IT Security News Daily Summary 2021-06-12

• Bitcoin just got its first makeover in four years, which will help it compete with Ethereum

• Apple Makes New On-Screen Game Controller Available to Developers on iOS 15 and iPadOS 15

• Security BSides Dublin 2021 – Caitlin Long’s ‘Hacking The Planet: An Intro To Avionics Security’

• XKCD ‘Product Launch’

• Fortinet Targeted for Unpatched SSL VPN Discovery Activity, (Sat, Jun 12th)

• Endpoint security is a double-edge sword: protected systems can still be breached

• 7 Years Old Critical Linux Privilege Escalation Bug Let Hackers Gain Root Access

• McDonald’s discloses data breach in US, Taiwan and South Korea

• A Digital Journey: A Long and Winding Road

• Security BSides Dublin 2021 – Lindsay Kaye’s ‘Egregor Awakens: Taking A Tour Of A Threat Actor’s New Digs’

• Expert: Facebook Users Should Have The Power To Decide Who Is Banned

• South Korea And Taiwan: McDonald Hit by a Data Breach

• 3.2 Million PCs Compromised in a Malware Campaign

• Security News In Review: REvil Attacks Nuclear Contractor Sol Oriens

• Google Won’t Kill the URL After All

• Volkswagen discloses data breach, 3.3 million customers impacted

• Apple Promotes iPad Pro in New Ad With ‘The Little Mermaid’ Musical Spin

• Craig Federighi and Greg Joswiak Discuss iPadOS 15, macOS Monterey, Privacy, Shortcuts on Mac, and More

• Top Stories: WWDC Recap With iOS 15, macOS Monterey, and More

• Game giant Electronic Arts is the latest victim of massive data breach

• Iranian Hackers Attacked Websites of an African Bank and US Federal Library

• What You Should Know About Voilá, the Latest Viral Selfie App

• CVE-2021-3560 flaw in polkit auth system service affects most of Linux distros

• Top 5 Growth Hacking Strategies for Small Startups

• iVerify (version 17)

• This app teaches you how to make your iPhone secure

• Apple Reaffirms Privacy Stance Amid Trump Probe Revelations

• As Ransomware Demands Boom, Insurance Keeps Paying Out

• EA Sports Hacked – Hackers Stolen Source Code With 780 GB of Data

• ‘Build’ or ‘Buy’ your own antivirus product

• Linux System Service Bug Allows You to Gain Root Access

• Endpoint, el nuevo perímetro

• Avaddon ransomware group closes shop, sends all 2,934 decryption keys to BleepingComputer

• Arctic Wolf Service Assurance helps organizations end cyber risk

• Cybersecurity News Round-Up: Week of June 7, 2021

• IonQ integrates with Cirq, an open-source quantum computing framework from Google

• Nutanix and HPE expand partnership to accelerate hybrid cloud and multicloud adoption

• Tracking ransomware cryptocurrency payments: What now for Bitcoin?

• Week in security with Tony Anscombe

• Sherweb partners with LogMeIn to offer password management solution to its partners

• Checkmarx names Roman Tuma as CRO

• Avaddon ransomware gang shuts down their operations and releases decryption keys

• Internet Threats Go Viral – Companies Must React to Keep Brands Secure

• macOS Monterey Features Dedicated Password Section in System Preferences, Built-In Authenticator and More

• The ACCESS ACT Takes a Step Towards a More Interoperable Future

• IT Security News Daily Summary 2021-06-11

• The Executive Order – Improving the Nation’s Cyber Security

• Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC

• McDonald’s suffers cyberattack in US, South Korea and Taiwan

• Trickbot Investigation Shows Details of Massive Cybercrime Effort

• Executive Order Signed By President Biden

• McDonald’s Data Breach Exposed Business & Customer Data

• Next iPad Mini Will Allegedly Feature Thinner Bezels, USB-C Port, and Touch ID Power Button

• 1000 Californians Have Asked Their Representatives To Fix Our Broken Broadband System. Have You?

