IT Security News Daily Summary 2023-02-07

• IRS not capturing the true cost of its legacy IT footprint, watchdog says

• KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach

• How ‘Sliver’ and ‘BYOVD’ Attacks Are Giving Hackers Backdoor Access to Windows Devices

• OpenSSL Ships Patch for High-Severity Flaws

• Germany Appoints Central Bank IT Chief to Head Cybersecurity

• Shift left critical to app security; Build38 raises €13M for trust development kit

• House panel presses FAA to speed up modernization

• tokenization

• DPRK Using Unpatched Zimbra Devices to Spy on Researchers

• From silos to seamless: How state governments deliver personalized services

• Metaverse adds new dimensions to Web 3.0 cybersecurity

• VMWare user? Worried about “ESXi ransomware”? Check your patches now!

• Fortinet vs Palo Alto: Compare Top Next-Generation Firewalls

• New Banking Trojan Targeting 100M Pix Payment Platform Accounts

• Key Features of Enterprise Browser

• ImageMagick Vulnerabilities Could Allow DoS, Information Leak

• Emergency Patch Released For GoAnywhere MFT Zero-Day Vulnerability

• State details how agencies must apply TikTok ban

• Machine learning maps location of lead pipes

• Ongoing VMware ESXi Ransomware Attack Highlights Inherent Virtualization Risks

• Industrial Cybersecurity Innovator Opscura Receives $9.4M in Series A Funding as Critical Operations Transform

• Interpol is Determining How to Police the Metaverse

• Backdoor in Dingo Cryptocurrency Allows Creator to Steal (Nearly) Everything

• With TikTok Bans, the Time for Operational Governance Is Now

• Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement

• Attackers are searching for online store backups in public folders. Can they find yours?

• Massive ransomware operation targets VMware ESXi: How to protect from this security threat

• ARMO Integrates ChatGPT to Help Users Secure Kubernetes

• Coalfire Compliance Essentials Optimized for Automated Evidence Collection

• CISA Releases One Industrial Control Systems Advisory

• SpaceX May Attempt Starship Launch In March

• Google Introduces Bard: New ChatGPT Rival

• Agencies seek public input on updates to guiding plan for cyber R&D

• 10 types of security incidents and how to handle them

• Infosec Launches New Office Comedy Themed Security Awareness Training Series

• Intel 471 Announces Powerful and Scalable Attack Surface Protection Solution Suite

• CISA Releases One Industrial Control Systems Advisory

• VMware has no evidence of zero-day exploitation in ESXiArgs ransomware attacks

• Here’s A List Of Proxy IPs To Help Block KillNet’s DDoS Bots

• QNAP Backtracks On Scope Of Critical NAS Bug

• Lawsuit Blast GoodRx, Meta Over Egregious Privacy Practices

• Google Launches ChatGPT Rival Bard

• A Quick Look At The Chinese Spy Balloon Over The US

• AI and Cybersecurity: Some observational implications of the intersection between the two

• How to protect your car dealership from cyber-attacks

• China’s Baidu Prepares ChatGPT-Style Service

• VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks

• DataDome’s Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the U.S. as the Top Source of Bot Attacks

• Valtix Survey: 95% of Organizations Say Multi-cloud Is a ‘Strategic Priority’ but Only 58% Have the Security Architecture to Support It

• Financial Institutions Are Suffering From Increasingly Sophisticated Cyberattacks, According to Contrast Security

• How to Get into the Cybersecurity Industry

• How to Set Up the Perfect Workspace at Home

• How to Spot a Nefarious Cryptocurrency Platform

• Cyber Insurance, A Must-Have for Small Businesses

• Interpreting the ‘Twitter Files’: Lessons About External Influence on Content Moderation

• Constructive Ambiguity of the Budapest Memorandum at 28: Making Sense of the Controversial Agreement

• Password security tips to keep data safe from hackers

• Chinese Version Of TikTok To Expand Food Delivery Service

• Cybercriminals Bypass ChatGPT Restrictions to Generate Malicious Content

• Linux Variant of Cl0p Ransomware Emerges

• Patch Released for Actively Exploited GoAnywhere MFT Zero-Day

• Vulnerability Provided Access to Toyota Supplier Management Network

• ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding

• Software Supply Chain Security Firm Lineaje Raises $7 Million

• Optimizing Cybersecurity Investments in a Constrained Spending Environment

• Juggling the Demands of a Multicloud Environment

• Court Approves Lawsuit Against Meta In Kenya

• UK Metal Engineering Firm Vesuvius Hit by Cyber-Attack

• Released: Decryptor for Cl0p ransomware’s Linux variant

• PixPirate Malware Is Actively Stealing Banking Passwords

• Iranian Threat Group Behind Charlie Hebdo Data Breach

• The Quantum Threat: Our Government Knows More Than You Do

• U.S. Nuclear Facilities Witnesses Hacking and Espionage Threats

• Defending Data Breaches Through Cybersecurity

• Everything you can do with the Apple HomePod

• A Cybersecurity Risk Assessment Guide for Leaders

• UK Considers Backing Official ‘Digital Pound’

