IT Security News Daily Summary 2021-07-10

• BSidesNoVA 2021 – Andy Piazza’s And James Nixon’s ‘Vendor Hacking: How To Make Your Tools Suck Less’

• The Joy of Tech® ‘Career Quiz Results!’

• BSidesNoVA 2021 – Jayme Hancock’s ‘Hacker Mindset: Troubleshoot Your Way To Root’

• Iran’s railroad system was hit by a cyberattack, hackers posted fake delay messages

• Are Online Brands Prioritizing Speed Over Security? Here’s a Quick Look

• Thales’ Leading Position in Connectivity & Cybersecurity to Bring Trust to the Next Wave of Connected Cars

• Risk-based security now more important than ever for Energy and Utilities!

• How to Make Telehealth Safer for a More Convenient Life Online

• Insurer CNA Discloses Ransomware Attack

• Biden Tells Putin Russia Must Crack Down on Cybercriminals

• “Cyber Disruption” Stops Websites of Iranian Ministry

• Online Support Agents Being Targeted Through Live Chat Platforms

• Millions of Login Credentials Stolen By an ‘Unnamed Malware’

• How to make eHealth safer for a more convenient life online

• How cybersecurity is getting AI wrong

• Top Stories: iPhone 13 and 14, iPad Pro, and MacBook Pro Rumors

• Cyber Polygon 2021: Towards Secure Development of Digital Ecosystems

• The Latest Pro-Trump Twitter Clone Leaks User Data on Day 1

• A New System Is Helping Crack Down on Child Sex Abuse Images

• Cloud Cryptomining Scam in Google Play Rakes in Cash

• Email Fatigue Elevates Cyber Crime Rates

• Morgan Stanley Faces Data Breach

• The data lakehouse: A database wishlist and a rant

• These three simple tips will keep your iPhone safe from hackers

• Another iPhone WiFi Vulnerability Found – This One Can Permanently Disable WiFi

• XKCD ‘Free Speech’

• ‘Build’ or ‘Buy’ your own antivirus product

• Kaseya warns customers of ongoing malspam campaign posing as security updates

• McAfee XDR and Remote Browser Isolation Technology Secure Globees in the 16th Annual 2021 IT World Awards

• Stories from the SOC – Office 365 account compromise and credential abuse

• Hackers Uses New Technique to Disable Macro Security To Launch a Weaponized MS Office Documents

• Cyber Criminals Sending Phishing Mails Pretending to be from Russian Government Domain

• 5 factores para evaluar una herramienta de RMM para MSP modernos

• Week in security with Tony Anscombe

• Contrast Security partners with Secure Code Warrior to deliver security training for developers

• The Fourth Quadrant—the Unknown Knowns

• Pluralsight acquires A Cloud Guru to accelerate cloud skill development

• An Office Phone Flaw Can’t Be Fixed by Cisco Alone

• Safe Systems launches Information Security Program for financial institutions

• An Office Phone Flaw Can’t Be Fixed By Cisco Alone

• Domains Are a Critical Component of Your Enterprise Risk Management

• WhoisXML API Upgraded Its Web Categorization Engine

• Biden ousts Social Security Administration Leadership

• Apple’s New ‘In the Dark’ iPhone 12 Pro Ad Highlights Night Mode

• IT Security News Daily Summary 2021-07-09

• How Dangerous Is Malware? New Report Finds It’s Tough to Tell

• 3 steps government employees can take to become good cyber citizens

• Building a scalable RAVPN architecture in Oracle Cloud Infrastructure using Cisco Secure Firewall

• Cryptomining Scam Apps, ‘Stealer’ Trojans Culled from Google Play

• Everything New in the iOS 15 Messages App: Shared With You, Photo Collages, Memoji Updates and More

• Moving to AWS Lambda? Here’s what you need to know.

• How to Empower Employees to be Secure and Productive

• NYC opens cyber operations center

• TEST

• How Dangerous is Malware? New Report Finds It’s Tough to Tell

• Spike in “Chain Gang” Destructive Attacks on ATMs

• Cybersecurity News Round-Up: Week of July 9, 2021

• New Framework Aims to Describe & Address Complex Social Engineering Attacks

• CISA Analysis Reveals Successful Attack Techniques of FY 2020

• The Real Takeaway From the Enjoining of the Florida Social Media Law

• People of JumpCloud | Vivian Eden

• DMZ in networking

• Will the ransomware surge impact Biden’s cyber EO?

