IT Security News Daily Summary 2022-01-31

• 2022-01-27 – Contact Forms Campaign IcedID (Bokbot) with Cobalt Strike

• Getting facial recognition right

• No, a researcher didn’t find Olympics app spying on you

• Labor Department announces grants for states to expand UI access

• No-cost cybersecurity tools for state, local governments

• Include defensive security in your cybersecurity strategy

• How to prepare for malicious insider threats

• Aggressive BlackCat Ransomware on the Rise

• BlackBerry Agrees to Sell Legacy Patents for $600M

• Samba fixed CVE-2021-44142 remote code execution flaw

• Popular Browser Game ‘Wordle’ Sold to The New York Times, Will Remain Free ‘Initially’

• DIU boasts more rapid acquisition agreements, fewer transitioned tech in 2021

• Dashburgh: Pittsburgh’s open data portal

• Public Exploit Released for Windows 10 Bug

• 2022-01-27 – Contact Forms Campaign IcedID (Bokbot) with Cobalt Strike

• Getting facial recognition right

• Facebook Messenger Will Now Notify You If Someone Screenshots Your Disappearing Message

• CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

• Sports Scores and Favorite Team Selection Likely Coming to Apple News App

• Apple TV+ Subscribers Who Join for Major Releases Like ‘Greyhound’ Don’t Stick Around

• No, a researcher didn’t find Olympics app spying on you

• Phishing Campaign Registers Attacker’s Device With Victim Network

• Apple Stops Providing EarPods With iPhones Sold in France

• IG report points to weaknesses in the Commerce Department’s infosec program

• Cengage to Buy Cybersecurity Training platform, Infosec

• Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP

• Mini-LED iMac Pro to Launch in Mid-2022, Not Expected at Spring Event

• Deals: Apple’s M1 iMac (8-Core GPU, 256GB) Drops to New Low of $1,349.99 in Several Colors

• Top 9 Best Laptop for Adobe Creative Cloud 2022 – Photoshop, Illustrator

• Security giant exposed 3TB of sensitive airport & employees data

• Apple Pays $100.5K Bug Bounty for Mac Webcam Hack

• Cyber Insights 2022: Improving Criminal Sophistication

• Conti Ransomware Targets Taiwanese Apple and Tesla Supplier Delta Electronics

• Zscaler CEO: Network security firms have ‘hijacked’ zero trust

• The deadline is here for federal contractors to start paying at least $15 an hour

• OT Data Stolen by Ransomware Gangs Can Facilitate Cyber-Physical Attacks

• SolarWinds breach news center

• 8 best practices for blockchain security

• Emsisoft releases DeadBolt ransomware decryption tool

• Website operator fined for using Google Fonts “the cloudy way”

• Aussie Tech Entrepreneur Extradited Over SMS Fraud

• iMac Pro to Launch in Mid-2022, Not Expected at Spring Event

• Prepublication Review and the Quicksand Foundation of Snepp

• An Important Development in the Law of Diplomatic Appointments

• CrowdStrike Falcon Proactively Protects Against Wiper Malware as CISA Warns U.S. Companies of Potential Attacks

• The top reasons countries ask Google to remove content

• NSO Group Pegasus Spyware Aims at Finnish Diplomats

• Prison for Dark Overlord Collaborator

• Apple Patched Two Zero-Day Bugs And Other Flaws With iOS 15.3, Safari 15.3

• This Phishing Attack Meddles With Your Emails – Alerts Microsoft

• Cyberattacks Increasingly Hobble Pandemic-Weary US Schools

• Some iPhone Users Experiencing Issues With Apple Card Payments

• Workplace Disruption Reported at Meta Amid AR and VR Push, Some Staff Defecting to Competitors Like Apple

• How a few PhD students revealed that phishing trainings might just not work: Lock and Code S03E03

• Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

• Enabling Zero Trust with Azure network security services

• Multilingual Cybersecurity Awareness Training adapted for your needs

• French Court Upholds 100m Euro Fine On Google Over Cookies

• Looking Back at Rumors of iPhone X Design With Rear Touch ID That Never Emerged

