IT Security News Daily Summary 2021-09-27

• Crisis management and incident management in the digital era

• Microsoft Warns of ‘FoggyWeb’ Malware Targeting AD FS Servers

• Google Criticizes EU Regulators for Ignoring Apple in Bid to Get $5.1 Billion Antitrust Fine Annulled

• EFF to Court: Stop SFPD from Spying on Protesters for Black Lives

• 4 steps to zero-trust maturity — without starting from square one

• ExpressVPN vs. Surfshark vs. NordVPN: Which is best?

• Cryptocurrency expert pleads guilty to helping North Korean government use blockchain to evade sanctions

• 5 Steps to Securing Your Network Perimeter

• Thoma Bravo Completes Strategic Investment in Intel 471

• 7 Ways to Thwart Malicious Insiders

• Urgent Chrome security update released to patch widely exploited 0-day

• How the Port Authority of New York and New Jersey expanded enterprise asset management

• #IMOS21: Global Threat Brief – The Most Dangerous Attack Techniques in 2021

• Apple Apologizes to Researcher for Ignoring iOS Vulnerabilities, Says It’s ‘Still Investigating’

• What Can You Do To Ensure That Hackers Are Unable to Access Your Mobile Banking Apps?

• Yes, Car Hacking Is a Reality. Here’s How Can You Protect Your Fleet

• Google Chrome Patched Another Zero-Day Bug Within A Month

• Apple To Remove Insecure TLS Protocols In Future macOS, iOS Releases

• BrandPost: What Should I Watch Tonight? I have Tens of Thousands of On-demand Media Options

• BrandPost: Gaming Industry Paves the Way

• BrandPost: Healthcare Modernization? More Like Building the Plane While Flying It

• BrandPost: Three Surefire Ways to Boost the Digital Banking Experience

• BrandPost: Which Online Shopping Experience Should I Try Today?

• How CISO roles will change as customer trust becomes imperative

• California Hospital Sued Over Data Breach

• Cisco Secure Firewall: Sometimes, updates are great news

• Correspondent Dina Temple-Raston Joins The Record

• Reading Laws in the Digital Age

• BrandPost: Zero Trust Needs to Play Well with Others

• IoT and Zero Trust Are Incompatible? Just the Opposite

• What Is a Botnet Attack? A Guide for Security Professionals

• How feds can access TSP loans during shutdowns

• FirstNet posts resource guide for emergency managers

• Compromising a government network is so simple, an out-of-the-box, dark web RAT can do it

• Cloudflare Introduces Email Security Tools

• Expert found RCE flaw in Visual Studio Code Remote Development Extension

• FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

• How 9/11 Pushed the Adoption and Evolution of Red Teaming

• Spending the federal cybersecurity budget: what’s next?

• CISA chief floats fines to compel threat info sharing

• Women, Minorities Are Hacked More Than Others

• brute-force attack

• Port of Houston Quells Cyber-Attack

• Cloudflare Ventures into Simplifying Email Security

• BloodyStealer: Advanced New Trojan Targets Accounts of Popular Online Gaming Platforms

• Apple Reveals New Limited Edition Beats Studio3 Headphones

• Deals: Verizon Offering Up to 30% Off MagSafe Accessory Bundles, iPhone 13 Cases, and More

• iFixit’s Full iPhone 13 Pro Teardown Shows Merged Face ID Components and Highlights Display Replacement Issues

• Singapore to link up with Malaysia on cross-border payment transfers

• A guide to combatting human-operated ransomware: Part 2

• Five reasons why MNOs play a central role in the drone ecosystem

• AT&T Business Summit is virtual Oct. 27-28 and free!

• 6 Types of WordPress Redirection We Keep Seeing

• Malicious software reportedly generates 39% of all internet traffic

• Telos, Splunk, stackArmor, AWS Announce FASTTR Initiative to Accelerate Compliance

• Zero Trust Comes to Industry’s Broadest Cybersecurity Platform

• iPhone 13 Models Have Same Durability as iPhone 12 in Drop Tests

• What Is a Data Breach and How to Prevent It

• Best cloud security certifications to make a great career

• Far-right host Epik confirms its data was breached by Anonymous

• A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery

• authentication

• Best VPN for streaming: Fire Stick, Netflix & more

• EU: Russia Behind ‘Ghostwriter’ Campaign Targeting Germany

• Vulnerability Summary for the Week of September 20, 2021

• CISA Observed Raise in Conti Ransomware Attacks Targeting Over 400 U.S. and International Organizations

• All You Need To Know About IT Security Audits and Its Importance>

• Vulnerability Summary for the Week of September 20, 2021

• Ferrari Announces Multi-Year Partnership With Apple’s Former Design Chief Jony Ive

