Security News
1. Hour One develops technologies for creating high-quality digital characters based on real people. The upshot of this is that what appears to be a real human could talk about any product or subject at all, to the point of infinite scale. Read More.
2. Microsoft announced the availability of an out-of-band update that addresses the vulnerability in Windows 8.1 and Windows Server 2012 R2. Read More
3. Most devices accessing the Internal Revenue Service’s internal network using wireless connections and virtual private networks weren’t authenticated, according to an audit. Read More
4. Facebook have discussed a “kill switch” to shut off political advertising after Election Day since the ads, which Facebook does not police for truthfulness, could be used to spread misinformation. Read More
5. Future Tesla cars may come with a built-in feature that can make sure no kids are inadvertently left behind in hot cars. The device uses millimeter-wave radar technology to detect movements within a vehicle and to classify its occupants. Read More
6. 67-year-old former CIA officer and FBI linguist was arrested Friday after allegedly selling U.S. government secrets to China for thousands of dollars spanning multiple years. Read More
7. YouTube banned a large number of Chinese accounts it said were engaging in “coordinated influence operations” on political issues. Read More
8. U.S. Department of State’s Rewards for Justice (RFJ) program will pay for info that can identify or locate someone working with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities. Read More
9. China AI chat robots can make 3,000 calls a day without getting tired or temperamental and even blocking their number won’t stop them. Read More
10. Apple accidentally approved one of the most popular Mac malware threats – OSX.Shlayer – as part of its security notarization process. Read More
Attacks / Breaches
1. Federal prosecutors have charged Uber’s former security chief, Joseph Sullivan, with obstruction of justice for attempting to hide the company’s 2016 data breach from the Federal Trade Commission (FTC). Read More
2. Experian has suffered a major breach of customers’ personal information, affecting an estimated 24 million South Africans and nearly 800,000 businesses. Read More
3. Credit card provider Capital One Financial Corp fined with $80 million over last year’s data breach that exposed the personal information of more than 100 million credit card applicants of Americans. Read More
4. Canon has suffered a ransomware attack that impacts numerous services, including Canon’s email, Microsoft Teams, USA website, and other internal applications. Read More
5. Ritz Hotel Data Breach Allowed Scammers to Make Expensive Purchases With Stolen Credit Card Information. Read More
6. A hacker has released the databases of Utah-based gun exchange, hunting, and kratom sites for free on a cybercrime forum. Read More
7. Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for free on a hacker forum. Read More
8. The University of Utah was stung by cybercriminals for almost $500,000 in ransom following a July attack that gave the state’s flagship institution the choice of sacrificing private student and employee data, or paying up and hoping the information wasn’t compromised. Read More
9. Intel is investigating a security breach after earlier today 20 GB of internal documents, with some marked “confidential” or “restricted secret,” were uploaded online on file-sharing site MEGA. Read More
10. US corporate travel management firm Carlson Wagonlit Travel has suffered an intrusion, and it is believed the company paid a $4.5m ransom to get its data back. Read More
Thursday, 13 August 2020 | 07:00 PM – 8:30 PM
Fact check of a tweet by US President Trump creates friction between Twitter and White House; Vietnam imposes a fine on its citizens who propagate false news on the social media; Mauritius arrests a person for posting harmful content on the social media… these and more related news are recent headlines. All these points to digital wildfires, which are broadly defined as ‘social media events in which provocative content spreads rapidly and broadly and causes harm.’
(more…)20 August 2020 | 07:00 PM – 08:30 PM IST | 01:30 PM – 03:00 PM GMT
When the global pandemic changed the way organizations did business overnight, companies had to adapt and pivot to address the new challenges being faced. CyberFrat in association with Netskope brings you a much-needed webinar on Mitigating the Risks and Challenges that lay in the cloud for remote workers.
CyberFrat CXO Connect
A few things shall allow you to freely interact with industry leaders in the cybersecurity scene. With CyberFrat CXO Connect, explore untapped knowledge domains including career enhancement and mentorship opportunities via monthly webinars delivered by risk leads of prominent organizations. The 90 minutes of interaction includes a vivid informative session followed by audience engagement.