• Microsoft Office Users Warned on New Malware-Protection Bypass

• Apple Debuts ‘This Week on Apple Music’ With Weekly Highlights

• MacRumors Giveaway: Win an Apple-Themed Plush Pillow From Throwboy

• Cisco BPA, WSA Bugs Allow Remote Cyberattacks

• How to prevent ransomware attacks with a zero-trust security model

• BSidesNoVA 2021 – Opening Keynote Address

• USENIX Enigma 2021 – Scott Shapiro’s ‘Is Cyber War Legal: A Four Hundred Year Retrospective’

• Why Now: How CyberSaint is Making Automated Risk Assessments Possible with NLP

• XKCD ‘H-alpha’

• Apple’s Stock Reached New All-Time Highs This Week

• Biden presses Putin to disrupt cybercriminals in Russia as U.S. grapples with latest ransomware attacks

• Hackers disabling Macro security warnings in new malspam campaign

• More sharing, less shame: CompTIA ISAO wants to change the standard response to ransomware attacks

• Insurer CNA Starts Notifying Customers of Ransomware Attack

• Where do all those cybercrime payments go?

• Latest iOS 14.7 Beta Patches Bug That Disables iPhone’s Ability to Connect to Wi-Fi

• Review: Nanoleaf’s Wood-Style Hexagons Add Attractive Accent Lighting to Any Room

• Judge drops hammer, dishes 7 years slammer for BEC and romance scammer

• How to send an anonymous email

• FireEye to Announce Second Quarter 2021 Financial Results on August 5, 2021

• Empowering women in the field of ethics and compliance

• Having the right tool for the job

• President Biden Targets Tech Monolopies, Data Collection

• Why data readiness is key to successful DOD projects

• Colorado becomes latest state to pass data privacy law

• Consumers Loosing Trust In Financial and E-commerce Industries

• MageCart Group12 Employing New Technique to Target E-Commerce Websites

• Cobalt Strike Payloads: Hackers Capitalizing on Ongoing Kaseya Ransomware Attacks

• Apple in Talks With NFL for Sunday Ticket Streaming

• How one word can disable an iPhone’s WiFi functionality

• CISSPs from Around The Globe: An Interview with Theresa Grafenstine

• Cyber Threat in 3D Printing says Pentagon

• Time to Batten the Cyber-Hatches

• Processing Machine Data With Machine Learning | Avast

• These phishing emails want to deliver password-stealing malware to energy companies and their suppliers

• Warning: 1 in 3 employees are likely to fall for a phishing scam

• Security professionals wish cloud providers would deliver specific security improvements, survey reveals

• Four Security Flaws Found in Sage X3 Enterprise Management Software

• Experts Warn of a New Technique that Disables Macro Security Warnings in Malicious Office Files

• BrandPost: Anchoring Digital Trust with Real Identity

• BrandPost: MLB Combines Okta and OneTrust to Earn Audience Trust Through Consent Management

• BrandPost: The Role of Security Executives in Building Customer Trust

• ZLoader Adopts New Macro-Related Delivery Technique in Recent Attacks

• The Rift Between Turkey and Israel Continues to Deepen

• Researchers Disclose Coursera API Vulnerabilities

• BrandPost: Securely Accelerate Digital Transformation and Customer Experiences Through Modern Identity

• BrandPost: Disrupting the Cycle of Perpetual Vulnerability

• BrandPost: How to Achieve Zero Trust Data Protection in the Cloud

• BrandPost: Mobile Worker Security or User Experience – How About Both?

