IT Security News Daily Summary 2022-06-03

• Friday Squid Blogging: More on the “Mind Boggling” Squid Genome

• Accessing Ethereum Archive Nodes With Infura

• How to Prevent Software Supply Chain Attacks

• An Actively Exploited Microsoft Zero-Day Flaw Still Has No Patch

• Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134

• CISA Releases Security Advisory on Dominion Voting Systems Democracy Suite ImageCast X

• Adopting MLSecOps for secure machine learning at scale

• 1Password vs Dashlane: Password manager comparison

• FDA: Patch Illumina DNA Sequencing Instruments, Stat

• Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134

• CISA Releases Security Advisory on Dominion Voting Systems Democracy Suite ImageCast X

• Reno pilots blockchain for historic registry

• Zero trust leaders avert 5 cyber disasters per year on average

• What Counts as “Good Faith Security Research?”

• Announcing the winners of the 2021 GCP VRP Prize

• Critical Atlassian Confluence flaw exploited in the wild

• The Land of Data-Centric Security: Before and After

• Non-human Resources

• Italy Alerts Organizations of Incoming DDoS Attacks

• Tech trade group seeks bumps to TMF, agency-based IT funds

• Data gap poses risks for launch site of VA’s new health record

• FEMA leans into data science to ensure equitable disaster aid distribution

• Foxconn Confirms Ransomware Hit Factory in Mexico

• EFF to Inter-American Court of Human Rights: Colombia’s Surveillance of Human Rights-Defending Lawyers Group Violated International Law

• To cut off all nearby phones with these Chinese chips, this is the bug to exploit

• Digital twins are moving into the mainstream

• Actively Exploited Atlassian Zero-Day Bug Allows Full System Takeover

• Microsoft Disables Iran-Linked Lebanese Hacking Group Polonium

• Iconium Software Releases DataLenz v1.3 for IBM zSystems

• YourCyanide Ransomware Propagates With PasteBin, Discord, Microsoft Links

• The best privacy and security apps for Android

• Behind WhatsApp’s splashy privacy push

• Keeper vs LastPass: Which password manager is better for your business?

• Atlassian announces 0-day hole in Confluence Server – update soon!

• Karakurt Team hits North America and Europe with data theft and extortion

• Ten Eleven Ventures Raises $600M Fund for Cybersecurity Investments

• Ransomware: May 2022 review

• Five Steps to a Secure Cloud Architecture

• Kasada Fortifies Anti-Bot Platform to Disrupt “Solver Service” Supply Chain, Defending Organizations Against the Latest and Stealthiest Automated Threats

• Spirent Federal Presents Multiple Technical Papers at Joint Navigation Conference 2022

• Cyware Grows Sales Channel Leadership in North America by Bringing Aboard Industry Veterans Matt Courchesne and Shashi Nair

• How to Prevent Burnout Among Cybersecurity Professionals Before, During and After a Breach

• New ERMAC 2.0 Trojan Variant Actively Targeting Android Users

• Fake Updates Continue To Be A Digital Risk: What To Do?

• Digital Experience Monitoring: More Important Than Ever

• Attackers are leveraging Follina. What can you do?

• Healthcare providers prefer paying ransom in ransomware attacks

• Conti reforms into several smaller groups, are they now more dangerous than ever?

• Authorities Take Down SMS-based FluBot Android Spyware

• Linux Cybersecurity Education & Training is Integral to Growing Your Career

• Zero-Day Exploitation Of Atlassian Confluence

• Evil Corp Pivots LockBit To Dodge U.S. Sanctions

• Clipminer Rakes In $1.7m In Crypto Hijacking Scam

• FDA Urges Patch Of Illumina Devices

• U.S. Sanctions Curb Chinese Technology Exports to Russia

• Return of the Angry Political Man

• Deadly Secret: Electronic Warfare Shapes Russia-Ukraine War

• Chainguard Bags Massive $50M Series A for Supply Chain Security

• GitLab Issues Security Patch for Critical Account Takeover Vulnerability

• Clipminer Botnet already allowed operators to make at least $1.7 Million

• Unpatched Atlassian Confluence vulnerability is actively exploited

• Software developers, how secure is your software ?

