National Cyber Warfare Foundation (NCWF) Blue Team (CND) cybersecurity industry news, cyber warfare, collaboration, chat, forums, threat intellignce, known hacking entities, CVEs, ncwf en-us Biden’s DHS nominee Mayorkas offers hope of stability, resilience DEF CON 28 Safe Mode Voting Village – Panel: The Feds On Election Security Baidu Android apps removed from Play Store because caught collecting user details CISA Warns of Holiday Online Shopping Scams FireEye Acquires Respond Software to Advance Cybersecurity AI US Proposes Funding to Clear Risk Assessment Backlog Acronis Cyber Protection Gains Vulnerability Assessment Software Tool Pakistan-China hackers threat India; Singapore based cyber-intel firm provides alarming details - Times Now Research: Extended Detection and Response (XDR) Security Adoption Accelerates Popular apps leak data that adversaries could use to spy on targets How to use the Google One VPN on Android MDR Provider Pondurance Hires Program Director, Chief Strategy Officer Home Depot to pay states $17.5 million over massive 2014 data breach Cyber-attacks Reported on Three US Healthcare Providers XKCD ‘Unread’ DEF CON 28 Safe Mode Voting Village – BiaSciLab’s ‘Don’t Go Postal’ FinTech Threat: The Malicious Insider A new Stantinko Bot masqueraded as httpd targeting Linux servers Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues Zero Day: cPanel & WHM Vulnerability Baidu Android apps caught leaking sensitive data from devices ABCs of UEBA: R is for Risk Reimagine your organization s approach to in-office infrastructure Printers' Cybersecurity Threats Too Often Ignored Security Intelligence Handbook Chapter 3: The Security Intelligence Lifecycle Smart (and simple) ways to prevent symlink attacks in Go Organizations Should Use Psychology to Promote Secure Behavior Among Staff How Many Phishing Sites? Over 2 Million in 2020 (so far) CyberheistNews Vol 10 #48 [Scam of the Week] Black Friday & Cyber Monday Top 10 Cybersecurity Tips 3 simple ways to drastically reduce Active Directory administration costs [E-book] Multi-cloud adoption grew by 70% year over year How to maximize traffic visibility with virtual firewalls New Partnerships Boost OT IoT Security Across Digital Environments Podcast Episode 12 Advocating for Hackers with Chloe Messdaghi UK bill proposes stiff fines for companies that violate Huawei ban Robotic vacuum cleaners could be hacked to spy on you Advanced Tips on Managing Multi-Account Setup on AWS with Terraform Tesla Hacked and Stolen Again Using Key Fob Sumo Logic Research: Multi-Cloud Security Findings 10 Takeaways from Datto s Global State of the Channel Ransomware Report Managed Security Services Provider (MSSP) News: 24 November 2020 #BlackFriday: 84% of Consumers Willing to Risk Personal Data in Search of Bargains Fake Minecraft mods installed on over one million Android devices Experts Commenting On Hacker Posts Exploits For Over 49000 Vulnerable Fortinet VPNs - ISBuzz News Smart Doorbells Are Wide Open to Security Flaws New US IoT law aims to improve edge device security TikTok Patches Bugs Enabling One-Click Account Takeover Crooks social-engineered GoDaddy staff to take over crypto-biz domains Natalia Calvo’s talk – How children build a trust model of a social robot in the first encounter? Critical Unpatched VMware Flaw Affects Multiple Corporates Products Ransomware gangs hunt for tax software to ratchet up pressure on victims As 'Anywhere Work' Evolves, Security Will Be Key Challenge Suspected Chinese hackers impersonate Catholic news outlets to gather intel about Vatican diplomacy - CyberScoop Solving Garbage with Radare2 VMware discloses critical zero-day CVE-2020-4006 in Workspace One Evidence-Based Trust Gets Black Hat Europe Spotlight Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending DEF CON 28 Safe Mode Voting Village – Harri Hursti’s ‘Day 2 Opening Remarks’ The Joy of Tech ‘The Crush’ Manchester United versus a “sophisticated” cyber attack Biden s DHS pick was a quick study of cybersecurity issues as the department s deputy CyberArk Partners with Forescout, Phosphorous for IoT Security What To Do When an Admin is Compromised This parchment paper TikTok hack will make baking holiday