IT Security News Daily Summary 2023-01-24

• Project Hygiene

• Mr. Over, the Engineer [Comic]

• Distributed Stateful Edge Platforms

• Public Cloud-to-Cloud Repatriation Trend

• Spring Cloud: How To Deal With Microservice Configuration (Part 1)

• Cyber grants: Some governments may be ‘totally left out’

• Smart street pilots aim to curb parking violations

• Penetration Testing vs. Vulnerability Testing: An Important Difference

• Ticketmaster Blames Bots in Taylor Swift ‘Eras’ Tour Debacle

• Pakistan hit by nationwide power outage, is it the result of a cyber attack?

• Learning to Lie: AI Tools Adept at Creating Disinformation

• Cyber grants could leave some governments ‘totally left out’

• Apple emits emergency patch for older iPhones after snoops pounce on WebKit hole

• Recent rise in SEO poisoning attacks compromise brand reputations

• How hackers stole the personal data of 37 million T-Mobile customers

• VMware Plugs Critical Code Execution Flaws

• Apple issues emergency patch for outdated iPhones after criminals pounce on WebKit

• USAID seeks contractor input on new STEM fellowship program

• States look to speed fiber installation across railroad tracks

• Chat Cybersecurity: AI Promises a Lot, But Can It Deliver?

• Forescout Appoints Technology Veteran Barry Mainz as CEO

• Vulnerability Summary for the Week of January 16, 2023

• Cybercriminals Use VSCode Extensions as New Attack Vector

• Fenix24 Releases White Paper Proposing New Cyber Incident Response Paradigm

• The Next Stage in Security Expert’s Trial Set for January 31

• Fujitsu: Quantum computers no threat to encryption just yet

• How password management tools are helping enterprises prevent intrusions

• What’s in a word? FCC’s proposed data breach rule redefines key terms

• Administrator of RSOCKS Proxy Botnet Pleads Guilty

• Sophisticated SMS Phishing scam Dupes Zendesk Staff

• What is XDR, MXDR, DRs & SBOM ? – Cybersecurity Acronyms 2023

• Customer data, encryption key stolen in GoTo breach

• GSA wants nominations for its new FedRAMP committee

• #DataPrivacyWeek: ICO Offers Data Protection Advice to SMBs

• TSA No-Fly List Snafu Highlights Risk of Keeping Sensitive Data in Dev Environments

• ‘DragonSpark’ Malware: East Asian Cyberattackers Create an OSS Frankenstein

• The 2022-2023 Cloud Awards Announces Its Finalists

• Keeper Security Shares Password Best Practices Ahead of Data Privacy Day

• Armis State of Cyberwarfare and Trends Report: 2022-2023 Highlights Global IT and Security Professionals’ Sentiment on Cyberwarfare

• Apple Releases Security Updates for Multiple Products 

• Five Secrets to Crafting an Unforgettable Business Name

• 10 cybersecurity predictions for tech leaders in 2023

• GoTo Says Hackers Stole Encrypted Backups, MFA Settings

• passkey

• DragonSpark Hackers Evade Detection With SparkRAT and Golang

• Apple Releases Security Updates for Multiple Products 

• Conning Survey: U.S. Insurers Expected to Increase Investment Risk Tolerance Amid Concerns of Higher Volatility and Inflation

• Sysdig Grows New Customers by 120%, Appoints New Chief Marketing Officer

• Everyone Wants to Build a Cyber Range: Should You?

• Companies slow to “mask up” with zero trust cybersecurity protocols

• Get lifetime access to this feature-rich VPN for just $60

• backdoor (computing)

• Microsoft to Block Excel Add-ins to Stop Office Exploits

• Fulton County Hearing Live-Blog

• Global State Of Cyberwarfare Study

• Apple Patches Exploited iOS Vulnerability in Old iPhones

• FBI Confirms Lazarus Group Was Behind $100m Harmony Hack

• LAUSD Computers are Breached via Cybercriminals

• After a Vendor Hack, FanDuels Warns of a Data Breach

• SentinelOne Announces Executive Appointments and Promotions Amidst Rapid Growth

• Halo Security Platform Now Offers Visibility to the Vulnerabilities That Matter Most

• Venafi Introduces TLS Protect for Kubernetes to Simplify Cloud Native Machine Identity Management

• FireTail Names Timo Rüppell as Vice President of Product

• Working with AWS to secure your data against attack

• #DataPrivacyWeek: Consumers Already Concerned About AI’s Impact on Data Privacy

• 13 Best Intrusion Detection and Prevention Systems (IDPS) for 2023

• CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats

• CISA Releases Two Industrial Control Systems Advisories

• GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

• Raspberry Pi Hacking Like It’s 1995

• FBI: North Korean Hackers Behind $100M Horizon Bridge Theft

• Microsoft To Invest Billions In Chatbot Maker OpenAI

• Ransomware Victims Are Refusing To Pay

• Russia’s Largest ISP Reports Highest DDoS Attacks in 2022

• How Does Increased User Privacy Alter Mobile Advertisement Set-up?

