BuzzSec

Original release date: October 31, 2018 The Apache Software Foundation has released a security update to address a vulnerability affecting Apache Tomcat JK Connectors 1.2.0 to 1.2.44. A remote attacker could exploit this vulnerability to obtain access to sensitive information. NCCIC encourages users and administrators to review the Apache security advisory for CVE-2018-11759 and apply the necessary update or mitigation. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT: The United States Computer Emergency Readiness Team https://www.us-cert.gov/ncas/current-activity/2018/10/31/Apache-Releases-Security-Update-Apache-Tomcat-JK-Connectors

Check out the content and feature updates in the KnowBe4 platform for the month of October! from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/knowbe4-fresh-content-update-new-features-october-2018

While most horror stories are works of fiction designed to keep you up at night, the horror stories we will be sharing are real-life cybersecurity events with outcomes that will haunt your dreams if you aren't properly prepared. Join SBS, if you dare, as we wander deep into the dark and scary corners of cybersecurity, full of data loss, reputational damage, business closing, and financial devastation. We will share a variety of cybersecurity horror stories and what could have been done to prevent the unfortunate outcomes.  from SBS CyberSecurity https://sbscyber.com/resources/hacker-hour-true-cybersecurity-horror-stories

The conventional story is that Iran targeted Saudi Arabia with Triton in 2017. New research from FireEye indicates that it might have been Russia. I don't know. FireEye likes to attribute all sorts of things to Russia, but the evidence here look pretty good. from Schneier on Security https://www.schneier.com/blog/archives/2018/10/was_the_triton_.html

The recent rash of cryptocurrency scams on Twitter show organizations that social media is there to share posts and can’t protect platform users. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/scam-of-the-week-cryptocurrency-on-twitter

Just a shot of almost 600 people in costume !!! from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/knowbe4-halloween-2018

Jim Harper at CATO has a good survey of state ID systems in the US. from Schneier on Security https://www.schneier.com/blog/archives/2018/10/id_systems_thro.html

Two unrelated sextortion crimes committed months apart and hundreds of miles away from each other illustrate the dangers of compromising personal photos being in the wrong hands. from Cyber Crimes Stories https://www.fbi.gov/news/stories/sentences-in-separate-cyberstalking-cases-103018

Original release date: October 30, 2018 Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: Safari 12.0.1 iCloud for Windows 7.8 iTunes 12.9.1 watchOS 5.1 iOS 12.1 tvOS 12.1 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT: The United States Computer Emergency Readiness Team https://www.us-cert.gov/ncas/current-activity/2018/10/30/Apple-Releases-Multiple-Security-Updates

from SANS Institute | Newsletters - Newsbites - RSS https://www.sans.org/newsletters/newsbites/xx/86

The Tesla founder’s recent tweet about cryptocurrency got him temporarily locked out of his Twitter account, demonstrating the seriousness of the scam. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/elon-musk-draws-attention-to-cryptocurrency-scams-on-twitter

When it goes well, explaining security concepts to coworkers, friends, and family is one of the best parts of being in the security industry. It helps others make more risk-aware decisions, reduces ‘inarticulate tech geek’ stereotypes, and enhances soft-skills. Unfortunately, explanations do not always go well. Audiences need to be in the right state of mind to receive information, and even then, being overly technical or longwinded will quickly turn them into conversation captives looking for an escape route. The following three analogies are the most powerful tools I’ve found for maintaining listener interest when explaining security concepts.   Healthcare In healthcare, the most successful treatment plans are tailored to an individual’s diet, environment, genetics, and personality. Similarly, the most effective security programs are tailored to a company’s resources (diet), industry (environment), processes (genetics), and culture (personality). This makes healthcare analogies

The first cyber attack timeline of October is ready: this fortnight I have collected 54 events, with a level of activity in line with September when I reported respectively 56 and 55 events in the first, and second half of the previous month. from HACKMAGEDDON https://www.hackmageddon.com/2018/10/30/1-15-october-2018-cyber-attacks-timeline/

Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump's personal cell phone and using the information gleaned to better influence his behavior. This should surprise no one. Security experts have been talking about the potential security vulnerabilities in Trump's cell phone use since he became president. And President Barack Obama bristled at -- but acquiesced to -- the security rules prohibiting him from using a "regular" cell phone throughout his presidency. Three broader questions obviously emerge from the story. Who else is listening in on Trump's cell phone calls? What about the cell phones of other world leaders and senior government officials? And -- most personal of all -- what about my cell phone calls? There are two basic places to eavesdrop on pretty much any communications system: at the end points and during transmission. This means that a cell phone attacker can either

With Microsoft’s latest release of Windows Defender running in a virtual sandbox (the first of its kind), it may be time to focus your energies – and budget – on other parts of your security strategy. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/sandboxed-defender-game-changing-av

Original release date: October 30, 2018 Why is it important to dispose of electronic devices safely? In addition to effectively securing sensitive information on electronic devices, it is important to follow best practices for electronic device disposal. Computers, smartphones, and cameras allow you to keep a great deal of information at your fingertips, but when you dispose of, donate, or recycle a device you may inadvertently disclose sensitive information which could be exploited by cyber criminals. Types of electronic devices include: Computers, Smartphones, and Tablets — electronic devices that can automatically store and process data; most contain a central processing unit and memory, and use an operating system that runs programs and applications. Digital Media — these electronic devices create, store, and play digital content. Digital media devices include items like digital cameras and media players. External Hardware and Peripheral Devices — hardware devices t

Original release date: October 30, 2018 National Cybersecurity Awareness Month is over, but your work securing your home and business systems and networks is not. NCCIC recommends users and administrators subscribe to NCCIC National Cyber Awareness System product notifications to keep on top of cybersecurity threats as they emerge. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT: The United States Computer Emergency Readiness Team https://www.us-cert.gov/ncas/current-activity/2018/10/30/National-Cybersecurity-Awareness-Month-Staying-Secure

I've blogged twice about the Bloomberg story that China bugged Supermicro networking equipment destined to the US. We still don't know if the story is true, although I am increasingly skeptical because of the lack of corroborating evidence to emerge. We don't know anything more, but this is the most comprehensive rebuttal of the story I have read. from Schneier on Security https://www.schneier.com/blog/archives/2018/10/more_on_the_sup.html

Original release date: October 29, 2018 Why is it important to dispose of electronic devices safely? In addition to effectively securing sensitive information on electronic devices, it is important to follow best practices for electronic device disposal. Computers, smartphones, and cameras allow you to keep a great deal of information at your fingertips, but when you dispose of, donate, or recycle a device you may inadvertently disclose sensitive information which could be exploited by cyber criminals. Types of electronic devices include: Computers, Smartphones, and Tablets — electronic devices that can automatically store and process data; most contain a central processing unit and memory, and use an operating system that runs programs and applications. Digital Media — these electronic devices create, store, and play digital content. Digital media devices include items like digital cameras and media players. External Hardware and Peripheral Devices — hardware devices t

Original release date: October 29, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium sever