• Why Network Object Management Is Critical for Managing Multicloud Network Security

• Actively Exploited Microsoft Zero-Day Still Doesn’t Have a Patch

• Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor

• LockBit Malware Is Now Used by Evil Corp

• Parental controls: What they can and can’t do for you

• Internet Safety Month: Avoiding the consequences of unsafe Internet practices

• Expert Posts About Blogger’s CSP Flaw

• IoT and OT Impacted by Forescout Proof-of-Concept Ransomware Attack

• CVE-2021-26084: Critical Atlassian Confluence Flaw Exploited in the Wild

• Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again

• CISA Warns of Critical Vulnerabilities in Illumina Genetic Analysis Devices

• Meta Sees Huge Rise In Hate Speech And Violent Content Across Its Platforms In April

• Over 3.6M MySQL Servers Found Unguarded Online

• For Ransomware, Speed Matters

• GM’s Cruise Granted San Francisco Permit For Self-Driving Taxis

• Laminar doubles funding for cloud data security to $67M

• Evil Corp Pivots LockBit to Dodge U.S. Sanctions

• Malwarebyes vs Norton: Compare top antivirus software solutions

• Zero-day Exploited to Target Atlassian Confluence

• Clipminer rakes in $1.7m in crypto hijacking scam

• Lebanese Threat Actor ‘Polonium’ Targets Israeli Organizations

• Industrial Spy Is Now Targeting Corporate Websites to Display Ransom Notes

• The Impact of Technology on Legal Processes for Personal Injury

• The Fight Against Robocall Spam and Scams Heats Up in India

• Healthcare organizations face rising ransomware attacks – and are paying up

• New York Signs Bill To Ban Certain Crypto Mining Operations

• TXOne Unveils New OT Network Security Appliance for SMB Manufacturers

• Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network

• Build an Effective Network Defence by Using NDR

• How to Prevent Cyber Theft?

• Atlassian Confluence Servers Hacked via Zero-Day Vulnerability

• Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

• Unpatched Atlassian Confluence zero-day exploited, fix expected today (CVE-2022-26134)

• Musk ‘Super Bad’ Feeling About Economy, Wants To Axe 10,000 Tesla Staff

• Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

• How to Troubleshoot Home Internet

• Interior issues draft cloud RFP valued at up to $1B

• DDoS attackers continue to innovate, devising new threats and altering attack strategies

• Singapore officially launches digital platform to ease supply chain data flow

• Atlassian: Unpatched critical flaw under attack right now to hijack Confluence – and it’s been there since 2013

• Microsoft blocked Polonium attacks against Israeli organizations

• Twitter fined $150M for selling user data

• White House internships will soon be paid

• Vulnerabilities on UNISOC Processors loaded Android Phones

• Russia to the cyber-attack United States with the help of its Ransomware gangs

• Why You Should Care About Fitness Tracker Security

• Seniors: How to Keep Your Retirement Safe from Online Scams

• New infosec products of the week: June 3, 2022

• Why are many businesses still not using a password manager?

• 5 ways to prevent Ransomware attacks

• Suspicious behavior: OTX Indicator of Compromise – Detection & response

• Vishing attacks: What they are and how organizations can protect themselves

• Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability

• 40% of enterprises don’t include business-critical systems in their cybersecurity monitoring

• Intelligence is key to strategic business decisions

• Armis Asset Vulnerability Management enables organizations to prioritize their mitigation efforts

• Atlassian Releases Security Advisory for Confluence Server and Data Center, CVE-2022-26134

• Traceable AI introduces API Catalog solution to help organizations manage API-related security threats

• SecurityScorecard platform enhancements empower customers to manage and reduce cyber risks

• F5 adds new capabilities to provide customers with more control over modern application architectures

• Parallels RAS 19 improves deployment flexibility for workloads and optimizes data security

• Appgate SDP 6.0 accelerates zero trust implementations for enterprises

• Atlassian Releases Security Advisory for Confluence Server and Data Center, CVE-2022-26134

• VMware Workspace ONE updates enable proactive security for all employee devices

• DarkOwl Ransomware API offers insight into content from ransomware websites hosted on the darknet

• Atlassian Releases Security Advisory for Confluence Server and Data Center, CVE-2022-26134

• Swissbit launches CFexpress 2.0 Type B cards for industrial use

• Arcserve OneXafe 4500 Series delivers increased data security with larger data store

• ESET Threat Report T 1 2022

• Arista Networks announces next generation 7130 Series systems designed for demanding in-network apps

