IT Security News Daily Summary 2022-09-01

• State, local agencies to test geographic accuracy of emergency alerts

• Traffers threat: The invisible thieves

• Threat Actor Phishing PyPI Users Identified

• Neopets Hackers Had Network Access for 18 Months

• The Chatter Podcast: Leadership, Sports, and Intelligence Innovation with Sue Gordon, from the Chatter Archive

• Top Cybersecurity Startups to Watch in 2022

• Skyrocketing IoT Bug Disclosures Put Pressure on Security Teams

• Why diversification leads to a better financial return and better encryption

• New Guidelines Spell Out How to Test IoT Security Products

• Hollywood’s Insistence on New Draconian Copyright Rules Is Not About Protecting Artists

• Big Banks vs. Big Tech: Who Is Liable For Online Fraud?

• How to boost your browser’s privacy with DuckDuckGo Privacy Essentials

• How to create and add an SPF record for email authentication

• Credential stuffing cyber attacks targeting home IP addresses

• Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

• EVERYONE is Part of the Security Team and Solution

• Source Code Protection Market

• Google Aims to Expand Bug Bounties to its Open Source Projects

• Wildfire maps underscore risks — and costs — of climate change

• How one state bakes cyber into disaster response planning

• Tech Tool Offers Police ‘Mass Surveillance on a Budget’

• S3 Ep98: The LastPass saga – should we stop using password managers? [Audio + Text]

• CISA releases two Industrial Control Systems Advisories

• Apple Releases Security Updates for Multiple Products

• UK Watchdog Deepens Probe Into Microsoft’s $69bn Activision Purchase

• Raspberry Robin and Dridex: Two Birds of a Feather

• Researcher unveils smart lock hack for fingerprint theft

• Source Code of Over 1800 Android and iOS Apps Gives Access to AWS Credentials

• CISA releases two Industrial Control Systems Advisories

• Apple Releases Security Updates for Multiple Products

• Old iPhones And iPads Stuck On iOS 12 Get A Patch For A Serious Security Hole

• US Chip Makers Hit By New China Export Rule

• DoD Grants Fund Security Research For Maritime Industry

• Hacker Discovers How To Remotely Pwn A Game Boy Using Pokemon Crystal After 22 Years

• Hackers Target Politicians With Fake News Website

• Over A Third Of Parents Do Not Know What Online Accounts Their Children Use

• 4 Critical Factors In Software Due Diligence Audits For Mergers & Acquisitions (M&A)

• Finland To Offer Businesses Cybersec Vouchers In Wake Of Nato-related Attacks – 4 Experts Offer Perspective

• ECS Wins $53M Recompete Supporting US Transportation Command’s (USTRANSCOM) Global Air Transportation Execution System (GATES)

• Pros and cons of cybersecurity automation

• XDR: Why open is better than closed

• Cybersecurity certifications: Part of your cybersecurity journey

• A pragmatic approach to risk management & resilience

• Arm Sues Qualcomm And Nuvia Unit For Licence Infringement

• Snake Keylogger Returns with New Malspam Campaign Targeting IT Firms

• Amazon-Microsoft rivalry now turns to $1B NGA contract

• VMware looks to tap growing APAC need for multi-cloud management

• Ragnar Locker Ransomware Targets Energy Sector, Cybereason Suggests

• Malicious Chrome Extensions Siphoning Data from 1.4 million Users

• Chrome Bug Allows Webpages to Replace Clipboard Contents

• Hardcoded AWS Credentials in 1,800 Mobile Apps Highlight Supply Chain Issues

• Deep Dive Into Ragnar Locker Ransomware Targeting Critical Industries

• Cyber Safety for Summer Vacation

• Microsoft discloses ‘high-severity’ TikTok vulnerability

• Apple Quietly Releases Another Patch for Zero-Day RCE Bug

• Stop Worrying About Passwords Forever

• Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal

• Are you getting the most out of your security platform investment?

• Vulnerability Fixed in Azure Synapse Spark

• Hacker’s Spread ModernLoader, XMRig Miner Malware

• Chinese Hackers Target Energy Firms Across The Globe

• Breaking Down e-commerce Fraud – The Five Pillars of Fraud

• How a LinkedIn Job Ad Led to the World’s Largest Cryptocurrency Heist

• Twitter Trials Edit Tweet Function

• What is a parental control app and what are your options

• FBI issues warning after crypto-crooks steal $1.3 billion in just three months

• Apple Releases Update for iOS 12 to Patch Exploited Vulnerability

• A Return to the Classification Status of Trump’s Mar-a-Lago Documents

• An in-Depth Guide to Lateral Movement in Cybersecurity

• Trump’s Truth Social Remains Barred On Google Play Store

• Chinese Hackers ScanBox Framework To Deploy Malware on Selected Targets

• (ISC)(2) Launches ‘Certified in Cybersecurity’ Entry-Level Certification to Address Global Workforce Gap

• What Should Customers Ask Managed Service Providers?

