IT Security News Daily Summary 2022-03-26

• Azurite – An Azure AD Enumeration Tool

• How to Fix Mid-Market Security Using Intelligent Automation and AI

• 5 Ways Cybersecurity Will Change In 2022

• Milliseconds matter: The business impact of data responsiveness

• 5-Step Cyber Threat Hunting Process

• Anonymous Plan to Release 35,000 Documents, Targeting Russia’s Central Bank

• Microweber Creators Patched XSS Flaw in CMS Software

• HackerOne Removed Kaspersky Bug Bounty Program From Its Platform

• Vidar Spyware Exploits Microsoft Help Files to Bypass Detection

• KnowBe4 Spreads Cyber Awareness Training to Their Community

• FCC adds Kaspersky to Covered List due to unacceptable risks to national security

• Securing the metaverse: 3 critical concepts

• Hunt for Lapsus$ Hackers Leads to a British Teen

• Build or Buy your own antivirus product

• Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion

• FCC Adds Kaspersky and Chinese Telecom Firms to National Security Threat List

• Changes to the CISSP Exam Length Coming Soon

• Top 12 client-side security threats

• DataStax unveils CDC for Astra DB to stream real-time operational data across an enterprise data ecosystem

• ‘Precursor malware’ infection may be sign you’re about to get ransomware, says startup

• Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

• 2022-03-21 – Hancitor infection with Cobalt Strike and Mars Stealer

• 2022-03-21 – Traffic analysis exercise – Burnincandle

• 2022-03-24 – Emotet E4 with Cobalt Strike

• Unit 42: Ransomware demands we’re aware of averaged $2.2m last year

• Confirmed: Anonymous Hacks Central Bank of Russia; Leaks 28GB of Data

• 5 Threat Intelligence Trends

• Foundries.io collaborates with Arduino to provide solutions for Linux-based IoT and edge products

• CoreStack partners with Nirmata to help enterprises protect and govern Kubernetes workloads

• SAML: Still Going Strong After Two Decades

• Unit 42: Ransomware demands averaged $2.2m last year

• DevSecOps: Best Practices for CI/CD Pipeline Security

• Okta on handling of Lapsus$ breach: ‘We made a mistake’

• Addressing Remote Desktop Attacks and Security

• IT Security News Daily Summary 2022-03-25

• Anonymous leaked 28GB of data stolen from the Central Bank of Russia

• DOJ Indicts Russian Gov’t Employees Over Targeting Power Sector

• Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm

• CISA Adds 66 Known Exploited Vulnerabilities to Catalog

• What trends are driving public sector planning in 2022?

• The Labor Dept. wants to revise a Trump-era policy on handling discrimination claims against contractors

• US indicts Russian nationals for critical infrastructure attacks

• Chrome emergency update fixes actively exploited a zero-day bug

• 100s of Russian Building Controllers Can be Remotely Hacked

• The only winner in the Okta Lapsus$ breach is Microsoft

• World Backup Day reminds us all just how precious our data is

• The Fragile Open Source Ecosystem Isn’t Ready for ‘Protestware’

• Pay to play: Ransom demands averaged $2.2m last year

• The 2022 Cyber Incident Reporting Law: Key Issues to Watch

• Another Tracker Scanning App Highlights the Need for a Better Way to Protect Victims From Digital Stalking

• Fileless Malware on Linux: Anatomy of an Attack>

• 6 types of insider threats and how to prevent them

• How Do I Demonstrate the ROI of My Security Program?

• Review Microsoft Defender for endpoint security pros and cons

• WiCyS Members Now Have access to Cyber Defense Challenge Through Target

• Lawmakers move to protect healthcare infrastructure from potential Russian threat

• Week in security with Tony Anscombe

• US, EU Sign Data Transfer Deal to Ease Privacy Concerns

• Here’s How Fast Ransomware Encrypts Files

• EFF Client Erik Johnson and Proctorio Settle Lawsuit Over Bogus DMCA Claims

• Is the metaverse safe?

