IT Security News Daily Summary 2021-07-03

• Konica Minolta Business Solutions Returns to 2021 ‘ASTORS’ Awards

• Finding Strings With oledump.py, (Sat, Jul 3rd)

• 100 Military Personnel to Train in US to Combat Cyber Warfare

• Indian National Bank (RBI) Governor Flagged Rising Cyber Attacks As Risk

• Kaseya VSA supply-chain ransomware attack hit hundreds of companies

• Countries Not Capable To Face Current Cyber Threats: IISS Report Says

• Prepare your defense against cybercriminals with ransomware best practice resources | #RansomwareWeek

• Risk-based security now more important than ever for Energy and Utilities!

• Authentication is Outdated: A New Approach to Identification

• IT management biz Kaseya pwned by miscreants to infect businesses with ransomware

• Android Apps with 5.8 million Installs Caught Stealing Users’ Facebook Passwords

• Kaseya Details REvil Attack, Incident Response Plan

• Massive Kaseya VSA Supply Chain Attack Infects Businesses with Revil Ransomware

• REvil Ransomware targets 1000+ businesses causing holiday havoc

• Xerosploit – Pentesting Toolkit to Perform MITM, Spoofing, DOS, Images Sniffing/Replacement, WD Attacks

• Facebook Tests Warning For Anti-Extremist Content

• Do Not Stare Into the Crypto Orb

• IT Software Firm Kaseya Hit By Supply Chain Ransomware Attack

• Top Stories: iOS 15 and macOS Monterey Public Betas, iPhone 13 and MacBook Pro Rumors, and More

• Supply chain attack on Kaseya infects hundreds with ransomware: What we know

• DoubleVPN Servers And Logs Seized In Joint EU Law Enforcement Operation

• Microsoft Unveils Vulnerabilities in Netgear Routers

• United States Tops ITU’s Global Cyber Security Index

• Cybercriminals Unleashing Malware for Apple M1 Chip

• Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware

• Weekly Update 250

• Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF

• ‘Build’ or ‘Buy’ your own antivirus product

• Diavol ransomware appears in the threat landscape. Is it the work of the Wizard Spider gang?

• Business Continuity – The Light in a Time of Darkness

• How a man used a fake finger to trick his smartphone biometrics

• Stories from the SOC – Office 365 account compromise and credential abuse

• Certificate Authority Hacked by Implanting Backdoor on Official Website

• 2021-07-02 – Astaroth/Guildma from Brazil malspam

• Twitter now lets users set security keys as the only 2FA method

• Week in security with Tony Anscombe

• LogPoint launches content pack for Palo Alto Networks Cortex XSOA to accelerate incident response

• WhoisXML API Enriches Its DNS Database Download Capabilities

• Companies desperate to hire more cybersecurity experts

• CMMC board clarifies assessor training timeline

• Innodisk DDR5 DRAM modules offer performance improvements and power savings

• The Future Is in Symmetrical, High-Speed Internet Speeds

• Kaseya urges customers to immediately shut down VSA servers after ransomware attack

• SYN Ventures launches debut fund and reveals three investments

• ISTARI becomes a significant minority shareholder of Prevalent AI

• Ant Group to Establish State-Backed Credit Scoring Company

• Asurity appoints David Roell as VP, Compliance Products and Analytics at RiskExec

• House Dems look to ramp up oversight of DHS operations

• A New Kind of Ransomware Tsunami Hits Hundreds of Companies

• George Lee joins Imperva as Regional VP of Asia Pacific and Japan

• Shutdown Kaseya VSA servers now amidst cascading REvil attack against MSPs, clients

• Ransomware attacks driving cyber reinsurance rates up 40%

• IT Security News Daily Summary 2021-07-02

• DHS workforce sprint brings in nearly 300 cyber employees

• Podcast: How to build a cyber resilient business

• Cybersecurity pros come from all backgrounds, expert says

• You don’t have to be a tech expert to become a cybersecurity pro

• Kaseya VSA Supply-Chain Ransomware Attack

• Kaseya VSA Users Hit by Ransomware, (Fri, Jul 2nd)

