IT Security News Daily Summary 2022-05-24

• Is it really technology that makes a city smart?

• MFA technology is rapidly evolving — are mandates next?

• New Attack Shows Weaponized PDF Files Remain a Threat

• Get More from Your Cybersecurity Spend When Inflation Rates Climb

• Netskope releases new data loss prevention solution

• DeFi Is Getting Pummeled by Cybercriminals

• OneTrust releases ‘first’ trust intelligence platform for compliance

• 142 Million MGM Resorts Records Leaked on Telegram for Free Download

• New Connecticut Privacy Law Makes Path to Compliance More Complex

• Emulating impossible ‘unipolar’ laser pulses paves the way for processing quantum information

• Voice phishing attacks reach all-time high

• As remote work persists, cities struggle to adapt

• Video: Fireside Chat With Shane Huntley, Director at Google’s Threat Analysis Group

• XM Cyber Adds New Security Capability for Microsoft Active Directory

• Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT

• DOD to debut virtual desktops for certain highly classified programs

• Strong Password Policy Isn’t Enough, Study Shows

• Safeguarding Android Users From Zero-Day Attacks

• Bad Bot Traffic is Significantly Contributing to Rise of Online Scam

• PDF Smuggles Microsoft Word Doc to Deliever Snake Keylogger Malware

• Swagger UI Library Vulnerability Potentially Affects Multiple Services

• 2022-05-23 – IcedID infection with DarkVNC traffic

• This crafty tool can eavesdrop on 6G wireless signals

• Zuckerberg Sued By DC Attorney General Over Cambridge Analytica Data Scandal

• GDPR Anniversary, Expert Insight On What Lead To GDPR Fines

• Chicago Public Schools Data Breach – Expert Comments

• Facial Recognition Company Clearview Ai Fined £7.5m For Illegally Using Images Of Brits Scraped From Online

• The 8 Design Principles Of A Zero Trust Network

• Why do hackers keep coming back to attack you? Because they can

• Organizations are More Susceptible to Known Vulnerabilities in Comparison to Zero-Day Flaw

• Ransomware Attacks Increasing at “Alarming” Rate

• Senate Report: US Government Lacks Comprehensive Data on Ransomware

• New Statistics Confirm the Continuing Decline in the Use of National Surveillance Authorities

• Opportunity to Reform the Department of Homeland Security’s Biodefense Operations and Governance

• CCSP Exam – Many Changes on the Way!

• Morse Code: How did it change communication?

• How DNS filtering can help protect your business from Cybersecurity threats

• Cybersecurity and resilience: board-level issues

• Facebook opens political ad data vaults to researchers

• Netskope Expands Data Protection Capabilities to Endpoint Devices and Private Apps

• How to Develop Machine Learning Skills for Every Employee in Your Company

• Cyber Attack on General Motors exposes customer details

• Personal Data of Tens of Millions of Russians and Ukrainians Exposed Online

• How to create a Docker secret and use it to deploy a service

• Crypto Hacks Aren’t a Niche Concern; They Impact Wider Society

• Nisos Announces $15 Million in Series B Funding Round

• CISA Adds 20 Known Exploited Vulnerabilities to Catalog

• Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys

• PyPI Served Malicious Version of Popular ‘Ctx’ Python Package

• CISA Adds 20 Known Exploited Vulnerabilities to Catalog

• These are the flaws that let hackers attack blockchain and DeFi projects

• Semperis Banks $200 Million to Scale Enterprise ID Protection Tech

• What Is Ping of Death?

• Instagram verification services: What are the dangers?

• A favorite of cybercriminals and nation states, ransomware incidents increase again

• LimaCharlie Banks $5.45 Million in Seed Funding

• Red Access Raises $6 Million for Secure Browsing Tech

• BNP Paribas Joins JP Morgan Blockchain Trading Network

• How to Analyze Phishing Email Files

• Cybersecurity Tips for a Safer Vacation

• Fronton IOT Botnet Packs Disinformation Punch

• Account pre-hijacking attacks possible on many online services

• Tidelift raises $27M to secure open-source supply chain

• Hackers Can ‘Pre-Hijack’ Online Accounts Before They Are Created by Users

• Microsoft warns of new highly evasive web skimming campaigns

• The Incredible Shrinking FISA: CY 2021 Statistics Confirm the Continuing Decline in the Use of National Surveillance Authorities