• Cyber attacks at an all time high for UK corps

• North Korean Hackers Abuse Windows Update Client in Attacks on Defense Industry

• 7 Privacy Tips for Security Pros

• Your Graphics Card Fingerprint Can Be Used to Track Your Activities Across the Web

• Curated, tested and supported: How enterprise vendors mitigate open source supply chain risk

• Unsecured AWS Server Exposed 3TB In Airport Employee Records

• What To Do To Delete The Scary Amount Of Data Google Has On You

• Smart-Chain Financial Site Qubit Hacked For $80 Million

• Top US Spy Warns Too Many Government Secrets Harms National Security

• Lazarus APT Cell Exploits the Windows Update Client

• What data does Google store about you

• Healthcare and the increasing importance of cybersecurity

• PwnKit Linux Vulnerability Discovered And Fixed After 12 Years

• New LockBit Ransomware Variant Evolves To Target Linux Systems

• Your device’s GPU may be used for fingerprinting purposes

• MoD Reported 7 Serious Data Losses To ICO

• Silicon In Focus Podcast: Content Enablement

• Funny and malicious server banners

• Why Local Governments Remain at Risk of Cyber Crime

• DARPA phase 2 of project targeting ‘quantum advantage’

• Unsecured AWS server exposed 3TB in airport employee records

• Ransomware: Over half of attacks are targeting these three industries

• More Russian Attacks Against Ukraine Come to Light

• The Looming CISO Mental Health Crisis — and What to Do About It, Part 2

• Privacy And You: Take A Step Forward On Data Privacy Day

• DARPA phase 2 of project targeting ‘quantum advantage’

• Ransomware: Over half of attacks are targeting these three industries

• The Zero Trust Timer Is on for Federal Agencies — How Ready Are They?

• Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform

• Deals: Get the 32GB Apple TV 4K for $159.99 ($19 Off)

• Natural Silk Fibers Used by Researchers to Generate Secure Keys

• 9 Best Gaming Mouse Under $50 2022 – For Fortnite, CS:GO

• Healthcare and the increasing importance of cybersecurity

• MoD Reported 7 Serious Data Losses To ICO

• Funny and malicious server banners

• Why Local Governments Remain at Risk of Cyber Crime

• More Russian Attacks Against Ukraine Come to Light

• Crypto Agility: Solving for the Inevitable

• DeepDotWeb admin sentenced to 97 months in prison for money laundering scheme

• Microsoft OneDrive for macOS Local Privilege Escalation

• Privacy And You: Take A Step Forward On Data Privacy Day

• $770 Million Lost from Social Media Fraud Surge

• PwnKit Linux Vulnerability Discovered And Fixed After 12 Years

• New LockBit Ransomware Variant Evolves To Target Linux Systems

• Your device’s GPU may be used for fingerprinting purposes

• Unsecured AWS server exposed 3TB in airport employee records

• The Looming CISO Mental Health Crisis — and What to Do About It, Part 2

• Deals: iPad Air Drops to All-Time Low Price of $499.99 ($99 Off)

• Apple Watch Getting New Activity Challenge for Heart Month

• FAA Agrees To Switch On More 5G Towers And Masts

• SureMDM Vulnerabilities Exposed Companies to Supply Chain Attacks

• The Third Building Block for the SOC of the Future: Balanced Automation

• HOW TO BECOME AN (ISC)² VOLUNTEER AND MAKE A DIFFERENCE IN THE CYBERSECURITY COMMUNITY

• Projects I Support

• Microsoft: Here’s how we stopped the biggest ever DDoS attack

• Expert earned $100,500 bounty to hack Apple MacBook webcam and microphone

• Cloud-Native Threats in 2022

• Finnish Diplomats Targeted by Pegasus Spyware: Ministry

• CISA’s ‘Must Patch’ List Puts Spotlight on Vulnerability Management Processes

• $2m Bug Bountry offered to Hackers

• Actor’s verified Twitter profile hijacked to spam NFT giveaways

• How to Make Your Smartphone Secure with These 7 Apps

• North Korean Hackers Leverages Windows Update Client to Execute Malicious Payload

