IT Security News Daily Summary 2022-09-17

• LastPass revealed that intruders had internal access for four days during the August hack

• Latest Cyberthreats and Advisories – September 9, 2022

• Credential theft food chain—What is Ransomware-as-a-Service

• Serious Breach at Uber Spotlights Hacker Social Deception

• Hacker Couple Deleted Hotel Chain Data For Fun

• Uber Breach Looks Like It Compromised All Systems

• Major Vulnerabilities Found in Wireless LAN Devices in Airlines

• Bell Canada Hit by Hive ransomware

• Malware Targets Weblog Servers And Dockers APIs For Cryptomining

• CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

• Multiple Security Bugs Identified in EZVIZ Smart Cams

• New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems

• Facebook Reverses Ban On Holocaust-Themed Movie

• US Border Agents May Have a Copy of Your Text Messages

• CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws

• Uber Investigates Potential Breach Of its Computer System

• Uber Claims No Sensitive Data Exposed in Latest Breach… But There’s More to This

• Become an ethical hacker online

• Can reflections in eyeglasses actually leak info from Zoom calls? Here’s a study into it

• Build or Buy your own antivirus product

• Uber Hacked – Attackers Breached Critical IT Systems & Windows Domain

• Rising to the challenges of secure coding – Week in security with Tony Anscombe

• So You’re Certified in Cybersecurity – Now what?

• Guide to the best data privacy certifications for 2022

• Hackers Had Access to LastPass’s Development Systems for Four Days

• Postman 10 improves API governance and security

• Code42 Incydr enhancements support DaaS and VDI environments

• Tanium XEM platform integration with Microsoft Sentinel enables active threat hunting

• Uber hacked

• What Uber’s data breach reveals about social engineering

• Uber investigates cybersecurity incident

• Report: 54% of organizations breached through third parties in the last 12 months

• How to manage SSH connections on MacOS with Termius

• The Uber Hack’s Devastation Is Just Starting to Reveal Itself

• Giving Big Corporations “Closed Generic” Top-Level Domain Names to Run as Private Kingdoms Is Still a Bad Idea

• School chat app Seesaw abused to send ‘inappropriate image’ to parents, teachers

• IT Security News Daily Summary 2022-09-16

• Local gov keeps project knowledge from walking out the door

• Discover the benefits and challenges of bug bounty programs

• Friday Squid Blogging: Mayfly Squid

• New Research Reveals Network Attacks at Highest Point Over the Last Three Years

• Omnibus Spending Bill Highlights Need for Protecting Critical Infrastructure

• DHS unwraps $1B state and local cybersecurity grant program

• Attacker Apparently Didn’t Have to Breach a Single System to Pwn Uber

• DOJ drops report on cryptocurrency crime efforts

• Tackling Financial Fraud With Machine Learning

• Compliance Automated Standard Solution (COMPASS), Part 2: Trestle SDK

• NJ Courts’ IT modernization streamlines processes for staff, litigants

• Companies need data privacy plan before joining metaverse

• Risk & Repeat: The White House wants secure software

• Bitdefender releases Universal LockerGoga ransomware decryptor

• Once again, lawmakers ask if it’s time to codify the federal CIO role

• Uber investigating security breach of several internal systems

• Keep Today’s Encrypted Data From Becoming Tomorrow’s Treasure

• Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials

• Feds prepare to open new $500M program for transportation tech

• White House looks to government and community data collaboration to promote equity

• Seesaw: Popular elementary school app used to distribute obscene image

• Botched Crypto Mugging Lands Three U.K. Men in Jail

• git-secret: Encrypt and Store Secrets in a Git Repository

• DDoS Attack Against Eastern Europe Target Sets New Record

• Hackers Launching Self-Spreading Malware To Attacks Gamers via YouTube

• Autonomous stores could change the retail game

• Ransomware: 3 ways to protect your business

• Water Tank Management System Used Worldwide Has Unpatched Security Hole

• SOC Infrastructure Firm Cyrebro Raises $40 Million

• North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp

• International ID Day: Shining a spotlight on legal identity

• How to unite security and compliance in 5 simple ways

• Cloud Data Security

• Deliver Secure Digital Workspaces with Citrix Virtual Apps and Desktops on Microsoft Azure

• UBER HAS BEEN HACKED, boasts hacker – how to stop it happening to you

• Zoom Outage Rendered Services Unavailable

• High demand for breached cloud account credentials

• What Are the Effects of a Cyberattack in a Recession?

• Phosphorus and EverSec Group Announce New Partnership to Further Expand xIoT Attack Surface Management and Remediation in the US Market

• Latest Cyberthreats and Advisories – September 16, 2022

• The Importance of Monitoring in Your SecOps Process

• Akamai Mitigated Record-Breaking DDoS Attack Against European Customer

• No browser is perfect. What’s a user to do?

