- Infinite Campus DDoS attack impedes access to student data [Zero Day]
-
Education Department warns that students on financial aid are being targeted in phishing attacks [The Washington Post]
- see also: ifap.ed.gov/eannouncements/083118ActivePhishingCampaignTargetStudentEmailAccount.html -
One Way Office 365 Phishing Attacks Are Getting Sneakier [Redmond Magazine]
- see also: www.avanan.com/resources/phishpoint-attack
- and: healthitsecurity.com/news/phishing-attacks-that-impersonate-trusted-individuals-on-the-rise -
Dutch expelled Russians over alleged novichok lab hacking plot [The Guardian]
- see also: arstechnica.com/information-technology/2018/09/russians-tried-to-hack-swiss-lab-testing-samples-from-skripal-attack/
- and: www.bloomberg.com/view/articles/2018-09-18/russian-hackers-aren-t-the-only-ones-to-worry-about -
Newegg users’ credit card info was exposed to hackers for a month [The Verge]
- see also: www.volexity.com/blog/2018/09/19/magecart-strikes-again-newegg/
- and: www.riskiq.com/blog/labs/magecart-newegg/ - Think Like An Attacker: How a Red Team Operate [Dark Reading]
-
Microsoft offers completely passwordless authentication for online apps [Ars Technica]
- see also: www.zdnet.com/article/microsoft-heres-why-were-declaring-end-of-password-era/
- and: cloudblogs.microsoft.com/microsoftsecure/2018/09/24/delivering-security-innovation-that-puts-microsofts-experience-to-work-for-you/
- and: www.wired.com/story/yubikey-series-5-fido2-passwordless/ -
Internet Organised Crime Threat Assessment 2018 [Europol]
- see also: www.helpnetsecurity.com/2018/09/26/mcafee-labs-threats-report-september-2018/
- and: www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/global-state-of-the-internet-security-ddos-attack-reports.jsp -
Monero bug could have allowed hackers to steal massive amounts of cryptocurrency [Zero Day]
- see also: fortune.com/2018/09/20/cryptocurrency-exchange-hack-zaif-japan-60-million/ - Equifax IT staff had to rerun hackers’ database queries to work out what was nicked – audit [The Register]
- Expanding DNSSEC Adoption [Cloudflare]
-
Why I’m done with Chrome [Matthew Green]
- see also: threatpost.com/googles-forced-sign-in-to-chrome-raises-privacy-red-flags/137651/
- and: www.zdnet.com/article/backlash-sees-change-in-chrome-login-and-google-account-behaviour/
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F
![[TI: logo for TI accredited teams]](../assets/img/TI-Accredited_120x120.jpg)
![[FIRST.org Logo]](../assets/img/first-org-simple.png)