IT Security News Daily Summary 2023-02-14

• Earthquake in Turkey exposes gap between seismic knowledge and action – but it is possible to prepare

• AI, sensors enhance wildfire detection

• Mozilla Releases Security Updates for Firefox 110 and Firefox ESR

• Adobe Releases Security Updates for Multiple Products

• Malware Delivered through Google Search

• The New Israeli Government’s ‘Constitutional Law Reforms’: Why now? What do they mean? And what will happen next?

• Microsoft delivers 75-count box of patches for Valentine’s Day

• The Rise of Security Service Edge (SSE): A Game-changer for the Modern Workforce

• Zscaler to Acquire Israeli Startup Canonic Security

• Mozilla Releases Security Updates for Firefox 110 and Firefox ESR

• How states can prepare for the rise of cryptocurrency

• VERT Threat Alert: February 2023 Patch Tuesday Analysis

• Microsoft Patch Tuesday, February 2023 Edition

• CISA Adds Four Known Exploited Vulnerabilities to Catalog

• Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops

• PWC highlights 11 ChatGPT and generative AI security trends to watch in 2023

• Army looking to experiment with autonomous, real-time technologies

• CISA Adds Four Known Exploited Vulnerabilities to Catalog

• Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops

• Microsoft Patch Tuesday for February 2023 fixed actively exploited zero-days

• Cisco Umbrella + Cisco Duo Are Better Together

• Veeam launches Data Platform, ransomware warranty

• Automated Security and Compliance Attracts Venture Investors

• Microsoft Releases February 2023 Security Updates

• Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)

• Record-breaking number of record-breaking DDoS attacks confirmed

• How to Debug Websites Using Safari Developer Tools

• Government’s chief data scientist previews agencies’ work on equitable data

• Oakland City Services Struggle to Recover From Ransomware Attack

• Microsoft Releases February 2023 Security Updates

• 5 Cloud Security Challenges Solved by CNAPP

• OT Cybersecurity Plan to Prevent the 5Ds

• CISOs: Self-healing endpoints key to consolidating tech stacks, improving cyber-resiliency

• States sketch out roadmaps for zero trust ‘journey’

• Configuration Issues in SaltStack IT Tool Put Enterprises at Risk

• Vulnerability Summary for the Week of February 6, 2023

• Google Vertex AI Vision: Revolutionizing E-Commerce?

• Patch Tuesday: Microsoft Warns of Exploited Windows Zero-Days

• Hospitals Sued for Using Meta’s Ad-Tracking Code, Violating HIPAA

• Vulnerability Summary for the Week of February 6, 2023

• Security awareness and training policy

• Analysis: Cybersecurity Managers Fear ‘Catastrophic’ Cyber Event Now Likely Within Two Years

• Google’s Bard AI Bot Error Costed the Company $100 Billion Shares

• Why it’s time to supercharge data infrastructure funding

• Adobe Plugs Critical Security Holes in Illustrator, After Effects Software

• Lokibot, AgentTesla Grow in January 2023’s Most Wanted Malware List

• Why SecDataOps Is the Future of Your Security Program

• CISA Releases One Industrial Control Systems Advisory

• Apple Releases Security Updates for Multiple Products

• Decentralized Data Mesh With Apache Kafka in Financial Services

• social media policy

• Chinese Hackers Infiltrate South American Diplomatic Networks

• Apple Releases Security Updates for Multiple Products

• Massive AdSense Fraud Campaign Uncovered – 10,000+ WordPress Sites Infected

• Upcoming Speaking Engagements

• Five Compelling Benefits of a Managed SASE Solution

• Microsoft Azure Security expands variant hunting capacity at a cloud tempo

• Addressing cybersecurity at the board level with Difenda and Microsoft

• Google lets a few Android devices into its Privacy Sandbox

• RADIUS server authentication: Old but still relevant

• Hackers Could Use ChatGPT to Generate Convincing Scam Messages in Seconds

• AtlasVPN offers 83% off in privacy promotion

• What is Virtual Patching and How Does It Work?

