Today's Headlines and the latest #cybernews from the desk of the #CISO:

CISA Warns Organizations of ProxyShell Attacks on Exchange Servers

Cybercrime Group Asking Insiders for Help in Planting Ransomware (https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html)

LockFile ransomware uses PetitPotam attack to hijack Windows domains

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups (https://thehackernews.com/2021/08/shadowpad-malware-is-becoming-favorite.html)

CISA Issues Guidance on Protecting Data From Ransomware

Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps (https://thehackernews.com/2021/08/cloudflare-mitigated-one-of-largest.html)

 

Story Links:

https://www.securityweek.com/cisa-warns-organizations-proxyshell-attacks-exchange-servers (https://www.securityweek.com/cisa-warns-organizations-proxyshell-attacks-exchange-servers)

https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html (https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html)

https://www.bleepingcomputer.com/news/security/lockfile-ransomware-uses-petitpotam-attack-to-hijack-windows-domains/ (https://www.bleepingcomputer.com/news/security/lockfile-ransomware-uses-petitpotam-attack-to-hijack-windows-domains/)

https://thehackernews.com/2021/08/shadowpad-malware-is-becoming-favorite.html (https://thehackernews.com/2021/08/shadowpad-malware-is-becoming-favorite.html)

https://www.securityweek.com/cisa-issues-guidance-protecting-data-ransomware (https://www.securityweek.com/cisa-issues-guidance-protecting-data-ransomware)

https://thehackernews.com/2021/08/cloudflare-mitigated-one-of-largest.html (https://thehackernews.com/2021/08/cloudflare-mitigated-one-of-largest.html)

 

Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST

Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

GitHub Encourages Users to Adopt Two-Factor Authentication

US Census Bureau hacked in January 2020 using Citrix exploit

Liquid cryptocurrency exchange loses $94 million following hack

Iranian APT Hexane Targets Israeli Companies

Citizen Lab finds Apple's China censorship process bleeds into Hong Kong and Taiwan

 

Story Links:

https://www.securityweek.com/report-iranian-apt-hexane-targets-israeli-companies (https://www.securityweek.com/report-iranian-apt-hexane-targets-israeli-companies)

https://www.securityweek.com/github-encourages-users-adopt-two-factor-authentication (https://www.securityweek.com/github-encourages-users-adopt-two-factor-authentication)

https://www.bleepingcomputer.com/news/security/us-census-bureau-hacked-in-january-2020-using-citrix-exploit/ (https://www.bleepingcomputer.com/news/security/us-census-bureau-hacked-in-january-2020-using-citrix-exploit/)

https://www.bleepingcomputer.com/news/security/liquid-cryptocurrency-exchange-loses-94-million-following-hack/ (https://www.bleepingcomputer.com/news/security/liquid-cryptocurrency-exchange-loses-94-million-following-hack/)

https://www.zdnet.com/article/citizen-lab-finds-apples-china-censorship-process-bleeds-into-hong-kong-and-taiwan/ (https://www.zdnet.com/article/citizen-lab-finds-apples-china-censorship-process-bleeds-into-hong-kong-and-taiwan/)

 

Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST

Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Adobe Plugs Critical Photoshop Security Flaws

BadAlloc impacts critical infrastructure using BlackBerry QNX

Unpatched Fortinet Bug Allows Firewall Takeovers

Critical bug impacting millions of IoT devices lets hackers spy on you

Diavol ransomware sample shows stronger connection to TrickBot gang

 

Story Links:

https://www.securityweek.com/adobe-plugs-critical-photoshop-security-flaws (https://www.securityweek.com/adobe-plugs-critical-photoshop-security-flaws)

https://www.bleepingcomputer.com/news/security/cisa-badalloc-impacts-critical-infrastructure-using-blackberry-qnx/ (https://www.bleepingcomputer.com/news/security/cisa-badalloc-impacts-critical-infrastructure-using-blackberry-qnx/)

https://threatpost.com/unpatched-fortinet-bug-firewall-takeovers/168764/ (https://threatpost.com/unpatched-fortinet-bug-firewall-takeovers/168764/)

https://www.bleepingcomputer.com/news/security/critical-bug-impacting-millions-of-iot-devices-lets-hackers-spy-on-you/ (https://www.bleepingcomputer.com/news/security/critical-bug-impacting-millions-of-iot-devices-lets-hackers-spy-on-you/)

https://www.bleepingcomputer.com/news/security/diavol-ransomware-sample-shows-stronger-connection-to-trickbot-gang/ (https://www.bleepingcomputer.com/news/security/diavol-ransomware-sample-shows-stronger-connection-to-trickbot-gang/)

 

Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST

Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

T-Mobile Acknowledges Breach of Customer Data, Launches Probe

Secret terrorist watchlist with 2 million records exposed online

Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks (https://thehackernews.com/2021/08/attackers-can-weaponize-firewalls-and.html)

