Cybersecurity And Much More Newsletter — Week 03 (2022)
Greetings, friends.
Welcome to my weekly newsletter, if you are not yet subscribed, please do. It might include books, articles, tech, tips, and of course interesting stuff about cybersecurity.
Enjoy!
What’s Happening
🚨 New Google Security Release for Chrome, Link.
Google has released Chrome version 97.0.4692.99 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
🚨 Oracle releases a long list of critical patches on their January 2022 Advisory Update, Link.
This Critical Patch Update contains 497 new security patches across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located in January 2022 Critical Patch Update: Executive Summary and Analysis.
🌍 China’s 🇨🇳 Olympics ⛷ App Is Horribly Insecure, Link.
China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes.
👾 McAfee Agent bug lets hackers run code with Windows SYSTEM privileges, Link.
McAfee Enterprise (now rebranded as Trellix) has patched a security vulnerability on their Windows agent that allowed attackers to escalate privileges and execute arbitrary code.
👾 20K WordPress Sites Exposed by Insecure Plugin REST-API, Link.
A serious vulnerability was found in a plugin for WordPress. This bug can allow hackers to inject malware into your website and easily steal information from your customers. More than 20,000 websites use the plugin to design custom emails.
🔐 McAfee Enterprise-FireEye relaunches as Trellix, aims to be ‘market leader’ in XDR, Link.
The cybersecurity giant formed last fall through the merger of McAfee Enterprise and FireEye has a new name, Trellix, and a new mission to become the dominant force in the fast-growing market for extended detection and response (XDR).
💰 Two Factor Authentication Bypass Behind a $35M Heist!, Link.
Due to 2FA failure, unauthorized transactions approved without users’ authentication bled 483 accounts of funds.
My Favorites
📝 Article — The Covid-19 pandemic revealed various gaps in the cybersecurity space even for large organizations spending large budgets on controls, compliance, and people. The most common gaps that were stated to appear were related to remote connections, VPNs, and network segmentation. However, Ransomware stole the show as usual and caused more damage than ever. Will this continue? Is it getting worse? See what was said a year ago, Link, and what’s been said now? well not much, it’s the new normal.
Do you remember log4j? yes, it’s still a thing. In this article, It was called the coronavirus of the internet.
📚 Book — For the second year in a row, I am grateful for sticking to my goal of reading one book per week. In total, I’m over 300+, but the goal, of course, is not quantity but reading quality books, and most importantly doing my best to turn what I’ve learned into actions and habits.
📚 🤔 Book Currently Reading
We See It All by John Fasman
📚 🤩 Books I Recommend Reading
The Courage Habit by Kate Swoboda
Rising Strong by Brene Brown
🎙 Podcast — I highly recommend checking the Cybereason podcast called “Malicious Life”, Link.
💻 Tech — At the University of Surrey, Researchers demonstrate multimodal transistors in artificial neural networks. This is a big step toward using thin-film transistors as hardware to run artificial intelligence programs. This will help edge computing to progress and improve efficiency. Instead of relying solely on computer chips, it may reduce the power needed. See the scientific report.
🎥 Videos — Share this great playlist by CrashCourse Youtube channel about ComputerScience, I am sure that whoever is interested in computer science or just curious to learn would love it, Link.
Quote of the Week
“Nothing is urgent, it’s all about priorities.”
If you’re interested in starting a career in Cybersecurity, watch this one, and don’t forget to subscribe to my channel and leave a comment if there are any topics you’re interested in seeing on my next videos.
Check my other stuff here.
Originally published at https://www.linkedin.com.
