IT Security News Daily Summary 2021-03-15

• Information security quizzes to test your cybersecurity smarts

• White House tees up cyber labeling policy

• Buffalo Public Schools Cancel Classes Due to Ransomware

• DDoS’s Evolution Doesn’t Require a Security Evolution

• It’s Too Late for Threat Intelligence Vendors to Ignore IPv6

• 5 Ways Hackers Execute Successful Phishing Campaigns

• Unpatched Exchange Servers hit with ransomware

• White House considers cybersecurity ratings to boost visibility

• Old Linux storage bugs, new security patches

• Microsoft, AMD partner on confidential computing features powered by AMD Epyc 7003 processors

• Cybersecurity Bug-Hunting Sparks Enterprise Confidence

• Not quite “The Purge,” but 70% adopted home tech to increase security amid pandemic

• Remote hiring: Cybersecurity best practices

• Endpoint security vs. network security: Why both matter

• IBM X-Force Publishes a List of Top 10 Cybersecurity Vulnerabilities of 2020

• CISA Updates Microsoft Exchange Advisory to Include China Chopper

• Empresas y tecnología: el futuro del trabajo

• Be Prepared for Anything with EDRP

• Thank You for Speaking Against a Terrible Copyright Proposal

• Royal Mail scam says your parcel is waiting for delivery

• Smart doorbells on business premises make your property more attractive to burglars, warns researcher

• Opinion: Apple Discontinues the HomePod; Is That the End for Apple and Home Audio?

• The gift of intentionality and inclusivity at heart – Celebrating Women’s History Month and International Women’s Day

• True Security Requires a Holistic Approach

• How 2020 Helped Parents Understand Their Kids’ Digital Lives

• Cyberattacks See Fundamental Changes, A Year into COVID-19

• Swiss Police Raid Over Hack on U.S. Security-Camera Company

• Over 80,000 Exchange Servers Still Affected by Actively Exploited Vulnerabilities

• Lookout Acquires SASE Cloud Provider CipherCloud

• Join us for free at the biggest online summit in the WordPress space

• XKCD ‘Post-Vaccine Party’

• BSides Huntsville 2021 – Chris Cochran’s ‘Keynote: Performing Like A Cybersecurity Champion’

• US DoJ indicted the CEO of Sky Global encrypted chat platform

• The Malwarebytes 2021 State of Malware report: Lock and Code S02E04

• Fastway Couriers Reveals Data Breach

• New PoC Puts Microsoft Exchange Bug Attacks in Reach of Anyone

• COVID-19 Testing Service in US Exposes Patients’ Photos, Passports

• Black Shadow Threat Actors Target Another Israel based Company

• Authorization Technology is the Future of Collaboration

• Forrester: These 5 threats could hobble pandemic recovery

• How malware is targeting the new Apple Macs

• Google Chrome Zero-Day Under Attack, Again

• Some iPhone 11 and iPhone 12 Models Losing Color From Aluminum Body

• Apple Seeds Fourth tvOS 14.5 Beta to Developers

• Apple Seeds Fourth Beta of watchOS 7.4 to Developers

• Apple Seeds Fourth Betas of iOS 14.5 and iPadOS 14.5 to Developers

• Apple Seeds Fourth Beta of macOS Big Sur 11.3 to Developers

• Can Litigation Help Deradicalize Right-Wing Media?

• Lookout Acquires CipherCloud to Deliver Security from Endpoint to Cloud

• Is automated vulnerability scanning the best way to secure smart vehicles?

• What is network segmentation? NS best practices, requirements explained

• Organizations are more likely to purchase tech and services from vendors demonstrating transparency

• How to use Bitwarden’s new Send feature

• How to block users from setting up their own cron jobs on Linux

• Research: Security Agencies Expose Information via Improperly Sanitized PDFs

• Lookout Enters SASE Market Through Acquisition of CipherCloud

• What’s New in AppTrana? – A look into The Most Noteworthy WAF Updates In 2020

• How Quickly Are We Patching Microsoft Exchange Servers?

• A Tip For Easy SQL-based Big Data Analysis: Use a Temporary Dataset

• Arrest warrants out for Canadians behind ECC cryptophone networks

• CGG, a Geoscience Company is Investigating Cybersecurity Incident

• What Is a Vulnerability Management Program and Why You Need It

• Britain Boris Johnson speaks about Cyber Attacks

• BrandPost: Zero Trust, ZTA, and ZTNA: What’s the Difference?

• Flurry of reboots signal Exchange Server patching

• Retail Cybersecurity: How to Protect Your Customer Data

• Here are 5 jobs you should probably apply for this week

• Lookout acquires CipherCloud to secure enterprises from endpoint to cloud

• Google fails to quash Incognito mode user tracking, privacy lawsuit

• Microsoft Exchange Server zero-day attacks: Malicious software found on 2,300 machines in the UK

• Google Warns Mac, Windows Users of Chrome Zero-Day Flaw

• AMD Unveils New Security Features With Launch of EPYC 7003 Series Processors

• SOAR vs. SIEM: What’s the difference?