• We may never know the full details of Russia’s cyberwar against Ukraine

• Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison

• Senate Committee Questions Pentagon’s Information Restrictions

• Hackers from China’s ‘Mustang Panda’ were Utilizing New ‘Hodur’ Malware

• Florida Sheriff’s Officer Charged with Cyber-Flashing Minor

• Strong Customer Authentication (SCA): what to expect

• Russia preparing to conduct cyberattacks, White House warns

• Chinese Hackers Target Betting Firms in South East Asia

• Modern Gaming Sucks Because of Abundance Fatigue

• Major League Baseball Players’ Personal Data Stolen

• Russia’s Invasion of Ukraine and CISA/FBI’s New Era of Transparency

• FBI Witnesses Rising Russian Hacker Interest in US Energy Firms

• 5 Prevalent digital marketing Cybersecurity concerns to watch out for

• Bots Buy Up Raspberry Pi Products | Avast

• Chinese Hackers Seen Targeting Ukraine Post-Invasion

• Risk & Repeat: Lapsus$ highlights poor breach disclosures

• Cisco Secure Endpoint Strikes Balance for School IT Teams

• What Is FOSS Software? Definition, Usage, and Vulnerabilities

• Atlassian flags Bitbucket and Confluence Data Center flaws

• Threat Protection – How to Be Fully-Protected From Cyber Threats

• MixMode Banks $45 Million in Series B Funding

• Utah Becomes Latest US State to Pass a Data Privacy Law

• Chinese threat actor Scarab targets Ukraine, CERT-UA warns

• Hackers remotely start, unlock Honda Civics with $300 tech

• Russian State-Sponsored Amplification of Bio Lab Disinformation Amid War in Ukraine

• 2021 Third-Party Intelligence Threat Landscape

• US Charges 4 Russian Hackers Over Attacks On Energy Sector

• Russia Hacked Ukrainian Satellite Comms, Officials Believe

• Frosties NFT Operators Arrested Over $1.1 Million Rug Pull Scam

• Social Engineering Attacks Target Morgan Stanley Client Accounts

• Oxford Teenager Arrested In Lapsus$ Crackdown

• Report: 57% of consumers are tired of password authentication questions

• Facial recognition inappropriate for high-risk applications, experts say

• A Honda Vulnerability Allows Hackers to Use a Replay Attack

• How to Know if Someone Has Muted You on Messenger?

• Hackers Use XLL Files to Deliver Obfuscated Version of JSSLoader

• EU and US Agree Deal to Reopen Seamless Transatlantic Data Flows

• The Elusive Goal of Network Security

• HR Alone Can’t Solve the Great Resignation

• Frosties NFT operators arrested over $1.1 million ‘rug pull’ scam

• What is ransomware? Everything you need to know about one of the biggest menaces on the web

• These fake crypto wallets want to steal from iPhone and Android users

• UK police arrest seven individuals suspected of being hacking group members

• Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch

• U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide

• Tips from a CISO: How to Create a Security Program

• Japanese Healthcare Firm ‘Doctors Me’ Exposed Images of 12,000 Patients

• Bandura Cyber relaunches as ThreatBlockr with a new solution to block malicious network traffic

• FBI: 649 Ransomware Attacks Reported on Critical Infrastructure Organizations in 2021

• Modernizing Secure Remote Access for a Hybrid Workforce

• Treasury Secretary Janet Yellen on crypto: I have some skepticism, but there are benefits

• Silicon UK In Focus Podcast: Post-Pandemic Entrepreneurs

• UK police arrested 7 alleged members of Lapsus$ extortion gang

• Most IT Bosses View Skills Gap As ‘Urgent Concern’

• Google: We stopped these hackers who were targeting job hunters and crypto firms

• Avast acquires SecureKey Technologies in authentication, identity management push

• How European Rulings Imperil Flagship Google Product

• 7 Suspected Members of LAPSUS$ Hacker Gang, Aged 16 to 21, Arrested in U.K.

