IT Security News Daily Summary 2022-05-10

• Federal CIO talks customer experience

• Signals along ‘Smart Spines’ optimize traffic flow

• VERT Threat Alert: May 2022 Patch Tuesday Analysis

• US, Europe formally blame Russia for data wiper attacks against Ukraine, Viasat

• As important as bulletproof vests: Yubico sends 20,000 keys to Ukrainian government and energy agencies

• APT34 targets Jordan Government using new Saitama backdoor

• Senate bill to update 1960s-era cooperation rules wins support from leading state and local groups

• Docker Desktop for Linux finally arrives

• Hackers have carried out over 65,000 attacks through Windows’ Print Spooler exploit

• US, EU attribute Viasat hack to Russia

• Case study: Scaling DevSecOps at Comcast

• Cyber assistance ranks high on National Guard requested services, chief says

• What are some tips for storage of sensitive data?

• Hackers Are Now Exploiting Windows Event Logs

• AMD Gave Google Cloud Rare Access to Its Tech to Hunt Chip Flaws

• CISA Adds One Known Exploited Vulnerability to Catalog

• Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925)

• Security Above and Beyond CNAPPs

• It’s time for startups to get proactive and prioritize security

• Data collection featured in new bill targeting equity at FEMA

• Red Hat Enterprise Linux 9: Security baked in

• CISA Adds One Known Exploited Vulnerability to Catalog

• Reproductive Privacy Requires Data Privacy

• Caramel Credit Card Theft is Proliferating Day by Day

• Survey: 93% of Americans fear cyber warfare against U.S.

• Internet service essentially free for millions under new Biden program

• New Malware Samples Indicate Return of REvil Ransomware

• Patch Tuesday: Microsoft Warns of New Zero-Day Being Exploited

• Semiconductor Investments Won’t Pay Off If Congress Doesn’t Fix the Talent Bottleneck

• Personal details of 21M SuperVPN, GeckoVPN users leaked on Telegram

• Microsoft Azure Vulnerability Allowed Code Execution, Data Theft

• Lincoln College Set to Close After Crippling Cyberattack

• FirstNet, NIST launch immersive emergency response training lab

• Colonial Pipeline facing $1,000,000 fine for poor recovery plans

• Electric eels inspired the first battery two centuries ago and now point a way to future battery technologies

• Adobe Warns of ‘Critical’ Security Flaws in Enterprise Products

• Podcast Episode: The Philosopher King

• A Token of Thanks for a Brighter Future

• SoftServe Opens Delivery Center in Bucharest, Romania to Expand Regional Capabilities

• Consilio Announces Launch of Complete Enterprise to Drive Evolution for Legal Operations with Proven Technology and People Solutions

• What to look for in a vCISO as a service

• How and why you should secure APIs

• DevOps release process

• Spain’s Spy Chief Sacked Over Pegasus Scandal

• Cybercriminals Are Increasingly Exploiting Vulnerabilities in Windows Print Spooler

• Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines

• U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

• Microsoft security experts outline next steps after compromise recovery

• Fake Crypto Giveaways Use Elon Musk Ark Invest Video to Steal Millions of Dollars

• South Korea Joins NATO’s Cyber Research Centre, Becomes First Asian Member

• Watch out for these signs to know whether your phone is hacked

• Ransomware has gone down because sanctions against Russia are making life harder for attackers

• Many security executives say they’re unprepared for the threats that lie ahead

• Credit card skimming services make it easy for low-level cybercriminals to join the game

• Onapsis Announces New Offering to Jumpstart Security for SAP Customers

• 5-Buck DCRat Malware Foretells a Worrying Cyber Future

• Arctic Wolf Launches Arctic Wolf Labs Focused on Security Operations Research and Intelligence Reporting

• Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines

• U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

• Patch Tuesday

• Best Business Continuity Software in 2022

• Malware goes regional as attackers change tactics

• Microsoft: The ransomware world is changing, here’s what you need to know

• Microsoft fixed RCE flaw in a driver used by Azure Synapse and Data Factory

• More and More Companies Are Getting Hit with Ransomware [2021-2022]

• What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?

• Western Intelligence Blames Russia for Europe-Wide Cyber-Attack

• Mastering the New CISO Playbook

• Fostering a culture that normalizes mental health discussions

• The Business Case for Modernizing On-Premises and Cloud-Based Database Security

• IBM ‘Unsure’ How Long It Can Keep Paying Russian Staff

• This AI Can Generate Unique and Free Bored Ape NFTs

• Lincoln College Closed its Doors after 157 Due to Recent Cyber Attack

• New REvil Samples Indicate Ransomware Gang is Back After Months of Inactivity

• Mental Health Awareness Week: How Does Cybercrime Affect Victims’ Mental Wellbeing?