• Solarium successor wants the White House to lead on cyber workforce strategy

• Atlassian: Unpatched critical flaw under attack right now to hijack Confluence

• FBI, CISA: Don’t get caught in Karakurt’s extortion web

• Space Force preps to take on Army, Navy SATCOM this year, official said

• CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog  

• Atlassian Releases Security Updates for Confluence Server and Data Center, CVE-2022-26134

• Asimily collaborates with Extreme Networks to secure IoT devices for healthcare providers

• Okta and Secure Code Warrior join forces to reduce the risk of developers committing insecure code

• Spirion partners with Spire Solutions to address enterprise data privacy needs in the MEA region

• CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog  

• Atlassian Releases Security Updates for Confluence Server and Data Center, CVE-2022-26134

• Bitwarden integrates with three email forwarding services to add another layer of security for users

• FBI Seizes WeLeakInfo, IPStress and OVH-Booter Cybercrime Portals

• Millions of MySQL Servers are Publicly Exposed

• Mark Clayton joins Datto as VP for Asia Pacific

• Obsidian Security strengthens engineering team with four new senior hires

• Accenture appoints Jack Azagury as Group Chief Executive – Strategy & Consulting

• Logicalis US hires Mohammed Ibrahim as VP of Managed Services

• Conti spotted working on exploits for Intel Management Engine flaws

• 45% of cybersecurity professionals have considered quitting the industry

• How to manage your security questions for a local Windows account

• Axon Must Not Arm Drones with Tasers

• IT Security News Daily Summary 2022-06-02

• May ransomware attacks strike municipal governments, IT firms

• Cerberus Sentinel Completes Acquisition of Creatrix, Inc.

• Remotely Controlling Touchscreens

• This dangerous botnet has found a new way to infect your endpoints

• New Microsoft Office zero-day used in attacks to execute PowerShell

• CISA Adds 75 Flaws to Known Vulnerability Catalog in 3 Days

• Three Nigerian men arrested in INTERPOL Operation Killer Bee

• Remembering Apple’s Newton, 30 years on

• Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

• With this VPN and 90+ training courses, take cybersecurity to the next level

• Gurucul Launches Cloud-Native SOC Platform Pushing the Boundaries of Next-Gen SIEM and XDR with Identity Threat Detection and Response

• Intel Chipset Firmware Actively Targeted by Conti Group

• Research Reveals 75% of CISOs Are Worried Too Many Application Vulnerabilities Leak Into Production, Despite a Multi-Layered Security Approach

• Cybersecurity is a pillar of strength in this market, and it’s been oversold, says Wedbush’s Ives

• 45% of cybersecurity professionals have considered quitting the industry due to stress, research reveals

• Automated buses will still need skilled human operators

• pfSense vs Netgear router: What are the main differences?

• Cyber threats in gaming—and 3 tips for staying safe

• Majority of CIOs say their software supply chains are vulnerable, execs demand action

• CyberQ Technologies Inc. Launches Managed AI for Splunk UBA Customers

• US Sanctions Force Evil Corp to Change Tactics

• Microsoft Philanthropies Collaborates With WiCyS to Help Close the Cybersecurity Skills Gap

• New Cloud Pricing and Products Proof of RSA’s Transformation

• Phishers Having a Field Day on WhatsApp, Telegraph

• Update on (ISC)² Entry-Level Cybersecurity Certification Pilot

• Improve Azure storage security with access control tutorial

• Microsoft Leads in Exploited Vulnerabilities; Office is Latest Target

• Threat Detection Software: A Deep Dive

• Enhance Network Resiliency with Contingency DDoS Protection

• San Francisco Police Nailed for Violating Public Records Laws Regarding Face Recognition and Fusion Center Documents

• Apple To Shift Some iPad Production To Vietnam – Report

• Webroot managed detection and response (MDR) purpose-built for MSPs

• LockBit ransomware attack impacted production in a Mexican Foxconn plant

• Singapore Ups Investemnt in Quantum Technology, to Stay Ahead of Security Risks

• States must ramp up to administer broadband funding

• Turbulent Cyber Insurance Market Sees Rising Prices and Sinking Coverage

• CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities

• CISA Releases Security Advisory on Illumina Local Run Manager

• Turns Out It Is Not 85 Percent

• Drone Strikes and Evidence-Based Counterterrorism

• Has the Time for an EU-U.S. Agreement on E-Evidence Come and Gone?

