securityboulevard.com
Open in
urlscan Pro
2606:4700:10::6816:29c
Public Scan
URL:
https://securityboulevard.com/2021/11/the-security-digest-87/
Submission: On November 18 via api from GB — Scanned from GB
Submission: On November 18 via api from GB — Scanned from GB
Form analysis 2 forms found in the DOM
GET https://securityboulevard.com/
<form action="https://securityboulevard.com/" class="search-form searchform clearfix" method="get">
<div class="search-wrap">
<input type="text" placeholder="Search" class="s field" name="s">
<button class="search-icon" type="submit"></button>
</div>
</form>POST /2021/11/the-security-digest-87/
<form method="post" enctype="multipart/form-data" id="gform_10" action="/2021/11/the-security-digest-87/">
<div class="gform_body gform-body">
<ul id="gform_fields_10" class="gform_fields top_label form_sublabel_below description_below">
<li id="field_10_1" class="gfield gfield_contains_required field_sublabel_below field_description_below hidden_label gfield_visibility_visible"><label class="gfield_label" for="input_10_1">Email<span class="gfield_required"><span
class="gfield_required gfield_required_asterisk">*</span></span></label>
<div class="ginput_container ginput_container_email">
<input name="input_1" id="input_10_1" type="text" value="" class="large" placeholder="Your Email" aria-required="true" aria-invalid="false">
</div>
</li>
<li id="field_10_2" class="gfield gfield_html gfield_html_formatted gfield_no_follows_desc field_sublabel_below field_description_below gfield_visibility_visible">
<div class="gsection_description"><a href="https://securityboulevard.com/privacy-policy/">View Security Boulevard <u>Privacy Policy</u></a></div>
</li>
<li id="field_10_3" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible">
<div class="ginput_container ginput_container_text"><input name="input_3" id="input_10_3" type="hidden" class="gform_hidden" aria-invalid="false" value=""></div>
</li>
<li id="field_10_4" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible">
<div class="ginput_container ginput_container_text"><input name="input_4" id="input_10_4" type="hidden" class="gform_hidden" aria-invalid="false" value=""></div>
</li>
<li id="field_10_5" class="gfield gfield--width-full field_sublabel_below field_description_below hidden_label gfield_visibility_visible"><label class="gfield_label" for="input_10_5">CAPTCHA</label>
<div id="input_10_5" class="ginput_container ginput_recaptcha gform-initialized" data-sitekey="6Ld9rm8cAAAAAEa1mXDqRlCvlsP8t1u1weqyOCJn" data-theme="light" data-tabindex="-1" data-size="invisible" data-badge="bottomright">
<div class="grecaptcha-badge" data-style="bottomright"
style="width: 256px; height: 60px; display: block; transition: right 0.3s ease 0s; position: fixed; bottom: 14px; right: -186px; box-shadow: gray 0px 0px 5px; border-radius: 2px; overflow: hidden;">
<div class="grecaptcha-logo"><iframe title="reCAPTCHA"
src="https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9rm8cAAAAAEa1mXDqRlCvlsP8t1u1weqyOCJn&co=aHR0cHM6Ly9zZWN1cml0eWJvdWxldmFyZC5jb206NDQz&hl=en&v=yZguKF1TiDm6F3yJWVhmOKQ9&theme=light&size=invisible&badge=bottomright&cb=8npwetghdnqg"
width="256" height="60" role="presentation" name="a-f4ism8e0lq0g" frameborder="0" scrolling="no" sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-top-navigation allow-modals allow-popups-to-escape-sandbox"
tabindex="-1"></iframe></div>
<div class="grecaptcha-error"></div><textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response"
style="width: 250px; height: 40px; border: 1px solid rgb(193, 193, 193); margin: 10px 25px; padding: 0px; resize: none; display: none;"></textarea>
</div><iframe style="display: none;"></iframe>
</div>
</li>
<li id="field_10_6" class="gfield gform_validation_container field_sublabel_below field_description_below gfield_visibility_visible"><label class="gfield_label" for="input_10_6">Comments</label>
<div class="ginput_container"><input name="input_6" id="input_10_6" type="text" value=""></div>
<div class="gfield_description" id="gfield_description_10_6">This field is for validation purposes and should be left unchanged.</div>
</li>
</ul>
</div>
<div class="gform_footer top_label"> <input type="submit" id="gform_submit_button_10" class="gform_button button" value="Subscribe Now"
onclick="if (!window.__cfRLUnblockHandlers) return false; if(window["gf_submitting_10"]){return false;} window["gf_submitting_10"]=true; "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ if(window["gf_submitting_10"]){return false;} window["gf_submitting_10"]=true; jQuery("#gform_10").trigger("submit",[true]); }">
<input type="hidden" class="gform_hidden" name="is_submit_10" value="1">
<input type="hidden" class="gform_hidden" name="gform_submit" value="10">
<input type="hidden" class="gform_hidden" name="gform_unique_id" value="">