cookies so much easier - ABC News Stencils and Sketch Books A 2019 Visionary in Access Management Is Now a 2020 Leader Palo Alto Networks Surfaces AWS API Vulnerabilities CyberArk, Forescout and Phosphorus team to automate IoT device integration and lockdown Customer Corner: Defending Connected Transportation From Today s Cybersecurity Threats Seven Debunked Myths of Cybersecurity Computer Security and Data Privacy, the perfect alliance Organizations look ahead to 2021 return to office, refocus on hybrid security Visualizing program structure characteristics for 12 million lines of code The COVID-19 Vaccine: The Next Wave of Coronavirus Phishing Emails & What You Can Do About It DEF CON 28 Safe Mode Voting Village Village -Steve Newell’s ‘Leveraging Electronic Balloting Options In COVID’ 'Smart' doorbells for sale on Amazon, eBay came stocked with security vulnerabilities Vulnerability Summary for the Week of November 16, 2020 Cyber is as Much Psychology as it is Technology Versatile building blocks make structures with surprising mechanical properties Facebook fixes Messenger bug that allowed Android users to spy on each other More on the Security of the 2020 US Election Axis Security Chosen 2020 Red Herring Top 100 North America Winner CISA and the Chemical Sector Coordinating Council (SCC) to host Chemical Security Summit Twitter Hires a Hacker, Leidos Looking for Thousands, and CMMC Countdown Creates Jobs - ClearanceJobs Facebook Messenger bug allowed Android users to spy on each other 3 Steps CISOs Can Take to Convey Strategy for Budget Presentations 6 ways to use analytics to deliver an exceptional end-user experience: Part 2 A Fifth of Consumers Affected by Identity Fraud in 2020 Iowa City hospital suffers phishing attack Covid-19 vaccine: State-sponsored hackers accused of trying to steal vaccine secrets - iNews #COVID19 Drives Massive Multi-Cloud Adoption Another 'Minecraft' lesson for kids: Beware of deceitful adware apps BrandPost: Examining the Top Cyberthreats Plaguing the Pharmaceutical Industry Naked Security Live – Beat the Threat! TikTok patches reflected XSS bug, one-click account takeover exploit Managed Security Services Provider (MSSP) News: 23 November 2020 Sophos 2021: Expect Ransomware, Evolving Attacks to Frame Threat Landscape, IT Security Senate Passes IoT Security Legislation to Protect Feds’ Device Procurement VMware fixed SD-WAN flaws that could allow hackers to target enterprise networks Are MSPs Adopting Zero-Trust Security? NCSC Issues Warning About Expected #BlackFriday Scams MPs Bombarded by Nearly Three Million Monthly Email Attacks Cyber-Attacks Against Insurance Companies: How to Avoid the Risks FBI issued an alert on Ragnar Locker ransomware activity New Study Says Cyber Security Technology Isn t as Effective As It Should Be CISA Director Chris Krebs Fired, Common Sense and Section 230 VDI improvements ensure business continuity in the age of remote work A cluster without RBAC is an insecure cluster Curiosity, creativity, collaboration: the human elements of the SOC Women in Robotics Update: Elizabeth Croft, Helen Greiner, Heather Knight DEF CON 28 Safe Mode Voting Village Village -Jody Westby’s ‘Policy Approach To Resolving Cybersecurity Problems’ Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 304’ DEF CON 28 Safe Mode Voting Village Village – Stark Xie’s ‘Testing Can’t Tell If Ballot Devices Alter Elections’ Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Google Is Testing End-to-End Encryption in Android Messages Prosecution investigates Dutch hacker who gained access to Trump's Twitter - NL Times Securing Beats at Scale Romanians arrested for running underground malware services Security Affairs newsletter Round 290 DEF CON 28 Safe Mode Voting Village Village – Michael A. Specter’s ‘The Ballot Is Busted Before The Blockchain’ XKCD ‘Viral Quiz Identity Theft’ DEF CON 28 Safe Mode Voting Village Village – Forrest Senti’s & Mattie Gullixson’s ‘Secure The Vote Standards’ GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services Dutch tech reporter gatecrashes EU defence secret video conference Joe Biden's 'Vote Joe' website defaced by Turkish Hackers - BleepingComputer OPSEC, OPSEC, OPSEC... Man