IT Security News Daily Summary 2022-03-01

• NVIDIA says employee credentials, proprietary information stolen during cyberattack

• Apple pauses all product sales in Russia, stops exports and limits Apple Pay

• OMB: This is the year for security clearance reform

• RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now!

• Facebook Is Still Complaining About Apple Privacy Update

• IRONSCALES Expands Product Offering Across Email, Communication Platforms

• The Modern History of Economic Sanctions

• TrickBot backend source code leaked

• Second data-wiping malware found in Ukraine, says ESET

• Why the Shifting Nature of Endpoints Requires a New Approach to Security

• What Do I Need to Know for SaaS Security?

• Apple Halts All Sales From Online Store in Russia [Updated]

• Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities

• Good customer experience starts with effective digital programs

• The Park Police’s ‘dilapidated’ D.C. dispatch office puts safety at risk, an IG says

• Conti Ransomware Group Diaries, Part I: Evasion

• Newly Discovered Malware Evades Detection by Hijacking Communications

• The Conti ransomware leaks

• Bridgestone Americas At A Standstill After Facing Cyberattack

• Nvidia Admits Data Breach, Exposing Staff And Company Data – Report

• Data-driven strategy, culture drive better decisions

• Ukraine asked the internet’s governing body to remove Russian sites

• Data Security Must Be a Priority as Employees Quit in Record Numbers

• Why Building Managers Need to Prioritize Cybersecurity

• Avast ThreatLabs Warns Against DDOS Attacks For Ukraine

• VMware adds container runtime protection to Carbon Black security portfolio

• Report: 85% of companies experience at least one ransomware attack per year

• Modernized IT dashboard set to launch mid-March

• What D’Hack Is DPoP?

• Procurement isn’t always just about procurement — a tale from Ukraine

• Meta to demote content from Russian state-backed media on Facebook and Instagram platforms

• HermeticWiper poses increasing cyber risk to Ukraine

• Apple Planning Apple Watch Activity Challenge for International Women’s Day in March

• The Open Source Security Foundation gains support from Huawei, Spotify, and 23 new organizations

• Recorded Future: Russia may retaliate with cyber attacks

• Apple Seeds Fifth Beta of tvOS 15.4 to Developers

• Apple Seeds Fifth Beta of watchOS 8.5 to Developers

• Apple Seeds Fifth Betas of iOS 15.4 and iPadOS 15.4 to Developers

• Apple Seeds Fifth macOS Monterey 12.3 Beta to Developers

• Daxin Espionage Backdoor Ups the Ante on Chinese Malware

• NIST Seeks Cybersecurity Framework Feedback

• Phishing Attack Emerges as a Primary Threat Vector in X-Force Threat Intelligence Index 2022

• Nvidia Confirms Company Data Was Stolen in a Breach

• Microsoft Said that Destructive Cyberattacks were Directed Against Ukraine Before the Launch of Missiles

• Security researchers spot another form of wiper malware that was used against Ukraine’s networks

• State Bar of California Investigates Data Breach

• Viasat Attributes Outage to “Cyber Event”

• Review: Nomad Launches ‘Base One’ Official MagSafe Charger for $130

• How the U.K. and the Senate Judiciary Committee Are Being Dangerously Foolish About Cryptography

• Google, YouTube, Facebook Block Russia’s RT, Sputnik

• This is what happens when two ransomware gangs hack the same target – at the same time

• Ukraine Hit with Novel ‘FoxBlade’ Trojan Hours Before Invasion

• NVIDIA Confirms Employee Credentials Stolen in Cyberattack

• Eugene Kaspersky’s Statement Provokes Controversy Within Cybersecurity Industry

• Second New ‘IsaacWiper’ Data Wiper Targets Ukraine After Russian Invasion

• How to donate to Ukraine relief efforts and avoid fundraising scams

• Microsoft shares 4 challenges of protecting sensitive data and how to overcome them

• Stay on top of database threats with Microsoft Defender for Azure Cosmos DB

• Carpet Bombing DDoS Attacks Increased in 2021

• Expert Opinion: The Consequences of the War of the Hacker Group Anonymous against Russia

