IT Security News Daily Summary 2022-04-04

• What is Metatrader4?

• Can small businesses keep up with defense cyber requirements?

• Millions of Installations Potentially Vulnerable to Spring Framework Flaw

• The NDO Fairness Act Is an Important Step Towards Transparency

• Just Because You’re Small, Doesn’t Mean You’re Safe – Why SMBs are lucrative targets for cyber adversaries

• Just Scan It with JFScan

• Taking a Proactive Approach to Cybersecurity With Laurie Williams [Podcast]

• State Department announces first Bureau of Cyberspace and Digital Policy

• Ransomware tests local governments

• The census missed some folks. These cities want them counted.

• Open bus data makes transit schedules more reliable

• Mandiant shareholder sues to block $5.4b Google deal

• Just Because You’re Small, Doesn’t Mean You’re Safe – Why SMBs are lucrative targets for cyber adversaries

• Taking a Proactive Approach to Cybersecurity With Laurie Williams [Podcast]

• State Department announces first Bureau of Cyberspace and Digital Policy

• The census missed some folks. These cities want them counted.

• Open bus data makes transit schedules more reliable

• How Do I Decide Whether to Buy or Build in Security?

• Mandiant shareholder sues to block $5.4b Google deal

• VMware released updates to fix the Spring4Shell vulnerability in multiple products

• Just Scan It with JFScan

• Ransomware tests local governments

• Beware of These 5 Tax Scams

• Here’s What Electoral Count Act Reform Should Look Like

• TOTOLINK Routers, Other Device Exploits Added to Beastmode Botnet

• Report: Facebook Gave User Data Away To Hackers

• NCSC Suggests to Reconsider Russian Supply Chain Risks

• How to use OpenID Connect for authentication

• How to implement OpenID Connect for single-page applications

• Anonymous Wages a Cyber War Against Russia, Targets Oligarchs

• British Police Charge Teenagers in LAPSUS$ Gang Connection

• Cyberattacks have yet to play a significant role in Russia’s battlefield operations in Ukraine – cyberwarfare experts explain the likely reasons

• Soaring ransomware payments, consistent infections, deceptive URLs and more in this year’s 2022 BrightCloud® Threat Report

• BlackGuard Password Stealing Malware Being Sold on Russian Hacking Forums

• Microsoft CRSP shares the ways human behavior affects compromise recovery

• Welcome to the Age of Zero Trust

• 5 ways to spring clean your security

• Cadbury Warns of Easter Egg Scam

• Jail Releases 300 Suspects Due to Computer “Glitch”

• Day of Action for Antitrust: Our Rights Are Tied to Having Choices

• Two Teenagers of Lapsus$ Hacking Group Charged

• Borat RAT: Multiple threat of ransomware, DDoS and spyware

• JavaScript supply chain issues

• Luhn algorithm (modulus 10)

• Performance measurement is alive and well

• Activist Admits Shutting Down California County’s Website

• Darkweb researcher warns of possible cyberattack against Indonesian energy company Perushaan Gas Negare

• Data on stolen Apple iPhones to be made more secure now

• Code Injection Vulnerability Found In Spring Cloud Framework

• Experts spotted a new Android malware while investigating by Russia-linked Turla APT

• Spring4Shell (CVE-2022-22965): details and mitigations

• Ola Finance: Attackers Stole $4.7M in ‘Re-Entrancy’ Exploit

• Threat Actors Abuse Calendly App to Steal Account Credentials

• Risks And Trends In Cybersecurity

• Half of Organizations Have Experienced a Cyber Attack on Their Critical IT Assets

• MITRE Engenuity ATT&CK® Evaluations Results Highlight Check Point’s leadership in Endpoint Security with a 100% Detection Across all Attack Steps

• Borat RAT malware: A ‘unique’ triple threat that is far from funny

• China Accused Of Cyber Attacks On Ukraine Before Russian Invasion

• Borat RAT Malware: A Unique Triple Threat That Is Far From Funny

• Emma Sleep Company Admits Checkout Cyber Attack

• A Hacker Gang’s Members Are In Jail. It’s Still Stealing Data.

• Elephant Framework Delivered in Phishing Attacks Against Ukrainian Organizations

• Endpoint Security: Why It’s Essential Now More Than Ever

• New Android Spyware Uses Turla-Linked Infrastructure

• Cybersecurity Mesh: IT’s Answer to Cloud Security

• Researchers Uncover New Android Spyware With C2 Server Linked to Turla Hackers

• Brokenwire attack, how hackers can disrupt charging for electric vehicles

• Lawmakers move to ‘crack down’ on dark web-based opioid trafficking

• Cybersecurity M&A Roundup: 39 Deals Announced in March 2022

• What the Pandemic Has Taught Us

• Announcing General Availability of Remote Desktop Protocol Support for Duo Network Gateway

• Japanese Confectionary Morinaga Disclosed Data Breach

• CISA Warns Internet-Connected UPS Users To Be Wary Of Cyberattacks

• Wyze Cam Vulnerabilities Expose Saved Videos To Hackers

• ImpressCMS Vulnerabilities Could Allow RCE Attacks

• Zyxel Warns Firewall Users of Authentication Bypass Vulnerability

• “Free easter chocolate basket” is a social media scam after your personal details

