Top Weekly News In Cyber Security

HACKER RELEASES ‘UNPATCHABLE’ JAILBREAK FOR ALL IOS DEVICES, IPHONE 4S TO IPHONE X

An iOS hacker and cybersecurity researcher today publicly released what he claimed to be a “permanent unpatchable bootrom exploit,” in other words, an epic jailbreak that works on all iOS devices ranging from iPhone 4s (A5 chip) to iPhone 8 and
iPhone X (A11 chip). Dubbed Checkm8, the exploit leverages unpatchable security weaknesses in Apple’s Bootrom (SecureROM), the first significant code that runs on an iPhone while booting, which, if exploited, provides greater system-level
access.

MICROSOFT RELEASES OUT-OF-BAND SECURITY UPDATE TO FIX IE ZERO-DAY & DEFENDER BUG

Microsoft has released an emergency out-of-band security update today to fix two critical security issues — a zero-day vulnerability in the Internet Explorer scripting engine that has been exploited in the wild, and a Microsoft Defender bug.

The updates stand out because Microsoft usually likes to stay the course and only release security updates on the second Tuesday of every month. The company rarely breaks this pattern, and it’s usually only for very important security issues.

YOU HAVE THE RIGHT TO BE FORGOTTEN BY GOOGLE – BUT ONLY IN EUROPE

Google (GOOGL.O) will not have to apply Europe’s “right to be forgotten” law globally, the continent’s top court ruled on Tuesday in a landmark case that has pitted personal privacy rights against freedom of speech.

The victory for the U.S. tech titan means that, while it must remove links to sensitive personal data from its internet search results in Europe when required, it does not have to scrap them from searches elsewhere in the world.

CLEVERLY FAKED WEBSITE TARGETS US VETERANS

American military veterans on the hunt for a new job are the latest group to be targeted by bold new threat group Tortoiseshell.

The group, which was discovered earlier this month by researchers at Symantec, has been active since July 2018, primarily targeting IT providers in Saudi Arabia with a mix of customized and “common or garden” malware. New intelligence published yesterday
by Cisco Talos reveals that Tortoiseshell has refocused its criminal campaign to strike at targets in the United States. Talos discovered that team Tortoiseshell was behind a malicious website that has been cleverly crafted to resemble a legitimate
recruitment site for US military veterans.

JOBS

ONLY 31% OF EMPLOYEES GET ANNUAL TRAINING ON CYBER SECURITY

The Chubb’s Third Annual Cyber Report reveals employee education is key for small businesses to prevent cyberattacks. Even with headline after headline about the latest data breach, people are not encouraged to defend against their cyber exposure.
The goal of the report is to determine the level of understanding individuals have about their cyber risks. While at the same time looking at the steps they are taking to protect themselves.

CYBERSECURITY: WHY YOU SHOULD HIRE STAFF FROM FIRMS THAT HAVE FALLEN VICTIM TO HACKERS

Companies that fall victim to cyberattacks and data breaches often come in for criticism, but one of the best things an organisation can do to ensure it remains protected against the impacts of a hacking incident is to take advantage of the expertise
of cybersecurity professionals who’ve faced a major attack.

CYBER-RISK MANAGEMENT IS ABOUT TO GET EASIER

Cyber-risk management is more difficult at organizations today than it was two years ago. So say 73% of security professionals in a recent ESG research survey. (Note: I am an ESG employee.) Why? Survey respondents point to things like the growing
attack surface, the rising number of software vulnerabilities, and the increasing technical prowess of cyber adversaries.

CYBERSECURITY CONFERENCE OFFERS STUDENTS IMMERSIVE EXPERIENCE, ENGAGES THE PROFESSION’S FUTURE WORKFORCE

“The 2018 (ISC)2 Cybersecurity Workforce Study found that Millenials and Gen Y currently make up just 35% of the cybersecurity workforce,” said Wesley Simpson, COO of (ISC)2. “We need younger workers entering the field now so they can gain the
experience necessary to become the cybersecurity leaders of tomorrow. The Student Experience is an effort to increase the exposure of college students and recent graduates to cybersecurity opportunities and trends, and to hear firsthand from
those in the field about what working in the profession is really like. Attracting more dedicated and talented individuals to cybersecurity is a critical step to ensure that we have the right resources in the future to defend our cyber world.”

THE TOP 9 CYBERSECURITY CERTIFICATIONS FOR SECURITY PROS IN 2019

Which enterprise-level cybersecurity certifications are in the highest demand? Why should your enterprise care about security certifications? And how can your security professionals get those cybersecurity certifications?

Cybersecurity certifications verify the qualifications and the knowledge of your cybersecurity professionals. Furthermore, working towards achieving cybersecurity certifications can open new avenues for threat intelligence and incident response techniques.

CYBERSECURITY COMES SHARPLY INTO FOCUS WITH STUDENT COMPETITION ON SATURDAY

Students from throughout the Southeast are converging on Clemson University this Saturday for a competition that will test their cybersecurity skills and help prepare them to protect sensitive data from hackers.

At least eight teams are planning to participate in Clemson University-Capture The Flag. Each will bring five members and one adviser to the competition, which will be held in the Watt Family Innovation Center.

ERAU PRESCOTT RECOGNIZED AS A TOP CYBER DEFENSE EDUCATOR

The National Security Agency (NSA) and the Department of Homeland Security (DHS) have designated Embry-Riddle Aeronautical University’s Prescott Campus a National Center of Academic Excellence in Cyber Defense Education (CAE CDE) through 2024.

UPCOMING EVENTS

DATA CONNECTORS KANSAS CITY TECH-SECURITY: OCTOBER 3RD, 2019

CYBER CRIMINALS ARE CONTINUALLY EVOLVING NEW ATTACK VECTORS.

ATTEND ONE OF OUR CONFERENCES AND LEARN HOW TO PROTECT YOUR ORGANIZATION!

YOUR FREE PASS INCLUDES:

• Entrance into Keynote Speaker Session

• Entrance into 12 Educational Speaker Sessions

• Entrance into Exhibit Area with over 30 Cybersecurity Exhibits

• Light Breakfast & Lunch

• Conference Materials

• Up to 9 CPE Credits. See our CPE FAQ for details.