Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Mac users targeted by Lazarus ‘fileless’ Trojan

The Lazarus hacking group are trying to sneak a ‘fileless’ Trojan on to Apple computers, disguised as a fake cryptocurrency trading program.

[Heads-Up] In Just 3 Months, Google Alerted 12,000 People About Phishing Attacks by Nation-States

Google’s Threat Analysis Group (TAG) delivered thousands of alerts of government-backed attempts to spearphish Gmail users over just a three-month period earlier this year.

TAG director Shane Huntley revealed that from July to September 2019 his team sent 12,000 warnings to users in 149 countries. From a heat map attached to the blog post, you can see that most were located in the US, South Korea, Pakistan and Vietnam.

Cybersecurity in 2020: Eight frightening predictions

Jack Wallen shares cybersecurity predictions that might make your IT skin crawl. Find out what he thinks could be the silver lining to this security nightmare.  A very interesting set of predictions.

5 open source innovation predictions for the 2020s

Chris Ferris, chief technology officer of Open Technology at IBM, discusses some of the open source trends from the past decade and what to expect in 2020 and beyond.

Congress passes anti-robocall bill

A bill to punish robocallers has finished its passage through Congress and is expected to become law any day now.  Halle-freakin-luia!  Maybe we finally get some help against this scourge.  Time will tell.

Company Fires then Sues Employee to Recover $130,000 in BEC Fraud Case

An even better incentive to watch what you click.  Imagine being targeted by cybercriminals and then getting sued because the attack worked. You can ask Patricia Reilly what that is like. Her former company sued her for more than $130,000 to recover the money it lost in a cyberattack, and now a judge has ruled in the case. Here is her story. Reilly was working at Scotland based Peebles Media Group when she received a series of emails appearing to be from her boss. And since the boss was out of the office on vacation, the email said she needed Reilly’s help to move approximately $200,000 of the company’s funds from one account to another through a wire transfer. Reilly made the transfer as requested, unaware that the emails actually… Read more

Court Blocks Maine Attempt To Force Cable Providers To Sell Individual TV Channels

from the Constitutional-right-to-predatory-pricing dept

For the better part of two decades, the cable industry has fought tooth and nail to prevent having to sell cable channels individually (a la carte). Historically, the cable industry’s defense of this opposition is that letting consumers buy individual channels would do two things: kill off niche channels, and raise rates on consumers. Granted you’re supposed to ignore that both things have… (full story)

The Year in InfoSec: Our 10 Most Engaging News Stories of 2019

The past informs the future, so here’s another look back at our top stories of the past year. The SecureWorld News team was able to cover some important but perhaps lesser known developments within the cybersecurity industry. These are our most popular original stories of 2019 based on total readership, shares, and comments. What stands out to you?

  1. Top 10 Highest Paying Cybersecurity Jobs 2019
  2. Special Security Advisory: ‘Ryuk Ransomware Targeting Organizations Globally’
  3. New Documents About Pentesters Jailed for Courthouse Break-In
  4. ‘Call of Duty: Modern Warfare’ Integrates Cyber War into Latest Game
  5. The List: Best and Worst Countries for Cybersecurity
  6. Security Un-Awareness: Company Suing Employee for $138,000 in BEC Losses
  7. Disney Urging Shareholders to Vote Against Security and Privacy Proposal
  8. 8 Steps Huawei Took to Steal IP from T-Mobile and Cover It Up
  9. Revealed: Details of ‘First of Its Kind’ Disruptive Power Grid Attack
  10. CEO on Pentester Arrests: ‘Heroes Not Criminals’



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.