• Leaked infrastructure code, credentials and keys costing orgs an average of $1.2 million per year: 1Password

• Everything New in the iOS 15 Photos App: Metadata Editing, Memories Improvements, Live Text, Visual Lookup and More

• How to Use Scheduled Reports with Falcon Spotlight

• Cybersecurity professionals are in high demand to defend organizations

• Digital rights org claims cyberattacks against Filipino media outlets come from government and army

• Microsoft Engineer Stole $10M by Selling Xbox Gift Cards

• Barracuda Agrees to Acquire Skout Cybersecurity

• Revisiting a Framework on Military Takedowns Against Cybercriminals

• Pay the ransom or not? It’s complicated.

• New Skills Academy Suffers by Data Breach

• US and UK Cybersecurity Agencies Blames APT28 Gang for Massive Cyberattacks

• Personal Data of 69K LimeVPN Users Marketed on Dark Web

• Victory! Fourth Circuit Rules Baltimore’s Warrantless Aerial Surveillance Program Unconstitutional

• Microsoft tells US lawmakers cloud has changed the game on data privacy, gets 10 info demands a day from cops

• DOD ADDS TWO MORE (ISC)² CERTIFICATIONS TO REQUIREMENTS FOR CYBERSECURITY STAFF

• Microsoft urges Azure users to update PowerShell to fix RCE flaw

• MacRumors Giveaway: Win an Adjustable Standing Desk From Flexispot

• IGNITING PASSION FOR DIVERSITY, EQUITY AND INCLUSION (DEI): CYBERSECURITY PROFESSIONALS ADDRESS CHALLENGES AND OFFER TANGIBLE ADVICE FOR WEAVING INCLUSION INTO OUR INDUSTRY

• Cyber EO will drive zero-trust progress

• Lawmakers, experts question whether CISA should be split from DHS after delayed confirmation of Easterly

• Secured-Core PCs May Mitigate Firmware Attacks, But Adoption Lags

• EU Competition Chief Tells Apple Not to Use Privacy as a Shield Against Competition

• Google delays Chrome third-party-cookie removal to 2023

• Microsoft Issues New CVE for ‘PrintNightmare’ Flaw

• EFF is Highlighting LGBTQ+ Issues Year-Round

• Five Steps for Safely Migrating your Workloads to the Cloud

• Cybersecurity in Healthcare: Benefits, Examples, and Usage Tips Healthcare cybersecurity framework

• New LinkedIn breach exposes data of 700 Million users

• Linux version of REvil ransomware targets ESXi VM

• NIST Has Come Out With Its Own Ransomware Guidance | #RansomwareWeek

• Six existential threats posed by the future of 5G (Part One)

• Empowering women in the field of ethics and compliance

• Richard Branson, Virgin Galactic To Beat Jeff Bezos To Space

• NETGEAR Routers Bug Let Attackers Compromise Network’s Security for Entire Organization

• Experiencing the Aftermath Will Make You Tougher, Wiser, and Ready For Anything

• Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks

• Widespread Brute-Force Attacks Tied to Russia’s APT28

• TrickBot Spruces Up Its Banking Trojan Module

• Hackers Compromise Mongolian Certificate Authority to Spread Malware

• Another 0-Day Looms for Many Western Digital Users

• Research Reveals Americans Not Aware About Cybersecurity Issues Happening In U.S

• SOC Investment Improves Detection and Response Times, Data Shows

• Brute Force attack launched by Russia APT28 using Kubernetes

• Why quantum and data protection should go hand in hand

• Microsoft Tells Azure Users to Update PowerShell to Patch Vulnerability

• Barracuda Networks Acquires SKOUT Cybersecurity

• Qualcomm CEO Outlines Plans to Compete With Apple Silicon, Handle Apple’s Shift to In-House Modems

• Beware password-spraying fancy bears

• Pooling society’s collective intelligence helped fight COVID – it must help fight future crises too