• Introducing Autocomplete for VirusTotal Intelligence queries

• SEC Held Off Elon Musk Enforcement ‘Due To Court Fears’

• General Motors suffers credential stuffing attack

• New Chaos Ransomware Builder Variant “Yashma” Discovered in the Wild

• SIM-based Authentication Aims to Transform Device Binding Security to End Phishing

• Anonymous Declares Cyber-War On Pro-Russian Hacker Gang Killnet

• GDPR Anniversay, Expert Insight On What Lead To GDPR Fines

• Tidelift raises $27M to secure open source supply chain

• Snap Earnings Warning Triggers Tech Sell-Off

• Microsoft: Credit card skimmers are switching techniques to hide their attacks

• Cabinet Office Reports 800 Missing Electronic Devices in Three Years

• Open Source Intelligence May Be Changing Old-School War

• Malware Analysis: Trickbot

• The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking

• The Fault in Our kubelets: Analyzing the Security of Publicly Exposed Kubernetes Clusters

• Russian Operator Discounts Smartphones As Sanctions Bite

• Twisted Panda: Chinese APT Launch Spy Operation Against Russian Defence Institutes

• Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware

• Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

• RansomHouse: Bug bounty hunters gone rogue?

• China lashes out at US-led Asia-Pacific trade framework

• This era of big tech exceptionalism has got to end: Australian eSafety Commissioner

• IBM is helping these schools build up their ransomware defenses

• SolarWinds: Here’s how we’re building everything around this new cybersecurity strategy

• Conti Ransomware Gang Shut Down After Splitting into Smaller Groups

• Cyberattack on General Motors exposes customer data

• It’s 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017

• Clearview AI Fined £7.5m Over Facial Recognition Data

• US Car Giant General Motors Hit by Cyber-Attack Exposing Car Owners’ Personal Info

• Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

• Clearview AI fined £7.5m for harvesting data

• GM Credential Stuffing Attack Reveals Automobile Owners’ Details

• This Malware-spreading PDF Uses a Clever File Name to Fool the Unsuspecting Victims

• Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

• ICO Fines Clearview AI £7.5m for Collecting UK Citizens’ Data

• The Surveillance State Is Primed for Criminalized Abortion

• Nation-state malware could become a commodity on dark web soon, Interpol warns

• Pre-hijacking Attacks of user accounts are on the rise

• Airbnb To Pull Out Of China Amidst ‘Pandemic Challenges’

• Unknown APT group has targeted Russia repeatedly since Ukraine invasion

• 7 ways to protect your network from wardriving attacks

• Crypto Investor Arrested After Visiting Home Of TerraUSD Founder

• Since organizations apply more compliance programs, proper planning is essential

• Paying ransom doesn’t guarantee data recovery

• Tips to defeat social engineering attacks

• Can digital identity help with the world refugee crisis?

• Podcast Episode: Securing the Vote

• Beware of New Campaign that Delivers Sophisticated Malware Through PDF Files

• Taking the right approach to data extortion

• SirHurt – 90,655 breached accounts

• Russia-linked Turla APT targets Austria, Estonia, and NATO platform

• What does prioritizing cybersecurity at the leadership level entail?

• (ISC)² Advocates for Membership – Shares Opinions on Proposed UK Standards and Pathway

• Stories from the SOC – Persistent malware

• Cyber Attack news headlines trending on Google

• Conti Ransomware to shut down and come rebranded into multiple groups

• Biden launches Indo-Pacific economic framework to counter China

• Vishing cases reach all time high

• How Secure is the Bitcoin Blockchain?

• Key findings from the DBIR: The most common paths to enterprise estates

• Verizon DBIR: Ransomware dominated threat landscape in 2021

• Paying the ransom is not a good recovery strategy

• Fanpass – 112,251 breached accounts

• How confident are CISOs about their security posture?

