InfoSecSherpa Newsletter — 08 June 2021

InfoSecSherpa — Your Guide Up a Mountain of Information!
  1. New Vulnerabilities in Wi-Fi Security Revealed
    (California News Times, 08 June 2021)
    A new study has identified various flaws in the security of Wi-Fi connections. An attacker could exploit these vulnerabilities to gain access to private data. This flaw may have affected all Wi-Fi appliances.
  2. The dichotomy of cognitive bias in cyber security awareness
    (Information Age, 08 June 2021)
    Cognitive bias is something that hackers often exploit to craft their nefarious campaigns.
  3. Trickbot indictment demonstrates how one hacking tool built on older malware
    (Cyber Scoop, 08 June 2021)
    A U.S. indictment unsealed last week confirmed what security researchers had long suspected: From the ashes of Dyre sprung TrickBot, a piece of malicious code that has caused untold financial costs by infecting tens of millions of computers worldwide and playing a part in a series of ransomware attacks.
  4. Nefilim Ransomware Targets Victims with $1 Billion Revenue
    (Street Insider, 08 June 2021)
    The approach of modern ransomware families makes detection and response significantly more difficult for already stretched SOC and IT security teams. This matters not only to the bottom line and corporate reputation, but also the wellbeing of SOC teams themselves.
  5. Local high school students may be the future of cybersecurity
    (WRAL, 07 June 2021)
    Eighteen students across North Carolina have earned the title of National Cyber Scholar after winning a nationwide scholarship competition and of these 18, 13 are from the WRAL viewing area.
  6. Finally! A Cybersecurity Safety Review Board
    (Lawfare, 07 June 2021)
    Section 5 of the order establishes a Cyber Safety Review Board (CSRB) in the Department of Homeland Security. The board “shall review and assess, with respect to significant cyber incidents […] affecting Federal Civilian Executive Branch Information Systems or non-Federal systems, threat activity, vulnerabilities, mitigation activities, and agency responses.”
  7. CISA taps BugCrowd for federal vulnerability disclosure program
    (TechTarget, 08 June 2021)
    The new program follows a CISA directive from September that requires executive branch agencies to create and publish vulnerability disclosure policies.
  8. Top Congressional Vendor Targeted By Cyber Attack
    (Daily Caller, 08 June 2021)
    iConstituent offers a single platform for government officials to manage contacts, send messages to the people that they represent and track projects. Multiple state governments use iConstituent, including Georgia and Hawaii, Punchbowl News reported Tuesday.
  9. F.B.I. Investigates Cyberattack That Targeted N.Y.C. Law Department
    (The New York Times, 07 June 2021)
    Mayor Bill de Blasio said during a NY1 television appearance on Monday evening that city officials were not aware of any information being compromised or a ransom demand. But he cautioned that the situation was “emerging.”
  10. Former Hacker Sheds Light On How Cyber Criminals Operate
    (NPR, 08 June 2021)
    Hackers in Russia are responsible for recent ransomware attacks. NPR’s Leila Fadel talks to threat intelligence analyst Dmitry Smilyanets about cyber criminals.
InfoSecSherpa — Your Guide Up a Mountain of Information!




#Librarian turned #InformationSecurity professional. Your guide up a mountain of information!

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

What Is Transport Layer Security? | Type of TLS — Exploitbyte

TITAN WAR Presale Round 2 Has Started.

2020’s Top 25 most dangerous software vulnerabilities

Identity and the Internet of Things

Top CMMC Questions Answered | Hyper Vigilance

{UPDATE} PreFlop Poker Trainer Hack Free Resources Generator

Stealing the Private key from the Debit/Credit Card Network website

Proposal for Compound Finance to Integrate Chainlink Price Feeds

Compound price feed exploit

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


#Librarian turned #InformationSecurity professional. Your guide up a mountain of information!

More from Medium

InfoSecSherpa’s News Round Up for Monday, December 27, 2021

Article of the Day: the importance of Network Security

[Some Interesting] Cloud ‘n Sec news: 18th Feb 22

InfoSecSherpa’s News Roundup for Friday, February 18, 2022

Purple hued sunset with rowboat. Image by Quang Le from Pixabay.