16 October 2021

• This Week in Security News – October 15, 2021
  Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more.
• Security Risks with Private 5G in Manufacturing Companies Part. 2
  We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own telecom infrastructures....
• Ransomware Operators Found Using New "Franchise" Business Model
  We found a relatively new and interesting ransomware operation that takes inspiration from franchise business models. It seems that the operators are rebranding a "supplier" ransomware before deployment instead of simply distributing it under the original name.
• Demo: How to Build a Container Registry from a Container
  What came first the container or the container registry? Find out and learn how to build, run, and scan your very own container registry from a container itself on your laptop.
• Analyzing Email Services Abused for Business Email Compromise
  We analyzed five major types of email channels, and the techniques in keywords and domain names BEC actors use to appear legitimate to potential victims.
• Simplify Security with Open Source Code Scanning Tools
  Explore how source security tools can help mitigate the risk of utilizing open source libraries, saving development effort by using open source components while ensuring your final product’s security.
• Secure Manufacturing on Cloud, Edge and 5G (Download PDF)
  This e-book provides you with insight into system changes brought on by factory production processes and explains how the cloud and 5G have transformed smart factories. You’ll also receive a look into how we map the attack scenario so you can identify the type of risks that lie throughout the entire system.
• New Bill to Require Cyber Attack Reporting in the US
  The Cyber Incident Notification Act of 2021 would also require CISA to launch a program that would notify organizations of various vectors that malicious actors exploit.
• October Patch Tuesday: 3 Critical Bulletins Among 71
  The October Patch Tuesday maintains the relatively peaceful streak from previous months with only 3 bulletins rated as Critical among 71 new vulnerabilities.
• Minimize SecOps Risk with Less Tools and More Security
  Security leaders are seeking new ways to minimize SecOps security monitoring tools while increasing efficiency for SecOps teams. Read this article to learn more.