9283 8B4A 87FE DC6E C327 EF05 70A8 B78D 1623 3FB5

  1. Universities cyber attack each other to test defences [UKAuthority]
    - see also: “It is unrealistic to expect the education system to tighten their security and it will never be hacked again, it is more a case of being one step ahead of the hacker and realising how they will hack this information and then securing it so that they cannot. Using ‘white hackers’ in this situation is a smart idea as they know all the techniques that the hackers will use to creep their way in to this sensitive information. Security is always changing, so it is vital we keep up with it.” – www.itproportal.com/features/education-industry-not-making-the-grade-for-cybersecurity/
  2. Mass email hacker targets Glasgow Caledonian University as students warned to ‘stay vigilant’ amid security fears [The Scottish Sun]
  3. How Universities Can Mitigate IoT Risk on Campus [EdTech]
    - see also: Security refresh teaches James Cook University the value of better visibility
  4. Data breaches, cyberattacks are top global risks alongside natural disasters and climate change [Zero Day Net]
    - Report available at www.weforum.org/reports/the-global-risks-report-2019
    - see also: South African cybersecurity trends for 2019
  5. Collection 1 data breach leaks 773 million records [MyBroadband]
    - Note that this is allegedly a combination of previous breached datasets. Worthwhile reminder though to check whether your information has been involved in a publicised leak(s)/breach(es).
  6. ‘It’s like they took a rug and covered it up’: Flight booking web app used by scores of airlines still vuln to attack – claim [The Register]
  7. Microsoft LAPS – Blue Team / Red Team [SANS ISC]
  8. ICASA’s hearings on its cybersecurity role are on 17 & 18 January: here’s a synopsis of submissions received [Lucien Pierce]
  9. Cybersecurity talent: thinking outside the ‘technical proficiency’ box [Networks Asia]
  10. Google Public DNS now supports DNS-over-TLS [Google Security Blog]
  11. mkcert: valid HTTPS certificates for localhost [Filippo.io]
  12. Windows 7 KMS Activation Issues Caused by Microsoft Mistake, Not an Update [Bleeping Computer]
    - Microsoft article: Activation failures and “not genuine” notifications around January 8, 2019, on volume-licensed Windows 7 KMS clients
  13. Global DNS Hijacking Campaign: DNS Record Manipulation at Scale [FireEye]
  14. 2FA codes can be phished by new pentest tool [Naked Security]
  15. Exclusive: How a Russian firm helped catch an alleged NSA data thief [Politico]
  16. Mondelez sues Zurich over $100m cyberhack insurance claim [The Irish Times]
  17. The CNIL’s restricted committee imposes a financial penalty of 50 Million euros against GOOGLE LLC [Commission Nationale de l’Informatique et des Libertés]
  18. ShmooCon 2019 streams [ShmooCon]