• A week in security (January 24 – 30)

• Putin Orders New System To Ban ‘Toxic’ Internet Content

• Crypto Finance Firm Offers $2m Bug Bounty to Hackers

• US Revokes China Unicom’s License

• Attackers are Using Shipment-Delivery Scams to Lure Victims to Install Trickbot

• 10K Victims Infested via Google Play 2FA App Loaded with Banking Trojan

• Russia Recorded the Largest Botnet Attack on Retail

• Priti Patel Approves Extradition Of Autonomy Founder Mike Lynch

• QNAP Ransomware: Thousands Infected with DeadBolt

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of January 24, 2022

• Why Do Many CISOs Prefer Incident Response over Threat Prevention?

• Protecting Networks From Future Attacks | Avast

• German Court Rules Websites Embedding Google Fonts Violates GDPR

• Trying to register your antivirus in Windows Security Center?

• China Unicom Latest To Be Banned Over National Security

• Americans lost $770 million from social media fraud in 2021, FTC reports

• Why vulnerability scanners aren’t enough to prevent a ransomware attack on your business

• Apple Pays $100,500 Bounty to Hacker Who Found Way to Hack MacBook Webcam

• Researchers Use Natural Silk Fibers to Generate Secure Keys for Strong Authentication

• Cybersecurity staff turnover and burnout: How worried should organizations be?

• Reducing the blast radius of credential theft

• FBI still unsure about Israel Phantom Spyware

• Work from Home leading to surge in Cyber Attacks in UK

• Crypto outfit Qubit appeals to the honour of thieves who lifted $80M of its digi-dollars

• How costly is an insider threat?

• DeepDotWeb News Site Operator Sentenced to 8 Years for Money Laundering

• Number of data compromises reaching all-time high

• Manufacturing firms turning to the cloud to increase their business agility

• Cloud infrastructure spending jumped to $18.6B in 3Q21

• Cybersecurity and Drones: How to Address the Security Threats

• IT leadership appointments: Arkose Labs, IDEMIA NSS, McAfee, Seagate, Transmit Security, and Zenoss

• Three New iOS Features Expected for iPhones Later This Year

• Over 100 Million android users fall under Dark Herring Trap

• Hybrid cloud campaign OiVaVoii targets company executives

• IT Security News Weekly Summary – Week 04

• IT Security News Daily Summary 2022-01-30

• Expert releases PoC for CVE-2022-21882 Windows local privilege elevation issue

• Germany’s White Supremacist Problem—and What It Means for the United States

• Latest Proof of Concept Details How iOS Malware May Snoop on Our Devices

• SLTT Organizations Targeted by Jupyter Malware

• Key Features Of Threat Intelligence Platforms

• Are there holes in your cybersecurity map?

• Some macOS 12.2 Users Experiencing Bluetooth-Related Battery Drain Issue During Sleep Mode

• A DDoS Attack Wiped Out Andorra’s Internet

• Security Affairs newsletter Round 351

• Gurman: Redesigned iMac Pro, New AirPods Pro, and More to Launch This Year

• What’s the Deal With Anti-Cheat Software in Online Games?

• Novel device registration trick enhances multi-stage phishing attacks

• Finland Alerted About Facebook Accounts Compromised via Messenger Phishing

• The Lazarus Group uses Windows Update to Spread Malware

• FBI Issued a Warning to U.S Firms Concerning Iranian Hackers

• Week in review: PolKit vulnerability, fake tax apps pushing malware, EU’s bug bounty for open source

• Penetration testing

• NEC Corporation acquires Blue Danube Systems to enhance its 5G product portfolio

• Zadara appoints Tony Craythorne as CRO

• Airspan hires Glenn Laxdal as President and COO

• Okta appoints Brett Tighe as CFO

Generated on 2022-01-31 23:55:17.449091