• Ransomware Gang Claims Customer Data Stolen in TAP Air Portugal Hack

• Real-World Cloud Attacks: The True Tasks of Cloud Ransomware Mitigation

• 1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

• Linux devices ‘increasingly’ under attack from hackers, warn security researchers

• Apple just delivered an important security patch for these older iPhones

• Microsoft: This bug in TikTok’s Android app could have allowed one-click account hijack

• Researchers Detail Emerging Cross-Platform BianLian Ransomware Attacks

• In Defense of the Global, Open Internet

• A New Cyberattack on TAP Air Portugal

• Sephora Fined $1.2 Million for Breaching CCPA and Selling User Data

• Clever Phishing Scam Uses Legitimate PayPal Messages

• Does Blockchain really offer Better Digital Security?

• Ransomware Attacks Target Government Agencies in Latin America

• IT and Employees Don’t Always See Eye to Eye on Cybersecurity

• The Cybersecurity Workforce Climate in Asia

• US Instructs AMD, Nvidia To Halt AI Shipments To China

• Cuba Ransomware Hackers Claim Montenegro Government Attack

• Two-Factor Authentication Evaluation Guide

• The US May Soon Learn What a ‘Kid-Friendly’ Internet Looks Like

• Infra Used in Cisco Hack Also Targeted Workforce Management Solution

• Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials

• Why Cyber Security is Creating a Competitive Advantage

• iOS 12 Update for Older iPhones Patches Exploited Vulnerability

• Careless Errors in Hundreds of Apps Could Expose Troves of Data

• Security Serious Unsung Heroes Awards 2022 Seeking Nominations for Extraordinary People in Cybersecurity

• Intro to blockchain consensus mechanisms

• Here’s how 5 mobile banking apps put 300,000 users’ digital fingerprints at risk

• Standards Body Publishes Guidelines for IoT Security Testing

• FBI is helping Montenegro in investigating the ongoing cyberattack

• Detected Cyber-Threats Surge 52% in 1H 2022

• Over a Third of Parents Do Not Know What Online Accounts Their Children Use

• How Digital Receipts Will Drive Customer Engagement

• Metaverse Broadband Infrastructure Security

• Microsoft Finds Account Takeover Bug in TikTok

• Development of secure software now an imperative for global DevOps teams

• Which Is Better: Apple’s Hide My Email or DuckDuckGo Email Protection?

• Why Using DNS for Protection Should Be Your First Line of Defense

• Apple released patches for recently disclosed WebKit zero-day in older iPhones and iPads

• Microsoft Discover Severe ‘One-Click’ Exploit for TikTok Android App

• START Confirms Data Breach

• That ‘Clean’ Google Translate App is Actually Windows Crypto-mining Malware

• Do you know what your supply chain is and if it is secure?

• Oh no, that James Webb Space Telescope snap might actually contain malware

• Dealing with cyber threats in the energy sector: Are we on the right path?

• Inside Fog Data Science, the Secretive Company Selling Mass Surveillance to Local Police

• How Law Enforcement Around the Country Buys Cell Phone Location Data Wholesale

• What is Fog Data Science? Why is the Surveillance Company so Dangerous?

• Fog Revealed: A Guided Tour of How Cops Can Browse Your Location Data

• How Ad Tech Became Cop Spy Tech

• Apple to provide secure satellite internet to iPhone 14 users

• UK amends cybersecurity rules for Telecom Service Providers

• How Just-in-Time privilege elevation prevents data breaches and lateral movement

• 7 metrics to measure the effectiveness of your security operations

• Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS

• Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

• Infosec products of the month: August 2022

• Does your cybercrime prevention program work?

• LabMD gets another shot at defamation claim against ‘extortionate’ infosec biz

• It’s official: Biden formalizes average 4.6% pay raise plan for feds in 2023

• iMobie AnyUnlock 2.0 enables users to solve iOS password issues

• Palo Alto Networks unveils innovations in Prisma SASE to improve security posture for customers

• FBI: Look out, crooks stole $1.3b in cryptocurrency in just three months this year

• A Justice Department Show of Force in the Mar-a-Lago Case

• European Spyware Vendor Offering Android and iOS Device Exploits

• Final Fantasy 14 players targeted by QR code phishing

• How to set up an iPhone for your kids

• James Webb telescope images used to hide malware

• Malwarebytes receives highest rankings in recent third-party tests

• Secureworks partners with Netskope and SCADAfence to protect users against threats

• European Spyware Vendor Offering Android, iOS Device Exploits

• OMB looks to update federal race and ethnicity data standards

• URGENT! Apple slips out zero-day update for older iPhones and iPads

• Closing the Security Gap Opened by the Rise of No-Code Tools

• Apple Releases iOS 12.5.6 for Old iPhone, iPad, iPod touch Models to Fix Actively Exploited Vulnerability

• The United States and China: Is Big Tech Caught in the Collision?