• Horizon3ai Publishes Root Cause Of CVE-2022-1388, F5’s BIG-IP iControl REST Endpoint Critical Vulnerability

• Client side scanning may cost more than it delivers

• Vulnerabilities That Allow Hijacking of Most Ransomware to Prevent File Encryption

• Meta Criticises ‘Clearly Flawed’ German Decision In Court

• Abnormal Security Raises $200 million to thwart phishing emails

• Red Hat Enterprise Linux 9 offers new solution to verify the integrity of OS’s

• Government hackers made hundreds of thousands of stolen credit cards ‘worthless’ to crooks

• Hackers Actively Exploit F5 BIG-IP Bug

• SANS 2022 Cloud Security Survey

• 2022 Cyber Defenders Playbook

• Webinar Optimizing Your Azure Sentinel Platform

• A Complete Guide to Modernizing Your Security Operations Center

• Email Security Firm Abnormal Security Raises $210 Million at $4 Billion Valuation

• YL Ventures Closes $400 Million Cybersecurity Investment Fund

• How to Check If Your F5 BIG-IP Device Is Vulnerable

• Experts Detail Saintstealer and Prynt Stealer Info-Stealing Malware Families

• What Does The Future Hold For Blockchain Within Third-Party Risk Management?

• Response To Queen’s Speech Data Reform Bill “Government And Business Must Approach Privacy And Innovation As Partners”

• Patch Tuesday May 2022 – Microsoft Pledges Fixes and Improvements for Azure Synapse Pipeline and Azure Data Factory

• DarkCrystal RAT Offers Many Capabilities for Very Low Price

• Managing Red Hat Enterprise Linux at the edge

• “Chemical attack” email warnings deliver Jester Stealer malware

• Conti Ransomware Attack Spurs State of Emergency in Costa Rica

• Technical Details, IoCs Available for Actively Exploited BIG-IP Vulnerability

• Spain’s Spy Chief Sacked Over Phone Hacking Scandal

• EU Blames Russia for Satellite Hack Ahead of Ukraine Invasion

• #CYBERUK22: Jeremy Fleming Argues Offensive Capabilities Required to Be Global Cyber Power

• Cisco Partner Story: Security Resilience is a Journey, Not a Destination

• Don’t Underestimate the DCRat Malware!

• Funding Round Values Cryptocurrency Exchange KuCoin At $10bn

• Crypto romance scams steal victims’ life savings

• Cloud computing security: New guidance aims to keep your data safe from cyberattacks and breaches

• Ransomware attack and COVID woes force this 150-year-old college to shut down

• India Demands VPNs, VPS, And Crypto Exchanges To Log User Data

• New malware attack stores payloads in the Windows event log

• QNAP Patches Critical Vulnerability in Network Surveillance Products

• Critical F5 BIG-IP Vulnerability Exploited by Hackers

• Examining the Black Basta Ransomware’s Infection Routine

• Former Meta Content Moderator Sues Company In Kenya

• Info-stealer Campaign targets German Car Dealerships and Manufacturers

• 7 Steps to Start Reducing Risk to Your Critical Infrastructure Quickly

• Microsoft Flexes Security Vendor Muscles With Managed Services

• Lincoln College to Close

• Sony Plans To Sell 18 Million PlayStation 5 Consoles This Year

• Scammer posed as cybersecurity chief in phishing email

• Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory

• NCSC shut down 2.7 million scams in 2021

• Cyberattacks lead to US college closure

• A New Regulation Seeks to Secure Non-HIPAA Digital Health Apps

• Critical Infrastructure Firms See Cyber-Attacks Surge

• Research finds over 31,000 stolen credentials from the FTSE 100 on the Dark Web

• Tesla ‘Halts Most Production’ At Shanghai Plant

• UK Government Security Experts Take Down 2.7 Million Scams

• Researchers Find 31,000 FTSE 100 Logins on Dark Web

• U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack

• Musk Lays Out Twitter Plans In Leaked Document

• Multiple QNAP Flaws Let attackers to Access and Read Sensitive Data

• Top 7 Speech-to-Text Apps for Students: Free and Paid

• Clearview AI agrees to restrict sales of facial recognition technology

• Threat actors are actively exploiting CVE-2022-1388 RCE in F5 BIG-IP

• Hacktivists hacked Russian TV schedules during Victory Day and displayed anti-war messages

• Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

• Russian TV hacked on Victory Day Military Parade

• China to discard 50 million computers because of software security concerns from US tech war

• Critical Gems Takeover Bug Reported in RubyGems Package Manager

• Clearwater AI agrees to restrict sales of facial recognition technology

• Five Arctic Wolf Leaders Recognized by CRN as 2022 Women of the Channel

• Celebrating Service and Diversity – Nominate a Colleague Today!

