October is Cybersecurity Awareness Month and CISA has published some useful resources: National Cybersecurity Awareness Month
- Ransomware and Malware
- CISA: Detections of LokiBot Info-Stealer Are Soaring [Phil Muncaster, Infosecurity Magazine]
- Microsoft, Italy, and the Netherlands warn of increased Emotet activity [Catalin Cimpanu, ZDNet]
- Ransomware gangs add DDoS attacks to their extortion arsenal [Lawrence Abrams, Bleeping Computer]
- NIST guide to help orgs recover from ransomware, other data integrity attacks [Zeljka Zorz, Helpnet Security]
- Data Leaks
- Breaches
- Shopify discloses security incident caused by two rogue employees [Catalin Cimpanu, ZDNet]
- Hackers hit South African government fund for children and missing people [Mfuneko Toyana, Reuters]
- Vulnerabilities
- Known Citrix Workspace Bug Open to New Attack Vector [Tara Seals, ThreatPost]
- Microsoft: Hackers using Zerologon exploits in attacks, patch now! [Lawrence Abrams, Bleeping Computer]
- Update now: Cisco warns over 25 high-impact flaws in its IOS and IOS XE software [Liam Tung, ZDNet]
- Critical Vulnerabilities Found in Remote Access Software [Sarah Coble, Infosecurity Magazine]
- FYI: If you’re running HP Device Manager, anyone on your network can get admin on your server via backdoor [Thomas Claburn, The Register]
- Exploiting Other Remote Protocols in IBM WebSphere [Zero Day Initiative]
- General
- A Fifth of Privileged Users Don’t Need Elevated Access [Phil Muncaster, Infosecurity Magazine]
- Why a Security Maturity Model Can Transform How You Use Analytics [Joerg Stephan, Security Intelligence]