• Menlo Security appoints John Wrobel as CRO and Todd Wilson as VP of Global Channels

• VerSprite adopts Stellar Cyber’s Open XDR platform to help clients identify specific threats

• European Spyware Vendor Intellexa Offering Android, iOS Device Exploits

• Aussies Fear Snakes, Spiders and Getting Hacked

• A flaw in TikTok Android app could have allowed the hijacking of users’ accounts

• The SECURE Notarization Act Will Create a Race to the Bottom for Privacy

• Remote work cybersecurity: 12 risks and how to prevent them

• IT Security News Monthly Summary – September

• IT Security News Daily Summary 2022-08-31

• Twitter and TikTok’s data privacy controversies show the dangers of third-party apps

• NASCIO selects 31 finalists for state IT recognition awards

• Google Fixes 24 Vulnerabilities With New Chrome Update

• Malicious Google Chrome extensions affect 1.4 million users

• CVSS Vulnerability Scores Can Be Misleading: Security Researchers

• Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack

• Google Fixes 24 Vulnerabilities with New Chrome Update

• Governments have ‘headroom’ to improve CX

• URGENT! Apple quietly slips out zero-day update for older iPhones

• Judge Rules That It’s OK For FBI To Grab User Data From Facebook

• Threat actors breached the network of the Italian oil company ENI

• A Lawfare Hacking and Cybersecurity Course

• CACI-led team wins $5.7B Air Force enterprise IT pact

• International Overdose Awareness Day: The role of data and analytics in educating the public and improving community health

• Cyemptive Returns to Compete in 2022 ‘ASTORS’ Awards Program

• DHS watchdog digs into uneven cyber awareness training, outdated policies

• $4M in city’s federal housing funds stolen through email scam

• Local election offices often are missing on social media – and the information they do post often gets ignored

• (ISC)² Closing the Cybersecurity Workforce Gap

• FTC lawsuit spotlights a major privacy risk: From call records to sensors, your phone reveals more about you than you think

• James Webb Telescope Images Loaded With Malware Are Evading EDR

• Is Blockchain Useful To The Gaming Industry?

• Data privacy truly matters to your customers. It’s time to make it a core business value

• Malicious Google Chrome extensions affect 1.4 millions users

• FBI’s Team to Investigate Massive Cyberattack in Montenegro

• OpenText Goes All-in on Cybersecurity Size and Scale With Micro Focus Purchase

• Rivals Slam Microsoft Over Licence Change

• Hackers spreading malware through images taken by James Webb Space Telescope

• How identity verification infrastructure as a service thwarts identity theft

• Lack of equitable data is harming underserved communities, US chief data scientist says

• (ISC)² Opens Global Enrollment for ‘1 Million Certified in Cybersecurity’ Initiative

• GO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope image

• Ransomware Gang Access Water Supplier’s Control System

• FBI: Crooks Are Using These DeFi Flaws To Steal Your Money

• China-Linked APT40 Gang Targets Wind Farms, Australian Government

• Kiwi Farms Offline Due to Targeted DDoS Attacks

• Harnessing the Power of eSIM: How consumer eSIM technology can unlock massive IoT

• Record Expansion in Existing Customer Base and New Strategic Partnerships Drive SecZetta Q2 Revenue Growth

• How does robust cybersecurity add value to a business?

• Announcing: Code-free API log collection and parser creation

• TikTok for Android Bug Allows Single-Click Account Hijack

• Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report

• Golang-based Malware Campaign Relies on James Webb Telescope’s Image

• Two New Trends Make Early Breach Detection and Prevention a Security Imperative

• Vulnerability in TikTok Android app could lead to one-click account hijacking

• Nelnet Servicing breach over 2.5 Million Student Loan Data

• 1.4 Million Times Installed Chrome Extensions Steal Browsing Data

• BlackHat USA 2022: Devils Are in the File Descriptors

• XDR vs. MDR: How to pick the right one for your security needs

• Final Thoughts on Ubiquiti

• Evil Corp and Conti Linked to Cisco Data Breach, eSentire Suggests

• Snap To Axe 20 Percent Of Staff – Report

• If the Ethereum Merge Fails, L2s Will Be More Vital Than Ever

• Why MDR Has Become Integral to Modern Cybersecurity Strategies is a new ESG Showcase Report Available Now

• UK Imposes Tough New Cybersecurity Rules for Telecom Providers

• Experts spotted five malicious Google Chrome extensions used by 1.4M users

• High-School Graduation Prank Hack

• Become an (ISC)² Candidate – No Exam, Experience or Fees Required

• Meta To Shutter Facebook Gaming App

• The Inevitability of Cloud Breaches: Tales of Real-World Cloud Attacks

• The Justice Department Indicted Russian National Alexander Ionov. Why Now?