• S3 Ep 23.5: An interview with cybersecurity expert John Noble CBE

• Judge Upholds Privacy Lawsuit Against Google

• OVH Data Center Fire Impacts Cyber-criminals

• Name That Toon: Something Seems Afoul

• Vulnerability Summary for the Week of March 8, 2021

• Google Releases Security Updates for Chrome

• Level up your Secure Email game using SecureX Orchestrator

• The Journey Ahead is the Challenge in ICS

• U.S. Indicts CEO Of Encrypted Phone Firm Sky

• Google Faces $5 Billion Lawsuit Over Incognito Mode

• Exclusive Deals: Save Up to 25% on Anker’s Portable Chargers, USB-C Accessories, and Lightning Cables

• Blue-tooth Virus to improve COVID-10 tracking

• ZHtrap Botnet Malware Deploys Honeypots in the Search for More Targets

• Cybersecurity firm IronNet to go public in SPAC deal

• 5 steps to enable your corporate SOC to rapidly detect and respond to IoT/OT threats

• Peeling Back Your PKI Onion: Can I Trust My PKI? – Keyfactor

• 25% of UK Workers Let Their Children Use Their Work Device

• Facebook Wants To Train AI By Showing It User Videos

• Accurics Launches Comprehensive Channel Program with Unique Developer-First Approach to Cloud Security

• Tim Cook Attending Chinese Development Conference Later This Month

• Remote Working – Comments And Advice

• Thousands of Shoppers Affected by Fastway Couriers Security Breach

• PoC Exploit for Microsoft Exchange Launched

• How to Build Your Best Business – 2021 Guide

• Tech Resume Library: 25 downloadable templates for IT pros

• LinuxSecurity User Survey Results: How Do You Compare?>

• Hafnium’s China Chopper: a ‘slick’ and tiny web shell for creating server backdoors

• How to remove legacy communication services on Linux

• US Indicts Head of Alleged Crime Chat Comms Service

• Cybersecurity M&A Roundup for Week of Mar. 8, 2021

• WeLeakInfo Leaked Customer Payment Info

• Verkada Breach Demonstrates Danger of Overprivileged Users

• How to Choose the Right Cybersecurity Framework

• The UK Is Secretly Testing a Controversial Web Snooping Tool

• nClouds Achieves SOC 2 Certification For Its Consulting Services

• Deals: Amazon Discounting Apple’s 256GB M1 MacBook Pro to New Low Price of $1,149.99 ($149 Off)

• Apple TV+ Lands First Oscar Nominations for ‘Greyhound’ and ‘Wolfwalkers’

• Looking to Grab a HomePod Before They’re Gone? These Retailers Still Have Stock

• Heavy Lies the Crown: The Survival of Arab Monarchies, 10 Years After the Arab Spring

• Experts Reaction On iPhone Hack To Help Keep Women Safe

• Expert Advise On Netflix Crackdown On Password Sharing

• Experts Statements On New Ransomware Threat To Unpatched Microsoft Exchange Servers

• As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak

• How Important Is BEC Security For Your Company?

• CipherCloud and Lookout Blaze a New Path Together – Redefining Security from Endpoint to Cloud

• Serious Zero-Day Bug Found In Plus Addons For Elementor WordPress Plugin

• Google Patched Second Chrome Zero-Day Within A Month

• Women in Security Part 2: Meet Suzanne Hall, Global CISO and VP, Technology at Circle K Stores

• Cybersecurity Lessons from the Pandemic: Hubris

• How to Improve Your Cloud and Container Security

• ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

• iOS 14.5: Apple Maps Could Feature Real-Time Crowd Data for Points of Interest

• Expert Reaction On South And City College In Birmingham Hit By Ransomware Attack

• What Experts Say When To Patch Microsoft Exchange Vulnerabilities

• Google, HTTPS, and device compatibility

• Passwordless Authentication, This is the Way

• Exchange flaws could be much worse than thought: Six hacking groups suspected of using the zero days pre-patch

• How to Fix Slow-Running Macs

• 5 ways to grow the cybersecurity workforce in 2021

• Elon Musk, Tesla Board Sued Over ‘Erratic’ Tweets

• Honeywell Quadruples Quantum Computing Power

• Microsoft investigates potential ties between partner security firm, Exchange Server attack code leak

• Google: This Spectre proof-of-concept shows how dangerous these attacks can be

• Google Releases PoC Exploit for Browser-Based Spectre Attack

• Uber and Lyft Pool Driver Info to Boost Passenger Safety

• New Dates Confirmed for Infosecurity Europe 2021

• Beware of scam using the name of Europol’s Executive Director

• “Netbounce” Threat Actor Tries to Evade Detection

• Twitter users suspended due to “Memphis” bug

• DearCry Ransomware is Targeting Microsoft Exchange Servers

• How Google is Being Used to Deliver Malware

• US Senator Adds Support To Amazon Union Vote

• Judge Dismisses Most Claims Against Zoom In Proposed Case

• Sky Global CEO indicted over encrypted chat drug trafficking, calls allegations an ‘outrage’