• DDoS Assaults on Ukrainian Banking Elite has Resumed Yet Again

• The open source security foundation gains support from Huawei, Spotify, and 23 new organizations

• This is what happens when two ransomware gangs hack the same target at the same time

• Oppo Unveils Record-Breaking Fast Charging Technology That’s 12x Faster Than iPhone 13

• ZNet Technologies and Acronis Expand Partnership in USA and Canada to Empower Service Providers

• Two ransomware groups fight inside victims’ computer network

• How to Choose the Right Inventory Management Software

• Nvidia admits data leak, doesn’t say if it hacked back

• FEMA maps hugely underestimate US flood damage risk

• This JavaScript scanner hunts down malware in libraries

• Cyberattacks in Ukraine: New Worm-Spreading Data-Wiper With Ransomware Smokescreen

• DDoS Attacks Abuse Network Middleboxes for Reflection, Amplification

• EU Countries Provide Cyber-defense Support to Ukraine

• China-linked APT used Daxin, one of the most sophisticated backdoor even seen

• Ukraine Asks Cryptocurrency Firms To Block Russian Users

• Quarter Of A Million Lawyer Disciplinary Records Leak

• Toyota To Close Japanese Factories After Suspected Cyber Attack

• Microsoft Accounts Targeted By Russian Themed Credential Harvesting

• Deals: Apple’s 21.5-Inch iMac Available for $799.99 on Amazon ($299 Off)

• Toyota Hit by Cyberattack

• Indicators of Compromise (IoCs) and Their Importance in Cybersecurity

• Signal Dismisses Hack Rumour As ‘Misinformation Campaign’

• Three Ways to Defeat Ransomware

• Beyond the Hype: AI’s Future in Defensive Cybersecurity

• Boost Your SOC Skills: How to Detect Good Apps Gone Bad

• Conti Ransomware Gang’s Internal Chats Leaked Online After Siding With Russia

• Break into Ethical Hacking with 18 Advanced Online Courses for Just $42.99

• Insurance Aon confirms it has suffered ‘cyber incident’

• VirnetX releases secure conferencing solution to thwart ‘Zoombombing’

• Two ransomware gangs hacked the same target at the same time: Here’s what happened next

• Elections GoRansom – a smoke screen for the HermeticWiper attack

• BYOD 2.0: Meeting the New Cyber Essentials Requirements

• 10 Best 32-Inch Monitors of 2022 – Experience Gaming on Ultra Wide Screen

• IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine

• Insurance Broker Aon Investigating Cyber Incident

• Trickbot Malware Gang Upgrades its AnchorDNS Backdoor to AnchorMail

• Cisco’s 7 Guiding Principles of Government Data Demands

• Apple Working on Safari Dark Mode Toggle for Viewing Specific Websites

• CELEBRATING YOUNG WOMEN IN CYBERSECURITY – WEIJIA YAN, (ISC)² UNDERGRADUATE SCHOLARSHIP RECIPIENT

• Fujitsu Confirms It Will End Mainframe Sales in 2030

• Report: 93% of orgs are challenged by malware analysis

• Ukraine asks cryptocurrency firms to block Russian users

• Ukraine is building an ‘IT army’ of volunteers, something that’s never been tried before

• Analyzing Cyber and Influence Operations in the Russia-Ukraine Conflict

• What Caused The Ransomware Attack On Toyota? Experts Insight

• How Can Organisations Protect Themselves From Cyberattacks In An Increasingly Virtual World?

• How Ukraine’s Internet Can Fend Off Russian Attacks

• Toyota Was Hit by Cyberattack

• Critical Vulnerabilities Impact Widely Used Printed Circuit Board File Viewer

• Steps to Mitigate Potential Cybersecurity Consequences of the War in Ukraine

• New FoxBlade Malware Targeted Ukraine Hours Before Russia’s Attack, Microsoft Says

• Data breaches leave customers very shaky, report says

• Mip22- A Phishing Tool for Linux and Android

• Why You Should Never Use a Free Proxy Server?