Utd hit by cyber attack as hackers target club s IT systems in sophisticated operation by organised cri - The Sun Manchester United hit by ‘sophisticated’ cyber attack 2020 Vision: Adapting Security for Office 365 Collaboration UK reveals new National Cyber Force to improve offensive cyber capabilities Botnets have been silently mass-scanning the internet for unsecured ENV files Robotics sector brings robotics to the public in annual European showcase A destructive legacy: Trump bids for final hack at environmental protections - The Guardian Popular Robotic Vacuum Cleaners Can Be Remotely Hacked to Act As Microphones - SciTechDaily Updated Apache Drill R JDBC Interface Package {sergeant.caffeinated} With {dbplyr} 2.x Compatibility Robotic vacuum cleaners can be hacked to eavesdrop on conversations - Daily Mail Introducing Signal Sciences Terraform Provider Websites requiring security software downloads opened door to supply chain attack With Black Friday-Cyber Monday looming, Grelos skimmer tied to Magecart poses threat Threat Roundup for November 13 to November 20 VMware addresses flaws exploited at recent Tianfu Cup Podcast 094: Fake Sun, Hacked Super Mario, Minimum Viable Smart Glasses, And 3D Printers Can't Do That Hackaday - Hackaday VMware Fixes Critical Flaw in ESXi Hypervisor Facebook Messenger Flaw Enabled Spying on Android Callees Don’t Let DDoS Extortionists Deliver a KO Punch UK formally unveils GCHQ's offensive cyber-operation shop Security Pros Push for More Pervasive Threat Modeling DEF CON 28 Safe Mode Voting Village Village – United States Election Assistance Commission Chairman Benjamin Hovland’s Remarks Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 32 – From The Little Bobby Archive!’ Sector financiero, ciberseguridad y gesti n de operaciones Green Beret Passed Secrets to Russia October Mumbai power outage may have been caused by a cyber attack Facebook Messenger bug allowed callers to listen unattended calls Data Breach at Iowa Hospital DEF CON 28 Safe Mode Voting Village Village – Senator Ron Wyden’s Remarks New Grelos Skimmer Variants Siphon Credit Card Data TV Maker TCL Denies Back Door, Promises Better Process Police arrest 2 in connection with CyberSeal, Dataprotector crime services First HomePod Jailbreak Stokes Speculation About Smart Speaker's Hacking Potential - MacRumors Chrome gets patched again, but 83% of users aren t running the latest version FireEye Acquires Respond Software Robot vacuum cleaners can eavesdrop on your conversations, researchers reveal If Michael Jordan is zero trust, then identity governance is Scottie Pippen Why cybersecurity is a team sport #ISSE2020: Focus on 2020's Crypto Successes Rather than Efforts to Break it Free for unlimited users: Password Expiration Notifier for Active Directory Five worthy reads: The rise in credential stuffing attacks Facebook Messenger Bug Allows Spying on Android Users Convicted SIM Swapper Gets 3 Years in Jail Mitsubishi Electric Corp. was hit by a new cyberattack Apple says iOS anti-tracking feature is still on the way, also takes shot at Facebook Cloud Security Alliance Opens Registration for CloudBytes Connect: From the SOC to the Boardroom New Mount Locker Ransomware Version Targeting TurboTax Files Managed Security Services Provider (MSSP) News: 20 November 2020 MSSPs and Cloud Security Services – The Leaders Unveiled FireEye, Backed By Private Equity, Acquires XDR Security Company Respond Software Faith App Exposes Millions Through Cloud Misconfig QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor A flaw in Facebook Messenger could have allowed spying on users Why now is the time for zero trust in DoD cybersecurity The worst passwords of 2020: Is it time to change yours? 