• BrandPost: The Anywhere Employee Workspace

• Malware hits Hive OS cryptomining users; steals funds from wallets

• Microsoft’s PrintNightmare patch is now causing problems for some printers

• Coursera API Flaws Revealed by Cybersecurity Experts

• Morgan Stanley Suffers Data Breach Following Accellion FTA’s Attack

• Dutch researchers shed new light on Kaseya vulnerabilities

• It’s in the Game (but It Shouldn’t Be)

• I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

• Notes from Our CISO on the Kaseya Ransomware Attack

• Here’s How Much Microsoft Paid In Bug Bounties Last Year

• The FBI’s Fake Encrypted Honeypot Phones Are Showing Up Online

• Lazarus Targets Job-Seeking Engineers With Malicious Documents

• Kroger Reaches $5M Settlement With Breach Victims

• Morgan Stanley Discloses Data Breach That Resulted From Accellion FTA Hacks

• Apple Participating in Sales Tax Holiday for Select U.S. States

• Apple’s All-in-One Gift Card Now Available in Canada and Australia

• Apple TV+’s ‘Ted Lasso’ Leads HCA Streaming Award Nominations

• WildPressure Campaign Goes On With One More Hit: Mac Malware Version Targets Mac OS Systems

• Malware hits Hive OS cryptomining platform; steals funds from wallets

• Bandidos Malware Targeting Networks in South America

• Cybercriminals Attacked the Republican National Committee

• Did Microsoft Botch the PrintNightmare Patch?

• Cybersecurity M&A Roundup: 14 Deals Announced July 1-8, 2021

• Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration

• What is Session Hijacking and How Do You Prevent It?

• Hackers use a new technique in malspam attacks to disable Macro security warnings in weaponized docs

• Insurance firm CNA discloses data breach after March ransomware attack

• Rancher Uses Apple Watch to Find iPhone 12 in a Haystack in Apple’s Latest Ad

• Deals: Get the 40mm GPS Apple Watch Series 6 for $319 on B&H Photo ($80 Off)

• Scammers Are Now Pretending to be Online Support Agents via Live Chat Platforms

• July 2021 Security Updates for the Android OS Are Now Available

• The Pentagon Scrubs a Cloud Deal and Looks to Add More AI

• Covid Protections Kept Other Viruses at Bay. Now They’re Back

• No, open source Audacity audio editor is not “spyware”

• Republican National Committee denies Russian hackers accessed data

• Tencent’s creepy new facial recognition system detects kids gaming at night

• Potential cyber attack on financial system is greatest threat to markets, Guggenheim’s Minerd says

• Kaseya ransomware attack updates: Your questions answered

• Cartoon Caption Winner: Sight Unseen

• ‘Alto’s Odyssey: The Lost City’ Launches on Apple Arcade on July 16

• The Best Encrypted Email Services You Need to Use in 2021

• Numerous Scam Cryptomining Apps Discovered on Google Play Store

• The Future of Mobile in a Post-COVID World & How to Stay Secure

• Europe Makes the Case to Ban Biometric Surveillance

• NHS Covid App Could Be Changed, Minister Confirms

• Public cloud security ‘just barely adequate,’ experts say

• Microsoft Paid Out $13.6 Million in Bug Bounties in Past Year

• PrintNightmare Zero-Day Vulnerability: Patch Released by Microsoft Unsuccessful

• Researchers Learn from ITG18 Group’s OpSec Mistakes

• 15 Philips Vue Vulnerabilities Might Lead to Full Takeover of the Devices

• Cross-Site Request Forgery (CSRF) – An OWASP Vulnerability – Detailed Explanation

• New SaaS Security Report Dives into the Concerns and Plans of CISOs in 2021

• Kaseya And PrintNightmare Vulnerabilities | Avast

• Sage X3 Vulnerabilities Can Pose Serious Risk to Organizations

• Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs

• Apple Takes Possession of Mobeewave Domain Name, One Year After Acquiring Startup That Lets Smartphones Accept Payments Using NFC

• Oil & Gas Sector Targeted by Global Spear-Phishing Campaign

• 5 Reasons Every Small Business Needs An Employee App

• Three Simple Methods to Secure Your Enterprise IoT Devices

• What to expect at Transform 2021, the year’s top event on enterprise AI & data

• Bug bounties: Here’s how much Microsoft paid out to security researchers last year