• Cybersecurity is recession resistant, says Truist’s Joel Fishbein

• Introducing EDR for Linux: Remediating and isolating threats on Linux servers

• ExpressVPN Removes VPN Servers in India Rejecting Data Collection Law

• Microsoft: Next version of Exchange Server not until 2025

• Exiled Iran Group Claims Tehran Hacking Attack

• Report: Clipminer Botnet Operators Rake in $1.7 Million

• CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities

• CISA Releases Security Advisory on Illumina Local Run Manager

• Dear Europe, here again are the reasons why scanning devices for unlawful files is not going to fly

• Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks

• Introducing Malwarebytes DNS Filtering module: How to block sites and create policy rules

• ‘Clipminer’ Malware Actors Steal $1.7 Million Using Clipboard Hijacking

• Building America’s Cybersecurity Infrastructure

• ABS Consulting Among First Certified as Nozomi Networks MSSP Elite Partner to Provide Advanced OT and ICS Security

• SentinelOne Announces Integration with AWS Security Hub

• The No-code Security Automation Industry’s First Global Partner Program is Launched by Award-Winning Torq

• How to counter smart home device breaches

• Building trust in a Zero-Trust security environment

• Why SMEs Should Worry About Cybersecurity in 2022

• Logging and Security Analytics Firm Devo Banks New $100 Million Investment

• Exposing POLONIUM activity and infrastructure targeting Israeli organizations

• LockBit ransomware strikes Foxconn Electronics of Mexico

• Is your Windows license legal? Should you even care?

• S3 Ep85: Now THAT’S what I call a Microsoft Office exploit! [Podcast]

• Multiple Vulnerabilities Identified in NSW Digital Driver License

• Oracle’s Cerner Purchase Given EU Antitrust Blessing

• Follina abuses Microsoft Office to execute remote code

• Dutch Used Pegasus Spyware on Most-Wanted Criminal: Report

• Millions of Budget Smartphones With UNISOC Chips Vulnerable to Remote DoS Attacks

• ‘Clipminer’ Malware Actors Steal $1.7 Million Using Clipboard Hijackingp

• The Chatter Podcast: The Secrets of Gay Washington with Jamie Kirchick

• Elon Musk Return To Office Demand Opposed By German Union

• Types of Web Hosting and How Much Does It Cost To Host A Website?

• Experts Warn Against Ransomware Hitting Government Organizations

• Hundreds of Poorly Secured Elasticsearch Database Targeted in Ransom Attacks

• Incognia expands focus to combat increased identity fraud

• How to stop spam messages on your iPhone fast

• Yet another zero-day (sort of) in Windows “search URL” handling

• A Ransomware Group Claims to Have Breached the Foxconn Factory

• Toshiba Receives Multiple Proposals, As It Mulls Strategic Options

• Recovering Ransom Payments: Is This the End of Ransomware?

• Cybercriminals Expand Attack Radius and Ransomware Pain Points

• Cloud Data Security Startup Laminar Raises $30 Million

• Fighting Follina: Application Vulnerabilities and Detection Possibilities

• While There Be More Cyber Attacks Due To Ukraine Conflict?

• 57% of All Digital Crimes in 2021 Were Scams Says Group IB

• US Authorities Seize Domains Selling Stolen Data, DDoS Services

• Neutralizing Novel Trickbot Attacks With AI

• Conti Leaks Reveal Ransomware Gang’s Interest in Firmware-based Attacks

• An international police operation dismantled FluBot spyware

• Costa Rica Public Health Service Ransomware Attack

• EnemyBot Malware Adds Exploits For Critical VMware, F5 BIG-IP Flaws, What Do You Think?

• Devo Technology announces $100M in funding to develop ‘autonomous SOC’

• Cloud Security Startup JupiterOne Lands $70 Million at ‘Unicorn’ Valuation

• US Warns Organizations of ‘Karakurt’ Cyber Extortion Group

• Leaks Show Conti Ransomware Group Working on Firmware Exploits

• Healthcare Pays More Ransom Demands, But Get Less Data Back

• Coralogix Raises $142 Million for Data Observability Platform

• Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks

• JupiterOne raises $70M to secure the cloud attack surface

• Scammers Target NFT Discord Channel

• VMware launches ‘threat intelligence cloud’ Contexa

• ExpressVPN Removes Servers in India After Refusing to Comply with Government Order

• Dell’Oro Names Cisco the 2021 Overall SASE Market Share Leader

• SECURITY ALERT:  Zero-Day Microsoft Support Diagnostic Tool Vulnerability CVE-2022-30190 Enables Remote Code Execution

• New RuneScape Phishing Scam Aimed at Stealing Accounts and In-game Item Bank PINs

• The Evolution of Video Slots Technology Over the Last Decade

• Dear Europe, once again here are the reasons why scanning devices for unlawful files is not going to fly

• Here is how to protect Windows PCs from Protocol vulnerabilities

• International Authorities Take Down Flubot Malware Network

• Automation. Where do We Go from Here?