Devices From Many Vendors Can Be Hacked Remotely Due to Flaws in Realtek SDK

Phishing Costs Nearly Quadrupled Over 6 Years

 

Story Links:

https://www.securityweek.com/t-mobile-acknowledges-breach-customer-data-launches-probe (https://www.securityweek.com/t-mobile-acknowledges-breach-customer-data-launches-probe)

https://www.bleepingcomputer.com/news/security/secret-terrorist-watchlist-with-2-million-records-exposed-online/ (https://www.bleepingcomputer.com/news/security/secret-terrorist-watchlist-with-2-million-records-exposed-online/)

https://thehackernews.com/2021/08/attackers-can-weaponize-firewalls-and.html (https://thehackernews.com/2021/08/attackers-can-weaponize-firewalls-and.html)

https://www.securityweek.com/devices-many-vendors-can-be-hacked-remotely-due-flaws-realtek-sdk (https://www.securityweek.com/devices-many-vendors-can-be-hacked-remotely-due-flaws-realtek-sdk)

https://threatpost.com/phishing-costs-quadrupled/168716/ (https://threatpost.com/phishing-costs-quadrupled/168716/)

 

Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST

Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Hackers Deploying Backdoors on Exchange Servers via ProxyShell Vulnerabilities

Ransomware gang uses PrintNightmare to breach Windows servers

Dozens of STARTTLS Related Flaws Found Affecting Popular Email Clients (https://thehackernews.com/2021/08/dozens-of-starttls-related-flaws-found.html)

Colonial Pipeline reports data breach after May ransomware attack

Hacker Dubbed 'Mr White Hat' to Return Entire Stolen Crypto Fortune

 

Story Links:

https://www.securityweek.com/hackers-deploying-backdoors-exchange-servers-proxyshell-vulnerabilities (https://www.securityweek.com/hackers-deploying-backdoors-exchange-servers-proxyshell-vulnerabilities)

https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-printnightmare-to-breach-windows-servers/ (https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-printnightmare-to-breach-windows-servers/)

https://thehackernews.com/2021/08/dozens-of-starttls-related-flaws-found.html (https://thehackernews.com/2021/08/dozens-of-starttls-related-flaws-found.html)

https://www.bleepingcomputer.com/news/security/colonial-pipeline-reports-data-breach-after-may-ransomware-attack/ (https://www.bleepingcomputer.com/news/security/colonial-pipeline-reports-data-breach-after-may-ransomware-attack/)

https://www.securityweek.com/hacker-dubbed-mr-white-hat-return-entire-stolen-crypto-fortune (https://www.securityweek.com/hacker-dubbed-mr-white-hat-return-entire-stolen-crypto-fortune)

 

Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021 at 11AM EST

Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Reasons why people open emails, the human aspect, and culture Ensuring your people understand their rules and responsibility Technology enhances and change human behavior Research security awareness connected to culture - training doesn’t lead to modified and change culture to your culture Traditional culture enhanced through the security team Traditional company culture through HR & People & Corp Comm How very specific you can get individuals - senses are elevated Slow down humans and distraction - use their awareness to bring up red flags

 

Linkedin: https://www.linkedin.com/in/joannahuisman/ (https://www.linkedin.com/in/joannahuisman/)

 

Bio

Marketing, training, and communications professional with 20+ years experience in strategic, internal, and customer-facing engagements in the financial services/tech industries with added experience in sales, operations, and organizational development. Additional 5+ years experience in cybersecurity awareness and training. High achievers consistently sought out for newly created roles to drive revenue growth through value-added solutions. Thought-provoking people leader with outstanding project management and communication skills.

Tech Corner is supported by these great partners please make sure to check them out:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub)

Attivo Networks: www.attivonetworks.com (http://www.attivonetworks.com)

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com (https://cyberhubpodcast.locals.com)

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (http://bit.ly/cyberhubengage-newsletter)

******

Make sure to subscribe and follow us on your favorite podcast listening platform.

Website: https://www.cyberhubpodcast.com (https://www.cyberhubpodcast.com)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ (https://www.linkedin.com/company/cyberhubpodcast/)

Twitter: https://twitter.com/cyberhubpodcast (https://twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast (https://www.instagram.com/cyberhubpodcast)

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

CISO Talk Podcast: https://linktr.ee/CISOtalk (https://linktr.ee/CISOtalk)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Nine Critical and High-Severity Vulnerabilities Patched in SAP Products

Microsoft Warns of Another Unpatched Windows Print Spooler RCE Vulnerability (https://thehackernews.com/2021/08/microsoft-security-bulletin-warns-of.html)

Intel Patches High-Severity Flaws in NUC 9 Extreme Laptops, Ethernet Linux Drivers

Hackers Return Portion of Record Crypto Heist Haul

23 charged over 'sophisticated' fraud ring

 

