Cybersecurity Headlines

Ransomware disrupts COVID-19 vaccine trials SEC sues John McAfee over cryptocurrency promotion Firmware bootkit spotted in the wild Thanks to our sponsor, Detectify. Detectify is where security engineers and developers come to collaborate and build safer web apps using ethical hacker knowledge. Using payload-based testing, Detectify checks for 2000+ known vulnerabilities and helps you stay on top of emerging threats. Start a free 2-week trial today! For more, head to CISOseries.com.

Covid tracking apps from a Google-Apple partnership gaining traction in the U.S. FBI works more closely with spy agencies to hunt foreign hackers Phishing-with-worms campaign is declared a game-changer in password theft, account takeovers Thanks to our sponsor, Detectify. Detectify is where security engineers and developers come to collaborate and build safer web apps using ethical hacker knowledge. Using payload-based testing, Detectify checks for 2000+ known vulnerabilities and helps you stay on top of emerging threats. Start a free 2-week trial today! More available at CISOseries.com.

Huawei failed to address network security flaws US Treasury Department warns about fines for ransomware payments H&M fined for GDPR violations Thanks to our sponsor ReversingLabs ReversingLabs is the leading provider of explainable threat intelligence. In only milliseconds, ReversingLabs elastic threat infrastructure automatically analyzes the world's most complex files and detects the most advanced threats. ReversingLabs gives modern security and threat hunting teams the transparent insights and trusted input required to take fast and confident defensive action--all with zero interruption to business critical systems. Learn more by watching an on-demand demo at reversinglabs.com/demo For more, head to CISOSeries.com

Facebook faces down QAnon, bogus election ads, and privacy on the Gram Who took down 911 in 14 states on Monday? Controversial data company Palantir's stock is up following Wall Street debut Thanks to our sponsor ReversingLabs ReversingLabs is the leading provider of explainable threat intelligence. In only milliseconds, ReversingLabs elastic threat infrastructure automatically analyzes the world's most complex files and detects the most advanced threats. ReversingLabs gives modern security and threat hunting teams the transparent insights and trusted input required to take fast and confident defensive action--all with zero interruption to business critical systems. Learn more by watching an on-demand demo at reversinglabs.com/demo For more, head to CISOSeries.com

French shipping giant hit with ransomware attack Ransomware operators release personal information on Las Vegas students Android 12 will play nice with third-party apps stores Thanks to our sponsor ReversingLabs ReversingLabs is the leading provider of explainable threat intelligence. In only milliseconds, ReversingLabs elastic threat infrastructure automatically analyzes the world's most complex files and detects the most advanced threats. ReversingLabs gives modern security and threat hunting teams the transparent insights and trusted input required to take fast and confident defensive action--all with zero interruption to business critical systems. Learn more by watching an on-demand demo at reversinglabs.com/demo For more, head to CISOSeries.com

TikTok's latest court win means videos still available - for now Universal Health Services hospitals hit country-wide by Ryuk ransomware Windows XP and Windows Server 2003 source code leaked online Thanks to our sponsor ReversingLabs ReversingLabs is the leading provider of explainable threat intelligence. In only milliseconds, ReversingLabs elastic threat infrastructure automatically analyzes the world's most complex files and detects the most advanced threats. ReversingLabs gives modern security and threat hunting teams the transparent insights and trusted input required to take fast and confident defensive action--all with zero interruption to business critical systems. Learn more by watching an on-demand demo at reversinglabs.com/demo For more, head to CISOSeries.com

China's biggest chip maker hit by US sanctions Elon Musk unhappy over Microsoft's exclusive licensing of OpenAI Google removes 17 Android apps doing WAP billing fraud from the Play Store Thanks to our sponsor ReversingLabs ReversingLabs is the leading provider of explainable threat intelligence. In only milliseconds, ReversingLabs elastic threat infrastructure automatically analyzes the world's most complex files and detects the most advanced threats. ReversingLabs gives modern security and threat hunting teams the transparent insights and trusted input required to take fast and confident defensive action--all with zero interruption to business critical systems. Learn more by watching an on-demand demo at reversinglabs.com/demo For more, head to CISOSeries.com

DHS acknowledges leak of facial recognition images Judge rules the TikTok ban be delayed or defended Local government email systems are vulnerable to cyberattacks HUGE thanks to our sponsor, Trusona Trusona enables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona's passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don't have to work around. For more, go to CISOseries.com.