• Analysis on recent wiper attacks: examples and how wiper malware works

• Next CISO headache: Vendor cyber insurance

• Threats to hardware security are growing

• Researchers discover hackers using SEO to rank malicious PDFs on search engines

• How to set up a powerful insider threat program

• Building a Strong Business Case for Security and Compliance

• Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

• Industry pushes back against India’s data security breach reporting requirements

• Codenotary adds observability for Kubernetes and VMware environments

• ADVA OSA SoftSync brings PTP timing technology to server-hosted applications and virtual machines

• Low-rent RAT Worries Researchers

• Settlement Curbs Firm’s Facial Recognition Database in US

• How to Check if Your F5 BIG-IP Device Is Vulnerable

• Stellar Cyber collaborates with NGBPS LIMITED to bring Open XDR to India

• Avaya partners with Microsoft to help customers accelerate their cloud migration

• Kroll and Armis join forces to strengthen cyber resilience for critical systems

• Jocker, Other Fleeceware Surges Back Into Google Play

• What to Do If You Can’t Log In to Your Google Account

• Red Hat and Accenture expand partnership to drive innovation and IT modernization at scale

• NSA recognizes Codebreaker challenger winners in ceremony shedding light on cybersecurity careers

• Intellicheck appoints Jeffrey Ishmael as CFO

• Joker, Other Fleeceware Surges Back Into Google Play

• Relativity announces its SaaS platform is now available in Japan

• Carlos Torales Montero joins Cloudflare as VP, Head of Sales Latin America

• Biden signs cybercrime tracking bill into law

• Idaho maps out cybersecurity strategy

• IT Security News Daily Summary 2022-05-09

• EV infrastructure vulnerabilities put cars, the grid at risk

• Cryptocurrency hype spawns email attacks, FBI says

• Costa Rica Declares State of Emergency Under Sustained Conti Cyberattacks

• How lightweight encryption can protect critical infrastructure for smart cities

• Number ‘100’ And Scams

• Russian TV Schedules Hacked on Victory Day to Show Anti-War Messages

• EFF and Other Civil Society Organizations Issue Report on Danger to Digital Rights in Ola Bini Trial

• Getting Started with the Burp Suite: A Pentesting Tutorial

• 5 Tips to Protect Your Career Against a Narcissist

• It costs just $7 to rent DCRat to backdoor your network

• Senate bill to train acquisition workforce on AI gets House counterpart

• NFTs Emerge as the Next Enterprise Attack Vector

• Google, Apple, Microsoft to Soon Bring Passwordless Sign-Ins for Users

• How to remove yourself from Internet search results and hide your identity

• Meet Kessel Run’s newest chief of staff

• Measuring administrative burden

• ForgeRock vs Okta: Compare IAM software

• Hackers Replace Russian TV Schedules During ‘Victory Day’ With Anti-War Messages

• FBI: Rise in Business Email-based Attacks is a $43B Headache

• Kaspersky uncovers fileless malware inside Windows event logs

• U.S. Offers $15 Million Bounty for Leaders of Conti Ransomware Gang

• Victims of Horizon Actuarial data breach exceed 1M

• Deloitte Launches Expanded Cloud Security Management Platform

• What is the Importance of a Vulnerability Scan?

• US offers $10M bounty for Conti ransomware information

• Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972)

• US offers $15m reward for information about Conti ransomware gang

• Stories from the SOC – Command and Control

• parameter tampering

• Facebook To Discontinue “Nearby Friends” And Other Location Tracking Features

• What on Earth Is the Fediverse?

• How China Is Rewriting the Norms of Human Rights

• Thomson Reuters to Review Human Rights Impact of its Data Collection for ICE

• Costa Rica declares ransomware emergency and Colonial Pipeline Cyber Attack fetches $1 Million penalty

• Caramel Skimmer – Credit Card Stealing Service Sells 2,000 USD For Lifetime Subscription

• Microsoft’s new cybersecurity service combines tech and human experts

• Common LinkedIn scams: Beware of phishing attacks and fake job offers

• RubyGems supply chain rip-and-replace bug fixed – check your logs!

• Agricultural Manufacturer AGCO Hit by Ransomware

• DCRat, only $5 for a fully working remote access trojan

• Update now! F5 BIG-IP vulnerability being actively exploited

• Costa Rica continues defence against sustained Conti ransomware attacks

• Podcast: The State of Secret Sprawl

• Bitcoin Falls To 22-Month Low As Stock Markets Tumble

• Colonial Pipeline Faces Nearly $1m Fine One Year After Ransomware Attack

• Ransomware Plows Through Farm Machinery Giant AGCO

• Small Drones Are Giving Ukraine An Unprecedented Edge

• Recovering from romance scams with Cindy Liebes: Lock and Code S03E10

• Apple Mail Now Blocks Email Trackers

• AT&T launches SASE with Cisco Meraki to enable security anywhere

• How to remove Google from your life

• Scammers Employ Instagram Stories to Target Users

• Panda Security leads the AV-Comparatives’ Performance Tests – again!