Story Links:

https://www.securityweek.com/nine-critical-and-high-severity-vulnerabilities-patched-sap-products (https://www.securityweek.com/nine-critical-and-high-severity-vulnerabilities-patched-sap-products)

https://thehackernews.com/2021/08/microsoft-security-bulletin-warns-of.html (https://thehackernews.com/2021/08/microsoft-security-bulletin-warns-of.html)

https://www.securityweek.com/intel-patches-high-severity-flaws-nuc-9-extreme-laptops-ethernet-linux-drivers (https://www.securityweek.com/intel-patches-high-severity-flaws-nuc-9-extreme-laptops-ethernet-linux-drivers)

https://www.securityweek.com/hackers-return-portion-record-crypto-heist-haul (https://www.securityweek.com/hackers-return-portion-record-crypto-heist-haul)

https://www.zdnet.com/article/business-email-compromise-23-charged-over-sophisticated-fraud-ring/ (https://www.zdnet.com/article/business-email-compromise-23-charged-over-sophisticated-fraud-ring/)

https://www.bleepingcomputer.com/news/security/accenture-confirms-hack-after-lockbit-ransomware-data-leak-threats/ (https://www.bleepingcomputer.com/news/security/accenture-confirms-hack-after-lockbit-ransomware-data-leak-threats/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Microsoft August 2021 Patch Tuesday fixes 3 zero-days, 44 flaws

Adobe Warns of Critical Flaws in Magento, Connect

Bugs in Managed DNS Services Cloud Let Attackers Spy On DNS Traffic (https://thehackernews.com/2021/08/bugs-in-managed-dns-services-cloud-let.html)

Hackers Steal Over $600 Million Worth of Cryptocurrencies from Poly Network (https://thehackernews.com/2021/08/hacker-steal-over-600-million-worth-of.html)

Companies Still Exposing Sensitive Data via Known Salesforce Misconfiguration

 

Story Links:

https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2021-patch-tuesday-fixes-3-zero-days-44-flaws/ (https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2021-patch-tuesday-fixes-3-zero-days-44-flaws/)

https://www.securityweek.com/adobe-warns-critical-flaws-magento-connect (https://www.securityweek.com/adobe-warns-critical-flaws-magento-connect)

https://thehackernews.com/2021/08/bugs-in-managed-dns-services-cloud-let.html (https://thehackernews.com/2021/08/bugs-in-managed-dns-services-cloud-let.html)

https://thehackernews.com/2021/08/hacker-steal-over-600-million-worth-of.html (https://thehackernews.com/2021/08/hacker-steal-over-600-million-worth-of.html)

https://www.securityweek.com/companies-still-exposing-sensitive-data-known-salesforce-misconfiguration (https://www.securityweek.com/companies-still-exposing-sensitive-data-known-salesforce-misconfiguration)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Actively exploited bug bypasses authentication on millions of routers

A Critical Random Number Generator Flaw Affects Billions of IoT Devices (https://thehackernews.com/2021/08/a-critical-random-number-generator-flaw.html)

Android Trojan hits 140 countries, 10,000 victims through social media hijacking

Chinese cyber spies targeted Israel posing as Iranian hackers

 

Story Links:

https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/ (https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/)

https://thehackernews.com/2021/08/a-critical-random-number-generator-flaw.html (https://thehackernews.com/2021/08/a-critical-random-number-generator-flaw.html)

https://www.zdnet.com/article/android-trojan-hits-140-countries-10000-victims-through-social-media-hijacking/ (https://www.zdnet.com/article/android-trojan-hits-140-countries-10000-victims-through-social-media-hijacking/)

https://therecord.media/chinese-cyber-spies-targeted-israel-posing-as-iranian-hackers/ (https://therecord.media/chinese-cyber-spies-targeted-israel-posing-as-iranian-hackers/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now

VMware Patches Severe Vulnerability in Workspace ONE Access, Identity Manager

Windows PetitPotam vulnerability gets an unofficial free patch

Pulse Secure VPNs Get New Urgent Update for Poorly Patched Critical Flaw (https://thehackernews.com/2021/08/pulse-secure-vpns-get-new-urgent-update.html)

Apple Revives Encryption Debate With Move on Child Exploitation

 

Story Links:

https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/ (https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/)

https://www.securityweek.com/vmware-patches-severe-vulnerability-workspace-one-access-identity-manager (https://www.securityweek.com/vmware-patches-severe-vulnerability-workspace-one-access-identity-manager)

https://www.bleepingcomputer.com/news/microsoft/windows-petitpotam-vulnerability-gets-an-unofficial-free-patch/ (https://www.bleepingcomputer.com/news/microsoft/windows-petitpotam-vulnerability-gets-an-unofficial-free-patch/)

https://thehackernews.com/2021/08/pulse-secure-vpns-get-new-urgent-update.html (https://thehackernews.com/2021/08/pulse-secure-vpns-get-new-urgent-update.html)

https://www.securityweek.com/apple-revives-encryption-debate-move-child-exploitation (https://www.securityweek.com/apple-revives-encryption-debate-move-child-exploitation)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.