C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F

  1. British Airways boss apologises for ‘malicious’ data breach [BBC]
    - see also: BA apologizes after 380,000 customers hit in cyber attack [REUTERS]
    - Juicy, more technical details: Inside the Magecart Breach of British Airways: How 22 Lines of Code Claimed 380,000 Victims [RISKIQ]
  2. How US authorities tracked down the North Korean hacker behind WannaCry [ZDNet]
    - Also: MarkOfTheWeb: How a Forgetful Russian Agent Left a Trail of Breadcrumbs [RISKIQ]
  3. The Adoption of Multi-Factor Authentication in Higher Education [StaySafeOnline]
  4. The Equifax Breach One Year Later: 6 Action Items for Security Pros [DARKReading]
    - Of additional interest: Protected Voices – your voice matters, so protect it
    — “But even beyond political campaigns, the cybersecurity information contained in these videos—which ranges from protecting passwords to social engineering threats to what to do if you think you’ve been hacked—will be helpful to anyone who uses a computer.”
  5. Where have all my Certificates gone? [SANS ISC]
    - see also: How to nab a HTTPS cert for a stranger’s website: Step one, shatter those DNS queries… [The Register]
    - and Why do we need HTTPS?
  6. Red Teaming Microsoft: Part 1 – Active Directory Leaks via Azure [BLACK HILLS]
  7. The Chilling Reality of Cold Boot Attacks [F-Secure]
  8. Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob [WIRED]
    - Tesla Will Restore Car Firmware/OS When Hacking Goes Wrong [Bleeping Computer]
  9. Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw [threatpost]
    - Technical POC: Apple Safari & Microsoft Edge Browser Address Bar Spoofing – Writeup [Rafay Baloch]
  10. MacOS Security Baseline Script – tips for securing MacOS
  11. Security Management Guide [Praxiom]
    - aiming to make ISO 27001, 27002, 28000, 31000 and 22301 easier to understand and implement
  12. 10 Coolest Jobs in Cybersecurity [SANS]