Garmin services and production go down after ransomware attack | ZDNet

Smartwatch and wearables maker Garmin has shut down several of its services today to deal with a ransomware attack that has encrypted its internal network and some production systems. The company is currently planning a multi-day maintenance window to deal with the attack's aftermath, which includes shutting down its official website, the Garmin Connect user data-syncing service, and even some production lines in Asia.

ZDNet

Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter - Meeting 2

Event for The Hacker Book Club on July 21, 2020 05:00PM at in The United States. Join us for our second meeting covering chapters 6-10 of Countdown to Ze...

Goodreads

NSO Group Pitched Its Spyware to the Secret Service

Do you work at NSO Group, did you used to, or do you know anything else about the company? We'd love to hear from you. Using a non-work computer or phone you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de , or email joseph.cox@vice.com .

Vice

Women in Cybersecurity Interview: Sherrod DeGrippo, Proofpoint

On June 1 2020, Infosecurity Magazine hosted its fourth annual Women in Cybersecurity event. Traditionally a physical discussion-led and networking event held on the morning of Day Two of Infosecurity Europe at London's Olympia, this year saw Women in Cybersecurity go virtual to bring the industry together to celebrate the women of cybersecurity and discuss the challenges around diversity.

Infosecurity Magazine

Twitter says passwords are safe after hack, but no word on DMs

Twitter has said that there is "no evidence" that attackers obtained user account passwords after its security breach on Wednesday, which forced the company to lock down user accounts to prevent verified users from tweeting.

TechCrunch

NECP Webinars

Mark your calendars for these upcoming webinars: As cyber threats and vulnerabilities grow in complexity and sophistication, the risks for public safety communications systems increases. The SAFECOM Nationwide Survey (SNS) showed that almost half of public safety organizations are not utilizing or adopting existing cybersecurity guidance documents.

Cisa

Twitter Hacking for Profit and the LoLs

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week's epic hack against Twitter. These individuals said they were only customers of the person who had access to Twitter's internal employee tools, and were not responsible for the actual...

Krebsonsecurity

Announcing Craig Newmark Philanthropies Grant Support of WISP #ShareTheMicInCyber Campaign - Women in Security and Privacy

We are thrilled to announce that Craig Newmark Philanthropies is aiding Women in Security and Privacy (WISP) in our endeavor to support the #ShareTheMicInCyber community and cover training, certification, and education costs incurred by Black security and privacy practitioners with a $25,000

Women in Security and Privacy

Senior Global SOC Director

Company Description: FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks.

FireEye, Inc.

SharePoint and Pwn :: Remote Code Execution Against SharePoint Server Abusing DataSet

When CVE-2020-1147 was released last week I was curious as to how this vulnerability manifested and how an attacker might achieve remote code execution with it. Since I'm somewhat familar with SharePoint Server and .net, I decided to take a look.

Srcincite

11 top DEF CON and Black Hat talks of all time

Since 1997, the Black Hat and DEF CON events have gained a reputation for presenting some of the most cutting-edge research in information security. The events have also had their share of controversy - sometimes enough to cause last-minute cancelations.

CSO Online

4 Important Types Of Bias To Tackle When Building AI Tools

With every passing day, it gets more challenging to mitigate the biases that are powering AI tools and systems. Now more than ever, awareness and consideration of these biases need to be brought to the forefront of all AI development and implementation.

Forbes