IT Security News Daily Summary 2022-06-18

• What You Need to Know About The Role of Patch Management For Cyber Security

• How to Discover Exploitable Intelligence with Attack Surface Management

• Microsoft Launches New Privacy Features for Windows 11

• US DoJ announced to have shut down the Russian RSOCKS Botnet

• How ML-powered video surveillance could improve security

• Chinese Attackers Abused Sophos Firewall Zero-Day Bug to Target South Asian Organizations

• The United States Department of Justice Will no Longer Prosecute Ethical Hackers

• CMMC 2.0: key changes

• Former Amazon employee convicted in Capital One hack

• ‘Hermit’ Spyware Deployed in Syria, Kazakhstan, and Italy

• Tinder Swindlers: How scammers steal your heart, then your money

• An Alleged Russian Spy Was Busted Trying to Intern at The Hague

• Build or Buy your own antivirus product

• MaliBot Android Banking Trojan targets Spain and Italy

• Authorities Shut Down Russian RSOCKS Botnet That Hacked Millions of Devices

• Over a Dozen Flaws Found in Siemens’ Industrial Network Management System

• China-linked APT Went Under Radar for Decade

• U.S. State and Federal Funding for Cybersecurity is on the Rise

• Journey Into Cybersecurity – Conversations with Cyber Newcomers, Part 2

• New in Cybersecurity – Insights, threat trends, & RSA learnings

• Atlassian Confluence Flaw Being Used to Deploy Ransomware and Crypto Miners

• 26 Million Request Per Second DDoS Attack Detected – Largest HTTPS DDoS Ever Recorded

• How to Build Security for Your SaaS User Communications

• DeadBolt ransomware takes another shot at QNAP storage

• ShiftLeft and Wipro join forces to bring new technological innovations to customers

• 2022-06-17 – Matanbuchus with Cobalt Strike

• Indoor Robotics raises $15 million to boost product development

• Weekly Update 300

• Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

• Daon names Ralph Rodriguez as President and CPO

• ThreatX hires Phil Lawrence as VP of Engineering

• Zero Trust: Hype vs. Reality

• Inverse Finance stung for $1.2 million via flash loan attack

• IT Security News Daily Summary 2022-06-17

• Jit aims to simplify product security for developers

• Friday Squid Blogging: Signature Steamed Giant Squid with Thai Lime Sauce

• Ransomware and Phishing Remain IT’s Biggest Concerns

• Abortion rights: US senators seek ban on sale of health location data

• Judiciary’s zero-trust foundation secures remote access

• Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

• EFF Warns Another Court About the Dangers of Broad Site-Blocking Orders

• International operation takes down Russian RSOCKS botnet

• How to spot malicious spam – Week in security with Tony Anscombe

• WordPress Plug-in Ninja Forms Issues Update for Critical Bug

• UK Approves WikiLeaks Chief Julian Assange’s Extradition to the US

• New MaliBot Android Malware Found Stealing Personal, Banking Data

• Don’t let the next software supply chain attack threaten your mainframe

• Hertzbleed disclosure raises questions for Intel

• Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware

• DeadBolt Ransomware Actively Targets QNAP NAS Devices — Again

• Copyright “Small Claims” Quasi-Court Opens. Here’s Why Many Defendants Will Opt Out.

• ALPHV squeezes victim with dedicated leak site for employees and customers

• Biometric Authentication: Best Practices

• ALPHV squeezes victim with dedicated leak site for employee and customer data

• Paying ransoms can lead to repeated attacks

• General Dynamics’ $11B DOD ‘Fourth Estate’ IT protest denied

• Our Digital Lives Rest on a Robust, Flexible, and Stable Fair Use Regime

• How To Check for JSON Insecure Deserialization (JID) Attacks With Java

• Can a new data strategy can help the Department of Labor shape a more inclusive economy?

• Microsoft Addresses Wi-Fi Hotspots Issues in Latest Update

• Report: Facebook Fails To Detect Obvious Hate Speech In Ads

• Attackers Exploit Telerik Vulnerabilities to Deploy Cobalt Strike

• (ISC)² Concludes Online Proctored Exams Do Not Meet Exam Security Standards

• Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices

• DHS is making ‘significant reforms’ to the employee discipline process

• The Pentagon should keep better tabs on IT cybersecurity, supply chain risks, GAO says

• How to fix the four biggest problems with failed VPN connections

• US Man Sentenced to Nine Years in Prison for Hacking iCloud Accounts and Stealing Nudes

• Panchan Peer-to-Peer Botnet

• 24 Billion Usernames And Passwords Found On The Dark Web

• Interpol arrests 2000 criminals launching social engineering attacks

• Senate panel approves $45B boost to 2023 defense topline

• How math and language can combine to map the globe and create strong passwords, using the power of 3 random words

• Report: Hybrid workforce is making public sector IT management more difficult

• WordPress Updates More Than a Million Sites to Fix Critical Ninja Forms Vulnerability

• Launching Missiles Is Easy, Drug Control Is Hard

• Microsoft Defender goes cross-platform for the masses

• How to back up your Authy app

• Staffing Firm Robert Half Says Hackers Targeted Over 1,000 Customer Accounts

• Dangerous Microsoft Office 365 Functionality That Can Store Ransom Files On SharePoint And OneDrive

• How The Pension Errors Will Increase Risks Of Scams On Most Vulnerable People?

• DOE’s Latest Cyber Strategies Report – Expert Commentary?