Also, you can post your questions on Twitter before and during the sessions which our speaker shall entertain with utmost pleasure. Use hashtag #cfcxoconnect
(more…)Thursday, 06 August 2020, 7:00 PM to 8:30 PM
Operational risk summarizes the uncertainties and hazards a company faces when it attempts to do its day-to-day business activities within a given field or industry. With volatility in the business today, Operation risk is the most important thing someone should consider. Operational risk focuses on how things are accomplished within an organization and not necessarily what is produced or inherent within an industry.
(more…)
Mon-Tue, 10th and 11th Aug, 06:00 PM – 07:30 PM
This Web Series will Cover:
About the Instructor:
Vinod Nair
Partner, Risk
Grant Thornton India LLP
Vinod Nair is a Chartered Accountant by qualification. He is Partner with Grant Thornton and has over 25 years of professional experience in delivering end-to-end Risk Advisory solutions for clients across diverse industries. Vinod’s expertise has been in working on assisting companies in enhancing corporate governance procedures, supporting key stakeholders like Promoters, Board of Directors, Private Equities, etc., in institutionalizing a robust process, risk, and control mechanism.
This is an Exclusive Workshop for CyberFrat Plus Members. If you are a plus member you will get Calendar invite by Default. Others can join below.
Thursday, 30 July 2020 | 07:00 PM – 8:30 PM
Containerization has come a long way, and containers have entirely revolutionized the way companies build, test, package, and deliver software today. Containers live in an ecosystem and are not deployed standalone within an enterprise. The use of containers is commonly associated with rapid DevOps-style workflows as a way to streamline service delivery from development into production (and back again) with a high degree of consistency throughout the lifecycle. The use of containers doesn’t require DevOps, nor does the use of DevOps require containers, but the two approaches are highly complementary, are used together in most places.
While containers have been an accelerated software delivery and provided controls to developers, it has created some unique challenges for the security teams to secure the infrastructure. Running containers and Kubernetes in production requires security and visibility, but the traditional security tools and methodologies are not adequate. Hence it is crucial for security teams to understand what containers are how they run and what are the options and techniques to secure them.
In the session, we will talk about how one can create DevSecOps culture inside the organization with an introduction to containers from the security perspective and how security teams can adopt new tools and technologies for container security.
About the Speaker
Deep Shankar Yadav
InfoSec and DFIR Practitioner
Deep Shankar Yadav is an InfoSec & DFIR practitioner with 8+ years of experience ranging from digital forensics to application security to infrastructure security. His main areas of interest and expertise are DFIR, Cloud Security, Cloud-Native Security, and container security.
Since COVID-19 crises are growing all over the world-wide all should take care of health and precautions against COVID-19. As the situation demands to work remotely for the employees and the organization. Work goes on sometimes smoothly sometimes with some problems but the privacy and security are harmed too much. We too need to take care of our security aspects in terms of the use of technology. Cyberfrat presents you with some issues of cybersecurity attacks and cybersecurity developments from the last fortnight you should be aware of.
(more…)CyberFrat CXO Connect
A few things shall allow you to freely interact with industry leaders in the cybersecurity scene. With CyberFrat CXO Connect, explore untapped knowledge domains including career enhancement and mentorship opportunities via monthly webinars delivered by risk leads of prominent organizations. The 90 minutes of interaction includes a vivid informative session followed by audience engagement.
Also, you can post your questions on Twitter before and during the sessions which our speaker shall entertain with utmost pleasure. Use hashtag #cfcxoconnect
We are pleased to announce the next session with Komal Vora, VP of IT Security Audit, Mizuho Bank. She will be talking about Challenges & Dimensions of IT Audit for 45m and she will take 45 QnA on Audit, Risk, Cyber Security, Risk, or career guidance.
Challenges & Dimensions of IT Audit–
Types of IT audit
Process of IT Audit
Real-life examples
Tools used
Challenges
Thursday, 23rd July 2020, 7:00 PM to 8:30 PM
There has always been considerable interest among philosophers, psychologists, scientists, and common men in theorizing about the concept, the architecture, and the functioning of ‘mind.’ Here are some concepts and issues that we would ponder over:
(more…)