Monday 7/15
Shopping On Amazon Prime Day? Keep An Eye Out For Phishing Scams
Cybersecurity firm McAfee reported that a popular phishing kit, called 16Shop, has recently turned its attention to Amazon. While the kit has been designed to scam Apple customers, a modified version is now targeting Amazon shoppers just in time for one of the biggest shopping days of the year.
http://bit.ly/2XNvmfi
Citrix SD-WAN takes the fast path to the cloud
Citrix SD-WAN 11.0 is coming soon with new features for Microsoft, Palo Alto Networks, and Google Cloud deployments. SD-WAN 11.0 will combine application experience, security, and cloud choice with automation.
http://bit.ly/30zeBWM
Stealthy TrickBot Malware Has Compromised 250 Million Email Accounts And Is Still Going Strong
At its core, TrickBot is a banking Trojan. The malware is typically distributed via spearphishing emails -- like bogus resumes sent to human resources or invoices sent to accounts staff. Those are typically attached in the form of weaponized Microsoft Word or Excel files.
http://bit.ly/2XOxKlX
Tuesday 7/16
FireEye Wins ‘Best Security Company of the Year’ Award
FireEye, Inc., the intelligence-led security company, announced that it has won the award for Best Security Company of the Year (more than 150 staff) at the 2019 Cyber Security Awards.
https://bwnews.pr/2JBNyVm
Attackers can exploit media files on WhatsApp and Telegram accounts: Symantec
Symantec stated the security flaw, dubbed Media File Jacking, affect WhatsApp for Android by default, and Telegram for Android if certain features are enabled. The flaw, if exploited, allows the attackers misuse and manipulate sensitive information like personal photos and videos, corporate documents, invoices, and voice memos.
http://bit.ly/32rC8uA
Wednesday 7/17
How to Secure SharePoint
As SharePoint continues to grow, one of the largest areas of concern is around the security of the platform. A well designed, maintained, and governed SharePoint farm is usually a very safe environment, but often the data governance and data access plans are not executed in full, leaving gaps in the overall SharePoint security model.
http://bit.ly/30Cf7mU
Bluetooth exploit can track and identify iOS, Microsoft mobile device users
The vulnerability can be used to spy on users despite native OS protections that are in place and impacts Bluetooth devices on Windows 10, iOS, and macOS machines. This includes iPhones, iPads, Apple Watch models, MacBooks, and Microsoft tablets & laptops.
https://zd.net/2LVUpdH
Symantec intros CloudSOC Mirror Gateway for enterprise cloud access security
New integrations in CloudSOC CASB Gateway allow for granular policy controls throughout a cloud session using adaptive multi-factor authentication via Symantec VIP or solutions from Symantec TIPP partner Okta.
https://zd.net/2NUZ5TB
Thursday 7/18
Malware framework creates one billion fake Google Adsense ad impressions in only a few months
The malicious extension will draw upon a number of different resources depending on which browser is in use. Adverts will be injected into browser sessions or scripts will generate traffic in the background without the knowledge of the victim.
https://zd.net/2JCwtug
Another 2.2 million patients affecyted by AMCA data breach
Clinical Pathology Laboratories (CPL) says 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information stolen in the previously reported breach.
https://tcrn.ch/2XQg4eC
Friday 7/19
Cryptojacking: The growing malware menace
Cryptojackers typically use the same methods and toolkits as other viruses, malware and other attacks in order to gain access to a corporate network: phishing and other spam email, web malware, malicious URLs, digital advertising networks, and the like.
http://bit.ly/2SpMN4c
Sprint Breach Via Samsung Website Exposes Customer Data
Information such as customers’ account Personal Identification Numbers (PINs) may have been compromised, however credit card and social security numbers are encrypted and were not compromised.
http://bit.ly/2Gkehn7
AI, quantum computing and 5G could make criminals more dangerous than ever, warn police
Artificial intelligence, quantum computing, 5G and the rise of the Internet of Things are just some of the emerging technologies that could aid cybercriminals in ways that could make them more dangerous than ever.
https://zd.net/2JEdlfm
Microsoft to explore using Rust
Memory-safe languages, such as Rust, are designed from the ground up with protections against memory corruption vulnerabilities, such as buffer overflows, race conditions, memory leaks, use-after free and memory pointer-related bugs.
https://zd.net/2LuArau