• China spies on the UK populace with microchips

• Sweden To Upgrade Nvidia-Powered Berzelius Supercomputer

• What is the Android Files Safe folder and how do you use it?

• FBI Confirms North Korean Hackers Behind $100 Million Horizon Bridge Heist

• Attacks Targeting Realtek SDK Vulnerability Ramping Up

• Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

• Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

• CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats

• CISA Releases Two Industrial Control Systems Advisories

• GoTo now says customers’ backups have also been stolen

• Microsoft Seals Multi-Billion Dollar Deal With OpenAI

• What is Security Keys for Apple ID and why does it matter?

• Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

• FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist

• EU Lawmakers Approve ‘Prohibitive’ Crypto Rules

• Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

• Security and the Electric Vehicle Charging Infrastructure

• Finally Some Clear Thinking on Child Sexual Abuse and Exploitation Investigation and Intervention

• 2023 Insider Threat Report Finds Three-Quarters of Organizations are Vulnerable to Insider Threats

• Crypto Exchange Bizlato ‘Laundered 1bn Euros’ In Crime Funds

• Zendesk Hacked After Employees Fall for Phishing Attack

• Microsoft Office to Block XLL Add-ins From Internet

• Cygnvs Emerges From Stealth Mode With Incident Response Platform

• Spotify To Cut 6 Percent Of Staff

• Chinese Hackers Exploit FortiOS Zero-Day Vulnerability to Deploy New Malware

• Privacy’s impact continues to grow, but more remains to be done

• Cyber Attack at ODIN Intelligence Discloses a Massive Trove of Police Raid Files

• 6 of the Best Crypto Bug Bounty Programs

• Snyk and ServiceNow’s strategic partnership shows DevSecOps isn’t a fad

• FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft

• Threat Actors Adopt Silver To Popular C2 Frameworks

• An IBM Hacker Breaks Down High-Profile Attacks

• The Unrelenting Menace of the LockBit Ransomware Gang

• Meta Platforms expands features for EE2E on Messenger App

• Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)

• Microsoft Seals ‘Multi-Billion Dollar’ Deal With OpenAI

• Emotet Malware Makes a Comeback with New Evasion Techniques

• Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium

• How To Safeguard Your Business From Cybersecurity Stress And Prevent IT Burnout

• Highlights from Armis State of Cyberwarfare and Trends Report: 2022-2023

• 2022 Cyber Attacks Statistics

• Gartner: Zero Trust Will Not Mitigate Over Half of Attacks

• CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog

• The Information Revolution – Revisiting Your DLP

• North Korea-linked hackers behind $100 million crypto heist, FBI says

• Musk Tells Court Tesla Tweet Not A ‘Joke’

• One-third of orgs don’t take cyberwarfare seriously despite the Russia-Ukraine war

• ioSafe 1522+ helps organizations protect data from fire and water

• Hillstone StoneOS 5.5R10 provides ML-based threat detection for encrypted traffic

• Arctic Wolf IR JumpStart Retainer addresses accessibility challenges for organizations

• The Indian Ministry of External Affairs Email servers were hacked and data leaked

• Ofcom Opens Probe Into BT Customer Contracts

• Refurbished versus Remanufactured: What’s the Difference and Why Does it Matter?

• Gartner: Zero Trust Won’t Mitigate Over Half of Attacks

• 2022 Cyber Review – Is Your Organisation Ready For 2023

• Job scams: How they persuade and how to protect yourself

• 5 Long-term Benefits of Adopting Zero Trust Architecture

• ICO Offers Data Protection Advice to SMBs

• Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

• GTA Online Glitch Exploited, Corrupts Players’ Accounts & Ban

• Vice Society Ransomware Group Targets Manufacturing Companies

• Record-Breaking Year for DDoS Attacks Targeting Russia

• Thoma Bravo to Buy Magnet Forensics in $1.3B Transaction

• Apple Patches WebKit Code Execution in iPhones, MacBooks

• Need to improve the detection capabilities in your security products?

• Researcher found US ‘No Fly List’ on an unsecured server

• Cryptocurrencies: How have they influenced cybercrime?