• CyberCube increases analytical flexibility with Portfolio Manager v4.0

• Why it’s hard to sanction ransomware groups

• Broadcom’s play to acquire VMware could strengthen its enterprise focus

• Fake Windows exploits target infosec community with Cobalt Strike

• UK privacy watchdog fines Clearview AI £7.5m and orders UK data to be deleted

• DC Sues Zuckerberg Over Cambridge Analytica Privacy Breach

• Eseye Infinity empowers customers to scale and evolve their IoT deployment

• Kingston Digital releases external SSD with touch-screen and hardware-encryption

• UK Businesses ‘Falling Behind Europe’ On AI Adoption

• Screencastify fixes bug that would have let rogue websites spy on webcams

• Noname Security partners with BlueFort Security to offer proactive API security

• YouAttest collaborates with JumpCloud to give users access reviews for identity governance

• Jungle Disk acquires ElephantDrive to extend its suite of cloud backup offerings

• Data Brokers and True the Vote are the Real Villains of “2000 Mules” Movie

• New Research Paper: Pre-hijacking Attacks on Web User Accounts

• Authentication considerations for state and local governments

• DirectDefense hires Jared Ballou as VP of Business Development

• SEON appoints PJ Rohall as Head of Fraud Strategy & Education

• Complete Guide to Keylogging in Linux: Part 1>

• An uncomplicated introduction to Uncomplicated Firewall

• signNow vs Citrix RightSignature: Electronic signature software comparison

• Erez Naveh joins Bright Data as VP of Product

• OneSpan appoints Michael Klieman as CPO

• How to Optimize Your Database Storage in MySQL

• IT Security News Daily Summary 2022-05-23

• $13.5M in new TMF awards to NARA, USDA

• Veeam data protection aids users with secure restores

• Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems

• Multiple Governments Buying Android Zero-Days for Spying: Google

• AdvIntel: Conti rebranding as several new ransomware groups

• USPS Plans to Close More Facilities and Repurpose Those That Remain

• RSA Conference 2022: Adjusting to ongoing transformation

• EFF to Court: California Law Does Not Bar Content Moderation on Social Media

• DOD isn’t meeting some of the cybersecurity standards it set for contractors

• Facebook Algorithm Reveals A Lot Of Spam In Top Shared Links

• EFF Opposes Anti-Fiber, Anti-Affordability Legislation in California That Will Raise Prices on Middle Income Users

• Common NFT scams and how to avoid them

• DDoS attacks decreased in 2021, still above pre-pandemic levels

• Linux Trojan XorDdos Attacks Surge, Targeting Cloud, IoT

• Anatomy of a DDoS amplification attack

• Anonymous Declares Cyber War Against Pro-Russia Hacker Group Killnet

• Recovering from ransomware attacks starts with better endpoint security

• Why the Employee Experience Is Cyber Resilience

• New DeadBolt Ransomware Attacks Have Been Reported by QNAP

• Labor Department wants to staff up worker protection agencies

• Russia-linked Fronton botnet could run disinformation campaigns

• How to improve risk management using Zero Trust architecture

• Nearly Half of Security Enterprises Store Passwords in Office Documents

• UK’s Most Innovative Cyber SME 2022 Finalists Announced

• Mark Zuckerberg Sued Over Cambridge Analytica Data Breach

• Russian Sberbank: Facing Massive Waves of DDoS Attacks

• How to stay ahead of the Cybersecurity labor crisis and keep growing your business

• Experts highlight how automated decision-making can violate GDPR

• CISA Adds 21 Known Exploited Vulnerabilities to Catalog

• Mozilla Releases Security Products for Multiple Firefox Products

• Is the United States Totalitarian?

• Does American Law Currently Authorize the President to Seize Sovereign Russian Assets?

• Military-made cyberweapons could soon become available on the dark web, Interpol warns

• I think there are more cyber attacks to come, says Palo Alto Networks CEO

• Beneath the surface: Uncovering the shift in web skimming

• Ransomware Attack Leads to a data breach at Chicago Public Schools

• Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022

• CISA Adds 21 Known Exploited Vulnerabilities to Catalog

• Mozilla Releases Security Products for Multiple Firefox Products

• Become a Cybersecurity Hero: An Interview with a White Hat Hacker

• Yes, Containers Are Terrific, But Watch the Security Risks

• (ISC)2 certification counts – how many CSSLP are out there?

• Hunting down your data with Whitney Merrill: Lock and Code S03E11

• Report: 654 Cybersecurity Startups Raised VC Funding in 2020 and 2021, Only 22 Are Led by Women CEOs

• Valeo Networks Acquires Next I.T.

