Today's Headlines and the latest #cybernews from the desk of the #CISO:

Realtek SDK Vulnerabilities Exploited in Attacks Days After Disclosure

38 Million Records Exposed from Microsoft Power Apps of Dozens of Organizations

Phishing campaign uses UPS.com XSS vuln to distribute malware

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc

FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020

 

Story Links:

https://www.securityweek.com/realtek-sdk-vulnerabilities-exploited-attacks-days-after-disclosure (https://www.securityweek.com/realtek-sdk-vulnerabilities-exploited-attacks-days-after-disclosure)

https://thehackernews.com/2021/08/38-million-records-exposed-from.html (https://thehackernews.com/2021/08/38-million-records-exposed-from.html)

https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-upscom-xss-vuln-to-distribute-malware/ (https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-upscom-xss-vuln-to-distribute-malware/)

https://thehackernews.com/2021/08/researchers-warn-of-4-new-ransomware.html (https://thehackernews.com/2021/08/researchers-warn-of-4-new-ransomware.html)

https://www.bleepingcomputer.com/news/security/fbi-onepercent-group-ransomware-targeted-us-orgs-since-nov-2020/ (https://www.bleepingcomputer.com/news/security/fbi-onepercent-group-ransomware-targeted-us-orgs-since-nov-2020/)

 

Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST

Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

Attivo Networks: www.attivonetworks.com

****

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-j-azar/ (https://www.linkedin.com/in/james-j-azar/)

James on Parler: @realjamesazar

Telegram: CyberHub Podcast

Locals: https://cyberhubpodcast.locals.com

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.