<input type="hidden" class="gform_hidden" name="state_10" value="WyJbXSIsImExN2ZmNzMxNzRmOWUyZjU4NDM0NzI5MzVhYzMzZjI2Il0=">
<input type="hidden" class="gform_hidden" name="gform_target_page_number_10" id="gform_target_page_number_10" value="0">
<input type="hidden" class="gform_hidden" name="gform_source_page_number_10" id="gform_source_page_number_10" value="1">
<input type="hidden" name="gform_field_values" value="">
</div>
<p style="display: none !important;"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js" name="ak_js" value="1637215936201"></p>
</form>Text Content
Thursday, November 18, 2021 * Remote Workforce Cybersecurity Concerns Hit New High * A behavioral approach to device fingerprinting * Cybersecurity for Oil and Gas: An Overview * Tech CEO Pleads to Wire Fraud in IP Address Scheme * The Security Digest: #87 * * * * * * * SECURITY BOULEVARD The Home of the Security Bloggers Network Community Chats Webinars Library * Home * Cybersecurity News * Features * Industry Spotlight * News Releases * Security Bloggers Network * Latest Posts * Contributors * Syndicate Your Blog * Write for Security Boulevard * Events * Upcoming Events * Upcoming Webinars * On-Demand Events * On-Demand Webinars * Chat * Security Boulevard Chat * Marketing InSecurity Podcast * Library * Related Sites * Techstrong Group * Container Journal * DevOps.com * Security Boulevard * Techstrong Research * Techstrong TV * Devops Chat * DevOps Dozen * DevOps TV * Digital Anarchist * Media Kit * About Us * Analytics * AppSec * CISO * Cloud * DevOps * GRC * Identity * Incident Response * IoT / ICS * Threats / Breaches * More * Blockchain / Digital Currencies * Careers * Cyberlaw * Mobile * Social Engineering * Humor TwitterLinkedInFacebookRedditEmailShare Security Bloggers Network HOME » SECURITY BLOGGERS NETWORK » THE SECURITY DIGEST: #87 THE SECURITY DIGEST: #87 by Dylan Broxson on November 17, 2021 Do you check Mail on your Apple watch? Learn why researchers are warning against it. A new zero day has been fixed for iPhone iOS 15.0.2 flaw. There are security issues in embedded devices for Linux users involving BusyBox. A mysterious Israeli company is recently under fire for helping facilitate widespread cyber attacks on people who visited a popular British news website. There is a new form of phishing called “smishing”, where hackers pose their attack as a SMS text message. APPLE UPDATES: * Beware using Mail on your Apple Watch. Security researchers have found that receiving messages on your wrist compromises Mail Privacy Protection in iOS 15 by revealing your IP address to senders. Mail Privacy Protection — available across Mac, iPhone and iPad — is designed to prevent this from happening by masking your actual IP address. But it seems that using Mail on Apple Watch completely undermines it. Read more. * Apple recently fixed a zero-day iPhone flaw with iOS 15.0.2 — update now as iOS 15.0.2 and iPadOS 15.0.2 are extremely important. Read more at Tom’s Guide. CRITICAL VULNERABILITIES FOUND IN BUSYBOX: * Researchers warn users to update Linux systems now. * BusyBox is one of the most widely used Linux software suites, and many of the world’s leading operational technology (OT) and Internet of Things (IoT) devices run BusyBox. Some of the threats could have resulted in denial of service (DoS) attacks in exploited, and in rarer cases, could also lead to information leaks and possibly remote code execution. Read more at TechRadar. BRITISH NEWS WEBSITE HACKED: * A popular British news website, the Middle East Eye, was hacked using a “watering hole attack” by a mysterious Israeli company, specifically targeting and manipulating the devices of users who visited the site. A watering hole attack is a tactic that “places malicious software on a website to infect and hack the computers of people who visit it.” The U.S. Commerce Department added the Israeli company, Candiru, to the trade blacklist in early November for helping an unknown foreign government facilitate cybersecurity attacks against journalists, political figures, government officials and others. Candiru was previously accused of helping authoritarian regimes by providing hacking technology and other services. Read more at NBC News. A NEW HYBRID OF PHISHING: * We’ve all heard of phishing scams and the many ways people have inadvertently been hacked. “Smishing” or phishing in the form of an SMS text message, is evolving. KrebsOnSecurity reports about “a hybrid form of smishing — blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text,” and breaks down details of an example of this phone-based attack. OWL FUN AND FACTS: Shelley’s Eagle Owl. Credit: Dr. Robert Williams / Imperial College London British scientists working in Ghana have rediscovered a “holy grail” giant owl that has lurked almost unseen in African