BROADCASTS.com

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 29.  It is Monday December 23, 2019. I am your host Scott Gombar and Say Hello Old Friend.   This podcast is brought to you by Nwaj Tech, a Client Focused and Security Minded IT Consultant based in Central Connecticut.  You can visit us at nwajtech.com Apple’s Bug Bounty Opens for Business, $1M Payout Included. Apple has officially opened its invite only private bug-bounty program to the public.  You can earn bounties of up to $1 million. To earn the $1 million bounty you will need to provide a working zero-click exploit with full kernel execution and persistence on Apple’s latest devices.  Other requirements will also need to be met.   There are other bounties between $25,000 and $500,000 vulnerabilities in Macs, iOS devices, and Apple TV ranging in compromises of lock screen bypass, icloud account access and other attacks. One Day, Three Credit Card Data Breach Notifications.  You have probably heard about the Wawa Compromise.  If you haven’t here are the details. Dropbox Zero-Day Vulnerability Gets Temporary Fix.  There is currently a zero-day vulnerability for Dropbox on Windows that allows attackers to gain permissions typically reserved for SYSTEM.  This is the most privileged account on Windows.   Dropbox has not released a patch for this zero-day vulnerability but OPatch has released a temporary fix.   Cisco Security Appliances Targeted for DoS Attacks via Old Bug. PayPal Phishing Attack Promises to Secure Accounts, Steals Everything. Windows Remote Desktop Services Used for Fileless Malware Attacks.