SecurityWeek: Cybersecurity News

Email hack hits 15,000 business customers.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 16 December 2022, 0113 UTC.  Content provided by email subscription to "SecurityWeek."

Source: https://mail.google.com/mail/u/0/?ogbl#inbox/FMfcgzGrbbwXHwCJgcCTGsZffnclztMM

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

SecurityWeek News Briefing | Thursday, December 15, 2022 Email Hack Hits 15,000 Business Customers Hacker Claims Breach of FBI's Critical-Infrastructure Portal US Charges Six in Operation Targeting 48 DDoS-for-Hire Websites US Gov Issues Guidance on Threats to 5G Network Slicing Google Announces Vulnerability Scanner for Open Source Developers High-Severity Memory Safety Bugs Patched With Latest Chrome 108 Update API Security Firm FireTail Raises $5 Million Chinese Hackers Targeted Japanese Political Entities Ahead of Elections Patch Immediately: Apple Fixes Zero-Day Vulnerability Exploited Against iPhones Unknown or Unmanaged Assets in Your Network? Let's find them. See More Mapping Threat Intelligence to the NIST Compliance Framework - Enhancing cybersecurity and compliance programs with actionable intelligence that complements and adds insight can easily justify the investment and growth of threat intelligence programs. - Read the Column by Landon Winkelvoss Removing the Barriers to Security Automation Implementation - When implementing security automation, organizations should starting with an open architecture, focusing on getting the right data for analytics and applying automation methodically in smaller chunks. - Read the Column by Marc Solomon Three Ways to Improve Defense Readiness Using MITRE D3FEND - The MITRE D3FEND framework is only as effective as the planning that goes into making sure it is properly aligned with the top threats facing the organization. - Read the Column by Jeff Orloff If you missed it... Microsoft Plugs Windows Hole Exploited in Ransomware Attacks Security Firms Warn Microsoft of Signed Drivers Used to Kill EDR, AV Processes ICS Patch Tuesday: Siemens Fixes 80 OpenSSL, OpenSSH Flaws in Switches HackerOne Surpasses $230 Million in Paid Bug Bounties High-Severity Memory Safety Bugs Patched With Latest Chrome 108 Update SAP's December 2022 Security Updates Patch Critical Vulnerabilities CISA Warns Veeam Backup & Replication Vulnerabilities Exploited in Attacks Google Announces Vulnerability Scanner for Open Source Developers Adobe Patches 38 Flaws in Enterprise Software Products EU Moves Closer to Sewing Up New Data Transfer Deal With US NSA Outs Chinese Hackers Exploiting Citrix Zero-Day Web Scraping - Is It Legal and Can It Be Prevented? - Web scraping is a sensitive issue. Should a third party be allowed to visit a website and use automated tools to gather and store information at scale from that website? What if that information includes personal data? What does the law say? Can it be prevented? Read More RSS Feed | Webcasts | Virtual Events © 2022 Wired Business Media