• Benefits Of Having Video Surveillance In Your Business

• Google expands virtual cards to American Express customers

• Widespread ransomware campaign targets VMware ESXi servers

• 5 Ways to Survive Scam Season — or Rather, Tax Season

• Palo Alto Networks Cortex and IBM Enhance Modern Incident Response

• Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

• Exploit Released for GoAnywhere File Transfer Zero-Day Flaw

• Calling custom security awareness training the answer to social engineering, Riot raises $12M

• ARMO shows how ChatGPT can help protect Kubernetes

• Social Networking Without Selling Yourself

• Safer Internet Day 2023: Protecting Your Personal Data

• Tripwire Patch Priority Index for January 2023

• VMware warns of ransomware attacks on unpatched ESXi hypervisors

• Keeping KillNet at Bay: Use the IP Address Blocklist

• Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?

• Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

• All in for Security: Cisco Secure at Cisco Live EMEA 2023

• Critical Baicells Device Vulnerability Could Make Telecom Networks Vulnerable to Spying

• Are your kids talking about Safer Internet Day?

• Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk

• Google To Release ChatGPT-Style AI Chatbot

• How IBM’s new supercomputer is making AI foundation models more enterprise-budget friendly

• VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

• Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

• OpenSSH addressed a new pre-auth double free vulnerability

• Malware Delivered through Google Search

• Eurocops Shuts Down Exclu Messaging App, Dozens Arrested

• Amazon S3 to apply security best practices for all new buckets

• LockBit Claims Responsibility For Royal Mail Attack

• This notorious ransomware has now found a new target

• Different Types of Phone Charging Stations – Ultimate Guide 2023

• Ex Uber Employee Made 388 Fake Driver Profiles, Duped Company of Rs 1.17 Crore

• Zero Trust Can Guarantee the Future of Computer Security

• Drugs Labs Busted After Encrypted Chat App Takedown

• Thirteen Teams Win at UK’s CyberFirst Girls Competition

• BlackSprut: Darknet Drug Market Advertises On Billboards In Moscow

• UK second most targeted nation behind America for Ransomware

• Cisco turns to risk-based authentication to make MFA and zero trust practical

• UK Banks Still Failing on Digital Security – Report

• Anonymous leaked 128GB of data stolen from Russian ISP Convex revealing FSB’s warrantless surveillance

• Need to improve the detection capabilities in your security products?

• 5 Best Technologies to Secure Kubernetes – 2023

• Super Bowl ticket scams: Security tips for football fans

• Shift left is critical to app security; Build38 raises €13M for trust development kit

• Web beacons on websites and in e-mail

• Eurocops shut down Exclu encrypted messaging app, arrest dozens

• Safer Internet Day 2023: Empowering Kids and Families for a Safer Internet

• Fortinet launches FortiSP5 to secure distributed network edges

• OPSWAT MetaDefender Kiosk K2100 secures critical networks in challenging environments

• Podcast Episode: When Tech Comes to Town

• Cequence Security API Security Testing uncovers and remediates API vulnerabilities

• ChatGPT’s potential to aid attackers puts IT pros on high alert

• How to scale cybersecurity for your business

• India-China relations will define the IoT landscape in 2023

• Balancing risk and security tradeoffs

• iPhone using parents to get precise location of kids via Apple Watch

• Microsoft attributes Charlie Hebdo attacks to Iranian nation-state threat group

• OPSWAT mobile hardware offers infrastructure security for the air gap

• Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition

• BrandPost: Tackling Cyber Influence Operations: Exploring the Microsoft Digital Defense Report

• Massive ransomware attack targets VMware ESXi servers worldwide

• Transport Layer Security (TLS): Issues & Protocol

• A Fool With a Tool Is Still a Fool: A Cyber Take

• No experience, No Problem – (ISC)² Recruits 140,000 Individuals Interested in a Cybersecurity Career

• 12 ways to improve your website security

• Hackers Actively Exploiting VMware ESXi Servers to Deploy Ransomware

• Following a Breach at ION Group, LockBit Hackers Received a Ransom

• Online safety laws: What’s in store for children’s digital playgrounds?