rainforests for 150 years. Read more at Phys org. ABOUT: TSD began as an internal newsletter created by our security team that would be circulated to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure. Check back here every Tuesday for more TSD or sign up below to stay in the loop! Please reach out to us directly, via security@cyral.com or follow us on twitter @cyralinc if you have any questions, concerns, tips or anything else! The post The Security Digest: #87 appeared first on Cyral. *** This is a Security Bloggers Network syndicated blog from Blog – Cyral authored by Dylan Broxson. Read the original post at: https://cyral.com/blog/the-security-digest-87/ November 17, 2021November 17, 2021 Dylan Broxson 0 Comments * ← DEF CON 29 Voting Village – Kevin Skoglund’s ‘Are Barcodes On Ballots Bad’ * Tech CEO Pleads to Wire Fraud in IP Address Scheme → TECHSTRONG TV – LIVE Watch latest episodes and shows SUBSCRIBE TO OUR NEWSLETTERS Get breaking news, free eBooks and upcoming events delivered to your inbox. * Email* * View Security Boulevard Privacy Policy * * * CAPTCHA * Comments This field is for validation purposes and should be left unchanged. Δ MOST READ ON THE BOULEVARD FBI Email—‘Threat Actor in Systems’—is Spam Cybersecurity for Sports and Entertainment US Treasury Again Threatens to Sanction Ransomware Victims OWASP Addresses API Security Data and the Cat-and-Mouse Game of Security DEF CON 29 Voting Village – Maurice Turner’s ‘Why Hacking Voters Is Easier Than Hacking Ballots’ Hoax Email Blast Abused Poor Coding in FBI Website Robinhood Data Breach, 600 Hours of Dallas Police Helicopter Footage Leaked XKCD ‘Flinch’ XKCD ‘TTSLTSWBD’ UPCOMING WEBINARS Thu 18 MODERN RANSOMWARE: HOW WE GOT HERE AND WHERE WE’RE GOING November 18 @ 3:00 pm - 4:00 pm Mon 22 SECURING OPEN SOURCE: BEST PRACTICES November 22 @ 1:00 pm - 2:00 pm Mon 29 CYBERSECURITY MAYHEM: 2021 THREATS AND WHAT TO EXPECT NEXT November 29 @ 11:00 am - 12:00 pm Tue 30 SECURING YOUR DEVELOPMENT INFRASTRUCTURE AND APPS FROM SUPPLY CHAIN ATTACKS November 30 @ 11:00 am - 12:00 pm Tue 30 SECURING ACCESS TO SENSITIVE CORPORATE DATA AND APPLICATIONS IN THE HYBRID WORLD November 30 @ 3:00 pm - 4:00 pm Dec 01 PROTECTING APPLICATIONS RUNNING ON KUBERNETES December 1 @ 12:00 pm - 1:00 pm More Webinars DOWNLOAD FREE EBOOK RECENT SECURITY BOULEVARD CHATS * Cloud, DevSecOps and Network Security, All Together? * Security-as-Code with Tim Jefferson, Barracuda Networks * ASRTM with Rohit Sethi, Security Compass * Deception: Art or Science, Ofer Israeli, Illusive Networks * Tips to Secure IoT and Connected Systems w/ DigiCert INDUSTRY SPOTLIGHT Cloud Security Cybersecurity Data Security Industry Spotlight IoT & ICS Security Security Boulevard (Original) Threat Intelligence Vulnerabilities HOW VIRTUALIZATION HELPS SECURE CONNECTED CARS November 17, 2021 Andrew Zola | Yesterday 0 Comments Application Security Cloud Security Cybersecurity Data Security Industry Spotlight Mobile Security Network Security Security Boulevard (Original) CYBERSECURITY FOR SPORTS AND ENTERTAINMENT November 15, 2021 Bindu Sundaresan | 2 days ago 0 Comments Cyberlaw Cybersecurity Data Security Governance, Risk & Compliance Industry Spotlight Security Awareness Security Boulevard (Original) RANSOMWARE AND THE UNCERTAINTIES OF CYBERINSURANCE November 4, 2021 Christopher Escobedo Hart | Nov 04 0 Comments TOP STORIES Cybersecurity Data Security Endpoint Featured IoT & ICS Security Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities BLASTWAVE AIMS TO SIMPLIFY SECURING EDGE COMPUTING November 17, 2021 Michael Vizard | Yesterday 0 Comments Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security DevOps Editorial Calendar Endpoint Featured Identity & Access IoT & ICS Security Malware Mobile Security News Securing Open Source Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities ROWHAMMER REDUX: ‘BLACKSMITH’ FUZZING—PANIC NOW? November 16, 2021 Richi Jennings | 1 day ago 1 Comment Application Security Cloud Security Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight PALO ALTO NETWORKS EXTENDS CLOUD SECURITY PORTFOLIO November 16, 2021 Michael Vizard | 1 day ago 0 Comments SECURITY HUMOR JOY OF TECH® ‘THE TRUTH ABOUT PINCH AND ZOOM’ JOIN THE COMMUNITY * Add your blog to Security Bloggers Network * Write for Security Boulevard * Bloggers Meetup and Awards * Ask a Question * Email: info@securityboulevard.com USEFUL LINKS * About * Media Kit * Sponsors Info * Copyright * TOS * DMCA Compliance Statement * Privacy Policy RELATED SITES * Techstrong Group * Container Journal * DevOps.com * Techstrong Research * Techstrong TV * DevOps Chat * DevOps Dozen * DevOps TV * Digital Anarchist * * * * * * * Copyright © 2021 Techstrong Group Inc. All rights reserved. ✓ Thanks for sharing! AddToAny More… Notifications previousnextslideshow