• Podcast Episode: Don’t Be Afraid to Poke the Tigers

• Facebook Introduces New Features for End-to-End Encrypted Messenger App

• A closer look at malicious packages targeting Python developers

• Understanding your attack surface makes it easier to prioritize technologies and systems

• GAO pegs unemployment insurance fraud tally at more than $60 billion

• How to use Red Hat Insights malware detection service

• NSA publishes IPv6 Security Guidance

• BSidesZG 2023: Strengthening the infosec community in Croatia’s capital

• PCI Successfully Completes SOC/FISMA Examinations for 2022

• Latest Cyberthreats and Advisories – January 6, 2023

• Hybrid play: Leveling the playing field in online video gaming and beyond

• Apple patches are out – old iPhones get an old zero-day fix at last!

• How Does a Botnet Attack Work?

• How To Reduce Rising Cyber Insurance Costs When You Have a Remote Workforce

• Ransomware Recovery Plan for 2023

• 2023-01-23 – Google ad –> Fake AnyDesk page –> possible TA505 activity

• A week in security (January 16—22)

• T-Mobile reports data theft of 37 million customers in the US

• Ransomware revenue significantly down over 2022

• Microsoft to end direct sale of Windows 10 licenses at the end of January

• TikTok CEO told to “step up efforts to comply” with digital laws

• 4 ways to protect your privacy while scrolling

• 10 Best Open-Source Vulnerability Scanners for 2023

• KomplettFritid – 139,401 breached accounts

• Wallarm Aims to Reduce the Harm From Compromised APIs

• Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads

• 73 Ransomware Statistics Vital for Security in 2023

• IT Security News Daily Summary 2023-01-23

• Fourth time around for vulnerability disclosure bill

• State eyes sports betting kiosks

• Data Privacy Week 2023: Virtual events and webinars to attend

• Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access

• Executive order blocks state business with ‘evil foreign governments’

• Facebook Is Expanding Features For End-To-End Encryption On Messenger App

• Organizations Likely to Experience Ransomware Threat in the Next 24 Months, According to Info-Tech Research Group

• On Georgia State Law’s Presentments and the Special Purpose Grand Jury

• Role of Plaid developers in the fintech industry

• Multiple Vulnerabilities Found In Samsung Galaxy App Store App

• TROJANPUZZLE Attack Compels AI Assistants To Suggest Rogue Codes

• Report: Cyberespionage threat actor exploits CVE-2022-42475 FortiOS vulnerability

• Magnet Forensics Inc. Enters Into Definitive Agreement to be Acquired by Thoma Bravo

• 13 Best Intrusion Detection and Prevention Systems (IDPS)

• SOCs to Face Greater Challenges From Cybercriminals Targeting Governments and Media in 2023

• Hackers remotely interrupting GTA Online PC Gameplay

• Apple Patches WebKit Code Execution Flaws

• Mousetrapping: What is it & how to Safeguard Against it?

• Checklist: Securing Windows 10 systems

• Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code

• Thoma Bravo to Buy Magnet Forensics in Billion-Dollar Deal

• Roaming Mantis Malware Returns with DNS Changer Capability

• Defending against a growing botnet and DDoS epidemic in 2023

• Malware response checklist

• 8 cybersecurity roles to consider

• Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security

• FanDuel Sportsbook Bettors Exposed in Mailchimp Breach

• Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit

• Flaw in Diksha App Exposed the Data of Millions of Indian Students

• CISA Adds One Known Exploited Vulnerability to Catalog

• Microsoft Security innovations from 2022 to help you create a safer world today

• Microsoft Invests Billions in ChatGPT-maker OpenAI

• No One Wants to Be Governed, Everyone Wants to Be Helped

• CISA Adds One Known Exploited Vulnerability to Catalog

• Turning the Unamazing into the Amazing

• The future of quantum security will be encoded in light, researchers hope

• Two Vulnerabilities Found in Galaxy App Store

• PayPal is teaching fraudsters how to create the perfect phishing email

• Congress, TikTok, and Securing Democracy in the Digital Age

• Digital event highlights new features in Microsoft Purview

• CACI Awarded $284 Million Contract by National Security Agency

• United States Transformative Mega Trends Report 2022-2030: Focus on Connectivity, Cognitive Era, Security and Defense, Smart is the New Green – ResearchAndMarkets.com

• AI and Cybersecurity: Some observational implications of the intersection between the two

• Real Talk with CCSPs An interview with Vanessa Leite, CCSP, CISSP

• Arnold Clark data breach leads to identity theft

• Advancing Medical Technology Requires More Medical Device Regulation

• 4 tips to find cyber insurance coverage in 2023

• Google to layoff 12k workers as its AI focus intensifies

• Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

• Most Federal Agencies Ignored GAO’s Cybersecurity Recommendations

• Telephony fraud and risk mitigation: Understanding this ever-changing threat

• How do the latest iPhone updates address Cybersecurity issues?