• Colonial Pipeline Disrupted By Single Password | Avast

• Top 5 benefits of a new cybersecurity market model

• U.S. Lawmakers Introduce Antitrust Legislation That Could Significantly Impact Apple and Other Tech Companies

• The hacker group that went after one of Apple’s suppliers found a new victim

• Volkswagen America Discloses Data Breach Impacting 3.3 Million

• CEO-Level Guide to Prevent Data Hacking Technologies & Incidents

• Reclaim Your Online Privacy | Avast

• Air Force wants $800 million for enterprise IT as a service

• Apple will finally give iPhone and iPad users an important choice to make

• The pros and cons of Palo Alto Networks’ SASE platform

• Maps in macOS Monterey: Interactive Globe, Detailed Terrain, 3D Landmarks, Updated Driving Features and More

• REvil Hits US Nuclear Weapons Contractor: Report

• Baby Clothes Giant Carter’s Leaks 410K Customer Records

• The Joy of Tech® ‘WWDC Schadenfreude!’

• Cyber Resilience and Its Importance for Your Business

• Security BSides Dublin 2021 – Peter Morin’s ‘Fight The Fight – Orchestrating And Automating Your Incident Response’

• Apple Asks Developers Whether They Would Attend In-Person WWDC Following Two Years of Digital Format

• Fallout of EA source code breach could be severe, cybersecurity experts say

• Wray: FBI Frowns on Ransomware Payments Despite Recent Trend

• Securolytics COO charged in Georgia hospital cyber attack

• Italy announced its Cybersecurity Agency

• Adobe Removing ‘Photoshop Mix’ and ‘Photoshop Fix’ From App Store on June 21

• MacRumors Giveaway: Win a Magnetic iPad Stand From Lululook

• DOJ charges cybersecurity official for attack on Georgia hospital

• Father’s Day Deals: Save on Apple Accessories From Nomad, Hyper, Mophie, and More

• macOS Monterey Tidbits: Animated Memoji on Login Screen, Change the Color of the Mouse Pointer, and More

• Biden Issues Executive Orders on Chinese Companies and Apps

• Fighting Insider Abuse After Van Buren

• Cyberpunk 2077 Hacked Data Circulating Online

• The FBI’s Anom Stunt Rattles the Encryption Debate

• Security BSides Dublin 2021 – Chris Lyne’s ‘A Glance At Interpreted Language Bytecode Trickery’

• UK tells UN that nation-states should retaliate against cyber badness with no warning

• C3.ai Digital Transformation Institute Announces AI for Energy and Climate Security Grantees

• Make New Connections with (ISC)² Community

• BrandPost: Announcing HP Wolf Security, and a New Report Assessing Remote Working Cyber Risks

• Biden’s OPM nominee appears headed for confirmation

• Recorded Future Unveils $20M Threat-Intel Investment Fund

• ALPACA – the wacky TLS security vulnerability with a funky name

• Details Emerge on How Gaming Giant EA Was Hacked

• Apple’s Flagship Tower Theatre Store Opening in Los Angeles on June 24

• How to deactivate or delete your Facebook account

• Cyber Attack news trending on Google

• BrandPost: Nation States, Cyberconflict, and the Web of Profit.

• Cisco Talos: Exchange Server flaws accounted for 35% of attacks

• Landmines are Banned. Should Drones be Classified as Airmines?

• Ransomware will cost its victims more around $265 billion (USD) annually by 2031, Cybersecurity Ventures predicts

• Cloud vs on premise: 3 reasons the Cloud is winning

• COO of Security Company Charged for Cyberattack on Medical Center

• Report: Most Online Sex Trafficking Recruitment Cases Occur On Facebook

• China-Based Hackers Luring Indians into Fake Tata Motors Scam

• With Significant Increase In High-Profile Cyberattacks, SecZetta Shares Insight on How Organizations Can Mount Better Offense

• Sonicwall SRA 4600 Targeted By an Old Vulnerability, (Fri, Jun 11th)

• Video: Top 5 Most Useful Features in iPadOS 15

• Ransomware Attack Hits Foodservice Distributor Edward Don

• Watch Out! Emerging Malware is Skulking in Steam Profile Pictures

• How to speed up deep learning model training in the automotive sector

• Amazon Web Services To Build Data Centre In Israel

• Top 10 Linux Server Hardening and Security Best Practices

• Web Filtering Appliance for Battling Spam

• RSA Spins Out Fraud and Risk Intelligence Unit as Standalone Company Outseer

• Many Mobile Apps Intentionally Using Insecure Connections for Sending Data

• MacBooks Running Windows Gain Improved Trackpad Support With Boot Camp Update

• Billions of Passwords Leaked Online

• How Collaboration Happens at Duo

• Educating the Educators: Protecting Student Data

• Lax security around URL shortener exposed PII of US retailer Carter’s customer base