25 passwords that can be hacked in less than one second - Deccan Herald The malware that usually installs ransomware and you need to remove right away Cyber resilience through deception: What businesses can learn from federal cybersecurity frameworks Michael Jordan is zero trust, then identity governance is Scottie Pippen Why cybersecurity is a team sport Cybersecurity doorways left ajar in the race to remote work Before automation can realize promise, companies have ground-level work to do Software Composition Analysis Explained Verizon picks industries that are prime targets for cyber espionage Microsoft Announces Pluton Security Processor for Windows PCs FireEye, Backed By Private Equity, Acquires XDR Security Firm Respond Software Google Cloud Adds Machine Learning, Packet Mirroring for Network Security Suburban woman inundated with angry calls after hackers use her number to scam others - WGN TV Chicago Trump legal team pushes conspiracy theories of hacked voting machines claims it called ludicrous four years - The Philadelphia Inquirer Ransomware Groups Break Promises, Leak Data Anyway CVE-2020-27995: Zoho ManageEngine RCE OSINT, 3D Modeling, Geolocation & Forensic Architecture: Analysis Of The Beirut Port Explosion How phishing attacks are exploiting Google's own tools and services Healthcare Orgs: What You Need to Know About TrickBot and Ryuk US Cyber Command s capability efforts lack clarity, says government watchdog Go SMS Pro Messaging App Exposed Users' Private Media Files Energy official eyed for senior CISA position after White House throws agency into turmoil How to Avoid 2020 Online Shopping Threats Brave Rewards: How to disable the feature XKCD ‘Blair Witch’ DEF CON 28 Safe Mode Voting Village Village – Cordero Delgadillo’s ‘A Lawyer’s Reflections On Elections’ #ISC2CONGRESS We Got This: Adaptability Is Nothing New to Cybersecurity GO SMS Pro Android App Exposes Private Photos, Videos and Messages Hard Rock Stadium Ups Cybersecurity Threat Source newsletter (Nov. 19, 2020) Linux servers: How to encrypt files with gocryptfs Get the free Security Intelligence Handbook from Recorded Future Threats without borders: Brazilian banking trojans go global #DxPsummit: CISOs Discuss Ransomware Strategies for Recovery and Resistance Android messaging app with 100M users found exposing messages Phishers Using Redirector Sites with Custom Subdomains for Evasion Chrome Gets Patched Again But 83% of Users Aren t Running the Latest Version IT and OT Cybersecurity: United We Stand, Divided We Fall ISE 3.0 Dynamic Visibility: Step into zero trust for the workplace Double-dipping scammers don't need malware to grab card numbers and turn a profit, report says Trump fires CISA Director Christopher Krebs; Chief of Staff confirms who's next in line 53% of manufacturing organizations say operational technology is vulnerable to cyberattacks We infiltrated an IRC botnet. Here s what we found Mass Migration of Users to Parler Prompts Concerns Over Security and Disinformation 2021 Cybersecurity Spending: How to Maximize Value 5 minutes with Jason Soroko - The importance of zero trust during COVID-19 How Healthcare IT Teams Can Unify HIPAA Security and Privacy Regulations Using NIST WARNING: Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages UN and Europol Warn of Growing AI Cyber-Threat Cybercriminals Batter Automakers With Ransomware, IP Theft Cyberattacks Unpatched Browsers Abound, Study Shows Application Security Book Review | Avast The Center wants to send you to college. Interested? Claroty Partners with CrowdStrike to Protect Industrial Control System Environments Woman Transforms Sling Bag into Backpack in Dramatic Video, Life Hack Leaves Netizens Amazed - News18 Managed Security Services Provider (MSSP) News: 19 November 2020 [Free Resource Kit] Stay Safe This Holiday Season with KnowBe4! Today: MSSPs and Cloud Security Services – The Leaders Unveiled Remote working: This new Microsoft VPN aims to make your mobile devices more secure #IROS2020 BiR-IROS: Black in Robotics New Grelos skimmer variant reveals murkiness in tracking Magecart operations Researcher Drops Gender Discrimination Lawsuit Against Microsoft 100 'top passwords' that can be hacked in less than one second - Gadgets Now Why Do Zero Day Security Technologies Fail to Protect Against Zero Day Attacks? Evolution of Emotet: From Banking Trojan to Malware Distributor Publicly Available Exploit Code Gives Attackers 47-Day Head Start Chinese Cloud Hopper Attackers Use Zerologon in New Campaign Container Workloads on AWS, Azure, and Google Cloud Platforms #DxPsummit: How Zoom Met 2020 s Security Challenges Turn Off iPhone Location Tracking | Avast