• Industrial Defender and Nozomi Networks partner to protect critical operational technology

• Why Lists?

• BlueHat 2023: Connecting the security research community with Microsoft

• Cloud-ready and Channel-first

• Data Privacy From a Data Governance Standpoint

• U2opia licenses ORNL technologies for cybersecurity monitoring in real time

• A week in security (January 30 – February 5)

• Two year old vulnerability used in ransomware attack against VMware ESXi

• Embarrassment as US cyber ambassador’s Twitter account is hacked

• IT Security News Daily Summary 2023-02-06

• Major Cybercrime Crackdown: Encrypted Messenger Exclu Seized

• 4 reasons it’s time to reassess your cloud architecture

• Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread

• Crypto Drainers Are Ready to Ransack Investor Wallets

• Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out

• LimeVPN – 23,348 breached accounts

• The Role of Cloud-Native Security in Application Delivery

• Software industry group offers FedRAMP wishlist to OMB, GSA

• Cadien Cyber Response Launches to Deliver Incident Response & Complex Digital Forensics Services

• Italy, France and Singapore Warn of a Spike in ESXI Ransomware

• Smart infrastructure bolsters energy conservation

• ChatGPT-powered cyberattacks expected, report says

• Here’s a list of proxy IPs to help block KillNet’s DDoS bots

• Vastaamo hacking suspect arrested in France

• Court Rules That Facebook Must Face Lawsuit From Content Moderators

• Mortgage Broker 8Twelve Exposes Data of Canadian Residents

• House Dem pushes back on bill to cancel VA’s $20B-plus software refresh

• Cybercrime Shows No Signs of Slowing Down

• Getting results from your zero-trust initiatives in 2023

• Singapore open to ChatGPT use in schools, but urges caution

• Patching & Passwords Lead the Problem Pack for Cyber-Teams

• Protect Your Passwords Like Never Before with Dashlane’s Mobile Apps Source Code Release

• Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping

• Comcast Wants a Slice of the Enterprise Cybersecurity Business

• Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto

• Intern with Lawfare!

• Italy Bans US-based AI Chatbot Replika From Using Personal Data

• Microsoft: Iran Unit Responsible for Charlie Hebdo Hack-and-Leak Operation

• How to fix the top 5 cybersecurity vulnerabilities

• Novel Banking Trojan ‘PixPirate’ Targets Brazil

• 128GB Of Russian ISP Convex Data Leaked By Anonymous Hacker

• Four-Day Working Week: A Cybersecurity Challenge or New Opportunity?

• Ivanti’s Michelle Hodges Honored as a 2023 CRN Channel Chief

• RevBits Endpoint Security Fully and Successfully Deployed, in a government-based entity PoC, for a True Air-Gapped Environment

• Chris Peterson of Anomali Honored as a 2023 CRN Channel Chief

• JFrog Proves FORTUNE 100 Companies Are Getting IoT-Ready and Increasing Their Focus on Securing the Software Supply Chain

• In A Cloud Speed World, Is It Time To Leave It To The Machines?

• OpenAI says ChatGPT must be regulated. Meanwhile, get ready for AI audits | The AI Beat

• Finnish psychotherapy extortion suspect arrested in France

• What Is Container Security? Definition, Benefits, and Risks

• The New HomePod Brings a New Sound and More Home Smarts

• NSF will invest up to $28M for STEM open-source ecosystems

• TrickGate crypter discovered after 6 years of infections

• New York Attorney General Fines Vendor for Illegally Promoting Spyware

• Iranian Threat Actor Neptunium Associated With Charlie Hebdo Cyber-Attacks

• Introducing Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

• How to make sure the reputation of your products and company is good

• DTEX Systems’ Brian Stoner Honored as a 2023 CRN Channel Chief

• iLearningEngines Completes 20th Webinar of its Quarterly Series Focused on the Insurance Sector and Employment Legal Issues

• How are you marking data privacy day?

• The ethics of biometric data use in security

• How to Earn Your (ISC)² Certification

• Apple Discounts High-End iPhones In China As Demand Sags

• No Evidence Global Ransomware Hack Was By State Entity, Italy Says

• Iran Crew Stole Charlie Hebdo Database, Says Microsoft

• School Laptop Auction Devolves Into Extortion Allegation

• Dutch Police Read Messages Of Encrypted Messenger Exclu

• Court Considers Independent FTX Probe

• Major Florida Hospital Shuts Down Networks, Ransomware Attack Suspected

• Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

• Will Emphasising App Security Lead to More App Installs?