• The Complete Guide to XACML

• Common Security Advisory Framework (CSAF) beta files now available

• The Jan. 6th Committee on Why Oaths Matter

• Cyber Security and Cloud Computing in the New Era of Remote Working

• Using Cyber Risk Quantification to Optimize Your Security Budget

• Biggest Cyber Trend in 2022

• Control the Uncontrollable, The Path to Supply Chain Security

• ONLINE STREAMING- A Harmless Entertainment or a Cybersecurity Hazard

• Zimbra Memcached Injection Bug Patched

• How we describe the metaverse makes a difference – today’s words could shape tomorrow’s reality and who benefits from it

• Check Point vs Palo Alto: Compare EDR software

• 2022 Dark Web prices for cybercriminals services

• Now On Demand: SecurityWeek Cloud Security Summit, Presented by Palo Alto Networks

• X.509 certificate

• Reimagine Hybrid Work: Same CyberSec in Office and at Home

• Researchers Uncover ‘Hermit’ Android Spyware Used in Kazakhstan, Syria, and Italy

• 5 Water-Saving Tips Every Business Should Know

• 3 Tips for Understanding the Steps in the Procure to Pay Process?

• SpaceX Fires At Least Five Staff For Letter Criticising Elon Musk – Report

• Law Enforcement Dismantle Infrastructure of Russian ‘RSOCKS’ Botnet

• Hybrid Networks Require an Integrated On-prem and Cloud Security Strategy

• Can We Make a Global Agreement to Halt Attacks on Our Energy Infrastructure?

• What Is a Threat Intelligence Platform ?

• Wikileaks Julian Assange Extradition To US Approved By Home Secretary

• Meta Bridges 2D And 3D With Crayta | Avast

• China-linked APT Flew Under Radar for Decade

• Tackling 5 Challenges Facing Critical National Infrastructure Today

• Report: 24B usernames and passwords available for sale in cybercriminal marketplaces

• Details of Twice-Patched Windows RDP Vulnerability Disclosed

• Websites Hosting Fake Cracks Spread Updated CopperStealer Malware

• Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations

• Cookie consent crumbles under fresh UK data law proposals

• SECURE North America | Apple Stories: How Technology Has Mediated Technology Through History

• Cybersecurity M&A Deals Surge in First Half of June 2022

• eIDAS 2.0 Amendments | Avast

• Which stolen data are ransomware gangs most likely to disclose?

• New MaliBot Android Malware Mines Cryptocurrency

• What Did Elon Musk Tell Twitter Staff?

• The Cybersecurity Consolidation Conundrum: Why Less is Sometimes More

• How do I get OneDrive under control? [Ask ZDNet]

• Cops Will Be Able to Scan Your Fingerprints With a Phone

• Here’s Why You’re Still Stuck in Robocall Hell

• Chinese Hackers Exploited Critical Security Vulnerability in Sophos Firewall

• Microsoft: BlackCat Ransomware Group Targets Vulnerable Microsoft Exchange Servers

• Costa Rica Chaos a Warning That Ransomware Threat Remains

• New MaliBot Android Banking Malware Poses as Cryptocurrency Mining App

• Beware!! BlackCat Ransomware Gang Attack Unpatched Microsoft Exchange Servers

• Experts Discuss Next Steps in Trust, Privacy and Security

• Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

• A New Golang-based (P2P) Botnet “Panchan” Actively Attacking Linux Servers

• Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability

• Several Data-Stealing Apps Remain on Google Play Store According to Cybersecurity Researchers

• Russian Disinformation Evolving Across the Globe | Avast

• Digital wellbeing: Do free countries have more of it?

• UK Proposes Post-Brexit Data Laws to Boost Innovation

• CyberArk Endpoint Privilege Manager protects Linux systems by enforcing least privilege policies

• Businesses deal with increasing bot attacks

• Datadog Observability Pipelines empowers organizations to manage telemetry data

• Password recovery from beyond the grave

• Immersive Labs Cyber Team Sim prepares teams for real-life cyber attacks

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Portnox unveils new cloud-native tool to help midmarket businesses simplify network security

• DragonForce Group Unleash Hacks Against India

• Elasticsearch Database Mess Up Exposed Login, Leaked Personal Data of 30K Students

• Microsoft issues serious alert about Follina Vulnerability

• Apps on Google Play Store with in-built Adware

• A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

• Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence

• Microsoft Defender for Android, Apple iOS and macOS, and Windows now available

• New infosec products of the week: June 17, 2022

• How financial institutions are improving customer experience with fraud prevention measures

• Just Released: 2022 (ISC)² Security Congress Agenda!

• AT&T Cybersecurity’s Partner Program and SentinelOne enter managed XDR market with robust alliance

• Suspicious behavior: OTX Indicator of Compromise – Detection & response

• Cyber criminals continue to target and exploit people

• Fraud trends and scam tactics consumers should be aware of

• New Microsoft Defender app works on iOS, macOS, Android, Windows

• Here’s a hidden Android security feature you won’t find on any iPhone

• 2022-06-16 – Files for an ISC diary (Matanbuchus with Cobalt Strike)

• Interpol anti-fraud operation busts call centers behind business email scams

• Guide to Day Three of the Select Committee Hearings

• RSA Conference Recap for Developers

• Security 101: Cloud-native Virtual Patching

• How to configure cPanel and WHM Panel on your VPS

Generated on 2022-06-18 23:55:22.978755