Public-sector mega-vendor Tyler admits it was hacked ByteDance asks courts to block Trump order against TikTok Shopify says insiders to blame for stealing customer data HUGE thanks to our sponsor, Trusona Trusona enables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona's passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don't have to work around. For more, go to CISOseries.com.

Maze ransomware adopts Ragnar Locker virtual machine approach Email addresses and passwords allegedly from NIH, WHO, and Gates Foundation dumped online Russian hackers use fake NATO training documents to breach government networks HUGE thanks to our sponsor, Trusona Trusona enables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona's passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don't have to work around. For more, go to CISOseries.com.

CISA issues emergency directive to roll out a Windows Server patch 93% of organizations suffer data breaches through outbound email Facebook threatens withdrawal from EU HUGE thanks to our sponsor, Trusona Trusona enables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona's passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don't have to work around. For more, go to CISOseries.com.

Trump approves Oracle's TikTok deal and delays app store ban ByteDance says it's not aware of $5 billion education fund in TikTok deal California judge halts Trump's WeChat ban HUGE thanks to our sponsor, Trusona Trusona enables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona's passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don't have to work around. For more, go to CISOseries.com.

Oracle's bid calls for access to TikTok's source code Patient dies in the wake of a ransomware attack Backdoors and bugs discovered in HiSilicon video encoders Thanks to our sponsor, Dtex Systems Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free 30-day trial at dtexsystems.com. For more on CISO Series, go to cisoseries.com.

DOJ charges five Chinese citizens with global hacking campaign Two Russians phished $17 million in cryptocurrency, DOJ says Bluetooth flaw BLESA leaves billions of devices open to hackers Thanks to our sponsor, Dtex Systems Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free 30-day trial at dtexsystems.com. For more on CISO Series, go to cisoseries.com.

Senator calls for US to reject Oracle's TikTok deal MFA bypass bugs opened Microsoft 365 to attack Ex-Facebook employee reveals extent of bot manipulation intended for political gain Thanks to our sponsor, Dtex Systems Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free 30-day trial at dtexsystems.com. For more on CISO Series, go to cisoseries.com.

ByteDance chooses Oracle's bid to become TikTok's trusted technology partner Thousands of Magento stores compromised in a skimming campaign CISA warns Chinese state hackers are targeting enterprise infrastructure Thanks to our sponsor, Dtex Systems Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free 30-day trial at dtexsystems.com. For more on CISO Series, go to cisoseries.com.

SoftBank close to a deal to sell Arm to Nvidia, creating a powerhouse Zoom now offers two-factor authentication China may kill TikTok's US operations rather than see them sold Thanks to our sponsor, Dtex Systems Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free trial 30-day at dtexsystems.com. For more on CISO Series, go to cisoseries.com.

Portland passes bans on facial recognition technology. Bluetooth SIG publishes details on Blurtooth vulnerability. Microsoft detects attempted cyberattacks against US presidential campaigns. Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

NSA, CIA have proof of Russians hacking Florida voting systems, says Woodward's 'Rage' DHS whistleblower alleges he was ordered to halt Russia analysis because Trump looked 'bad' U.S. Supreme Court will decide legality of bug bounties Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

China launches initiative to set global data-security rules Google releases new development platform that includes no-code tools and serverless computing Intel's supercomputer faces further delay Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA. For more, head to CISOSeries.com

Visa discovers new skimming malware. The US issues a space policy directive on cybersecurity. Netwalker ransomware hits Argentina's immigration systems. Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

Facebook formally codifies policy on third-party vulnerabilities. Apple delays changes to device ID collection. Geofence warrants strike out in federal court. Thanks to our sponsor, Trusona. Trusona enables enterprises to provide enhanced security and usability to the workforce by removing passwords from the Windows 10 login experience. The solution works with your existing infrastructure without requiring any software or hardware upgrades like Windows Hello, cameras, biometric readers or on-premises servers — making it the most cost-effective and user-friendly to deploy. For more, head to CISOSeries.com