• Toyota’s Manufacturing Shuts Down After Cyberattack

• The truth about VDI and cloud computing

• Google TAG removes fraudulent ‘influence’ operations linked to Belarus, Moldova, Ukraine

• This stealthy and ‘most advanced’ malware burrows deep into networks to steal data

• Schneider Relay Flaws Can Allow Hackers to Disable Electrical Network Protections

• Conti Encrypts Karma Ransom Note in Same Victim Network

• Your Gmail Isn’t Stopping as Many Attacks as You Think

• Microsoft Accounts Targeted by Russian-Themed Credential Harvesting

• Toyota hit with ransomware attack, stops production

• As the Ukraine Conflict Escalates, US Braces for Russian Cyberattacks

• Three digital trends to watch for in 2022

• Elon Musk Activates Starlink Satellites For Ukraine

• Euro Police Bust Gang Linked to Migrant Smugglers

• Toyota Halts Production Across Japan After Ransomware Attack

• Honor Unveils AirPods-Like ‘Earbuds 3 Pro’ With Built-in Temperature Monitoring

• Qualcomm Unveils 5G Snapdragon X70 Modem That May Appear in 2023 iPhones

• Moscow exchange hit with cyberattack

• Russian state media hacked

• KeePassXC 2.7.0 Beta adds support for Windows Hello, Touch ID, Apple Watch, improves Auto-Type, and more

• Unusual sign-in activity mail goes phishing for Microsoft account holders

• Microsoft Finds FoxBlade Malware Hit Ukraine Hours Before Russian Invasion

• CISA and FBI warn of potential data wiping attacks spillover

• Honor Unveils Earbuds 3 Pro With Built-in Temperature Monitoring Sensors

• Looking for adding new detection technologies in your security products?

• China-linked Daxin Malware Targeted Multiple Governments in Espionage Attacks

• Lack of visibility plaguing ICS environments

• Apps, devices and workloads provide an ecosystem cornerstone for zero trust growth

• How to empower IT Sec and Ops teams to anticipate and resolve IT problems

• China-linked malware targeted secure networks at ‘multiple governments’

• How businesses benefited from cloud transformation

• Russian TV channels and exchange targeted by retaliation filled Cyber Attacks

• Samsung shipped 100 million Galaxy smart phones filled with critical security vulnerabilities

• IoT security is foundational, not optional

• CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog

• The importance of balancing security requirements and employee user experience

• Infosec products of the month: February 2022

• Security and vulnerability management market to reach $15.86 billion by 2030

• AT&T Cybersecurity announces 2022 ‘Partner of the Year Awards’ winners

• Open XDR Summit: Showing how Open XDR transforms security operations today

• MacTel warns critical infrastructure reforms create gaps in government data protection

• A Free-for-All But No Crippling Cyberattacks in Ukraine War

• Syniverse Hyperscale Communications Platform allows enterprises to elevate their digital transformation

• Palo Alto Networks Prisma SASE provides network security and SD-WAN requirements for MSPs

• CybeReady Adaptive Training Platform enhancements improve corporate security posture

• Cyber threat activity in Ukraine: analysis and resources

• Putin’s Memory Laws Set the Stage for His War in Ukraine

• Toyota shutters 14 plants after probable cyberattack

• Ukraine cyberattacks may have Geneva Convention implications, Microsoft says

• CISO Checklist for Offboarding Security Staff

• Microsoft OneDrive Gains Native Support for Apple Silicon Macs

• Cisco and Airspan Networks join forces to launch 5G private network solutions to enterprise customers

• CyberCube partners with Duck Creek Technologies to offer automated cyber risk evaluation

• Toyota Halts Production After Suspected Supply Chain Attack

• FoxBlade malware targeted Ukrainian networks hours before Russia’s invasion

• Mark Cundy joins Keyavi Data as VP of Engineering

• Riskonnect acquires Sword GRC to drive global growth and innovation

• Movandi partners with Qualcomm to accelerate 5G mmWave deployments

• VMware and HCL Technologies expand collaboration to streamline 5G and RAN deployments

• Meta blocks access to Russian state-based media outlets RT and Sputnik across EU