• New Ransomware ‘Diavol’ Linked to Notorious Cybercrime Gang

• Threat Actors Target Mongolian Certificate Authority with Cobalt Strike Binaries

• 5 Mistakes That Impact a Security Team’s Success

• Small Business and the Importance of Simplified Email Security

• ISC Stormcast For Friday, July 2nd, 2021 https://isc.sans.edu/podcastdetail.html?id=7568, (Fri, Jul 2nd)

• Russian Military Hackers Have Been On A Worldwide Password Guessing Spree

• China Investigates Didi Over Cyber Security Days After Its IPO

• Feds File New Charges For Amazon Employee That Leveraged Server Access To Hack Capital One

• Hacked Data For 69K LimeVPN Users Up For Sale On Dark Web

• Ransomware Gangs Taking Aim At Soft Target Industrial Control Systems

• 5 Essential Elements of a Successful Electronic Records Retention Policy

• Data Of 92% LinkedIn Users Dumped on The Dark Web

• Nissan To Build EV Battery ‘Gigafactory’ In UK

• Hackers Hit President Putin and Citizens at a TV show

• NCSC Alerts of Cyber Threats to Ireland’s Energy, Telecoms and Transport Sectors

• One Medical: Sorry-not-Sorry for Leaking your Personal Info

• Nominations open for 6th annual Security Serious Unsung Heroes Awards

• LimeVPN Website Was Taken Down by a Hacker

• Automating Microsoft Optional Quality Updates – Can it Be Done?

• Ferry Agency: No Sensitive Info Compromised in Cyberattack

• Microsoft Confirms ‘PrintNightmare’ is New Windows Security Flaw

• More than 3 million Russians have become victims of a new online fraud scheme

• WFH: A Smart Time to Revisit Employee Use of Social Media

• Cyber Defense Magazine – July 2021 has arrived. Enjoy it!

• Watch Out! Mirai Botnet Threat Is Closer Than You Think!

• Business Operations Could Be Seriously Affected by USB Threats

• domain generation algorithm (DGA)

• Director of Cybersecurity at NSA Gets Dedicated Twitter Account

• US email hacker gets his “computer trespass” conviction reversed

• Hackers Are Targeting LinkedIn’s 1.2B Data-Scrape Victims

• Digging Into Sextortion Emails | Avast

• Attackers use ‘offensive AI’ to create deepfakes for phishing campaigns

• Container security: How to get the most out of best practices

• DC and Marvel superheroes top breached password lists

• New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks

• UK NCSC, US Agencies, Warn Of Russian Cyber Campaign

• SAP partners with Columbia University on cybersecurity diversity initiative

• The PrintNightmare continues: Microsoft confirms presence of vulnerable code in all versions of Windows

• Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software

• FCA rules Binance won’t be allowed to conduct regulated activity in the UK

• Babuk Ransomware Is Operational Again Focusing on Corporate Networks

• Diavol Ransomware, a New Ransomware in the Cybersecurity Landscape

• What the Pandemic Taught Me About Leadership

• OneWeb Gains Additional $500m Funding From Bharti

• CISA Offers New Mitigation for PrintNightmare Bug

• China announces cybersecurity investigation into Didi Global

• Vulnerabilities in WAGO Devices Expose Industrial Firms to Remote Attacks

• DHS Hired 300 Cybersecurity Professionals in Last Two Months

• Experts warn of Babuk Locker attacks with recently leaked ransomware builder

• Two-Factor Authentication Simplified: Security Keys Are Now the Only Twitter 2FA Method

• GRU Russian Hackers Are Using Kubernetes to Run Brute Force Attacks

• Microsoft Finds New NETGEAR Firmware Vulnerabilities

• More Russian Hacking

• Ransomware: This new free tool lets you test if your cybersecurity is strong enough to stop an attack

• French Tech Firm Charged Over Libya Cyber-Spying

• 2FA Method Simplified: Security Keys Are Now the Only Way to Login Into Your Twitter Account

