- Phishing Attacks:
- Breaches:
- South African bank to replace 12m cards after employees stole master key [Catalin Cimpanu, ZDNet]
- Developments in Video Conferencing Systems Security:
- New Cisco Webex Meetings flaw lets attackers steal auth tokens [Sergiu Gatlan, Bleeping Computer]
- End-to-End Encryption Update [Zoom] [Eric S. Yuan, Zoom]
- Ransomware:
- City of Knoxville shuts down network after ransomware attack [Sergiu Gatlan, Bleeping Computer]
- General Security Interest:
- After a breach, users rarely change their passwords, and when they do, they’re often weaker [Daniel Tkacik, Tech Xplore]
- The Impending Doom of Expiring Root CAs and Legacy Clients [Scott Helme]
- FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy [Krebs on Security]
- New Vulnerabilities:
-
Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack [Zeljka Zorz, Help Net Security]
- List of known vulnerable vendors/devices: Overview- Ripple20 - SMBleedingGhost Writeup: Chaining SMBleed (CVE-2020-1206) with SMBGhost [ZecOps Blog]
-
Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack [Zeljka Zorz, Help Net Security]
- Vulnerabilities in Home Routers:
- WFH Alert: Critical Bug Found in Old D-Link Router Models [Tom Spring, Threat Post]
- Unpatched vulnerability identified in 79 Netgear router models [Catalin Cimpanu, ZDNet]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F