• Vaultree Appoints Technology Industry Veteran Rinki Sethi to Its Board of Directors

• CISA Releases One Industrial Control Systems Advisory

• Mary Queen of Scots Letters Decrypted

• Romance Scam Targets Security Researcher, Hilarity Ensues

• Patch Tuesday February 2023 – Microsoft Releases Fixes for 13 Known Vulnerabilities

• Consenting to Cookies is Not Sufficient

• Before It’s Too Late, Switch to a New LastPass Password Manager

• Clipper Virus: 451 PyPI Packages Deploy Chrome Extensions to Steal Crypto

• Meet the new Mortal Kombat Ransomware

• Data Engineering Practices to Avoid

• CISA, South Korean agencies issue joint warning on North Korean ransomware

• 1Password is saying goodbye to passwords in favor of passkeys. Here’s why

• Spanish, US Authorities Dismantle Cybercrime Ring That Defrauded Victims of $5.3 Million

• Hackers Breach Pepsi Bottling Ventures’ Network

• Ping Identity and Deloitte Forge Alliance to Give Organizations Advanced Identity and Access Solutions

• Cyber-Physical Systems Vulnerability Disclosures Reach Peak, While Disclosures by Internal Teams Increase 80% Over 18 Months

• Experts discover over 451 clipper malware-laced packages in the PyPI repository

• The New Israeli Government’s “Constitutional Law Reforms”: Why now? What do they mean? And what will happen next?

• A Cyber Persistence Way to Countermeasures

• Amazon’s Zoox Begins Staff Rides On Public Roads In California

• Breaking Down the Seven Steps of an SQL Injection Kill Chain

• SynSaber Launches a Free OT PCAP Analyzer Tool for the Industrial Security Community

• ThreatConnect Closes 2022 with Accelerated Growth in Threat Intelligence Operations (TI Ops)

• 4 Best VPN Services (2023): For Routers, PC, iPhone, Android, and More

• ~11,000 Sites Have Been Infected With Malware That’s Good At Avoiding Detection

• EU Countries Told To Step Up Defenses Against State Hackers

• Pepsi Bottling Ventures Says Info-Stealing Malware Swiped Sensitive Data

• Alleged SIM Swapper Ransomed Instagram Influencer For Dates, Striptease Video

• The White House Wants You To Believe Those UFOs Weren’t Aliens

• Tools & Software That are Lifesavers for New Musicians

• Pepsi Bottling Ventures Discloses Data Breach

• CISO Conversations: The Role of the vCISO

• 2022 ICS Attacks: Fewer-Than-Expected on US Energy Sector, But Ransomware Surged

• Lessons All Industries Can Learn From Automotive Security

• Tesla Staff In NY Launch Union Campaign

• Adsense abused: 11,000 sites hacked in a backdoor attack

• Enhancing Security with Two-Factor Authentication: An Introduction to TOTP and HOTP

• Top 100 Women in Cybersecurity

• Upskilling And Automation The Keys To Cyber Resilience For Businesses

• User Behavior Analytics in Case Management

• Top 100 Cybersecurity Startups

• Top 100 CISOs

• Meta’s Chief Business Officer To Leave After 13 Years

• US Mobile Operators Suffer Outages, Issues

• EnterpriseDB adds Transparent Data Encryption to PostgreSQL

• Apple fixes zero-day spyware implant bug – patch now!

