BROADCASTS.com

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 29.\xa0 It is Monday December 23, 2019. I am your host Scott Gombar and Say Hello Old Friend.\n\n\xa0\n\nThis podcast is brought to you by Nwaj Tech, a Client Focused and Security Minded IT Consultant based in Central Connecticut.\xa0 You can visit us at nwajtech.com\n\n\nApple\u2019s Bug Bounty Opens for Business, $1M Payout Included.\n\n\nApple has officially opened its invite only private bug-bounty program to the public.\xa0 You can earn bounties of up to $1 million.\n\nTo earn the $1 million bounty you will need to provide a working zero-click exploit with full kernel execution and persistence on Apple\u2019s latest devices.\xa0 Other requirements will also need to be met.\xa0\xa0\n\nThere are other bounties between $25,000 and $500,000 vulnerabilities in Macs, iOS devices, and Apple TV ranging in compromises of lock screen bypass, icloud account access and other attacks.\n\nOne Day, Three Credit Card Data Breach Notifications.\xa0 You have probably heard about the Wawa Compromise.\xa0 If you haven\u2019t here are the details.\n\n\nDropbox Zero-Day Vulnerability Gets Temporary Fix.\xa0 There is currently a zero-day vulnerability for Dropbox on Windows that allows attackers to gain permissions typically reserved for SYSTEM.\xa0 This is the most privileged account on Windows.\xa0\xa0\n\n\nDropbox has not released a patch for this zero-day vulnerability but OPatch has released a temporary fix.\xa0\xa0\n\n\nCisco Security Appliances Targeted for DoS Attacks via Old Bug.\n\n\nPayPal Phishing Attack Promises to Secure Accounts, Steals Everything.\n\n\nWindows Remote Desktop Services Used for Fileless Malware Attacks.