• Why Ransomware Timeline Shrinks By 94%?

• Sheryl Sandberg To Leave Facebook After 14 Years

• Check Point Research unveils vulnerability within UNISOC baseband chipset

• Access Brokers and Ransomware-as-a-Service Gangs Tighten Relationships

• ExpressVPN’s Response To Changing Indian VPN Directive

• How to Find Shippers for Your Produce Business

• Being prepared for adversarial attacks

• Critical flaw found inside the UNISOC smartphone chip

• Cybercriminals Hold 1,200 Unsecured Elasticsearch Databases for Ransom

• 10 Companies Chosen to Test Next-Generation Cybersecurity Technologies

• Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones

• WinDealer dealing on the side

• Microsoft Office apps are vulnerable to IDN homograph attacks

• Microsoft collaborates with Tenable to support federal cybersecurity efforts

• US Conducts Offensive Cyber Operations To Support Ukraine

• 7 Convincing Reasons to Replace Your VPN for ZTNA

• Singapore mandates ‘kill switch’ for banks as safeguard against online scams

• Concentric’s AI technologies simplify and automate data security

• What Is Model Transformation?

• Waiting for WWDC – Intego Mac Podcast Episode 242

• What to do if your Android Phone gets lost

• Europol seizes Flubot malware operations and infrastructure

• SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities

• CIOs and network engineers rank cybersecurity among the biggest risks

• Super-spreader FluBot squashed by Europol

• 3 Ways AI Technology Is Reshaping The Legal Profession

• DOJ Seizes 3 Web Domains Used to Sell Stolen Data and DDoS Services

• How to support women in cybersecurity

• Cyber Risk Management Strategies from Arjo CIO

• A critical RCE flaw in Horde Webmail has yet to be addressed

• ExpressVPN moves servers out of India to escape customer data retention law

• A closer look at the 2022 Microsoft Vulnerabilities Report

• Bitwarden’s username generator now supports SimpleLogin, AnonAddy, and Firefox Relay email alias services

• Talking to children about the internet: A kid’s perspective

• The cyber posture of the U.S. Federal Government

• SentinelOne Announces First Quarter Fiscal Year 2023 Financial Results

• Media Alert: Intel at RSA Conference 2022, BSides SF

• Journey Into Cybersecurity – Conversations with Cyber Newcomers, Part 1

• (ISC)² Advocates for Membership – Shares Opinions on Proposed UK Standards and Pathway

• Challenges that impact the Cybersecurity talent pipeline

• Massive shadow code risk for world’s largest businesses

• HR Manager of Private Company Duped of ₹28 Lakh

• Language-based BEC attacks rising

• Top CVE Trends — And What You Can Do About Them

• Autonomous vehicles can be tricked into erratic driving behavior

• Over 3.6 Million MySQL Servers are Publicly Exposed on The Internet

• Horizon3.ai extends its NodeZero platform to include both internal and external penetration testing

• Semperis Purple Knight Post-Breach accelerates malware-free recovery from Active Directory attacks

• LookingGlass Suite enables organizations to identify relevant cybersecurity issues

• Tufin Orchestration Suite R22-1 increases security and compliance across the hybrid environments

• SecurityMetrics Pulse helps businesses detect and monitor cyber threats

• ESET NetProtect suite protects customer devices connected to Telco and ISP networks

• SecureAuth Arculix strengthens passwordless authentication for enterprises

• US ran offensive cyber ops to support Ukraine, says general

• Kingston Digital launches hardware-encrypted USB drive for data security

• US conducted offensive cyber ops to support Ukraine against Russia, says general

• Ransomware attack turns 2022 into 1977 for Somerset County

• Swimlane partners with NTT DATA to enhance customer’s risk posture with actionable intelligence

• Mandiant collaborates with Interos to advance supply chain cyber risk management for enterprises

• More than a quarter of Americans fell for robocall scam calls in past year

Generated on 2022-06-03 23:55:30.974316