• Embattled VMware ESXi Hypervisor Flaw Exploitable in Myriad Ways

• (ISC)² Certified in Cybersecurity Exam Now Available in More Languages

• Phygital Attacks: Protecting Critical Infrastructure from Cyber Threats

• ChatGPT and more: What AI chatbots mean for the future of cybersecurity

• Real-time Ubuntu released, offers end-to-end security and reliability

• Record-Breaking 71 Million RPS DDoS Attack Seen by Cloudflare

• The More You Look for Spy Balloons, the More UFOs You’ll Find

• The Tor network hit by wave of DDoS attacks for at least 7 months

• $100 Million In Stolen Crypto Disguised in Lazarus New Mixer

• Data Theft Feature Added by Russian Nodaria APT

• Twitter Revenues From Top Advertisers Plummets – Report

• Apple WebKit Zero-Day Vulnerability Exploited to Hack iPhones, iPads, and Macs

• Hackers Target Bahrain Airport, News Sites to Mark Uprising

• GoAnywhere Zero-Day Attack Victims Start Disclosing Significant Impact

• Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

• Apple fixes actively exploited WebKit zero-day in iOS, macOS (CVE-2023-23529)

• Madrid-Based Phishing Gang Disrupted By Spanish National Police & US Secret Service

• Pepsi Bottle Ventures Suffers Data Breach After Malware Attack

• Lazarus Hackers Use New Mixer to Hide Stolen Cryptocurrency

• Check Point CloudGuard Spectral detects malicious crypto-mining packages on NPM – The leading registry for JavaScript Open-Source packages

• Atlas VPN upgrades servers for faster browsing

• Apple Patches Actively Exploited WebKit Zero-Day Vulnerability

• Spanish Police Bust €5m Phishing Gang

• Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad

• A CISOs Practical Guide to Storage and Backup Ransomware Resiliency

• Apple Hitting Issues In Ramping Up India Manufacturing – Report

• Dragos: ICS/OT ransomware attacks up 87%

• Cloudflare Stops Largest HTTP DDoS Attack on Record

• Cloudflare blocked record-breaking 71 million request-per-second DDoS attack

• Cloudflare Stops Over 71 Million RPS Record-Breaking DDoS Attack

• Resurrected Crypto-mixer Launders $100m in North Korean Funds

• Malware that can do anything and everything is on the rise

• Need to improve the detection capabilities in your security products?

• Is your online date Googling you?

• Thales and Quantinuum Offer a Trusted Foundation to Help Organizations Begin Creating Quantum Resilience Today

• Record-Breaking DDoS Attack – Over 71 Million RPS

• Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

• Expel MDR for Kubernetes simplifies security for Kubernetes applications

• Actionable intelligence is the key to better security outcomes

• How to prevent DDoS attacks

• Get hired in cybersecurity: Expert tips for job seekers

• Steps CISA should take in 2023

• AI and Cybersecurity: Some observational implications of the intersection between the two

• Beware of Romance Scams on Valentines Day as it could reach $7 billion

• Patch Now: Apple’s iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw

• Confident cybersecurity means fewer headaches for SMBs

• Romance scam targets security researcher, hilarity ensues

• Apple fixes the first zero-day in iPhones and Macs this year

• How to change your account password in Windows 11

• Enigma info-stealing malware targets the cryptocurrency industry

• Pepsi Bottling Ventures says info-stealing malware swiped sensitive data

• Training and CTFs

• Malwarebytes recognized as endpoint security leader by G2

• A week in security (February 6 – 12)

• Powering Manufacturing With MLOps

• What is AI good at (and what the heck is it, actually), with Josh Saxe: Lock and Code S04E04

• Jailbreaking ChatGPT and other large language models while we can

• CISA issues alert with South Korean government about DPRK’s ransomware antics

• French law to report cyberincidents within 3 days to become effective soon

• Consent to gather data is a “misguided” solution, study reveals

• EFF Backs California Bill to Protect People Seeking Abortion and Gender-Affirming Care from Dragnet Digital Surveillance

• Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys

• Facebook Fined For “Egregious” Conduct In Privacy Case

• Dark Web Revenue Down Dramatically After Hydra’s Demise

• Why is New York City Removing Free Broadband In Favor of Charter?