• Microsoft: Russia invasion of Ukraine ‘unlawful, unjustified’

• Putin’s Memory Laws Set the Stage For His War in Ukraine

• Encryption Consulting PKI Risk Assessment Framework identifies critical vulnerabilities

• Icertis adds three experts to its Information Security Advisory Board

• FalconStor appoints Vincent Sita as CFO

• Leidos takes $11B DOD ‘Fourth Estate’ IT contract

• Governors tighten IT cybersecurity amid Ukraine attacks

• Defense researchers lack consistent cybersecurity safeguards, IG finds

• Conti ransomware gang backs Russia, threatens US

• Phishing Attack in Ukraine Could Be Prelude to Disinformation Campaign

• Invicti Security Adds Software Composition Analysis to Its Industry- Leading AppSec Platform

• Deep Instinct 2022 Threat Landscape Report Finds 125% Increase in Threat Types and Novel Evasion Techniques

• Drilling down on cybersecurity stocks

• IT Security News Monthly Summary – March

• IT Security News Daily Summary 2022-02-28

• Why IaC Security Should Matter to CISOs

• Viasat says ‘cyber event’ is causing broadband outages across Europe

• Will Apple Keep the Old iPhone SE Around at a Lower Cost?

• NGA eyes down selection to speed acquisitions

• Twitter to Label Tweets Linking to Russian State Media

• Microsoft: Cyberattacks in Ukraine Hitting Civilian Digital Targets

• Anonymous hit Russian Nuclear Institute and leak stolen data

• Covid app’s privacy information ruled not clear enough

• Quarter of a million lawyer disciplinary records leak

• SMS PVA Part 2: Underground Service for Cybercriminals

• Biden’s municipal broadband push clashes with state restrictions

• The next frontier in cyberwar: Embedded devices

• Microsoft finds FoxBlade malware on Ukrainian systems, removes RT from Windows app store

• Toyota’s Japan Production Halted Over Suspected Cyberattack

• How to manage imposter syndrome in cybersecurity

• Tips for creating a cybersecurity resume

• Michael Douglas to Star as Benjamin Franklin in Upcoming Apple TV+ Series

• Commerce gives over $277 million in grants to build out broadband

• Ukraine-Russia Cyber Warzone Splits Cyber Underground

• Facebook Takes Down Disinformation Campaign Targeting Ukrainian Users

• An ‘Unhinged’ Putin Threatens Dangerous Escalation in Ukraine

• Watch CNBC’s full interview with Mandiant CEO, Kevin Mandia

• We’ve seen destructive attacks in Ukraine masquerading as ransomware, says Mandiant CEO

• Take these steps to prepare for and handle the cybersecurity effects of the war in Ukraine

• API security methods developers should use

• Implement API rate limiting to reduce attack surfaces

• Cloud security is too important to leave to cloud providers

• The (Mis)Use of Artifact Categories

• I think Russia is very likely to target Europe in cyber warfare, says Silverado’s Dmitri Alperovitch

• Anonymous hacks Russian TV channels & EV charging station with pro-Ukraine messages

• Toyota Motors halted production due to a cyber attack on a supplier

• Samsung Galaxy S22 Devices Prove More Breakable Than iPhone 13 in Drop Test

• What Experts Have To Say On Samsung Shipped 100 Mil+ Phones With Flawed Encryption

• An Olympic Effort? Ensuring Security In A Rising Threat Landscape

• Healthcare’s Digital Transformation: Powered By PETs

• Google increasing account protections for users impacted by Russian invasion of Ukraine

• Instagram scammers as busy as ever: passwords and 2FA codes at risk

• US Indicts BitConnect Founder

• Apple Defends App Store Changes in the Netherlands as Fines Reach €30 Million

• Conti ransomware gang leak: 60,000 messages online

• U.S. warns about threat of wiper malware being used beyond Ukraine

• Moscow Exchange Downed by Cyber-attack

• Researchers Warn of Stealthy Chinese Backdoor Targeting Multiple Foreign Agencies

• The First Trial of a Capitol Riot Defendant: A Shock-and-Awe Campaign of Video, Audio, and Other Digital Evidence

