Cybersecurity Roundup #16
“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” — Stephane Nappo
Windows Subsystem for Linux 2 bypasses the Windows 10 Firewall
The Windows Subsystem for Linux 2 will bypass the Windows 10 firewall and any configured rules, raising security concerns for those who use the feature.
Negotiating with Ransomware Gangs
For now, it seems that paying ransomware, while obviously risky and empowering/encouraging ransomware attackers, can perhaps be comported so as not to break any laws (like anti-terrorist laws, FCPA, conspiracy and others) and even if payment is arguably unlawful, seems unlikely to be prosecuted.
CISA Releases Telework Essentials Toolkit
Was this document helpful? Yes | Somewhat | No
71% Of Healthcare Medical Apps Have A Serious Vulnerability; 91% Fail Crypto Tests
Contact Me Reach me via email to admin[at]pogowasright.org. If you know about a breach that should be included on this site or need to contact me about another matter, e-mail me: admin[at]databreaches.net Alternate Email: breaches[at]protonmail.ch.
A Police Charity Bought an iPhone Hacking Tool and Gave it to Cops
The San Diego Police Foundation, an organization that receives donations from corporations, purchased iPhone unlocking technology for the city's police department, according to emails obtained by Motherboard.
Microsoft Netlogon exploitation continues to rise
Cisco Talos is tracking a spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, an elevation of privilege bug in Netlogon, outlined in the August Microsoft Patch Tuesday report.
New Pastebin Security Features Draw Criticism
Text storage service Pastebin last week announced the introduction of two new security features, but some industry professionals believe they will likely be abused by malicious actors.
Elite security intelligence at zero cost – use Recorded Future Express… for FREE!
Many thanks to the great folks at Recorded Future, who have sponsored my writing for the past week. Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster.
Cybersecurity lessons learned from data breaches and brand trust matters
Your brand is a valuable asset, but it’s also a great attack vector. Threat actors exploit the public’s trust of your brand when they phish under your name or when they counterfeit your products.
Sodinokibi Ransomware 101: Origin, Victims, Prevention Strategies
Cyberattacks have become a part of our reality, but have you ever wondered what might happen if your company gets targeted? You probably imagine that you would lose some money and a great deal of time, maybe fire an employee or too, lose a few clients and have your reputation...