• 3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale

• Frustrated Dev Drops Three Zero Day Vulns Affecting Apple iOS 15 After Six Month Wait

• Old Coal Plant Is Now Mining Bitcoin For A Utility Company

• Deals: Get Up to 45% Off Anker’s USB-C Chargers, MagSafe-Compatible Accessories, and More

• HUD makes nearly $100M in EIS task orders

• How to find and remove spyware from your phone

• UK’s National Crime Agency WLTM Deputy Director of Digital Data & Technology

• New SMS malware targets Android users through fake COVID messages

• Frustrated Researcher Discloses Three Unpatched iOS Vulnerabilities

• Newly Discovered ZE Loader Targets Online Banking Users

• Bogus Backup Message from WhatsApp Delivers Malware to Spanish Users

• Mr Goxx, The Crypto Trading Hamster Beat Human Investors

• How To Find And Remove Spyware From Your Phone

• DevSecOps: How Engineers Benefit From Cybersecurity Education

• UK-Based Threat Detection Firm SenseOn Raises $20 Million

• How to Get Started With Zero Trust in a SaaS Environment

• Russian Turla APT Group Deploying New Backdoor on Targeted Systems

• Jupyter infostealer continues to evolve and is distributed via MSI installers

• Conti Makes a New Victim: GSS Ransomware Attack Affecting Major European Call Center Provider

• Beware of the Recently Discovered BluStealer Malware!

• Netgear Addressed Serious Vulnerability Affecting Multiple Routers

• Fake Installers Drop Malware and Open Doors for Opportunistic Attackers

• Are You Still on the Fence About a Family VPN?

• Controversial Web Host Epik Confirms Customer Data Exposed in Breach

• Malicious Actors Hijacked Bitcoin.org

• Port of Houston Becomes the Target of a Suspected Nation-State Malicious Attack

• Research Highlights Significant Evolution in Email Security

• Cloudflare Is Taking a Shot at Email Security

• Spotify Acknowledges Battery Drain Issues on iOS 14.8 and iOS 15, Promises Fix Soon

• Fostering the Next Generation of Female Technologists at Imperva

• Want Passwordless to Succeed? Make It Easy

• Fake ‘BT’ caller fleeces elderly victim of £30k in APP app scam

• Security does not end with Implementing Controls

• Secure those Macs: Apple must step up and support older machines

• VMware Confirms In-the-Wild Exploitation of vCenter Server Vulnerability

• Raccoon Stealer has been Upgraded to Steal Cryptocurrency Alongside Financial Information

• MSHTML Attack Targets Russian State Rocket Centre and Interior Ministry

• New Android Malware Steals Financial Data from 378 Banking and Wallet Apps

• iPhone 13 Pro Review: The Camera’s the Star, but the Battery Life Is the Best New Feature

• How Does DMARC Prevent Phishing?

• A week in security (Sept 20 – Sept 26)

• Your Apple Watch might not unlock your iPhone 13, but a fix is coming

• Encrypted Messaging App Signal Hit by Brief Outage

• BloodyStealer and gaming assets for sale

• iPad Mini 6 Users Complain of ‘Jelly Scrolling’ Issue in Portrait Orientation

• Fitness+ Gains Pilates and Guided Meditation Workouts, Including New ‘Workouts to Get Ready for Snow Season’

• SonicWall Critical Vulnerability Should Be Patched ASAP

• Russia Formally Accused by European Union for the ‘GhostWriter’ Operation that Targets EU Representatives and Reporters

• Disgruntled Researcher Publicly Disclosed Three iOS Zero-Day Bugs As Apple Delayed Patches

• Intel Breaks Ground On $20bn Arizona Chip Plants

• Huawei CFO Meng Wanzhou Returns To China After US Deal

• Huawei Sees £22bn Smartphone Losses From Trade Ban

• Lithuania Seeks To Ban ‘Untrustworthy’ Smartphones Amidst China Row

• Cyber security in the public cloud

• Chrome 94 Update Patches Actively Exploited Zero-Day Vulnerability

• A New Flaw Was Discovered in the Microsoft Windows Platform Binary Table (WPBT)

• NHS App Transferring Biometric Data To Undisclosed Companies – Comments From Leading Data Privacy Lawyer

• Seven strategies for building a great security team

• MITRE ATT&CK, VERIS frameworks integrate for better incident insights

• FCW Insider: September 27, 2021

• The iPhone 13 means the end to cheap screen repairs

• Threat Actor Targets Indian Government With Commercial RATs

• US-Led Quad Launches New Cyber Group

• Huawei CFO Released After Admitting She Misled Bank

• Pradeo’s mobile application security suite extends its coverage with new app shielding service