• Encrypted Comms CEO Indicted in Drug Trafficking Conspiracy

• Spanish Police seize first ever narco-submarine made in Europe

• Rising Demand for DDoS Protection Software Market By 2020-2028

• App Store Supports Over 830,000 Jobs in UK, Says Apple

• 4 ways COVID-19 has changed security hiring forever

• 3 best practices to protect sensitive data in the cloud

• ‘Thousands’ Of UK Firms Hit By Microsoft Exchange Hacks

• Mobile Gaming Pioneer Gordon Hall Dies At 51

• Google, Microsoft Feud Over Antitrust, Hacking Issues

• Educating Women in Tech: Q&A with Anna Brailsford | Avast

• FCW Insider: March 15, 2021

• Naked Security Live – HAFNIUM explained in plain English

• Exchange Exploit Attempts Surge Sixfold as Ransomware Lands

• Twitter Ads used by Scammers to Promote Fake Cryptocurrency

• CEO of Encrypted Chat Platform Indicted for Aiding Organised Criminals

• COVID-19: Examining the threat landscape a year later

• Reverse Engineering: A Security Researcher’s Toolkit

• Google fixes the third actively exploited Chrome 0-Day since January

• NCSC is not aware of ransomware attacks compromising UK orgs through Microsoft Exchange bugs

• App Store Now Supports Over 330,000 UK Jobs, Says Apple

• Positive Interest in STEM: The latest side-effect of the pandemic

• Trying to register your antivirus in Windows Security Center?

• RPA’s Impact on Governance, Risk Management and Compliance

• Unlock a New Level of Security at Secure Coding Virtual Summit

• Police Cracked Encrypted Messaging Platform led to Hundreds of Arrests

• Google Fixed yet Another Actively Exploited zero-day Vulnerability in the Chrome Browser

• Verkada Surveillance Hack, Breach Highlights IoT Risks

• Kuo: AirPods 3 Mass Production to Start in Q3 2021

• Password reuse defeats the purpose of passwords

• Buffalo Public School Ransomware attack details

• US White House discusses Cyber Attacks on Quad Countries

• Alarming number of consumers impacted by identity theft, application fraud and account takeover

• Why data privacy will be the catalyst for digital identity adoption

• Biden administration reveals probe into government security has found holes, wants more private sector collaboration as the cure

• Experts have found vulnerabilities in thousands of surveillance cameras in Russia

• Apple Shares ‘Jump’ AirPods Pro Ad

• A strategic approach to identity verification helps combat financial crime

• How digital leaders built a foundation for resiliency in the face of disruption

• ISC Stormcast For Monday, March 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7412, (Mon, Mar 15th)

• Sumo Logic acquires DFLabs to combat modern threat challenges

• What Does the HIPAA Safe Harbor Bill Mean for Your Practice?

• Thales enables Axis Bank’s wearables as a secure contactless way of payment

• Dashlane Password Changer 2.0 and machine learning engine now available

• US federal judge issues injunction to temporarily remove Xiaomi ban

• Cybersecurity for MSSE 2022

• GLEIF CA Stakeholder Group accelerates integration of LEIs in digital certificates

• Senate committee recommends ‘rushed’ Online Safety Bill be passed

• Cobalt Partner Program offers new opportunities for partners

• Nubeva expands monitoring capabilities in AWS

• Veracode Hacker Games challenges university students to hack and patch real-life apps online

• Google Facing Lawsuit Over Tracking Users in Incognito Mode

• Welcome to the era of the mega-hack

• Robinhood appoints Caleb Sima as CSO

• Australia, India, Japan, and USA create joint critical tech working group

• Wireshark 3.4.4 Released, (Sun, Mar 14th)

• IT Security News Weekly Summary – Week 10

• IT Security News Daily Summary 2021-03-14

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 319’

• BSides Huntsville 2021 – David Hunt’s ‘Hack In Your Sleep’

• Upcoming Speaking Engagements

• BSides Huntsville 2021 – Ronnie Watson’s ‘Build Yourself An Elastic Threat Hunting And Monitoring SIEM’

• Fighting Domestic Extremism: Lessons From Germany

• Data Privacy Day: Three ways to keep consumer data secure

• Top IoT predictions for 2021

• ZHtrap, the Latest Malware to Install Honeypots on Devices to Identify More Targets

• Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

• The Foilies 2021

• Security Affairs newsletter Round 305

• Judge Rules Google Must Face Lawsuit Alleging Chrome Tracks Users in Incognito Mode

• Cyber Attacks: Is the ‘Big One’ Coming Soon?

• A Trio of Vulnerabilities in the Linux Kernel Can Give Attackers Root Privileges

• WeLeakInfo’s Customer Records Leaked

• Google releases Spectre PoC code exploit for Chrome browser

• Book Review: Born Digital by Robert Wigley

• Week in review: Keeping serverless architecture secure, trends influencing remote work in 2021

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Penetration testing

• Four innovative payment services using a banking app

• Giving Voice to Digital Identities Worldwide: Lessons and Insights from Around the World

• How can we prevent sophisticated document fraud in 2021?

• How to guarantee patient identification during a pandemic

• How can technology protect and improve the future of sport?

• Application Security for builders and creators

Generated on 2021-03-15 23:55:19.831171