• Extortion Attempt by Former Ubiquiti Developer

• Unpatched VMware servers vulnerable to Ransomware Attacks

• Google ‘Invests $300m’ In AI Start-Up Anthropic

• The Ongoing Battle: Is Time on the Side of Hackers or Defenders?

• Why Crowdsourced Security is Devastating to Threat Actors

• Name That Edge Toon: For the Birds

• GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry

• Top 10 Endpoint Security Best Practices That Help Prevent Cyberattacks

• Cybercriminals used sophisticated tech to fool Chase and its customer in scam that stole $120,000

• How Cybercriminals Are Operationalizing Money Laundering and What to Do About It

• Importance of Standards to National Security

• Water Wars: Japan’s Defense Buildup Signals a Shift Away from Post-WWII

• AI Models Produces Photos of Real People and Copyrighted Images

• Stop Siri, Google & Alexa from Stealing Audio Files for Unauthorized Usage

• Wall Street Advisory Firm Sues Twitter Over Unpaid Bill

• Massive Ransomware attack Targets VMware ESXi Servers

• The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

• Cisco secures IoT, keeping security closer to networking

• A prominent UK cybersecurity stock is under attack from short sellers. Here’s what you need to know

• VERT Reads All About It – Cybersecurity News February 6 2023

• SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022

• How to Fix Cyclic Redundancy Check Data Error?

• OpenAI Rolls Out AI-Text Detection Tool Following ChatGPT’s Popularity

• Anonymous Leaks 128 GB of Data from Russian ISP Convex

• VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability

• Widespread Ransomware Attacks On Vulnerable VMware ESXi Installations

• DevOps Challenges to Watch Out for in 2023: and How to Approach Them

• How to Create a Dockerfile?

• Keeping unstructured data safe and sound

• Cyber Insights 2023 | Zero Trust and Identity and Access Management

• Cyber Insights 2023 | The Coming of Web3

• 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder

• Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack

• GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry

• Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)

• Inside Safe City, Moscow’s AI Surveillance Dystopia

• $400,000 Fine for Stalkerware App Developer

• Florida Hospital`s IT System Shut Down After Suspected Ransomware Attack

• Musk Cleared Over Tesla ‘Funding Secured’ Tweets

• 13 Code Quality Metrics That You Must Track

• Many VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability

• Florida Hospital Cancels Procedures, Diverts Patients Following Cyberattack

• European Police Arrest 42 After Cracking Covert App

• ChatGPT and automotive cybersecurity #1/2: About CSMS from ISO 21434

• Whizcase Study: How $6 Can Buy Compromised Social Media & Streaming Accounts From the Dark Web?

• Top Malware Threats You Should Know About

• Dashlane Password Manager has released the source code of its mobile apps

• Dell To Cut Thousands Of Jobs Amidst PC Demand Slump

• Behind the Attack: Paradies Clipper Malware

• Ukraine Cyber Security Team hacks into Zoom Call with Russians

• 75 Best Android Penetration Testing Tools – 2023

• The tech leader’s guide to 2023

• Stalkerware Developer Hit with $400K Fine

• How to Protect Your ESXi Servers From the Nevada Ransomware Attacks

• Lessons learned from 2022

• Australian Start-Up To Take Over Battery Maker Britishvolt

• How to Advance ICS Cybersecurity: Implement Continuous Monitoring

• Dingo Crypto Token Flagged, Charges 99% Transaction Fee

• Legacy VMware Bug Exploited in Global Ransomware Campaign

• What’s in the Cards for Cybersecurity in 2023?

• OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

• SaaS in the Real World: Who’s Responsible to Secure this Data?

• Trust, not tech, is holding back a safer internet

• Scam Alert for Dingo Token That Charges 99% Fee

• Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers

• Software developers, how secure is your software?

• FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection

• School laptop auction devolves into extortion allegation

• While governments pass privacy laws, companies struggle to change

• Ransomware scum launch wave of attacks on critical, but old, VMWare ESXi vuln

• High-severity Vulnerability in F5 BIG-IP Let Attackers Execute Arbitrary Code

• What a perfect day in data privacy looks like

• Trends that impact on organizations’ 2023 security priorities

• Splashtop Antivirus powered by Bitdefender helps businesses protect their endpoints

• Nevada Ransomware has released upgraded locker

• Latest Cyberthreats and Advisories – January 27, 2023

• Deduplication and Data Stewardship Process in MDM

Generated on 2023-02-07 23:55:22.018725