• UK Appeals Court Finds Artificial Intelligence Not A ‘Person’

• Connected Business: The Post-COVID Supply Chain

• Tesla’s Musk Sees Chip Shortage Ending Next Year

• EU Slams Russia Over Disinformation Hacking Campaign

• Over 60 charged in crackdown on Balkan cartel behind cocaine pipeline to Europe

• Test Suggests Face ID on iPhone 13 Doesn’t Work After Screen Replacement By Third Party

• Port Of Houston Cyber Attack – Experts Weigh In

• Telegram is becoming the paradise of cyber criminals

• Face ID on iPhone 13 Doesn’t Work If Screen is Replaced With ‘Non-Genuine’ Display

• China Bans All Cryptocurrency Transactions

• Avoid Behaviors That Endanger Your Kid’s Digital Identity | Avast

• More than 130,000 malicious IP addresses were blocked during Census 2021: AWS

• Kuo: Redesigned MacBook Air With Apple Silicon to Enter Mass Production in Third Quarter of 2022

• Kuo: Apple Silicon MacBook Shipments to Be Cut in First Half of 2022 Due to Component Shortages and Other Factors

• Malwarebytes research shows an unequal, unsafe Internet

• Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18

• A New Jupyter Malware Version is Being Distributed via MSI Installers

• German Federal Office for Information Security (BSI) investigates Chinese mobile phones

• Proper password security falling short despite increase in online presence

• LG to acquire Cybersecurity startup Cybellum

• Florida yet to spend $30m Cybersecurity fund

• 3 ways any company can guard against insider threats this October

• Quad countries announce slew of tech initiatives including shared cyber standards

• How to avoid the pitfalls of multi-cloud strategy deployment

• Australians are losing over AU$6.6 million each month to cryptoscams

• The August cyber attacks targeted a dozen Russian banks

• Corporate attack surface exploding as a result of remote work

• Ensuring Disaster Recovery and Business Continuity in the Cloud

• Finding 0-days with Jackalope

• Consumers will abandon a brand that can’t balance convenience and privacy

• Intrusion Detection System (IDS) and Its Detailed Working Function – SOC/SIEM

• Eftpos granted government accreditation as first private ID exchange operator

• APAC 5G revenue to reach $13.9 billion in 2025

• A multi-party data breach creates 26x the financial damage of single-party breach

• Shame and Cybersecurity: Creating a Safe Space in Your Organization

• SaaS security is becoming a primary concern for businesses

• Huawei CFO and detained Canadians return home following wrap up of extradition charges

• Operation Ironside has confiscated AU$31 million of assets so far

• Miffed security researcher finds way to get Apple talking, drops three iOS vulnerabilities

• Elastic expands its threat prevention capabilities to stop advanced threats at the endpoint

• ‘Quad’ group seeks to set security standards for global tech industry

• Mastercard and DTA to scope out digital ID service for age verification

• Elon Musk says Tesla is glad to see new data-security laws after several Beijing-led regulatory crackdowns on Big Tech

• EU warns Russia over ‘Ghostwriter’ hacking ahead of German elections

• The MacBook Pro will soon get a resolution bump, macOS beta suggests

• Top 3 Ways to Find a Hidden File on a Mac

• IT Security News Weekly Summary – Week 38

• IT Security News Daily Summary 2021-09-26

• Online fraud causes confidence gap between customers and retailers, study finds

• The Importance of Adopting a Risk Management Approach to Security and Privacy

• Facebook Shareholders Are Suing Facebook For Protecting Zuckerberg In Data Probe

• SonicWall Patches Critical Flaw in SMA 100 Products

• Exchange/Outlook Autodiscover Bug Exposed $100K Email Passwords

• The Assad Regime’s Business Model for Supporting the Islamic State

• Port of Houston was hit by an alleged state-sponsored attack

• Apple to Fix Issue Preventing iPhone 13 Users From Unlocking With Apple Watch in Upcoming Software Update

• Hackers Discover Technique to Make Malware Undetectable on Windows

• How to Go Passwordless on Your Microsoft Account

• JSC GREC Makeyev and other Russian entities under attack

• Emergency Chrome Update Released to Patch Actively Exploited Zero-Day Bug

• Drinik Malware is Fooling Users to Give in their Mobile Banking Details

• Google TAG spotted actors using new code signing tricks to evade detection

• Security Affairs newsletter Round 333

• Week in review: How to retain best cybersecurity talent, securing Kubernetes, data decay

• Penetration testing

• CISSP – Tales of the Unexpected

• Ajarn – 266,399 breached accounts

• Weekly Update 262

Generated on 2021-09-27 23:55:34.938226