• 1-15 March 2022 Cyber Attacks Timeline

• London DJ Surrenders £214,000 of Music Kit in Money Laundering Case

• Gus Simmons’s Memoir

• Teens arrested amidst Lapsus$ crackdown

• Anonymous Claims Hack Of Russia’s Central Bank

• Cybersecurity for banks – Assuring a secure & compliant cloud migration

• Four Russians Charged with Dragonfly Attacks on Critical Infrastructure

• Honda bug allows hackers to unlock and start your car

• What Is Data Loss Prevention and How You Can Approach DLP Security

• UK Teen Arrested in Lapsus Crackdown

• US accuses four Russian Government Officials for launching Cyber Attacks

• Western Australia to invest AUS $25.5 million to bolster state cyber security services

• Lack of Cybersecurity Preparation in SMBs | Avast

• Selenium vs BDD 2.0 (SDD): Which Is Best for End-to-End Testing?

• Introducing Silicon.eu

• Mitek Acquires HooYu for $129m

• Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users

• US indicted 4 Russian government employees for attacks on critical infrastructure

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Data literacy: The most in-demand skill in the future workplace

• The impact of the cloud skills gap on businesses

• The 2021 threat landscape: Trends, threats and techniques

• Most Common Cyber Threats for Businesses

• How AI can fend off supply-chain attacks

• WA government allocates AU$25.5m to expand cybersecurity services

• PJCIS supports passage of second tranche of critical infrastructure cyber laws

• North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT, and Media Firms

• New infosec products of the week: March 25, 2022

• Weekly Update 288

• North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT and Media Firms

• The challenge of planning an IAM strategy for multi-cloud environments to avoid risk

• US DoJ reveals Russian supply chain attack targeting energy sector

• Trends, threats and techniques that comprised the 2021 threat landscape

• The Largest Online Marketplace of Stolen Login Credentials Seized by Law Enforcement

• Morrison wants organisations to prioritise trust over efficiency for data security

• How the cloud skills gap is hindering business development

• This Week in Security News – March 25, 2022

• Data literacy to lead global workplaces by 2030

• How to unlock a resilient hybrid work plan

• Big data as a service market to reach $101 billion by 2028

• Distributor dumps Kaspersky to show solidarity with Ukraine

• CynergisTek Reports Fourth Quarter and Full Year 2021 Financial Results

• Semperis Extends Breach Preparedness and Incident Response Services for Identity-Based Cyberattacks to Broader Customer Set

• Working with MSSPs to optimize XDR

• US Charges Russian Hackers Over Infamous Triton, Havex Cyberattacks on Energy Sector

• TRIMEDX improves medical device cybersecurity with new cloud-based features

• Entrust announces four solutions to help enterprises prepare for the post quantum world

• Tobii Aware enhances privacy and security in the new commercial line of MSI laptops

• DTEX Systems extends scope and protection of Microsoft 365 E5 modules

• Attivo Network enhancements strengthen protection of Active Directory in Azure

• Qumulo CSI driver simplifies Kubernetes workflows on unstructured data

• Cisco accelerates hybrid cloud operations with new innovations

• Ermetic launches open source tool that analyzes AWS CloudTrail AccessDenied events

• Russian Court Bans Facebook And Instagram For “Extremist Activities”

• UK police arrest 7 hacking suspects – have they bust the LAPSUS$ gang?

• We blocked North Korea’s Chrome exploit, says Google

• 5 Tips for a Successful Threat Hunt

• Russian nationals charged for alleged roles in DragonFly and Triton hacks

• EY collaborates with Infosys to accelerate digital transformation for organizations

• DCSA selects C3 AI to improve security clearance processing

• Ping Identity partners with TD SYNNEX to offer identity security solutions to North America

• Feds Allege Destructive Russian Hackers Targeted US Refineries

• Justice Department Charges Four Russian Nationals for Global Hacking Campaign Targeting the Energy Sector

• Bobby Napiltonia joins Okera as President

• Karlsgate raises $4 million to bring zero trust approach to data connectivity

• Mitek acquires HooYu for £98 million to help businesses combat fraud

• Avast acquires SecureKey Technologies to expand its identity product and services portfolio

• Anti-war open-source software developer targets Russians and Belarussians with “protestware”

• Windows Event Log Evasion Review

• Shing Pan and Susan Sumner join VIQ Solutions Board of Directors

• Cowbell Cyber hires Joshua Chan as CTO

• Netskope names Daniel Hartert CxO Advisor in Europe

Generated on 2022-03-26 23:55:22.026376