IT Security News Daily Summary 2022-09-12

• Apple iOS 16: Passkeys brings passwordless authentication mainstream

• 5 actions to help state and local agencies gain visibility and improve IT hygiene

• Best Bluetooth trackers of 2022: AirTag and alternatives

• Hate Windows 11? Here’s how to make it work more like Windows 10

• How to tighten your security in Microsoft Edge

• How Machine Learning Can Boost Network Visibility for OT Teams

• Leading a Revolution to Provide Secure CCTV Cameras

• Levelling The Battlefield with Cyber as An Asymmetric Leverage

• How a fast-growing town moved from ad hoc to strategic cybersecurity

• State lays groundwork for cyber ecosystem

• Google Releases Pixel Patches for Critical Bugs

• Apple fixed the eighth actively exploited zero-day this year

• Why getting microsegmentation right is key to zero trust

• iOS 16 cheat sheet: Complete guide for 2022

• How data security posture management complements CSPM

• US Lawmakers Press Facebook On Crypto Scam Policies

• Federal Privacy Bill That Would Preempt State Privacy Laws Faces Uncertain Future

• Coast Guard bill looks to boost maritime cybersecurity

• Apple Warns of macOS Kernel Zero-Day Exploitation

• Cisco Data Breach Attributed to Lapsus$ Ransomware Group

• Popular YouTuber Scuba Jake’s channel hacked to run crypto scam

• Google Cloud closes $5.4b Mandiant acquisition

• Cisco Secure 5 Best Practices Security Analysts Can Use to Secure Their Hybrid Workforce.

• Policing With Less and Less Policing

• EFF’s “Cover Your Tracks” Will Detect Your Use of iOS 16’s Lockdown Mode

• HP Bug Left Unpatched for a Year

• 5 ways to secure devops

• US Treasury Sanctions Iranian Minister Over Hacking of Govt and Allies

• Cybersecurity Awareness Campaigns: How Effective Are They in Changing Behavior?

• Google announced the completion of the acquisition of Mandiant for $5.4 billion

• Security pros get ability to manually add incidents to Microsoft Sentinel

• New Cyberespionage Group ‘Worok’ Targeting Entities in Asia

• Google Completes $5.4 Billion Acquisition of Mandiant

• High Severity Vulnerabilities Found in HP Enterprise Devices

• Twitter Says Whistleblower Payment Did Not Violate Musk Deal

• Boffins Build Microphone Safety Kit To Detect Eavesdroppers

• Retbleed Fix Slugs Linux VM Performance By Up To 70 Percent

• Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk

• Twitter Whistleblower: What Questions Will Peiter Zatko Face From Lawmakers?

• PCI DSS Tackles Client-Side Attacks: Everything You Need Know About Complying With PCI 6.4.3

• Reducing the risk of ransomware

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Which Apple Watch is Right for You in 2022?

• ‘Cyber insecurity’ in healthcare is leading to increased patient mortality rates

• Chidozie Collins Obasi – COVID Fraud & Work at Home Scams

• Hackers Abuse Native Linux Tools to Launch Attacks On Linux Systems

• Oxeye Discovers Several High Severity IDOR Vulnerabilities in Harbor

• China Accuses NSA’s TAO Unit of Hacking its Military Research University

• New Linux Cryptomining Malware

• How to Make Container Security Threats More Containable

• Cybersecurity’s Too Important To Have A Dysfunctional Team

• Lampion Trojan Launches New Campaign Through File-Sharing Service

• Iranian APT42 Launched Over 30 Espionage Attacks Across 14 Nations

• Cybersecurity grants are coming. Are you ready?

• Google Completes Acquisition of Mandiant

• iOS 16 Has 2 New Security Features for Worst-Case Scenarios

• Shadow IT and shadow IoT

• Next Generation Leadership for Special Operations Forces

• Lazarus APT Uses Log4j Flaw To Hack US, Canadian Energy Co’s – Cyber Experts Comment

• 65% Say Legacy Backup Solutions Aren’t Up To Ransomware Challenges

• Survey Connects Cybersecurity Skills Gap to Increase in Breaches

• The worst thing about eSIM-only iPhone 14s

• Montenegro Wrestles With Massive Cyberattack, Russia Blamed

• Vulnerability in BackupBuddy Plugin Exploited to Hack WordPress Sites

• Ethical AI, Possibility or Pipe Dream?

• Ransomware Group Leaks Files Stolen From Cisco

• SaaS Alerts Raises $22 Million to Help MSPs Protect Business Applications

• Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats

• The La School District Cyber Attack Keeps Unravelling – Expert Comments

• Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)

• Improvements, new features and integrations now available on the ImmuniWeb AI Platform

• (ISC)² and Venafi Explore The Strange New World of Machine Identity Management

• Security Breaks: TeamTNT’s DockerHub Credentials Leak

• FAA again extends deadline for $2.4B IT services contract

• Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

• 76% Of Financial Institutions Plan On Using Crypto In The Next 3 Years

• Scammers Leveraging Microsoft Team GIFs in Phishing Attacks

• Hackers Hit UK Water Supplier

• Avast and NortonLifeLock merge to tackle new challenges in Cyber Safety

• Why Vulnerability Scanning is Critical for SOC 2

• Palestinian Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

• Cisco Patches High-Severity Vulnerability in SD-WAN vManage

• Critical KEPServerEX Flaws Can Put Attackers in ‘Powerful Position’ in OT Networks

• Google Patches Critical Vulnerabilities in Pixel Phones

• iOS 16 Has Two New Security Features for Worst-Case Scenarios

• Policy Monitor to launch CSPM, an Information Security Management System, at the International Cyber Expo

• Alphabet Life Sciences Unit Verily Gets $1bn Investment

• US Lawmakers Warn Apple Over Chinese Memory Chips

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022

• Common Criteria Certification: What Is It, and What Does It Mean for Tripwire Enterprise?

• Cops Raid Suspected Fraudster Penthouses

• Silicon In Focus Podcast: Your Essential Cybersecurity Tech Stack

• ICO Slams Government Departments Over FOI Failings

• Ransomware Actors Embrace Intermittent Encryption

• Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems

• Energy Providers Targeted by Lazarus Group

• Outdated infrastructure remains a problem against sophisticated cyberattacks

• 6 Best Time Management Software For Small Businesses 2022

• EU Says It Will Not Appeal Qualcomm Antitrust Decision

• Sea Ltd Lays Off E-Commerce, Gaming Staff After Heavy Loss

• EU Plans Consultation On Tech Giants’ Contribution To Telco Costs

• North Korean Lazarus Group Hacked Energy Providers Worldwide

• Vulnerability in WordPress BackupBuddy Plugin Exploited By Hackers

• Investigators Seize $30m in Stolen Crypto from North Korea

• Hackers Compromise Employee Data at PVC-Maker Eurocell

• High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices

• Software developers, how secure is your software ?

• EU Broadens Google Adtech Probe With Portugal Case

• Boffins build microphone safety kit to detect eavesdroppers

• Some firmware bugs in HP business devices are yet to be fixed

• Darktrace acquisition deal of Thoma Bravo terminated

• FBI issues serious cyber threat alert about Vice Society

• Financial organizations fail to act on firmware breaches

• Building a successful cybersecurity business, one client at a time

• Sharing secrets has been ‘effective’ against Russia, but the tactic has limits, CIA chief says

• The ClubCISO report reveals a fundamental shift in security culture

• How to Correctly Classify Your Data in 2022

• MSPs and cybersecurity: The time for turning a blind eye is over

• Bad bots are coming at APIs! How to beat the API bot attacks?

• DHS launches ‘largest customer experience hiring initiative’ with hundreds of technologist positions

• Report: Benchmarking security gaps and privileged access

• Homeworkers putting home and business cyber-safety at risk

• Socure enhances KYC/CIP solution to ensure compliance and identity verification

• Retbleed fix slugs Linux VM performance by up to 70 percent

• Fastway deploys Verimatrix VCAS to protect its DVB Hybrid network

• The ransomware problem won’t get better until we change one thing

• Report Highlights Prevalence of Software Supply Chain Risks

• Albania was hit by a new cyberattack and blames Iran

• IT Security News Weekly Summary – Week 36

• IT Security News Daily Summary 2022-09-11

• Lazarus Hackers are Using Log4j to Hack US Energy Companies

• Conti Gang Doppelganger Adopts Recycled Code

• Meta Disbands Team Studying Negative Impacts Of Facebook, Instagram

• Bangsamoro Peace and the U.S.-Philippines Alliance

• Threat Actors Exploit WeTransfer to Spread Lampion Malware

• Security Affairs newsletter Round 383

• Iran-linked APT42 is behind over 30 espionage attacks

• Week in review: Free online cybersec courses, Signal post-quantum upgrade, Patch Tuesday forecast

• Chinese Govt-Backed Hackers Using PlugX Malware To Attack Gov Officials

• Penetration testing

• Classified NATO Documents Stolen from Portugal, Now Sold on Darkweb

• Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents

• RegScale Selected as 2022 SINET16 Innovator Award Winner

• CSI Secures Record Number of NuPoint® Customer Deals

• U.S. Enterprises Aim for Holistic Cyber Defense, Recovery

• Weekly Update 312

• Keysight and IBM sign memorandum of understanding to open RAN deployments in Europe

Generated on 2022-09-12 23:55:21.050479