• Monumental Supply-Chain Attack on Airlines Traced to State Actor

• McDonald’s Says Hackers Breached Data in Taiwan, South Korea

• Secure Access Trade-offs for DevSecOps Teams

• US Retailer Carter Leaks PII With URL Shortener

• McDonald’s Operations In South Korea And Taiwan Hit By Data Breach

• STEM Audio Table Rife With Business Threatening Bugs

• How Hackers Used Slack To Break Into EA Games

• macOS Monterey to Offer Smoother Gameplay With Support for Adaptive-Sync Displays on Newer Macs

• Check Point Software Announces Integration of CloudGuard Network Security with Equinix Network Edge

• Five arrested over brazen Paris bank heist

• Inadvertently Exposed Secrets and Tokens are promptly Scanned by GitHub

• Deals: Take $49 Off Apple’s M1 iMac With New All-Time Low Prices

• McDonald’s says some systems in Asia were hit by data breach

• GitHub Discloses Details of Easy-to-Exploit Linux Vulnerability

• Russian hackers attacked the systems of the Dutch police during the investigation of the Boeing crash

• A Mystery Malware Stole 26 Million Passwords From Windows PCs

• Mozilla Says Google’s New Ad Tech—FLoC—Doesn’t Protect User Privacy

• The U.S. Needs a New Licensing Policy for Chinese Companies

• The GDPR, Privacy and Monopoly

• Apple should fix this privacy issue, not try to keep it quiet

• Police Grab Slilpp, Biggest Stolen-Logins Market

• Canada Privacy Watchdog Slams Police Use of Facial Recognition Tool

• FBI Alerts: BEC Scammers are Posing as Construction Companies

• Deloitte Acquires CloudQuest to Gain CSPM Platform

• EA’s Source: It’s in the Game (and in Hackers’ Hands)

• JBS USA Paid $11 Million to Hackers for The REvil Ransomware Attack

• Everyone Wants to Build a Cyber Range: Should You? Part 2

• U.S. Authorities Shut Down Slilpp, the Largest Marketplace for Stolen Logins

• Hackers Can Use Pre-installed Samsung Apps to Spy on Users

• Kubeflow: The Target of Cryptomining Attacks

• Mysterious custom malware used to steal 1.2TB of data from million PCs

• iOS 15: Check Out Safari’s New Tab Bar, Tab Groups, and Tab Switcher

• CD Projekt Data Breach: Ransomware Attack Makes Internal Data Public

• Hackers Are Tampering with Pre-Installed Apps to Spy on Samsung Users

• How to Conduct a Cloud Security Audit: A 5-Step Checklist

• EA Games looted by intruders: Publisher says ‘no player data accessed’ after reported theft of FIFA 21, Frostbite source

• Useful Ways To Increase Your Security And Safety While Driving

• Best ways to block cyberattacks in your business

• Microsoft Announce Powerful New Threat Detection Solution in Azure

• New DDoS extortion attacks detected as Fancy Lazarus group returns

• Russia Fines Facebook $235,000 Over ‘Illegal Content’

• Hackers Steal FIFA 21 Source Code, Tools in EA Breach

• Alibaba’s Lazada Launches Public Bug Bounty Program

• FBI/AFP-Run Encrypted Phone

• Nefilim Ransomware: Everything You Need to Know

• U.S. Gets Hit by More Than 7 Ransomware Attacks an Hour

• Cox Media Group hit by Major Cyberattack Last Week

• Gaming Giant EA Confirms Breach, Theft of Source Code

• iOS 15 Reminders Gains New ‘Smart List’ Feature for Easily Filtering Reminders Based on Locations, Tags, and More

• Why Freelancers Should Prioritise Cybersecurity

• Gaming Giant Electronic Arts Got Breached

• Robert Hormats on China’s crypto crackdown, national security concerns over TikTok, WeChat

• Italy Sets Up Cybersecurity Agency After Russia Warnings

• Apple Working on Redesigned iCloud Mail for Web

• Hackers Steal Wealth of Data from Game Giant EA

• One Identity Strengthens Executive Team

• Cybersecurity Tips for Business Travelers: Best Practices for 2021

• Complexity is the biggest threat to cloud success and security

• Authorities Take Down Stolen Login Credentials Marketplace Slilpp

• Al Jazeera detected and blocked disruptive cyberattacks

• The Largest Marketplace for Stolen Logins Slilpp Disrupted by International Law Enforcement

