Imperva's Samir Sherif shares his thoughts on being a CISO during the COVID-19 pandemic.

• On the COVID-19 pandemic: "Now securing the infrastructure comes first because the majority of our staff are working from home. What that creates is what I call the 'trinity of trouble' for the industry."
• On the biggest security threats: "Phishing has become the number one priority in terms of threats."
• On the evolving role of the CISO, he observed: "The evolution of the CISO over the next few years is that security is going to be more ingrained with IT in terms of enablement. This is the concept of security being baked in."

   Click here to upgrade to premium and read the full interview!

Apple patched vulnerabilities in MacOS that could enable an attacker to carry out a remote code execution (RCE), security restriction bypass, or information disclosure attack. The bugs affected the Catalina, High Sierra, and Mojave versions of MacOS.

More:

• Apple issued an update to MacOS Catalina (10.15.7) that fixed Wi-Fi , iMac graphic card, and iCloud Drive syncing bugs.
• Last week, the company released the eighth beta of the next MacOS version, Big Sur, to developers with a refreshed design to the operating system.
• Apple recently patched security bugs in its other operating systems with the release of iOS 14, iPadOS 14, watchOS 7.0, and tvOS 14.0.

CYBER BREACH MONDAY:

Every Monday, I summarize the most important breaches, so you stay up-to-date on the latest cybersecurity incidents. In today's issue:

ArbiterSports (Sandy, Utah): 540,000 breach victims; personal information on sports referees, league officials, and school representatives were stolen in a ransomware attack.

University of Tennesee Medical Center (Tenn.): 234,954 breach victims; network server hacking/IT incident.

To read more, click here to upgrade to premium!

Universal Health Services (UHS) was hit by ransomware on Sunday, shutting down systems at hospitals in California, Florida, Texas, Arizona, and Washington, D.C. The impacted hospitals have been required to redirect ambulances and move patients needing surgery to other hospitals.

More:

• UHS operates more than 400 healthcare facilities in the U.S. and U.K, has more than 90,000 employees, and serves 3.5 million patients per year.
• One UHS employee posted on Reddit that the hospital's antivirus programs were disabled, the hard drives "lit up with activity," and the computers logged out and shut down and could not be restarted.
• A number of employees told Bleeping Computer that the attackers appear to be the Ryuk ransomware group based on file extensions and the ransom note.

Twitter patched a bug that could have led to the disclosure of developer information, such as application programming interface (API) keys and user access tokens. Details about Twitter applications could have been stored in the browser's cache when the developer visited the developer.twitter.com website.

More from Twitter:

• Twitter said it had no evidence that the developers' API keys and tokens were stolen.
• The fix involved changing the cache instructions that developer.twitter.com sends to the browser to stop it from storing information about apps or accounts.
• The social media giant recommended that developers who visited developer.twitter.com regenerate their app keys and tokens.

A U.S. federal judge has blocked President Trump's TikTok ban just before it was set to take effect on Sunday. TikTok had received a one-week extension on the ban after a deal was announced in which Oracle and Walmart would acquire a stake in the U.S. operations of TikTok.

More:

• The judge let stand the Nov. 12 deadline for the Oracle-Walmart-TikTok deal to be completed.
• The Commerce Department said it would comply with the judge's decision, but argued that the executive order banning TikTok from the U.S. market was consistent with U.S. law.
• A TikTok spokesperson said that the company "will continue defending our rights for the benefit of our community and employees."

Security researchers are warning that new features added to Pastebin could enable attackers to hide malware operations. The features, "Burn After Read" and "Password Protected Pastes," enables users to create pastes (text) that expire after a single read or that are protected by a password.

More:

• Pastebin has been used in the past as a staging ground for fileless attacks using PowerShell, explained security consultant Ted Samuels.
• Security researcher Jake warned on Twitter that Pastebin's new features will make it "100x" harder to track threat actors.
• In April, Pastebin turned off access to security researchers' scraping API used to find malicious actors on the site.

Google removed 17 Android apps from Google Play because they were infected with Joker (Bread) malware. According to Zscaler security researcher Viral Gandhi, the malware steals SMS messages, contact lists, and device information and secretly signs up the victim for premium wireless application protocol (WAP) services.

More:

• Google used Play Protect to disable the apps on infected devices, but users will still need to remove the apps manually from their devices.
• Zscaler recommended that Android users watch out for risky app permissions related to SMS, call logs, and contacts when downloading apps.
• In early September, Google removed six Joker-infected Android apps that had a combined 200,000 downloads.

The REvil (Sodinokibi) ransomware group has deposited $1M  in Bitcoin on a Russian hacker forum as part of an effort to recruit hackers. The group operates a ransomware-as-a-service ring based on recruiting affiliates to distribute the ransomware. The money is available to hackers who can provide skills that REvil is looking for.

More:

• Earlier this month, the REvil group shut down all branches of Chilean back BancoEstado as a result of a ransomware attack.
• REvil is one of a growing number of ransomware groups that steal data before encrypting systems, holding both for ransom.
• In June, REvil launched an auction site to sell stolen data.

QUICK HITS:

• $150m was stolen from users of the Singapore cryptocurrency exchange KuCoin.
• Hackers uploaded PDF files with instructions on how to hack software to a number of U.N. websites, including the World Health Organization and UNESCO.
• Attackers are finding ways around multifactor authentication, warned Proofpoint researchers.
• Brands see 18.5% of e-commerce revenue from SMS marketing. See 6 top SMS campaigns here.* 

*This is sponsored content.

We're hiring! Check out our available positions:

• Business Researcher
• Director of Research
• Growth Marketing Manager
• Sales Representative
• Copy Editor