• AI’s growing enterprise gaps explain why AWS SageMaker is growing

• Borat RAT malware: a ‘unique’ triple threat that is far from funny

• Harnessing Neurodiversity Within Cybersecurity Teams

• Intelligent alert management

• WINNING TACTICS FOR SECURITY AWARENESS INNOVATIONS via EXPERIENCE (1 of 2)

• To Mimic Microsoft, Phishing Employs Azure Static Web Pages

• Spanish energy giant hit by data breach

• A Fake Data Breach Used Emails to Steal Cryptocurrency Wallets

• Watch Out Electric Vehicle Owners – Brokenwire Attack Remotely Disrupts Charging

• PCI DSS 4.0; It’s time to get serious on Magecart

• Turkey seeks 40,000-year sentences for alleged cryptocurrency exit scammers

• How Explosions Actually Kill

• Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware

• Russian intelligence food habits leaked from food delivery app data breach

• North Korea hackers sending Corona Vaccine related phishing emails

• Once Again, Check Point Software Positions as a Leader across Multiple G2 Leadership Quadrants

• Vendors Assessing Impact of Spring4Shell Vulnerability

• GitLab Patches Critical Account Takeover Vulnerability

• Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles

• Trezor customers phished following MailChimp breach

• New RAT Dubbed Borat Emerging on the Cyberthreat Landscape

• India Launches Probe After E-Scooter Fires

• Emma Sleep Company admits checkout cyber attack

• A week in security (March 28 – April 3)

• Update now! Zyxel patches critical firewall bypass vulnerability

• Scammers are lurking on dating apps

• Trezor Customers Phished After MailChimp Compromise

• WeChat Disables Accounts Linked To NFTs

• Consulting Company Responds Over Facebook ‘Smear’ Report

• UK Charges Alleged Lapsus$ Gang Members With Hacking

• Scottish Power Parent Company Hit by Data Breach

• UK Teens Charged With Hacking After Lapsus$ Arrests

• Bitcoin Mining Start-Up To Make Nasdaq Debut

• Lapsus Teen Suspects Have their Day in Court

• 82% of public sector software apps have security flaws

• Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums

• An In-Depth Look at ICS Vulnerabilities Part 2

• Amazon Staten Island Warehouse Votes To Unionise In ‘Historic’ Move

• British Robot Artist To Hold Solo Show In Venice

• Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers

• The challenges of consumer data and PII usage

• The CISO as brand enabler, customer advocate, and product visionary

• Experts discovered 15-Year-Old vulnerabilities in the PEAR PHP repository

• Borat RAT, a new RAT that performs ransomware and DDoS attacks

• New and less known cybersecurity risks you should be aware of

• Security flaws found in 82% of public sector software applications

• Mainframe still powering critical business operations

• Vulnerabilities and cyberattacks that marked the year 2021

• IT in manufacturing insufficiently prepared to support long-term hybrid work

• Infosec products of the month: March 2022

• Application security market to reach $13.1 billion by 2025

• Orca Security adds attack path analysis capability to improve the effectiveness of security teams

• OpenNMS Meridian 2022 helps enterprises reduce potential security risks

• How Internet Censorship Affects You – Pros and Cons

• IT Security News Weekly Summary – Week 13

• IT Security News Daily Summary 2022-04-03

• Three Ways IP Data Enhances Cyber Security

• Your Guide to the NIST Cybersecurity Framework

• Info Stealing BlackGuard Malware is Advertised for Sale on Russian Hacking Forums

• Viasat: Acid Rain Virus Disable Satellite Modems

• Adversarial AI and the dystopian future of tech

• Dispersive Holdings Announces Version 4.3 Network Fabric, Showcasing New User Experience

• Apriori Network System’s Innovative Optical Fiber Hack-Proof Solution a Better Value Proposition than Quantum Encryption

• Changes to the CISSP Exam Length Coming Soon

• China-linked APT Deep Panda employs new Fire Chili Windows rootkit

• What Does Arming an Insurgency in Ukraine Mean?

• BlackGuard – New Password Stealing Malware Sold In Russian Hacking Forum

• Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict

• Blockchains Have a ‘Bridge’ Problem, and Hackers Know It

• Security Affairs newsletter Round 359 by Pierluigi Paganini

• Severe Flaws in Rockwell PLC Could Allow Attackers to Implant Malicious Code

• NSA Employee Indicted for ‘Leaking Top Secret Info’ To a Woman

• Week in review: Spring4Shell vulnerability, attackers exploiting patched RCE in Sophos Firewall

• PCI DSS Launches New Version to Tackle Cyber Security Threats

• CrowdStrike Achieves 100% Prevention in Fourth Round of MITRE Engenuity ATT&CK® Enterprise Evaluations

• Tips from a CISO: How to Create a Security Program

• Aparavi partners with Wasabi to improve data storage and management strategies for organizations

Generated on 2022-04-04 23:55:22.885242