Top News

• 600,000 GPS child trackers found vulnerable to location tracking

"Today the use of trackers has become widespread, particularly due to the fine balance found between their ease of use and the security benefits attained."

Link

TLP¹ : Green

• Eliminating Cyber Threats in 2020: Why Enterprises Need to Rethink Cyber security

"Artificial Intelligence (AI)-powered solutions are a cost-effective way to deal with threats that reside on mobile devices, web servers, etc and proliferate from a number of sources. In 2018, a security issue at Facebook affected a whopping 50 million users. In 2017, 412 million user accounts was stolen from Friendfinder’s sites and 147.9 million customers were affected by the Equifax data breach."

Link

TLP¹ : Green

• China is leading with 5G but it needs to protect against cyberthreats

"IN LINE WITH Xi Jinping’s directive on pioneering innovation, in a bid to harness big data and support the rise of the internet of things (IoT), companies in China have accelerated their journey to 5G."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• 3 Cyber Security Tips for Small Business Owners

"Two out of three small business owners believe a cyberattack to their business is unlikely, but in reality, the same proportion of businesses has been victims of cyber attacks, according to Keeper Security."

Link

TLP¹ : Green

• Autonomous cyber defenses coming to the Army

"The Army is leveraging artificial intelligence and machine learning into new autonomous cyber defenses, according to service officials in the C5ISR Center's Space and Terrestrial Communications Directorate."

Link

TLP¹ : Green

• The best password managers for 2019

"One of the best ways to secure yourself online is to use a unique password for each site and service you subscribe to. That makes it hard to remember them all, but you wouldn’t need to worry about that if you had a decent password manager. But which one should you choose?"

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Victory! Ruling in hiQ v. Linkedin Protects Scraping of Public Data

"In a long-awaited decision in hiQ Labs, Inc. v. LinkedIn Corp., the Ninth Circuit Court of Appeals ruled that automated scraping of publicly accessible data likely does not violate the Computer Fraud and Abuse Act (CFAA). "

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Microsoft Fixes 79 Vulnerabilities Including Two Active Zero-Days Exploits and 4 Critical RDP Flaws

"Microsoft released security updates for September that addresses 79 security vulnerabilities, out of the 17 are critical, 61 rated as important and one classified as Moderate."

Link

TLP¹ : Green

• Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

"Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Ransomware Attack Hits School District Twice in 4 Months

"A Connecticut school district's teachers are working without computer access less than a week after a second malware attack targeted the district's servers."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Enhanced Trend Micro Security protects inboxes from scams and phishing attacks

"Trend Micro, a global leader in cybersecurity solutions, launched the latest version of its flagship consumer offering, Trend Micro Security, which features enhanced protection from web threats and a new AI-powered Fraud Buster tool to protect inboxes from scams and phishing attacks. Some 90% of global threats blocked by Trend Micro in the first half of 2019 came via the email channel."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp