IT Security News Daily Summary 2023-03-10

• What is incident response? Plans, teams and tools

• Blockchain offers secure, transparent platform for vital records

• ChatGPT Browser Extension Hijacks Facebook Business Accounts

• What happens if you ‘cover up’ a ransomware infection? For Blackbaud, a $3m charge

• Justice launches $8M smart policing grant program

• Sexual Deepfake Ads Using Actress’ Faces Are Running On Facebook

• Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

• Vendors prepare to spend more on cybersecurity under new rules

• Machine learning too expensive for state archives – for now

• BlackLotus Secure Boot Bypass Malware Set to Ramp Up

• Xenomorph Android Malware Steals Data From 400 Banks

• Age Verification Mandates Would Undermine Anonymity Online

• What is confidential computing exactly? Fortanix CEO explains

• BlackMamba PoC Malware Uses AI to Avoid Detection

• Untold Benefits of Application Modernization

• 5 steps to gain control of vulnerability management for your enterprise

• Unpatched Zero-Day Bugs in Smart Intercom Allow Remote Eavesdropping

• How Zero Trust Enables More Effective Security Management

• Industry Experts Share Their Security Predictions for 2023

• Cybersecurity Firm Acronis Data Breach: Hackers Leak 21GB of Data

• Defining the Cobalt Strike Reflective Loader

• Blackbaud Fined $3M For ‘Misleading Disclosures’ About 2020 Ransomware Attack

• Silicon Valley Bank Seized by FDIC as Depositors Pull Cash

• SHEIN shopping app goes rogue, grabs price and URL data from your clipboard

• Hanwha’s New Rebrand Reflects Focus on Global Vision for the Future

• Electronics market shows US-China decoupling will hike inflation and slow growth

• Cloud security, hampered by proliferation of tools, has a “forest for trees” problem

• Hadoken Security Group Upgrades Xenomorph Mobile Malware

• New bills look to help small water systems tap cybersecurity help

• CISA: Do these three things to toughen up your network against hackers

• Alleged NetWire RAT Operator Arrested in Croatia as FBI Seizes Website

• Cyber Madness Bracket Challenge – Register to Play

• Unpatched Akuvox Smart Intercom Vulnerabilities Can Be Exploited for Spying

• White House Allocates $3.1bn to Cybersecurity in New Budget

• Here’s what’s in Biden’s budget plan for state and local governments

• Embracing Your Strengths During Women’s History Month and Beyond

• IceFire Ransomware Targets Linux Enterprise Networks

• Latest version of Xenomorph Android malware targets 400 banks

• Deep Web vs. Dark Web: What is Each and How Do They Work

• The Onion Patch – Best 20 Dark Web Websites You Shouldn’t Miss

• TikTok comes up with Project Clover after Project Texas

• UK Extends Time To Review Apple’s App Store Monopoly

• Microsoft to boost protection against malicious OneNote documents

• Expert Suggested Ban on TikTok for Government-issued Phones in Australia

• TikTok comes with Project Clover after Project Texas

• Set up PowerShell script block logging for added security

• Growing Public Cloud Spending is Leading to a Shadow Data Risk

• Qakbot Distributes Malware Through OneNote

• This Website Wants to Use AI to Make Models Redundant

• Millions of AT&T Customers Notified of Data Breach at Third-Party Vendor

• Make Sure Your Cybersecurity Budget Stays Flexible

• LATEST CYBERTHREATS AND ADVISORIES – MARCH 10, 2023

• How to Solve the People Problem in Cybersecurity

• International Law Enforcement Takes Down Infamous NetWire Cross-Platform RAT

• China-linked Hackers Targeting Unpatched SonicWall SMA Devices with Malware

• New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide

• 2-Month Low Hit As New York AG Labels Crypto Token As Security

• WhatsApp: Rather Be Blocked In UK Than Weaken Security

• Data Protection Vendor Acronis Admits To Data Leak As 12GB Trove Appears Online

• FBI And International Cops Catch A NetWire RAT

• DC Health Link Breach Includes Data Of House Members

• FTC Admits It Is Investigating Twitter

• The D.C. District Court Upholds the Government’s Geofence Warrant Used to Identify Jan. 6 Rioters

• A Not-So-Imperial Presidency

• The Evolution of Finding Love in the Digital Age: How Technology Is Changing the Game

• Every Tomb Raider Game in Order by Release Date – From Croft Manor to the Siberian Tundra

• AT&T Vendor Hacked – Over 9 Million Customers Data Exposed

• Cerebral Informing 3.1 Million Individuals of Inadvertent Data Exposure

• Serious Vulnerability Patched in Veeam Data Backup Solution

• When Partial Protection is Zero Protection: The MFA Blind Spots No One Talks About

• SoulSearcher Malware Released By Chinese Sharp Panda Group

• Alleged seller of NetWire RAT arrested in Croatia

• How Long Does It Take to Reach Max Level in Lost Ark? – From Zero to Hero

• The Intersection of Gender, Politics, and Cybersecurity: Iranian Hackers Target Women Advocating for Human Rights

• Netwire RAT Malware Infrastructure Seized Following Joint International Operation

• WhatsApp Will Not Comply With UK Online Safety Bill

• Common WhatsApp scams and how to avoid them

• The Problem with the U.S. Power Grid: It’s too Vulnerable to Attacks

• White House Budget Plan Seeks to Boost Cybersecurity Spending

• Internet crime in 2022: Over $3 billion lost to investment scammers

• India’s Dream of a $5 Trillion Economy Threatened by Rising Cybercrime Risks

• Fortinet: Remote Working has Resulted in Breaches for Two-Thirds of Businesses

• ChatGPT Sparking Security Concerns

• Tabasco X Tinx: A Successful Marketing Campaign Example

• Police Seize Netwire RAT Malware Framework, Detains Admin

• Access Control-as-a-Service: What It Is and How Can Organizations Benefit from It?

• Warning! BMW Security Flaw Jeopardises Business Secrets and Clients` Data

• 5 Ways Heimdal® Protects Your Endpoints

• FBI Warns of Crypto-Stealing Play-to-Earn Games

• Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant

• AT&T is notifying millions of customers of data breach after a third-party vendor hack

• Acronis Clarifies Hack Impact Following Data Leak

• UK’s New Privacy Bill Could Mean More Work for Firms

• What We Learned from The Royal Mail Ransomware Chat

• Global Cops Take Down NetWire RAT

• Top 5 Must-Watch XDR Videos from Heimdal®

• North Korean UNC2970 Hackers Expands Operations with New Malware Families

• What Is the Command Key on Windows Keyboard? – Ticket to Computer Efficiency

• Keeping Your Data Secure in 2023: The Importance of Privacy and Residential Proxies

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• BMW exposes data of clients in Italy, experts warn

• March 2023 Patch Tuesday forecast: It’s not about luck

• Sophos improves cyberthreat defenses with endpoint security advancements

• Cryptojacking Mac malware “Honkbox” found in pirated apps

• Neglected security: Government official ignores privacy settings

• How to configure Two-Step Login via FIDO2 WebAuthn in Bitwarden

• The cybersecurity landscape in the era of economic instability

• Synthetic identity fraud calls for a new approach to identity verification

• New infosec products of the week: March 10, 2023

• Veeam Backup & Replication admins, get patching! (CVE-2023-27532)

• ECB orders for Cyber Attack Stress test on banks

• 1Password Unlock with SSO helps enterprises secure their employees

• Young government workers show poor password management habits

• Data protection vendor Acronis admits to data leak as 12GB trove appears online

• Earn CPE Credits For Reading (ISC)² News and Insights With Our Quiz

• What is firewall optimization?

• 2023-03-08 – IcedID (Bokbot) infection with BackConnect and VNC traffic

• Data protection vendor Acronis admits to 12GB data leak

• GitHub rolling out two-factor authentication to millions of users

• Catholic clergy surveillance org ‘outs gay priests’

• Catholic clergy surveillance group ‘outs gay priests’

• ‘Pig Butchering’ Scams Are Now a $3 Billion Threat

• Another Malware with Persistence

• Flipper Zero Devices Being Seized by Brazil’s Telecom Agency

• FBI and international cops catch a NetWire RAT

• Proposed FCC Rule Redefines Data Breaches for Communications Carriers

• Cado Security raises $20 million to drive global expansion

• ActiveFence acquires Rewire to help customers identify harmful text-based content

• Atakama collaborates with Panzura to put companies back in control of their mission-critical data

• Whistic partners with Google Cloud to provide customers with a transparent security profile

• SecurityScorecard and ILTA join forces to create a cyber resilient legal community

• Update Android now! Two critical vulnerabilities patched

• GitHub 2FA campaign begins

• Akamai mitigated a record-breaking DDoS attack that peaked 900Gbps

• Vulnerability Revealed OpenSea NFT Market Users’ Identities

• Avast Introduces Avast One Platinum

• Incarcerated Individuals & Advocacy Groups Challenge California County’s Policy of Digitizing and Destroying Jail Mail

• IT Security News Daily Summary 2023-03-09

• Lawmaker and staffer health data exposed in insurance breach

• AT&T blames marketing bods for exposing 9M subscriber account records

• ThreatBlockr Announces Partnership With Engaged Security Partners

• Keeper Security Issues Top 5 Cybersecurity Tips for 2023 College Basketball Tournament

• Forrester Study Reveals Businesses Are Insufficiently Prepared to Manage Enterprise Risks

• Cryptocurrency is fueling the ransomware boom. Here’s how to protect yourself

• Government still wrestles with digital equity, accessibility

• AT&T Vendor Breach Exposes Data on 9M Wireless Accounts

• IceFire Ransomware Portends a Broader Shift From Windows to Linux

• Congressman Darin LaHood Says FBI Targeted Him With Unlawful ‘Backdoor’ Searches

• Google Fixed Two Critical Vulnerabilities With Android March 2023 Update

• Innovation thrives when governments embrace next-gen public-private partnerships

• Is ransomware declining? Not so fast, experts say

• US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach

• New Rise In ChatGPT Scams Reported By Fraudsters

• US House reps, staff health data swiped in cyber-heist

• Supply Chain Security: What Is SLSA? Part I

• Synthetic storms provide supplemental data for hurricane damage predictions

• Medusa Gang Video Shows Minneapolis School District’s Ransomed Data

• Secure UX based on customer data can be a big advantage in a recession

• Best DevOps, Website, and Application Vulnerability Scanning Tools

• 5 Reasons You Should Care About Unmanaged Assets

• SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers

• Why Traditional Vulnerability Management isn’t Cutting it Anymore

• Hackers leak DC Health Link data with Congress Members’ details

• cyberwarfare

• White House budget proposal includes CX, fraud prevention

• Biden’s budget includes $200M for TMF

• White House budget proposal includes CX, fraud prevention asks

• Custom Chinese Malware Found on SonicWall Appliance

• S3 Ep125: When security hardware has security holes [Audio + Text]

• Who’s Behind the NetWire Remote Access Trojan?

• How to Jump-Start Your Cybersecurity Career

• Inside Threat: Developers Leaked 10M Credentials, Passwords in 2022

• And the Winners of the 2023 Cybersecurity Excellence Awards are …

• Continuous Threat Exposure Management Stops Modern Threats

• Refreshed from its holiday, Emotet has gone phishing

• LastPass Details Security Breach, Hackers Accessed Encrypted Data

• How to minimize security risks: Follow these best practices for success

• Utah’s Governor Should Veto “Social Media Regulations” Bill S.B. 152

• Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks

• Iranian APT Targets Female Activists With Mahsa Amini Protest Lures

• GitHub to introduce mandatory 2FA authentication starting March 13

• Flutterwave Hit by Unknow Hackers Lost Millions of Dollars

• Silvergate Bank To Close Down, Amid FTX Aftermath

• 2 factors make shifts to remote work successful

• 8220 Gang Behind ScrubCrypt Attack Targeting Oracle Weblogic Server

• Best MSP/MSSP Vulnerability Scanning Tool Options

• Best Enterprise Vulnerability Scanning Vendors

• Best Small and Medium-sized Business (SMB) Vulnerability Scanning Tools

• Verifiable Credentials: How has it Changed the Identity Verification Status

• TSA tells US aviation industry to boost its cybersecurity

• Acer Confirms Unauthorized Access But Says No Consumer Data Stolen

• Latest Cyberthreats and Advisories – March 3, 2023

• Top ransomware news headlines trending on Google

• RSA Algorithm: A Trusted Method for Encrypting and Securing Data

• Vulnerability Exposes Cisco Enterprise Routers to Disruptive Attacks

• Why enterprise SecOps strategies must include XDR and MDR

• Best 3 Cloud, Container and Data Lake Vulnerability Scanning Tools

• Critical RCE Bug Opens Fortinet’s Secure Web Gateway to Takeover

• Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

• Red Team vs. Blue Team: What Is It?

• US Chamber Of Commerce Seeks AI Regulation

• TikTok Initiates Project Clover Amid European Data Security Concerns

• 5 Critical Components of Effective ICS/OT Security

• Recently discovered IceFire Ransomware now also targets Linux systems

• Deanonymizing OpenSea NFT Owners via Cross-Site Search Vulnerability

• Demanding Data Privacy Measures, FBI Cyber Agent Urges Users

• Automated Red Teaming: Is It Still Relevant?

• Lawyers For FTX’s Sam Bankman-Fried Hint At Trial Delay

• Beware of Fake Facebook Profiles, Google Ads Pushing Sys01 Stealer

• U.S. House and Senate members Data Hacked, Offered for Sale

• Introducing Avast One Platinum

• What is a Red Teamer? All You Need to Know

• Netherlands To Restrict Some Chip Technology Exports

• Suspected Chinese Cyber Spies Target Unpatched SonicWall Devices

• Dems, Repubs Eye Up Ban On Chat Apps They Don’t Like

• U.S. Chamber Of Commerce Calls For AI Regulation

• Hundreds Of US Lawmakers And Staffers Affected By Data Breach

• Risk Management in Construction Projects: How to Mitigate Potential Issues?

• Jenkins Server Vulnerabilities Chained for Remote Code Execution

• Dozens of Exploited Vulnerabilities Missing From CISA ‘Must Patch’ List

• QuSecure Unveils Quantum-Resilient Communications Satellite Link

• IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks

• Vicious Cycle: How Press Bias Fed FISA Abuse in the Trump-Russia Panic

• The Indian Telecommunication Bill Engenders Security and Privacy Risks

• What TikTok’s Data Decision Means For Cybersecurity

• Gearing up for UK Cyber Week: Helping businesses fight back against cyber crime

• Attacks are Being Outmanoeuvred by AI Cybersecurity in Novel Ways

• Customers’ Accounts Were Exposed in the Verizon breach

• ‘Skinny’ Cyber-Insurance Policies Create Compliance Path

• Netherlands Joins US In China Chip Export Restrictions

• The US RESTRICT Act Gains More Support From Lawmakers

• Fake ChatGPT Chrome extension targeted Facebook Ad accounts

• Google Discontinuing Chrome Tool for Removing Unwanted Software

• Defeating the Deepfake Danger

• Fortinet Patches Critical Unauthenticated RCE Vulnerability in FortiOS

• Understanding the Shared Responsibility Model, Critical Step to Ensure Cloud Security

• Iranian Hackers Target Women Involved in Human Rights and Middle East Politics

• Does Your Help Desk Know Who’s Calling?

• Become your business’s cybersecurity expert

• You Cannot Secure Your Data by Network Penetration Testing

• Acer Confirms Huge 160GB Data Breach

• Congress Members Warned of Significant Health Data Breach

• Cado Security Banks $20M in Series B Funding

• ChatGPT Integrated Into Cybersecurity Products as Industry Tests Its Capabilities

• Watch Sessions: Ransomware Resilience & Recovery Summit

• Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)

• Putin’s Deepfake Campaign: A New Weapon in the War Against Dissent

• ScamBots and ScAmazon – Intego Mac Podcast Episode 282

• Britain Cybersecurity firm issues warning against Microsoft ChatGPT

• Apple Delivers New iPhone 14…In Yellow

• 8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks

• Is your security team concerned with unmanaged devices?

• February 2023’s Most Wanted Malware: Remcos Trojan Linked to Cyberespionage Operations Against Ukrainian Government

• Cloud security platform lands $20M to automate incident response in the cloud

• Flashpoint: Threat vectors converging, increasing damage

• VulnCheck: CISA’s KEV missing 42 vulnerabilities from 2022

• Tehran Targets Female Activists in Espionage Campaign

• There’s A RAT In mi Note, What Am I Gonna Do?

• 10 Best Fan Control Software for Windows 2023 – Optimize Your System’s Cooling

• You better keep this Bitwarden setting turned off

• Revelstoke Security Raises $20 Million for SOAR Platform

• House Members at Risk After Insurer Data Breach

• Fortinet Issues Critical RCE Vulnerability in FortiOS & FortiProxy

• Airlines and Airports Brace for New TSA Cybersecurity Measures Amidst Persistent Threats

• Major Healthcare Data Breach Impacts U.S. House Members

• Lazarus Group Hacks South Korean Financial Entity via Zero-Day Vulnerability

• 100M+ Downloaded Shein App Found Copying Clipboard Content on Android Phones

• Malvertising through search engines

• Silicon Insights: How to Evolve Your Enterprise’s Digital Marketing: Part 1

• Fifth of Government Workers Don’t Care if Employer is Hacked

• CloudBees flaws in Jenkins server can lead to code execution

• Google One expands security features to all plans with dark web report, VPN access

• Do you know what your supply chain is and if it is secure?

• US RESTRICT Act Gains Support, Empowers Biden to Ban Foreign Tech

• New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

• Security Risks of Continuous Deployment and How to Solve Them

• Voices of Women in Cyber – (ISC)² Candidate Nidhi Kannoujia

• White House Cybersecurity Strategy Will Make Big Tech Step Up in Ongoing Cyber Struggle

• The Top Five Most Fun Cybersecurity Mistakes in TV and Movies

• AT&T Cybersecurity announces 2023 ‘Partner of the Year Award’ winners

• Governance of Zero Trust in manufacturing

• CloudBees flaws in Jenkins server can lead to code execution

• How the SYS01 Campaign Uses Multiple Evasion Tactics to Avoid Detection in Cyber Espionage

• Your Cannot Secure Your Data by Network Penetration Testing

• New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

• What CISOs need to understand about document signing

• Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits

• Navigating data classification in the era of extensive cloud adoption

• Inadequate patches and advisories increase cyber risk

• Optiv launches OT cyber services to help organizations identify business-specific OT risks

• 11:11 Managed Backup for Cohesity secures on-premises data

• GrammaTech unveils new versions of its CodeSentry binary SCA platform

• What does your Mac do when it’s sleeping?

• Suspected Chinese cyber spies target unpatched SonicWall devices

• Code42 and SentinelOne partner to reduce the risks associated with insider threats

• Concentric AI collaborates with CTERA to improve data security posture management

• Dems, Repubs eye up ban on chat apps they don’t like

• Establishing a Proactive Cybersecurity Plan

• Gender Diversity in Cybercrime Forums: Women Users on the Rise

• Trust emerges as the path forward for digital assets in 2023

• Organizations are understanding security is key to saving money, says CrowdStrike CEO

• 50% of good jobs are over-credentialed, says Former IBM CEO Ginni Rometty

• DoppelPaymer ransomware group disrupted

• DeepStreamer: Illegal movie streaming platforms hide lucrative ad fraud operation

• Ransomware review: March 2023

• BlackMamba: Using AI To Generate Polymorphic Malware

• Imperva Announces Joining the EDB GlobalConnect Technology Partner Program and Certification of Imperva’s DSF Agents to Support EDB Postgres Advanced Server and Community PostgreSQL Databases

Generated on 2023-03-10 23:55:30.767056