• Lazarus Targets Job-Seeking Engineers with Malicious Documents

• Restart After Hacks Delayed Again by Software Firm

• Investment Bank Morgan Stanley Discloses Data Breach

• The Victims of REvil Ransomware Attack Are Refusing to Pay the Ransom

• Microsoft Gives Staff $1,500 Coronavirus Bonus

• Don’t be a ransomware victim

• Scam artists exploit Kaseya security woes to deploy malware

• Ransomware: Banning victims from paying ransoms might reduce attacks, but it won’t stop them

• Chinese Case Maker Shares iPhone 13 Chassis Models on Weibo

• Tips to Prevent Your Mac from Being Hacked

• Texas resident jailed for role in $2.2 million romance, business email scams

• Microsoft’s KB5004945 Security Update for PrintNigtmare Has Side Effects: Now Zebra Printers Crash

• The CSO guide to top security conferences, 2021

• Critical infrastructure Bill has a government ‘step in’ powers labelling problem

• Epic Wins Appeal to Continue Antitrust Case Against Apple in Australia

• Russia’s ‘Cozy Bear’ Breached the Systems of the Republican National Committee

• Ask Chloé: Career Advancement

• Digital Habits During Pandemic Have Lasting Impact

• Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• China using AI to develop robots that can hide in sea launch bombs and cyber attacks

• Biden cancels $10billion cloud-computing contract awarded to Microsoft.

• Critical Flaws Reported in Philips Vue PACS Medical Imaging Systems

• Reevaluating Your Breach Prevention Strategy

• Twitter Considers New Security Features | Avast

• What the Van Buren Case Means For Security Researchers

• Cisco fixes High Severity issue in BPA and WSA

• July 2021 Patch Tuesday forecast: Don’t wait for Patch Tuesday

• test page – issue

• Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files

• Three security lessons from a year of crisis

• Kuo: Redesigned 14-Inch and 16-Inch MacBook Pro Still on Track for Mass Production in Third Quarter

• What you need to know about transatlantic data transfers

• The Chris Krebs case for including election systems as critical infrastructure

• Fraudulent content has a direct impact on consumer loyalty

• Intelligent Waves LLC Promotes John Hammes to Chief Strategy Officer (CSO)

• Silverfort Introduces Industry First Prevention Against Pass the Ticket Attacks

• North American Utilities Expand Digital Transformations to Address Vulnerabilities Exposed by COVID-19 Pandemic

• How have people proven their identity since the dawn of time?

• A mid-year update for Cybersecurity – 4 trends to watch

• Kuo: 2022 11-Inch iPad Pro to Feature Mini-LED Display, Not Just 12.9-Inch Model

• 85% of organizations are yet to hit the cloud native technologies adoption milestone

• Kaseya delays SaaS restore to Sunday, CEO says ‘this sucks’ but decision was his alone

• Morgan Stanley Hit by Accellion Hack Through Third-Party Vendor

• File security violations within organizations have spiked 134% as the world reopened for business

• Presidential Press Secretary Said Moscow Not Involved in The Cyber Attacks on the Republican National Committee of US

• ISC Stormcast For Friday, July 9th, 2021 https://isc.sans.edu/podcastdetail.html?id=7578, (Fri, Jul 9th)

• 62% of consumers believe hyperscale computing will have a positive impact over the next five years

• Israel Says It’s Targeting Hamas’ Cryptocurrency Accounts

• Infovista Ipanema SD-WAN platform allows critical applications to adapt to real-time conditions

• Hancitor tries XLL as initial malware file, (Fri, Jul 9th)

• Thales offers cybersecurity solutions and services to secure connected cars

• Ransomware: To pay or not to pay? Legal or illegal? These are the questions …

• Microsoft issues patch to fix PrintNightmare zero‑day bug

• WildPressure APT Hackers Uses New Malware to Attack Both Windows & macOS Operating Systems

• Top Industry-Specific Fraud Attack Trends from Q1 2021

• Backblaze Computer Backup 8.0 brings improved performance and optimizations

• Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability

• ADVA FSP 3000 ConnectGuard protects data against cyberattacks from quantum computers

• Faraday delivers 5G NR mmWave ASIC projects for small cell baseband/IF and RRU

• Roper named CEO of drone company Volansi

• ZeroFox and Vigilante join forces to protect organizations from dark web activity

• Immuta provides automated data access control in Snowflake’s Partner Connect portal

Generated on 2021-07-10 23:55:37.305842