• This malware-spreading PDF uses a sneaky file name to trick the unwary

• New phishing technique lures users with fake chatbot

• Kingston Digital Releases Touch-Screen Hardware-Encrypted External SSD for Data Protection

• Automating firewall configuration with RHEL System Roles

• Navigating The Cyber Arms Race, Expert Weighs In

• Deep Fakes of Elon Musk Promote BitVex Fraud

• Rivian Eyes Profitability Amidst Market Pressure

• How to Respond to Non-Malicious Data Breaches

• Conti Ransomware Operation Shut Down After Brand Becomes Toxic

• After the Okta Breach, Diversify Your Sources of Truth

• A flaw in PayPal can allow attackers to steal money from users’ account

• On Increased Cyber Attack Risk

• The Shield Of Identity-first Security

• Chicago students lose data to ransomware attackers

• Multiple Vulnerabilities Found In Jupiter WordPress Theme

• Protection Tips: How to Prevent Phone Hacking

• My Instagram account was hacked and two-factor authentication didn’t help

• Facial Recognition Firm Clearview AI Fined $9.4 Million by UK Regulator

• Clearview AI face-matching service fined a lot less than expected

• Experts highlight how automated decision making can violate the GDPR

• Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

• Snake Keylogger Spreads Through Malicious PDFs

• Journey Into Cybersecurity – Conversations with Cyber Newcomers, Part 1

• New York Comptroller Calls For Votes Against Twitter, Meta Directors

• Predator Spyware Using Zero-day to Target Android Devices

• Over $1.1 Million Awarded at Pwn2Own Vancouver 2022 for 25 Zero-Day Vulnerabilities

• Davos Forum Sees Major Influx Of Crypto Firms

• How GDPR Is Failing

• 500,000 Chicago Students’ Data Exposed in Ransomware Attack

• Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers

• New Unpatched Bug Could Let Attackers Steal Money from PayPal Users

• Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns

• ISaPWN – research on the security of ISaGRAF Runtime

• Top 5 Data Integration Challenges and Ways to Navigate them

• Top financial scams: Imposter scams, romance scams, and prizes

• Cisco Warns of Exploitation Attempts Targeting New IOS XR Vulnerability

• A week in security (May 16 – 22)

• Has the UK government been hacked

• Ericsson, Deutsche Telekom Test Wind Power For 5G Site

• Ransomware Hackers Steal Personal Data of 500,000 Students and Staff in Chicago

• Chinese hackers caught spying on Russian defence institutes

• Cloudflare joins EU Cloud Code of Conduct, the path to trusted cloud services

• Broadcom ‘In Talks’ To Acquire VMware

• IBM Dives Into TrickBot Gang’s Malware Crypting Operation

• PayPal Pays a Hacker $200,000 for Discovering ‘One-Click-Hack’ Vulnerability

• Cytrox’s Predator spyware used zero-day exploits in 3 campaigns

• Cryptocurrency scammers use Elon Musk deep fake

• Hackers Distribute Vidar Malware By Tricking Users with Fake Windows 11 Downloads

• Anonymous Declares Cyber-War on Pro-Russian Hacker Gang Killnet

• WhatsApp Adds Customised Business Chats

• 8 Reasons Manpower Tracking Is Important In Construction

• Top Tips for Businesses to Increase Operational Efficiency

• Should the FDA have done more months ago about an impending baby formula shortage?

• Regulatory Compliance in the Cloud: What you Need to Know

• How to find NPM dependencies vulnerable to account hijacking

• Threat actors target the infoSec community with fake PoC exploits

• Microsoft sounds the alarm on — wait for it — a Linux botnet

• Chinese “Twisted Panda” Hackers Caught Spying on Russian Defense Institutes

• You should be able to trust organizations that handle your personal data

• South Korean and US presidents gang up on North Korea’s cyber-offensives

• Kaspersky confirms SMBs are sureshot targets for Hackers

• Goodwill Ransomware making victims donate to poor

• 3 key elements to protect a Kubernetes cluster

• Ransomware still winning: Average ransom demand jumped by 45%

• The Best Cyber Security Jobs in The UK According to Data

• Why And How to Eliminate Security’s Biggest Blind Spot: Transport Layer Security (TLS)

• By streamlining compliance, companies can focus more on security

• Why the Cybersecurity Industry Needs to Change Its Siloed Perception

• #TripwireBookClub – Go H*ck Yourself

• Security has become more difficult, IT leaders say

• Breach Exposed Data of Half-Million Chicago Students, Staff

Generated on 2022-05-24 23:55:25.545308