• The Division of Authority Between the Special Trial Counsel and Commanders Under the Uniform Code of Military Justice: Planning Now for the Next Phase of Reform

• Jester Stealer is The Latest Addition To The Growing List Of Infostealing Malware

• Zenly App Vulnerabilities Could Allow Account Takeover

• NVIDIA Partially Confirms A Cyberattack As It Admitted ‘Investigations’

• Nmap Basics: What Is Nmap & How Is It Used?>

• Take It Personally: Ten Tips for Protecting Your Personally Identifiable Information (PII)

• Toyota to Close Japan Plants After Suspected Cyberattack

• Deals: Get the Previous Gen Apple TV 4K for $99.99 (Prime Members Only)

• How Microsoft can help reduce insider risk during the Great Reshuffle

• New Malware Through Microsoft’s Official Store Infected Over 5,000 Machines

• #MWC2022: The Metaverse – “We’ve Gone From Scrolling to Strolling”

• Symantec: Super-Stealthy ‘Daxin’ Backdoor Linked to Chinese Threat Actor

• 10 cybersecurity certifications to boost your career in 2022

• Companies Borrow Attack Technique to Watermark Machine Learning Models

• How Crisis Text Line crossed the line in the public’s mind: Lock and Code S03E05

• Spyware Infests the Microsoft Store with Classic Game Pirates

• Swedish Security Solutions Provider Axis Hit by Cyberattack

• CISA, FBI Issue Warnings on WhisperGate, HermeticWiper Attacks

• Broadcom Software Discloses APT Actors Deploying Daxin Malware in Global Espionage Campaign

• Facebook Takes Down Misinformation Network Targeting Ukraine

• Anonymous Declared Cyberwar On Russia

• Elon Musk Activates Starlink To Help Keep Ukraine’s Internet Up

• Pro-Russia Conti Ransomware Gang Targeted, Internal Chats Leaked

• New Chinese Hacking Tool Found, Spurring U.S. To Warn Allies

• Review: Meross Offers Affordable, Hub-Free HomeKit Smart Lighting Solutions

• You’ll Soon Be Able to Watch 10-Minute Videos on TikTok

• Apple CEO Tim Cook Says Technology Can Change the World for Better in Open Letter

• Brian Rea (DeviantOllum Deviant) and Lesley Carhart (Hacks4Pancakes) continue their harassment of me

• How Testsigma simplifies software test automation with open source

• How much damage could a Russian cyberattack do in the US?

• CISA, FBI warn US orgs of WhisperGate and HermeticWiper malware

• #ShieldsUp – Now is the time to double‑check cybersecurity processes and operations

• Broadcom Software Discloses APT Actors Deploying Daxin Malware in Global Espionage Campaign

• How Insider Threats Drive Better Data Protection Strategies

• How the CISO has adapted to protect the hybrid workforce

• Toyota halts production because of Cyber Attack

• February 2022 Web Server Survey

• Anonymous Hacker Group Targets Russian State Media

• Deals: Amazon Taking $50 Off GPS and Cellular Apple Watch Series 7 Models

• Apple’s Lightning Port is Nearing Its Expiration Date, So What’s Next for the iPhone?

• Need Help Implementing Security? Tripwire Advisor Program’s Got You Covered

• CISA Urges Organizations to Patch Actively Exploited Zimbra XSS Vulnerability

• How to Boost Shift-Left Security in the SDLC

• Researcher leaked Conti’s internal chat messages in response to its support to Russia

• Ukraine security agencies warn of Ghostwriter threat activity, phishing campaigns

• Conti Chats Leaked After Ransomware Gang Expresses Support for Russia

• 100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

• Norway Oil Fund To Vote Against Apple Pay Scheme

• Apple Says It Has Complied With Dutch App Store Order

• Microsoft warning: Some files might not be deleted when you reset a Windows PC

• Cyber Asset Attack Surface Management with Cisco Secure Cloud Insights: Beyond CSPM