• Jeff Bezos Selects 82-Year-Old Woman To Join Spaceflight

• How to Downgrade From iOS 15 to iOS 14

• VirusTotal Required to Divulge Details of those Who Downloaded HSE Cyberattack Data

• Wireless Network Penetration Testing Checklist – A Detailed Cheat Sheet

• Ransomware gangs are taking aim at ‘soft target’ industrial control systems

• New Google Scorecards Tool Scans Open-Source Software for More Security Risks

• Apple and Amazon Under Investigation in Spain for Possible Anti-Competitive Practices

• US and UK issue rare joint guidance in response to Russian GRU brute force campaign

• Tim Berners-Lee’s NFT Source Code Sells For $5.4m

• Twitter Considers Letting Users Tweet to ‘Trusted Friends’

• Security Recruiter Directory

• Top 5 Scam Techniques: What You Need to Know

• CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks

• Operation Skein: The Irish Garda Target Nigerian BEC Criminals

• Brit firm fined £200k for banging on about missold PPI in 11.4 million nuisance calls

• U.S. Senate Probe Reveals Data Purchases | Avast

• Microsoft Adds DNS-over-HTTPS to Windows 11

• Apple Likely to Debut Next-Gen 3nm Chip Technology in 2022 iPad Pro

• PrintNightmare Exploit Mistakenly Brought to Public’s Attention: A Malware That Could Perform a System Takeover [UPDATED]

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• Indexsinas SMB Worm Attacks Vulnerable Environments

• Can Your Data Protection Software Recover from Modern Ransomware?

• Reducing the Risk of Credential Leakage

• Apple to Debut TSMC’s Next-Gen 3nm Chip Technology in 2022 iPad

• Six children victim of sexual abuse removed from harm as a result of Europol’s Victim Identification Taskforce

• Smart Homes in UK are vulnerable to Cyber Attacks

• How to use a physical security key on Twitter and where to get it from

• NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers

• “inception.py”… Multiple Base64 Encodings, (Fri, Jul 2nd)

• Microsoft Warns of Critical “PrintNightmare” Flaw Being Exploited in the Wild

• Privacy Takes a Hit In the High Court

• Major South African Insurance Company Suffers Data Breach

• Microsoft Reveals Flaws Allowing Hacking of Netgear Routers

• Single page web applications and how to keep them secure

• Customized Trojan Stole Data From 3M Windows PC Users

• Cybercriminals Unleashing Malware for Apple M1 Chips

• U.S. Government Equates Threat of Ransomware with Terrorism | #RansomwareWeek

• CCSP: The Best Way to Achieve Cloud Security

• How to achieve financial inclusion with Open Banking

• A mid-year update for Cybersecurity – 4 trends to watch

• How facial recognition solutions can safeguard the hybrid workplace

• DoubleVPN Taken Down by Federal Authorities That Was Used by Hackers To Bypass Detection

• Microsoft adds second CVE for PrintNightmare remote code execution

• How mobile operators view security in the 5G era

• Testing Data Flows Using Python and Remote Functions

• Most enterprises started a modernization program due to the pandemic

• Decision makers divided about cloud technology adoption

• Immuta’s SaaS deployment option helps implement data access control across cloud data environment

• TrustInSoft mathematically guarantees bug free IoT code with Application Security Test

• Apple Releases Safari Technology Preview 127 With Bug Fixes and Performance Improvements

• Bitwarden’s password management enhancements ensure password security at scale

• MariaDB partners with AWS to bring MariaDB SkySQL to the cloud

• Neustar and Equifax release Financial Spectrum, an audience segmentation and media activation solution

• Versa Networks raises $84M to support new sales and marketing initiatives for the SASE market

• Armorblox collaborates with Intermedia to protect customers from advanced email attacks

• Supreme Court Narrows Ability to Hold U.S. Corporations Accountable for Facilitating Human Rights Abuses Abroad

• PrintNightmare: Kicking users from Pre-Windows 2000 legacy group may thwart domain controller exploitation

Generated on 2021-07-03 23:55:35.875210