IT Security News Daily Summary 2023-02-24

• Cryptojackers Deploy Trojanized Mac Apps on The Pirate Bay

• Have the Justices Gotten Cold Feet About ‘Breaking the Internet’?

• Angular vs. React: What To Choose for Your Blockchain App?

• Drones on the front lines in public safety operations

• Transmission of sensitive data policy

• Evaluating the Cyberwar Set Off by Russian Invasion of Ukraine

• Tackling Software Supply Chain Issues With CNAPP

• Biden Push For Cyber Regulations Could Clash With Skeptical Republicans

• Demand heats up for grants management solutions

• Canadian Telecom Firm Telus Reportedly Investigating Breach

• CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine

• Ukraine Invasion Blew Up Russian Cybercrime Alliances

• Wslink Downloader May Have Links To North Korean Lazarus Group

• Here’s How We Broke Into A Bank Using An AI-Voice

• Teacher Charged After Cryptomining Operation Found In School Crawl Space

• GoodRx Ordered To Issue Breach Notices To Consumers

• ‘New Class of Bugs’ in Apple Devices Opens the Door to Complete Takeover

• CISA: Beware of DDoS, Web Defacements on Anniversary of Russian Invasion of Ukraine

• Cloud incident response: Frameworks and best practices

• Who’s Behind the Botnet-Based Service BHProxies?

• Latest Cyberthreats and Advisories – February 24, 2023

• What is Patch Management?

• Evaluating the Cyber War Set Off by Russian Invasion of Ukraine

• remote code execution (RCE)

• Mysterious Mac malware iWebUpdate discovered; is 5 years old

• DNA testing service to pay $400k for data breach it ignored

• Top 10 Practices for Secure Software Development

• A survey of over 17,000 people indicates only half of us are willing to trust AI at work

• DDoS Attacks: Becoming More Powerful & Shorter in Duration

• sudo (su ‘do’)

• Pentagon didn’t check risks before authorizing cloud services, watchdog finds

• Understanding why government automation projects fail

• The Top 5 New Social Engineering Attacks in 2023

• Have the Justices Gotten Cold Feet About “Breaking the Internet”?

• DHS tests show facial recognition tech has varied results, but gaining ground

• Watch on Demand: Attack Surface Management Summit

• CISA Calls For Increased Vigilance One Year After Ukraine’s Russian Invasion

• TikTok Ban Hits EU Commission Phones as Cybersecurity Worries Mount

• WSUS Alternative for Patch Management

• KPI Examples for Patch and Vulnerability Management

• Food Giant Dole, Victim of a Ransomware Attack

• Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors

• New S1deload Malware Hijacking Youtube And Facebook Accounts

• The top 8 Cybersecurity threats facing the automotive industry heading into 2023

• Microsoft unveils the tradecraft of hacking group Nobelium

• Hackers Weaponizing New Critical Flaw to Attack Zoho ManageEngine Products

• Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration

• CrowdStrike Uncovers I2Pminer MacOS Mineware Variant

• How to Ingest Data into Falcon LogScale Using Python

• Treasury reopens ‘help desk’ for states and localities

• DLL sideloading and CVE attacks show diversity of threat landscape

• EU Commission Bans TikTok on Corporate Devices

• FinTech Sector Emerges as a Prominent Target for Cybercriminals

• Dark Web Malware Steals Your Data

• Security Experts Condemn GoDaddy’s Response to the “Multi-Year” Hack

• Upgrading from API v2 to v3: What You Need to Know

• These are the most secure countries for remote workers in 2023

• Microsoft: Here’s how our technology disrupts ransomware and phishing attacks

• A Year of Conflict: Cybersecurity Industry Assesses Impact of Russia-Ukraine War

• Top incident response tools: How to choose and use them

• Top incident response service providers, vendors and software

• Disqualification From Office: Donald Trump v. the 39th Congress

• Public-Public Partnerships: Cyber Intelligence Coordination Within the Department of Homeland Security

• Crucial US military Emails was Publicly Available

• Nearly 80% Of Google Play Store Apps ‘Violating Data Privacy Labels’ – Mozilla

• With 40% of Log4j Downloads Still Vulnerable, Security Retrofitting Needs to Be a Full-Time Job

• To Safeguard Critical Infrastructure, Go Back to Basics

• Highly evasive cryptocurrency miner targets macOS

• Fake ChatGPT apps are beginning to distribute malware and steal credit card information

• A year of wiper attacks in Ukraine

• How to Tackle the Top SaaS Challenges of 2023

• Microsoft announces automatic BEC, ransomware attack disruption capabilities

• Instagram Promotion Will Bring Artists Significant Changes

• Experts predict how AI will energize cybersecurity in 2023 and beyond

• CISA Sounds Alarm on Cybersecurity Threats Amid Russia’s Invasion Anniversary

• How to Use AI in Cybersecurity and Avoid Being Trapped

• What Is Internet Control Message Protocol (ICMP)?

• Hackers Claim They Breached Telus, Canada’s Second-largest Telecom Company

• Putting Undetectable Backdoors in Machine Learning Models

• Ticket Fraud Scammers – An Investigation

• Fortinet Shares Clarifications on Exploitation of FortiNAC Vulnerability

• 11 Countries Take Part in Military Cyberwarfare Exercise

• How to address growing API security vulnerabilities in 2023

• Access-as-a-Service: How to Keep Access Brokers Away from Your Organization

• Hackers are actively exploiting CVE-2022-47966 flaw in Zoho ManageEngine

• Dutch Police Arrest Three Ransomware Actors Demanding €2.5 Million

• Synopsys report reveals dramatic growth in open source use

• Rackspace Ransomware Attack Update: What You Need to Know

• DoJ Alleges Google Deleted Evidence In Antitrust Case

• Ransomware Attack Forces Produce Giant Dole to Shut Down Plants

• Russian IT “Brain Drain” Decentralizes Cybercrime

• CyberSmart Raises £12.75m in Series B Funding Round

• Activision Breached: Here Is What Happened

• Watch how AI is after your bank account now

• Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool

• IRS scams: How to avoid getting tricked

• Investment Scams Drive $9bn in Fraud in 2022

• Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels

• China Restricts Access To ChatGPT, But Praises AI Potential

• Firms Who Pay Ransom Subsidise 10 New Attacks: Report

• Majority of Android Apps on Google Play Store Provide Misleading Data Safety Labels

• Fruit Giant Dole Suffers Ransomware Attack Affecting Activities

• FTX’s Sam Bankman-Fried Hit With Four More Charges

• What Is Managed Extended Detection and Response (MXDR)?

• The Significance of Key Risk Indicators in Organisations

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Australia retailer’s customer data compromised in third-party breach

• Edgio enhances its security platform with DDoS scrubbing and WAAP capabilities

• