com/2021/09/malware-attack-on-aviation-sector.html)

https://www.securityweek.com/amd-chipset-driver-vulnerability-can-allow-hackers-obtain-sensitive-data (https://www.securityweek.com/amd-chipset-driver-vulnerability-can-allow-hackers-obtain-sensitive-data)

https://thehackernews.com/2021/09/europol-busts-major-cybercrime-ring.html (https://thehackernews.com/2021/09/europol-busts-major-cybercrime-ring.html)

https://www.securityweek.com/ongoing-phishing-campaign-targets-apac-emea-governments (https://www.securityweek.com/ongoing-phishing-campaign-targets-apac-emea-governments)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws, including PrintNightmare   

OMIGOD: Azure users running Linux VMs need to update now

SAP Patches Critical Vulnerabilities With September 2021 Security Updates

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager

Travis CI Flaw Exposed Secrets From Public Repositories

 

Story Links:

https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2021-patch-tuesday-fixes-2-zero-days-60-flaws/ (https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2021-patch-tuesday-fixes-2-zero-days-60-flaws/)

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-remaining-windows-printnightmare-vulnerabilities/ (https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-remaining-windows-printnightmare-vulnerabilities/)

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-cve-2021-40444-mshtml-zero-day-bug/ (https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-cve-2021-40444-mshtml-zero-day-bug/)

https://www.zdnet.com/article/omigod-azure-users-running-linux-vms-need-to-update-now/ (https://www.zdnet.com/article/omigod-azure-users-running-linux-vms-need-to-update-now/)

https://www.securityweek.com/sap-patches-critical-vulnerabilities-september-2021-security-updates (https://www.securityweek.com/sap-patches-critical-vulnerabilities-september-2021-security-updates)

https://threatpost.com/adobe-bugs-acrobat-experience-manager/169467/ (https://threatpost.com/adobe-bugs-acrobat-experience-manager/169467/)

https://www.databreachtoday.com/travis-ci-flaw-exposed-secrets-from-public-repositories-a-17535 (https://www.databreachtoday.com/travis-ci-flaw-exposed-secrets-from-public-repositories-a-17535)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Google patches 10th Chrome zero-day exploited in the wild this year

HP OMEN Gaming Hub Flaw Affects Millions of Windows Computers

Apple fixes iOS zero-day used to deploy NSO iPhone spyware

Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide

Belarus, Ukraine Saw Largest Increase in ICS Attacks During H1 2021

OWASP Top 10 ranking has a new leader after ten years

 

Story Links:

https://www.bleepingcomputer.com/news/google/google-patches-10th-chrome-zero-day-exploited-in-the-wild-this-year/ (https://www.bleepingcomputer.com/news/google/google-patches-10th-chrome-zero-day-exploited-in-the-wild-this-year/)

https://thehackernews.com/2021/09/hp-omen-gaming-hub-flaw-affects.html (https://thehackernews.com/2021/09/hp-omen-gaming-hub-flaw-affects.html)

https://www.bleepingcomputer.com/news/apple/apple-fixes-ios-zero-day-used-to-deploy-nso-iphone-spyware/ (https://www.bleepingcomputer.com/news/apple/apple-fixes-ios-zero-day-used-to-deploy-nso-iphone-spyware/)

https://thehackernews.com/2021/09/linux-implementation-of-cobalt-strike.html (https://thehackernews.com/2021/09/linux-implementation-of-cobalt-strike.html)

https://www.securityweek.com/belarus-ukraine-saw-largest-increase-ics-attacks-during-h1-2021-kaspersky (https://www.securityweek.com/belarus-ukraine-saw-largest-increase-ics-attacks-during-h1-2021-kaspersky)

https://therecord.media/owasp-top-10-ranking-has-a-new-leader-after-ten-years/ (https://therecord.media/owasp-top-10-ranking-has-a-new-leader-after-ten-years/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Microsoft fixes bug letting hackers take over Azure containers

GitHub finds 7 code execution vulnerabilities in 'tar' and npm CLI

Cisco Patches High-Severity Security Flaws in IOS XR

Hackers stole Puma source code, no customer data, company says

Indonesian intelligence agency compromised in suspected Chinese hack

 

Story Links:

https://www.bleepingcomputer.com/news/security/microsoft-fixes-bug-letting-hackers-take-over-azure-containers/ (https://www.bleepingcomputer.com/news/security/microsoft-fixes-bug-letting-hackers-take-over-azure-containers/)

https://www.bleepingcomputer.com/news/security/github-finds-7-code-execution-vulnerabilities-in-tar-and-npm-cli/ (https://www.bleepingcomputer.com/news/security/github-finds-7-code-execution-vulnerabilities-in-tar-and-npm-cli/)

https://www.securityweek.com/cisco-patches-high-severity-security-flaws-ios-xr (https://www.securityweek.com/cisco-patches-high-severity-security-flaws-ios-xr)

https://therecord.media/hackers-stole-puma-source-code-no-customer-data-company-says/ (https://therecord.media/hackers-stole-puma-source-code-no-customer-data-company-says/)

https://therecord.media/indonesian-intelligence-agency-compromised-in-suspected-chinese-hack/ (https://therecord.media/indonesian-intelligence-agency-compromised-in-suspected-chinese-hack/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com (https://www.cyberweekgeorgia.com/)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.