• IT Security News Daily Summary 2023-02-13

• Check Point’s annual cybersecurity event spotlights power of AI

• 9 Scammers Busted for 5M Euro Phishing Fraud Ring

• Android 14 Will Block Malware With Enhanced Security Updates

• Digitized ID eases re-entry for formerly incarcerated

• Contact center modernization boosts satisfaction for city residents, staff

• Accenture Acquires Morphus, Brazil-Based Cybersecurity Company

• SOAR vs. SIEM: What’s the difference?

• How to become an incident responder: Requirements and more

• Chinese Hackers Keep Targeting Group-IB Cybersecurity Firm

• 2023-02-13 – IcedID (Bokbot) from fake Microsoft Teams page

• Healthcare in the Crosshairs of North Korean Cyber Operations

• Authenticate Users via Face Recognition on Your Website or App

• ‘Whole nation’ effort needed to build broadband workforce

• Chromo-encryption method encodes secrets with color

• Namecheap email system hacked, used for phishing campaign

• Russian Hackers Disrupt NATO Earthquake Relief Operations

• On Pig Butchering Scams

• Hackers Aim at Crypto Wallets with Hacked Namecheap Phishing Emails

• Small business participation in federal marketplace continues decline despite $159 billion in awards

• Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug

• Widely available A.I. is ‘dangerous territory,’ says Tenable’s Amit Yoran

• Application Security: Complete Definition, Types & Solutions

• US NIST Uncovers Winning Encryption Algorithm for IoT Data Protection

• Best VPN for streaming in 2023: Unblock Netflix and more

• passwordless authentication

• Cybersecurity Experts Warn Against Valentine’s Day Romance Scams

• The US Government says companies should take more responsibility for cyberattacks. We agree.

• PREDICTIONS 2023, PART 2: WHAT WILL THE NEW YEAR BRING FOR THE INFOSEC COMMUNITY?

• Cloud security: Where do CSP and client responsibilities begin and end?

• New GSA benefits hub to pilot text notifications

• Pepsi Bottling Ventures Breached Following Malware Attack

• Watch CNBC’s full interview with Check Point Software CEO Gil Shwed

• Our margins are very healthy, says Check Point Software CEO Gil Shwed

• Google Search Boss Warns Of ‘Hallucinating’ AI Chatbots

• Multiple 0-Day Attacks in The PyPI Packages Aimed to Steal Developer Credentials

• Love Bites: Valentine’s Day shoppers advised to be aware of targeted online scams

• States scramble to replace ripped-off SNAP benefits

• Group-IB Blocks Attack By Chinese Tonto Team Hackers

• How to make sure the reputation of your products and company is good

• Beijing To Support ChatGPT-Style AI Services

• Namecheap admits ‘unauthorized emails’ pwning its customers

• The Center for Cyber Safety and Education Looking for Volunteer Leaders

• 12 ways to improve your website security

• Pepsi suffers a ransomware attack

• Reddit Discloses Security Breach Affecting Internal Docs

• New York Regulator Orders Shutdown Of Major Stablecoin

• How To Scan a URL for Malicious Content and Threats in Java

• A new strategy for western states to adapt to long-term drought: Customized water pricing

• 3.3 Million Impacted by Ransomware Attack at California Healthcare Provider

• The Lessons From Cyberwar, Cyber-in-War and Ukraine

• Majority of Firms Make Cybersecurity Decisions Without Attacker Insight

• Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems

• Oakland In Crisis: How The City Is Dealing With A Ransomware Attack

• Chinese Tonto Team Hackers’ Failed Attempt On Group-IB Fails

• Vulnerabilities open Korenix JetWave industrial networking devices to attack

• An Exploit on Reddit Shows MFA’s Limitations

• How Would You Deal with the Inevitable Breaches of 2023?

• Trickbot Hacking Group Jointly Sanctioned By the US and Britain

• Namecheap Emails Hacked To Send Phishing Email

• Adobe Acrobat will soon power Microsoft Edge’s PDF reader

• What Happened to #OpRussia?