U.S. spying exposed by Snowden was illegal, court rules DHS starts countdown clock on vulnerability disclosure policies Canadian police more reliant than ever on predictive computing Thanks to our sponsor, Trusona. Trusona enables enterprises to provide enhanced security and usability to the workforce by removing passwords from the Windows 10 login experience. The solution works with your existing infrastructure without requiring any software or hardware upgrades like Windows Hello, cameras, biometric readers or on-premises servers — making it the most cost-effective and user-friendly to deploy. For more, head to CISOSeries.com

Facebook threatens to block sharing of news stories in Australia Maximum lifespan of SSL/TLS certificates is now 398 days Elections offices across the U.S. using faulty electronic technology Thanks to our sponsor, Trusona. Trusona enables enterprises to provide enhanced security and usability to the workforce by removing passwords from the Windows 10 login experience. The solution works with your existing infrastructure without requiring any software or hardware upgrades like Windows Hello, cameras, biometric readers or on-premises servers — making it the most cost-effective and user-friendly to deploy. For more, head to CISOSeries.com

Apple accidentally notarized malware on macOS Security researchers detail a Netwalker play-by-play Mozilla find out "Why We Still Can't Browse in Peace" Thanks to our sponsor, Trusona. Trusona enables enterprises to provide enhanced security and usability to the workforce by removing passwords from the Windows 10 login experience. The solution works with your existing infrastructure without requiring any software or hardware upgrades like Windows Hello, cameras, biometric readers or on-premises servers — making it the most cost-effective and user-friendly to deploy. For more, head to CISOSeries.com

China's new salvo in TikTok war means restrictions on AI technology exports Slack fixes 'critical' vulnerability that left desktop app users open to attack Cisco engineer resigns then destroys WebEx accounts and virtual machines Thanks to our sponsor, Trusona. Trusona enables enterprises to provide enhanced security and usability to the workforce by removing passwords from the Windows 10 login experience. The solution works with your existing infrastructure without requiring any software or hardware upgrades like Windows Hello, cameras, biometric readers or on-premises servers — making it the most cost-effective and user-friendly to deploy. For more, head to CISOSeries.com

You can teach a Qbot new tricks Researchers expose unsecure printers The FBI releases details about ransomware scheme at Tesla Thanks to our sponsor Trend Micro For more, head to CISOSeries.com

Facebook warns Apple privacy changes will decimate ads Feds' stern warning for banks: Watch out for BeagleBoyz Feds put the kibosh on Russian's million-dollar malware scheme Thanks to our sponsor Trend Micro For more, head to CISOSeries.com

Epic judge will protect Unreal Engine — but not Fortnite US military researchers may have found a more productive vulnerability discovery process Beijing's electronic dragnet closes on Hong Kong Thanks to our sponsor Trend Micro For more, head to CISOSeries.com

Application Guard for Office is now in public preview The WeChat executive order also faces a lawsuit It's like GitHub, but for China Thanks to our sponsor Trend Micro For more, head to CISOSeries.com

TikTok plans to sue Trump administration over U.S. ban Former Uber security chief faces criminal charges for hiding 2016 breach Major wave of vishing attacks targets teleworkers Thanks to our sponsor Trend Micro For more, head to CISOSeries.com

Former Uber security chief charged with paying hush money to conceal breach Google fixes severe Gmail bug only after researcher goes public Pandemic work-from-home empowers voice phishers

Guardicore Labs discovers a previously unknown botnet CISA releases details on a new North Korean trojan Facebook enforces a ban on groups that discuss "potential violence"

Oracle enters race to buy TikTok's US operations Jack Daniel's hit with ransomware 200,000 Healthcare records exposed through GitHub credentials leak For more, head to CISOSeries.com

Trend Micro Finds Mac Malware in Xcode Projects Chrome To Warn Of Insecure Forms Security Breach Numbers Decrease, But Severity Increases in 2020 For more, head to CISOseries.com

President Trump creates 90-day deadline for ByteDance to divest from U.S. TikTok business Will the US be safer with a reduction in the reliance of Chinese manufacturing? A database designed to prevent harmful speech from going viral For more, head to CISOseries.com

This is just a welcome message to introduce subscribers to the Cyber Security Headlines podcast. A daily dose of information security news.