• The Costs of Social Inequality for Military Effectiveness

• Nelnet Data Breach Exposes Millions Of Student Loan Accounts

• UK Government Lays Out Plans To Protect Telecoms Networks Against Cyber Attacks

• 1.4 Million Users Install Chrome Extensions That Inject Code Into eCommerce Sites

• How to take control over your digital legacy

• Intel Selects Check Point Quantum IoT Protect for RISC-V Platform

• SecureAuth Announces General Availability of Arculix, Its Next-Gen Passwordless, Continuous-Authentication Platform

• China-linked APT40 used ScanBox Framework in a long-running espionage campaign

• Scammers Targeting Thousands Of Children As Young As Six, Figures Show

• Agenda, a New Golang Ransomware, Is on the Loose

• Cyber Attacks Are Now the #1 Cause of Data Loss

• Stop Ransomware with Microsoft Security digital event presents threat intelligence in action

• Delayed NASA Artemis 1 Moon Mission Set For Saturday Launch

• Cybercriminals Released Mini Stealer’s Builder & Panel for Free on a Cybercrime Forum

• Student Loan Breach Exposes 2.5M Records

• You’re Not Stringer Bell, but You May Still Need a Burner Phone

• Know Thyself: 10 Ways to Discover Your Work Environment Needs and What It’s Really Like to Work at Cisco

• Google invites bug hunters to scrutinize its open source projects

• How You Can Benefit from a Smart Thermostat?

• Microsoft: Take these three steps to protect your systems from ransomware

• SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open

• WordPress 6.0.2 Patches Vulnerability That Could Impact Millions of Legacy Sites

• Chrome patches 24 security holes, enables “Sanitizer” safety system

• Expert Advise Inlight Of Gloucester Council Cyberattack

• Are virtual collaboration tools a necessary evil for enterprises? How to mitigate the risk

• Government Lays Out Plans To Protect Telecoms Networks Against Cyber Attacks

• The 4 Most Common OWASP API Security Threats

• Cybercriminals Apparently Involved in Russia-Linked Attack on Montenegro Government

• Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users

• 79% of the Companies only Invest in Cybersecurity after Hacking Incidents

• Why Is Web Design Essential To Your Brand’s Online Presence?

• Decisions on health data sharing should not be taken by politicians, citizen juries find

• NHS Ransomware Attacks leading to accumulation of medical records

• Apple Privacy Head Steps Down – Report

• Cost of a Data Breach: Retail Costs, Risks and Prevention Strategies

• VMware must assure APAC customers Broadcom acquisition won’t repeat history

• Apple Fixed a Serious iOS Security Flaw—Have You Updated Yet?

• China was spying on Australian defense servers for months

• Chrome 105 Patches Critical, High-Severity Vulnerabilities

• Companies struggle to govern their new cloud environments

• Elon Musk Seeks Court Delay After Twitter Whistleblower Claims

• Google’s new bug bounty program targets open-source vulnerabilities

• Initiative Aims to Encourage Diverse Talent into Cyber

• Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks

• Hackers Hide Malware in Stunning Images Taken by James Webb Space Telescope

• Ukrainian Police Bust Crypto Fraud Call Centers

• ICO Pursues Traffic Accident Data Thieves

• Russian streaming platform Start discloses a data breach impacting 7.5M users

• FBI Alerts of Rise in Attacks Targeting DeFi Platforms

• Cyber Security Management System (CSMS) for the Automotive Industry

• 5 open-source vulnerability assessment tools to try out

• Should ransomware payments be banned? A few considerations

• Organizations security: Highlighting the importance of compliant data

• China-linked APT40 gang targets wind farms, Australian government

• Establishing a mobile device vulnerability management program

• 1 in 3 organizations don’t know if their public cloud data was exfiltrated

• Chinese Hackers Used ScanBox Framework in Recent Cyber Espionage Attacks

• VMware unveils new innovations to improve networking and security for multi-cloud

• Lumen SASE Solutions centralize network and security policy management

• Ransomware gangs’ favorite targets

• Greater App Security with Face Verification

• Chromium browsers can write to the system clipboard without your permission

• British Airways customers targeted in lost luggage Twitter scam

• VMware and IBM strengthen partnership to help clients modernize mission-critical workloads

• Phosphorus collaborates with CyberKnight to expand its presence in the MEA region

• Ardalyst and Mandiant join forces to protect organizations against cyber threats

Generated on 2022-09-01 23:55:26.721539