• Pro-Russia hacker group Killnet targets NATO websites with DDoS attacks

• A New Trio Of Intrusions Leaves America’s Leaders Grasping For Explanations

• Telco Attacks Tied To Bad Third-Party Vendor Security Hygience

• The FBI’s Most Controversial Surveillance Tool Is Under Threat

• AI-Powered Bing Chat Spills Its Secrets Via Prompt Injection Attack

• The U.S. Government Should Try Harder to Minimize Costs of China Defensive Measures

• Getting to Ground Truth on the Reach of Domestic Violent Extremist Groups Into the Military, Veteran, and Law Enforcement Communities

• Generative AI for DevOps: A Practical View

• Avoid Being a Downstream Victim of Service Provider Attacks

• Cybersecurity Firm Group-IB Repeatedly Targeted by Chinese APT

• City of Oakland Hit by Ransomware Attack

• Dodge online banking fraudsters with these 12 cybersecurity tips

• Tor network experiencing massive ongoing DDoS attacks

• South Korean Start-Up Challenges Nvidia AI Dominance

• Play Ransomware Group Claims Attack on A10 Networks

• Cybercriminals target fans of The Last of Us with recent malware and phishing scams

• LockBit’s Royal Mail ransom deadline flies by. No data released

• A Closer Look at KeePass: Why Its Reputation as a Safe Password Manager is Being Questioned

• Cybersecurity M&A Roundup: 40 Deals Announced in January 2023

• Pig Butchering Scams Are Evolving Fast

• DHL, MetaMask phishing emails target Namecheap customers

• 16-31 January 2023 Cyber Attacks Timeline

• Slowly But Surely: The Decline of Online Advertising is Inevitable

• Italian Regulator Bans AI Chatbot Replika Over Data Concerns

• Funding Round Values China EV Maker Zeekr At $13bn

• SecurityWeek Cyber Insights 2023 Series

• North Korean Hackers Target the Healthcare Sector with Ransomware

• New Threat Group Hits Israel Institute of Technology with Ransomware

• January 2023’s Most Wanted Malware: Infostealer Vidar Makes a Return while Earth Bogle njRAT Malware Campaign Strikes

• Researchers Uncover 700+ Malicious Open Source Packages

• Honeypot-Factory: The Use of Deception in ICS/OT Environments

• St Kitts & Nevis Passport in the Digital Age: The Impact of Technology on the Application Process

• Namecheap Email Hacked, Phishing Emails Sent To MetaMask & DHL

• Regulator Warns Over Surveillance Oversight As System ‘Simplified’

• Cybersecurity Is Necessary for Mission-Critical Energy Grids

• How to protect organizations against Brute Force Attacks

• MoneyGram Fraud Victims Get $115m in Compensation

• Namecheap Customers Flooded with Phishing Emails

• Chinese Tonto Team Hackers’ Second Attempt to Target Cybersecurity Firm Group-IB Fails

• Software developers, how secure is your software?

• Learn the art of malicious compliance: doing exactly what you were asked, even when it’s wrong

• Hackers Targeting U.S. and German Firms Monitor Victims’ Desktops with Screenshotter

• Hacktivists hacked Iranian State TV during President’s speech on Revolution Day

• China’s spy balloon barrage earns six of its companies a spot on US entity list

• As regulations skyrocket, is compliance even possible anymore?

• Reimagining zero trust for modern SaaS

• Cyber Attack news headlines trending on Google

• Hackers Using Geotargeting Tools to Launch Attacks Targeting Specific Locations

• Cybercriminals exploit fear and urgency to trick consumers

• Can we predict cyber attacks? Bfore.AI says they can

• The ethics of biometric data use in security

• Integreon CyberHawk-AI identifies patterns of frequently compromised information

• How We Can Make Public Safety More Proactive

Generated on 2023-02-14 23:55:28.186191