• Hackers Might Shift Focus to Consumers Instead of Businesses in 2022

• 10 Best 32-Inch Monitors of 2022 (Ultra-wide & Gaming) – Review

• Financier Diakonov Called Russia the Future Cryptocurrency Center of the World

• Web Application Security Startup Feroot Banks $11 Million in Seed Funding

• Gurman: Apple Watch Series 8 to Bring ‘Major Updates to Activity Tracking’

• Anonymous Declares ‘Cyberwar’ on Russia and Pledges Support for Ukraine

• TrickBot takes down server infrastructure after months of inactivity

• Hackers Leak the Personal Details of Freedom Convoy Donors

• Google Disables Ukraine Live Traffic Data

• Stealthy ‘SockDetour’ Backdoor Used in Attacks on U.S. Defense Contractors

• Russia vs Ukraine – The War in Cyberspace

• Conti Group Suffers Massive Data Breach

• An Internet Troll Gives Nonalcoholic Spirits Startups the Spins

• CISA Warns of High-Severity Flaws in Schneider and GE Digital’s SCADA Software

• Security Affairs newsletter Round 355

• Is Conti Ransomware Siding with Russia?

• A week in security (February 21 – February 27)

• Zenly Addressed the Risks of User Data Exposure and Account Takeover

• Nvidia Appears to Brush Off Ransomware Attack

• Reborn of Emotet: New Features of the Botnet and How to Detect it

• Spring Apple Event Invites Could Be Sent Out Tomorrow

• Meta restricts Russian state-controlled media

• Starlink activated to keep Ukraine’s internet running

• Silicon UK In Focus Podcast: Peer-to-Peer and Your Business

• Meta Shuts Down Ukraine Facebook, Instagram Hacks

• Meta Squeezes Russian State-Controlled Media Platforms

• Conti sides with Russia, internal chats leaked

• Android Visual Voice Mail App Vulnerability Allows For Eavesdropping of Voice Messages

• Bitcoin Mining Gets Dirtier After China Crackdown

• Lawmakers ask why DOD isn’t sharing ‘public’ weapons systems Info

• Moscow retaliates as online giants take steps to stem disinformation

• Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures

• Iran-linked UNC3313 APT employed two custom backdoors against a Middle East gov entity

• Instagram Head Says iPad App Is Low Priority Because Not Enough People Want It

• Leaked Photos Show New Spring Colors for iPhone 13 Cases

• Hackers will return focus to consumers in 2022

• Russia Limits Access To Twitter Amidst Ukraine Invasion

• How the Eastern Europe Conflict Has Polarized Cyberspace

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of February 21, 2022

• Russia is the advanced persistent threat that just triggered. Ready?

• Ukraine Raises Millions In Cryptocurrency Donations

• Fileless Malware SockDetour Remain stealthily on Compromised Windows servers

• Trying to register your antivirus in Windows Security Center?

• Multilingual Cybersecurity Awareness Training adapted for your needs

• How the Ukrainian Conflict Has Polarized Cyberspace

• Australia’s intelligence community dismisses concerns about proposed data-gathering powers

• How The Eastern Europe Conflict Polarized Cyberspace

• Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API

• Product showcase: SharePass – Secure communication made simple

• Leveraging mobile networks to threaten national security

• Take a dev-centric approach to cloud-native AppSec testing

• MuddyWater Cyber Alert issued by CISA

• Ransomware attack on NVIDIA

• Cyber Attack Trends In The Midst Of Warfare – The numbers behind the first days of the conflict

• Cybercrime getting more destructive, remote workers in the crosshairs

• How prepared are organizations to face email-based ransomware attacks?

• Tech world’s Ukraine response mixes evacuation efforts, ad bans, free phones, infosec FUD

• Authorization is bridging the gap between security and IAM

• Container security market to reach $3.6 billion by 2026

• Perimeter 81 Secure Web Gateway blocks access to specific URLs or categories of websites

• Elon Musk activates Starlink to help keep Ukraine’s internet up and running

• Meta blocks Russian state-media accounts in Ukraine

• Importance of soft skills in Technology

• Ukraine border control hit with wiper cyberattack, slowing refugee crossing

• Beware of charity scams exploiting war in Ukraine

Generated on 2022-03-01 23:55:34.435154