• Beware: This cheap and ‘homemade’ malware is surprisingly effective

• National Emergency Declared by Costa Rica Following Conti Cyberattacks

• New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

• Ransomware plows through farm machinery giant AGCO

• FBI: $43 billion in losses are due to Business Email Compromise fraud between 2016 and 2021

• Regulator Proposes $1 Million Fine for Colonial Pipeline One Year After Cyberattack

• Security Stuff Happens: Where Do You Go From Here?

• Top Tips for Improving Browsing Speed

• Agricultural Equipment Maker Hit By Ransomware Attack

• How To Build A DevOps Strategy With APIs

• Microsoft launches cybersecurity services to help clients fight off ransomware and other attacks

• Microsoft Security Experts: Humans and automation to fight off cyber threats

• US Administration ‘Elevates Probe’ Into Kaspersky Lab

• What is cybersecurity? Definition, importance, threats and best practices

• Microsoft launches new managed service category

• Ransomware Attack Hits Production Facilities of Agricultural Equipment Giant AGCO

• Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

• Building a safer world together with our partners—introducing Microsoft Security Experts

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 2, 2022

• Experts Sound Alarm on DCRat Backdoor Being Sold on Russian Hacking Forums

• CERT-UA warns of malspam attacks distributing the Jester info stealer

• A special browser designed for online banking. Good idea, or not so much?

• Colonial Pipeline faces nearly $1m fine one year after ransomware attack

• Amazon Takes Legal Action Against Fake Review Brokers

• Hackers Hijacked Official Ferrari Subdomain to Host NFT Scam

• RubyGems Fixes Critical Gem Takeover Vulnerability

• Information Leading to the Arrest of Conti Ransomware Co-Conspirators to be Rewarded

• HOT CYBERSECURITY TECHNOLOGIES

• New Raspberry Robin Found Dropping Windows Malware

• Podcast: The State of the Secret Sprawl

• F5 BIG-IP in Attacker Crosshairs Following Disclosure of Critical Vulnerability

• What to Do If You Can’t Log In to Your Google Account

• Google takes steps to better protect Play Store customers

• EFF Warns Over Health App Data After Roe v Wade Report

• UK Tech Watchdog To Be Given Legal Powers

• $600 a week to wrap your car? It’s a scam

• Another Set of Joker Trojan-Laced Android Apps Resurfaces on Google Play Store

• Cybercrime: The Dangerous World of QR Codes

• Cyber attacks cause national emergency in Costa Rica

• Caramel Credit Card Theft Is Becoming Increasingly Popular

• A week in security (May 2 – 8)

• A scanning tool for open-sourced software packages? Yes, please!

• Understanding Russian Hacking Tactics to Power Up Security in the Energy Sector

• Gone Phishing: How Ransomware, Log4j, and Other Exploits Use Your Network to Catch the Big Fish

• China wants its youth to stop giving livestreamers money

• Treasury Sanctions Crypto Firm After North Korea’s $620m Heist

• US government offers up to $15m for Conti info

• Influencer Industry Must Be Regulated, Say MPs

• Bitcoin Falls 50 Percent From November High

• London Police Warn of Crypto Muggings – Report

• Experts developed exploits for CVE-2022-1388 RCE in F5 BIG-IP products

• Ferrari Subdomain was Seized over to Promote a Bogus Ferrari NFT Collection

• NIA Starts Probe into Malware Attacks on Social Media of Defense Personnels

• Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware

• Crypto mixer Blender sanctioned by US Treasury for involvement in $600m Ronin theft

• Attackers are attempting to exploit critical F5 BIG-IP RCE

• Experts uncovered a new wave of attacks conducted by Mustang Panda

• IKEA Canada becomes a victim of a large data breach

• Two Ransomware news headlines trending on Google

• Funding women-led cybersecurity startups: Where are we at?

• The role of streaming machine learning in encrypted traffic analysis

• 5 Potential Solutions to the Cybersecurity Talent Shortage

• The main security challenges when adopting cloud services

• Researchers Develop RCE Exploit for the Latest F5 BIG-IP Vulnerability

• U.S. Offering $10 Million Reward for Information on Conti Ransomware Hackers

• Data centers on steel wheels: Can we trust the safety of the railway infrastructure?

• Siren 12.1 provides organizations with 360 degrees data visibility capability

• AT&T launches SASE with Cisco Meraki to help protect businesses from malicious web-based threats

• Goldman fund manager reveals ‘massive’ opportunity in tech, says investors are missing 2 stocks

• Anonymous NB65 Claims Hack on Russian Payment Processor Qiwi

Generated on 2022-05-10 23:55:30.680751