• Hackers Access Thousands Of PayPal Accounts

• ChatGPT Can Be Used to Create Dangerous Polymorphic Malware

• Experts applaud expansion of Apple’s E2E encryption

• Gartner Predicts 10% of Large Enterprises Will Have a Mature and Measurable Zero-Trust Program in Place by 2026

• Companies impacted by Mailchimp data breach warn their customers

• Microsoft Killed Macros So Hackers Turned To Windows LNK Files

• US Authorities Release Asylum Seekers After Leaking Their Data Online

• Crypto Lender Genesis Files For Bankruptcy

• Scientists Use Wi-Fi Routers To See Humans Through Walls

• Celebrating Data Privacy Day – 28th January 2023

• NFTs in Simple Words – How to Invest in Non-Fungible Token 2023?

• Cyber Thieves Target Retirement Accounts

• Log4j Forever Changed What (Some) Cyber Pros Think About OSS

• TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

• Kaspersky releases 2023 predictions

• Cybersecurity Worries Around Hybrid Working Drop, but Many IT Leaders Still Concerned Over Cyber-Skills Gap

• Hunting Insider Threats on the Dark Web

• How to Earn Your (ISC)² Certification

• German Regulator Opens PayPal Competition Probe

• Majority of GAO’s Cybersecurity Recommendations Not Implemented by Federal Agencies

• NSA Publishes Security Guidance for Organizations Transitioning to IPv6

• Supply Chain Security Global Market Report 2022: Sector to Reach $3.5 Billion by 2027 at an 11% CAGR

• Gen. Mark Milley’s Wrongful Jan. 6 Overclassification

• Ransomware Profits Shrink, as Victims Refuse to Pay

• Phishing Scam Blank Image Masks Code in SVG Files

• Twitter Shuts Down Third-Party Clients In Policy Shift

• Fewer ransomware victims are paying up. But there’s a catch

• Ad Fraud Scheme Tops 12 Billion Daily Bid Requests

• WhatsApp Sanctioned with €5.5 Million Over Enforcing Data-Processing Update

• Microsoft took its macros and went home, so miscreants turned to Windows LNK files

• Scientists use Wi-Fi routers to see humans through walls

• VERT Reads All About It – Cybersecurity News January 23 2023

• Musk Says Twitter To Launch Ad-Free Subscription

• Mississippi Creates New Cyber Unit, Names 1st Director

• Companies Impacted by Recent Mailchimp Breach Start Notifying Customers

• Riot Games Move Release Of Game Patches After Security Breach

• Email is our greatest productivity tool. That’s why phishing is so dangerous to everyone

• SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric

• Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud

• App Spoofing Ad Fraud Affects 11 Million Devices

• Malware Can Be Written With ChatGPT, as it Turns Out

• Security Vendors are Turning to GPT as a Key AI Technology

• 4 Ways to Prevent Leaking Your Location on the Web

• India’s Public Education App Exposed Millions of Students’ Data

• Netherlands, Japan ‘Set To Join’ US’ China Chip Sanctions

• The U.S. ‘No Fly List’ Found On the Open Internet

• Massive Ad fraud scheme VASTFLUX targeted over 11 million devices

• US Prosecutors Sieze $700m From FTX’s Bankman-Fried

• 10 Best Free Firewall Software – 2023

• Brand Phishing report – Q4 2022

• Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks

• What your SOC will be facing in 2023

• FanDuel Cautions Users Of Data Breach In Vendor Hack

• The UK Online Safety Bill – What you need to know right now

• Silicon UK In Focus Podcast: Smart Spaces for Successful Remote Working

• Google Parent Alphabet To Cut 12,000 Jobs

• API Security Fundamentals: Everything You Need To Know

• Riot Games Halts Work After Cyber-Attack

• New Government Cyber Advice for £100bn UK Charity Sector

• Software developers, how secure is your software?

• Cisco Unified CM SQL Injection Flaw Let Attackers Execute Crafted SQL Queries

• Autotrader – 20,032 breached accounts

• Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps

• The loneliness of leading a cybersecurity startup

• Video game firm Riot Games hacked, now it faces problems to release content

• Why most IoT cybersecurity strategies give zero hope for zero trust

• ENISA gives out toolbox for creating security awareness programs

• ‘Taxpayer Advocate’ pushes for IRS to make its own free, direct e-file system

• US authorities release asylum seekers after leaking their data online

• Trained developers get rid of more vulnerabilities than code scanning tools

• Extent of reported CVEs overwhelms critical infrastructure asset owners

• CyberGRX Predictive Data uncovers security gaps in third parties

• Wallarm API Leak Management detects leaked API keys and secrets

• India floats plan to make big tech pay for news, walks back government censorship

• PayPal Data Breach – Over 35,000 Users’ Accounts Compromised

• Like it or not, email is still our greatest tool – and the source of some of our biggest threats

• Zurich – 756,737 breached accounts

Generated on 2023-01-24 23:55:25.486680