• FBI sold phones to organized crime and read 27 million “encrypted” messages

• What Really Happened When Google Ousted Timnit Gebru

• This Could Be The Largest Password Leak Of All Time

• Multiple Office 365 security bugs could give hackers the keys to the kingdom

• Security researcher says attacks on Russian government have Chinese fingerprints — and typos, too

• EA Games Hacked, Source Code Stolen

• The CSO guide to top security conferences, 2021

• FCW Insider: June 11, 2021

• Card Broken: 1000 arrests made in Chinese crackdown on fraud, cryptocurrency laundering

• Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

• Apple Registers iPhone 13 Models in Eurasia Ahead of September Launch

• Researchers Create Un-hackable Quantum Network, Expert Weighs In

• How to hack a smart car – with sticky tape

• AWS IAM Vs Azure: Which Is More Secure?

• DoJ announced to have shut down Slilpp marketplace in international operation

• iOS 15’s Live Text Feature Lets You Digitize Written Notes, Call a Number on a Sign, Translate a Menu, and Much More

• Weekly Update 247

• Live Cybersecurity Webinar — Deconstructing Cobalt Strike

• The case for SaaS data backup and ownership

• Feds strike Slilpp, a marketplace for flogging initial access credentials

• Iranian Hackers Compromise Websites of an African Bank and a US Federal Library

• 7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access

• Ask Chloé: Personal Burnout

• Canadian Cyberattacks in 2020: Most Organizations in Canada Affected

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• Foodservice Supplier Edward Don Hit by a Ransomware Cyberattack

• EA Gaming Giant Hacked and Source Code Stolen

• 5 Steps to Effective CUI Classification

• Seven-year-old make-me-root bug in Linux service polkit patched

• New Cyber Espionage Group Targeting Ministries of Foreign Affairs

• Facebook Messenger Gains Quick Reply Bar, Payment Links, and New Themes

• 15 Ways To Secure Your Business WiFi Network

• Organizations Leveraging Microsoft Teams at Risk

• Can the Government Compel You To Produce Records That Don’t Exist Yet?

• Keeping an Eye on Dangerous Python Modules, (Fri, Jun 11th)

• Apple TV+ Renews ‘See’ For Third Season Ahead of Season Two Premiere on August 27

• New infosec products of the week: June 11, 2021

• Seven-year-old make-me-root bug in Linux kernel patched

• More than 26m user passwords stolen from Amazon, Apple, and Facebook

• Google uses AI to develop Silicon Processors under 6 hours

• API Security Weekly: Issue #137

• Quantum computing is imminent, and enterprises need crypto agility now

• China arrests over 1000 for using cryptocurrency to help launder proceeds of phone scams

• The future of FISA

• Intrusion Detection System (IDS) and Its Detailed Working Function – SOC/SIEM

• U.S. Authorities Shut Down Slilpp—Largest Marketplace for Stolen Logins

• Software Security Testing – Hidden Thoughts Can Cost You

• CISSPs From Around the Globe: An Interview with Laurie Mack

• DDoS attacks increase 341% amid pandemic

• Digital criminals turn toward vaccines to capitalize on COVID-19

• One step closer to quantum-secure conference calls

• ISC Stormcast For Friday, June 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7538, (Fri, Jun 11th)

• Biometrics for banking and financial services market to reach $8.9 billion by 2026

• Gigamon ThreatINSIGHT Guided-SaaS NDR improves SOC and incident response effectiveness

• China passes new laws to hit back at foreign sanctions

• Google ends push for Chrome address bar to only show domain name

• How Attackers Exploit Active Directory: Lessons Learned from High-Profile Breaches

• Approov 2.7 delivers API cybersecurity protection for mobile-based applications

• Protegrity Data Protection Platform introduces dynamic data masking and monitoring capabilities

• Trump Administration Subpoenaed Apple for Data on Two House Intelligence Committee Democrats

• Acronis Cyber Protect Cloud’s protection pack blocks email-borne threats

• AWS Proton: Fully managed application delivery service for containers and serverless

• Bayshore Networks expands its Security Gateway portfolio with the release of NetWall 10GB USG

• Everbridge and WizNucleus partner to increase digital and physical security for the energy industry

• VMware and Vapor IO build a Multi-Cloud Services Grid to simplify the delivery of distributed 5G systems

• Victory! Dartmouth Ends Unfounded Cheating Investigation After Students, Rights Groups Speak Out

Generated on 2021-06-12 23:55:37.983878