Internal Threats












        Microsoft Patch Tuesday Fixes 59 Flaws. Microsoft has issued its monthly security (Patch Tuesday) update, to
        fix a total of 59 vulnerabilities in its operating systems and products. There was no zero-day flaws in the
        October update that required urgent patching (good new for systems admins), but 9 nine flaws were rated as
        critical, with 49 flaws rated as important. One flaw was rated moderate. The update cover a range of Microsoft
        products including Windows 10, Internet Explorer, Edge, Microsoft Office, SQL Server and and some
        development tools.

                Source:   https://www.silicon.co.uk/security/security-management/microsoft-patch-tuesday-59-flaws-
                294427




        Password Mistakes You and Your Employees Are (Probably) Making. Your employees might already be aware
        of a few password security practices. But are they actually following the latest recommendations? In fact, are
        you aware of what makes up a strong password policy? Both you and your employees could be (unknowingly)
        making common password mistakes and applying antiquated password security guidelines. So, keep on
        reading to make sure you’re in alignment with the most recent password requirements.
                Source: https://heimdalsecurity.com/blog/password-mistakes-employees-businesses/



        Twitter inadvertently used Phone Numbers collected for security for Ads. Twitter apologized to have used
        phone numbers and email addresses, privided by the users for security purposes, for advertising. According to
        the social media company, data used for account authentication were also matched with advertisers’ database
        to improve the efficiency of ads. “We recently discovered that when you provided an email address or phone
        number for safety or security purposes (for example, two-factor authentication) this data may have
        inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences
        advertising system.” reads a post published by Twitter.

                Source: https://securityaffairs.co/wordpress/92288/breaking-news/twitter-inadvertently-used-phone-
                numbers.html



        New Unpatchable iPhone Exploit Allows Jailbreaking. A new iOS exploit allows jailbreaking of pretty much all
        version of the iPhone. This is a huge deal for Apple, but at least it doesn't allow someone to remotely hack
        people's phones. Some details: I wanted to learn how Checkm8 will shape the iPhone experience --
        particularly as it relates to security -- so I spoke at length with axi0mX on Friday. Thomas Reed, director of Mac
        offerings at security firm Malwarebytes, joined me.
                Source: https://www.schneier.com/blog/archives/2019/10/new_unpatchable.html












                                                    www.accumepartners.com
                                                                                                                    11