Nedbank Says 1.7 Million Customers Impacted by Breach at Third-Party Provider, 500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users, 5 inch piece of electrical tape can fool Tesla sensors, Israeli soldiers phished by HAMAS posing as interested women, and a simple guide to AI, Deep Learning, and Machine Learning.
Visit https://www.securityweekly.com/psw for all the latest episodes!
To learn more about our sponsors visit: The Security Weekly Sponsor’s Page
Tesla Sensors, Israeli Soldiers Phished, Machine Learning
- Hackers Were Inside Citrix for Five Months Krebs on Security
- 7 Ways to Improve the Security of Mobile Banking Apps
- Vulnerable Out of Band Consoles Put Industrial Assets at Risk | SecurityWeek.Com
- Trump ‘Offered Pardon’ to Assange If He Denied Russia Leak, Court Hears | SecurityWeek.Com
- Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin Accounts
- Ring Rolls Out Mandatory 2FA, New Privacy Controls | SecurityWeek.Com
- Ransomware attack forces 2-day shutdown of natural gas pipeline
- The mess behind Microsofts yanked UEFI patch KB 4524244
- US, UK formally blame Russia for mass-defacement of Georgian websites | ZDNet
- Adobe releases out-of-band patch for critical code execution vulnerabilities | ZDNet
- Over 400 ICS Vulnerabilities Disclosed in 2019: Report | SecurityWeek.Com
- Cisco Patches Critical Flaw in Smart Licensing Solution | SecurityWeek.Com
- Nedbank Says 1.7 Million Customers Impacted by Breach at Third-Party Provider Third party security – trust but verify.
- Iranian Hackers Targeting Dutch Universities
- Iranian Hackers Have Been Hacking VPN Servers to Plant Backdoors in Companies Around the World The issue is VPN exploits are happening more agressively, necessitating heightened monitoring and rapid patch/mitigation deployment.
- 500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users Installed extensions disabled and marked malicious. Uninstall any extensions so marked.
- Justice Department Slaps Huawei with New Racketeering Charges The efforts to steal IP by Chinese companies are often accompanied extensive supporting cyber espionage efforts.
- US Non-Profit for International Study Exposes Private Documents of Thousands of Students Exposed data included Visa documents and applications, medical forms, w-4 tax forms, I-94 US Arrival and Departure forms, all from two improperly configured MongoDB instances on the same IP address.
- Russian Intelligence Agents Reportedly Went to Ireland to Inspect Undersea Cables, and It’s Reigniting Fears They Could Cut Them and Take Entire Countries Offline This is a quite challenging attack due to the number of cables that would need cutting, but coupled with other actions it could be very disruptive.
- Remote Wipe Plugin Bug Hits 200,000+ WordPress Sites If you’re using the ThemeGrill Demo Importer and a ThemeGrill theme – patch or uninstall them.
- National Motor Freight Traffic Association (NMFTA) Ransomware Resources posted In December 2019, the NMFTA conducted a ransomware tabletop exercise for motor freight carriers. Following the exercise, NMFTA released some key documents from the workshop for public use to maximize benefits to the transportation sector.
- 5 inch piece of electrical tape can fool Tesla sensors.
- Mt. Gox victims may get some of the bitcoins back.
- BIML releases guidelines for security in machine learning systems.
- Simple guide to AI, Deep Learning, and Machine Learning.
- Israeli soldiers phished by HAMAS posing as interested women.
- Dell sells RSA to private Equity Firm for 2.1B$
- Larry Tesler, who developed Cut, Copy, and Paste, has died.
- Join us at InfoSecWorld 2020 – March 30 – April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- Attend RSA Conference 2020, February 24-28 in San Francisco, CA! Visit securityweekly.com/rsac2020 to sponsor an interview with us on-site at the conference or register using our code to save $150!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!