• Uber responds to possible breach following hacker taunts

• Uber hacked, attacker tears through the company’s systems

• Japanese Payment System Attacked By Fake Security App

• Microsoft Teams is storing authentication tokens in cleartext

• Researchers Find Link b/w PrivateLoader and Ruzki Pay-Per-Install Services

• Webworm Hackers Deploy Modified RATs in Espionage Assaults to Target Government Entities

• Notepad++ Plugin Cyberattack Analysis

• Starbucks Singapore Says Customer Database Breached

• Industry Reactions to Govt Requiring Security Guarantees From Software Vendors

• US Agencies Publish Security Guidance on Implementing Open RAN Architecture

• Game Acceleration Module Vulnerability Exposes Netgear Routers to Attacks

• Hacker Pwns Uber Via Compromised Slack Account

• Starbucks Singapore Customer Data Accessed Illegally in Data Leak

• Latest Cyberthreats and Advisories – September 16, 2022

• What is proof-of-stake? A computer scientist explains a new way to make cryptocurrencies, NFTs and metaverse transactions

• Highlights of the 2022 Pwnie Awards

• How to Use a UTM Solution & Win Time, Money and Resources

• North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application

• Massive Data Breach at Uber

• Enhancing application container security and compliance with Podman

• Aggressive DDoS Attack – Over 700 Mpps Attack Traffic to Cripple Target Organization

• The Air Force has a plan to #fixourcomputers and more

• Business Application Compromise & the Evolving Art of Social Engineering

• Uber Investigating Massive Security Breach By Alleged Teen Hacker

• Vulnerability Allows Access To Credentials In Microsoft Teams

• Trojanized Versions Of PuTTY Being Used To Spread Backdoor

• Eastern European Org Hit By Second Record DDoS Attack

• What It Really Means to “Hold Big Tech Accountable”

• What is Managed Detection and Response (MDR)?

• What Is Privileged Identity Management (PIM)?

• Celsius Seeks Permission To Sell Stablecoin Assets

• Uber Hack – Ride-hailing Giant Investigating Large-Scale Data Breach

• What Is Encryption? — 6 Top Types of Encryption Methods + Examples

• Report: Cloud hackers are only 3 steps away from ‘crown jewel’ data

• Uber Investigating Data Breach After Hacker Claims Extensive Compromise

• Akamai Sees Europe’s Biggest DDoS Attack to Date

• Uber investigates ‘cybersecurity incident’ after reports of a hack on the company

• No Concessions From Microsoft, Amid Activision Purchase Concern

• This AI system will completely change your experience at sporting events

• IoT: Europe readies cybersecurity rules for smart devices – with big fines attached

• Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

• Cost of Living Crisis Impact on Online Activity

• Understanding Insecure Deserialization Vulnerability

• Uber Responding After ‘Cybersecurity Incident’

• Modern Data Security Needs a Modern Solution

• Uber Investigating Data Breach After Hacker Claims of Extensive Compromise

• MIRACL Trust ID Branded ‘an authentication solution that lives up to its name’ by financial services industry analysts Celent

• Zoom Systems Crash Left Users Helpless

• Hive Ransomware Group Hits Bell Canada Subsidiary

• Uber Announces Major Security Breach

• Turbo boost your career in cyber security

• Allies Warn of Iranian Ransom Attacks Using Log4Shell

• Crypto Scams Skyrocket as Domains Surge 335%

• Uber Hacker May Have Compromised Secret Bug Reports

• Starbucks Singapore says customer data illegally accessed in data leak

• Crypto Scams Soar as Domains Surge 335%

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Lenovo Several High-Severity BIOS Vulnerabilities Impacts Hundreds of Devices

• Uber hacked, internal systems and confidential documents were allegedly compromised

• SideWalk Backdoor Added New Tool in Arsenal to Target Linux Servers

• Uber security breach ‘looks bad’, potentially compromising all systems

• Ransomware news trending on Google

• Uber Hack 2022 Details

• Eastern European org hit by second record-smashing DDoS attack

• Malware Spreads Through FishPig Distribution Server to Infect Magento-Powered Stores

• How to improve public sector’s security strategy?

• Why shift left is burdening your dev teams

• New infosec products of the week: September 16, 2022

• The Cybersecurity Workforce Climate in Asia

• Shikitega – New stealthy malware targeting Linux

• Comtech Awarded London Police Service Next Generation 9-1-1 Contract

• New Digital Trust Research Reveals Gaps, Benefits and Key Takeaways for Future Digital Transformation

• Enrollment Is Open for Free One Million Certified in Cybersecurity

• China can destroy US space assets, Space Force ops nominee warns

• Uber Says It’s Investigating a Potential Breach of Its Computer Systems

• OneSpan launches Virtual Room to offer bank-grade identity and authentication security

• Most organizations consolidate to improve risk posture

• How serious are organizations about their data sovereignty strategies?

• Uber reels from ‘security incident’ in which cloud systems seemingly hijacked

• Treasury chief: IRS modernization is coming soon

• Uber reels from ‘security incident’ that appears to have exposed data, cloud systems

• Arrcus FlexMCN delivers cloud connectivity as a managed service to enterprises

• Akuity Platform helps DevOps manage and scale Kubernetes application delivery

• Juniper Networks expands its data center operations with Apstra Freeform

• Arista Networks expands and accelerates EOS routing validated for cloud, carrier and enterprise solutions

• ForgeRock enhances its identity platform to provide personalized and secure user experiences

• S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

• Concentric AI joins forces with Snowflake to improve data security posture management for customers

• Kinara and Arcturus Networks partner to provide AI solutions for smart city apps

• Fortanix raises $90M to improve cloud security and privacy for highly regulated industries

• Malvertising on Microsoft Edge’s News Feed pushes tech support scams

• Cyber threat hunting for SMBs: How MDR can help

• Here are the new security and privacy features of iOS 16

• Explained: Fuzzing for security

• School app Seesaw compromised to send shock NSFW image

Generated on 2022-09-17 23:55:22.163950