June 24, 2022

• The Ghost of Internet Explorer Continues to Haunt Us

• Researchers Disclose 15 Bugs in Siemens Industrial Control Software

• CISA Releases Version 2 of Cloud Security Technical Reference Architecture Document

• Windows 11 is Getting an App Privacy Report Feature

• Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

• Jury Convicts Ex-Amazon Employee in Capital One Hack
• Quebec Court Approves $200 Million Settlement for Desjardins Breach
• Flagstar Bank Discloses Breach of 1.5 Million
• Arizona Hospital Says Data on 700,000 Patients Breached
• Baptist Healthcare Breach

Security News Bites for the Week Ending June 24th, 2022
This week’s security news: want some BidenCash? TikTok China has data on 80 million
Americans, UK government approves extraditing Assange on spying, GAO is worried about
cyber insurance for major attacks and don’t trust blockchain with more than your lunch money.

Read the newsletter here

June 17, 2022

• Hackers Clone Mobile Crypto Wallets

• California Issues Draft CPRA Regs

• Open Source Desktop Software

• CISA Says: Update Your Chrome Install

• Microsoft June Update Affects AAD Login on ARM Devices

• The Stupidity of Bitcoin as a National Currency
• House Panel Approves $3.4B of Rip & Replace Funding
• Interpol Nabs $50 Million and 2,000 Scammers
• NIST Officially Releases Early Draft of First Volume of Implementing Zero Trust
• Palermo, Italy Shuts Down All Systems to Protect Them
• Anonymous Claims to Hack Russian Drones

Security News Bites for the Week Ending June 17th, 2022
This week’s security news: ransomware morphs again, NSA quietly appoints general counsel
after two years, cyberattack, one and done? Nope, not likely, Joshua Shulte, former CIA coder,
represents himself at second espionage trial and Indian police planted evidence on activist’s
computer to arrest them.

Read the newsletter here

June 10, 2022

• Researchers Publish Paper on Apple M1 Design Weakness

• US Intel Chief Says Cybersecurity is Only Getting Harder

• Apple Just Figured Out Another Way to Lock You Into Apple World

• Other Than That, What is the Problem, Fujitsu?

• VPN Providers Have Started Pulling Out of India

• Arrest Heard ‘Round the Crypto World
• Russia’s Ministry of Construction Website Says “Glory to Ukraine”
• Alexandria, LA Hit by Ransomware
• 2 Million Affected by Shields Health Care Group Breach

Security News Bites for the Week Ending June 10th, 2022
This week’s security news: Anonymous seems to be doing better against Russia than past
efforts, FTC regulates by blog post, New Jersey school district canceled finals after ransomware
attack, 8 zero-day vulnerabilities patched in Carrier’s industrial control system, DoJ announces
plan to improve cybersecurity-in line with the requirements of the EO on cybersecurity and after
being hacked multiple times.

Read the newsletter here

June 5, 2022

• Healthcare Supply Chain Cybersecurity Risk Management

• Google Quietly Bans Deepfake Training Projects on Colab

• 1200 Public-Facing Elastic Databases Wiped

• EPA Asks for $100 Million to Improve Water Systems Cybersecurity

• CISA Says States Need to Continue to Enhance Voting Machine Security

• Russia Pauses Prosecution of Revil Hackers – Offers Them a Government Job
• Mastering Microsegmentation
• Breach at Turkey’s Pegasus Airlines Exposes 6.5 Terabytes of Data
• Foxconn Mexico Recovering from Ransomware Attack

This week’s news bites: jury finds Norton infringed on two Columbia University patents, data
broker stops selling location data of Planned Parenthood visitors after being outed,
cryptocurrency projects are as secure as a screen door, Ukrainians figure out how to beat
Russia, Spain admits they hacked some of their politician’s phones, and treasury sanctions
cryptocurrency mixer BLENDER.

Read the newsletter here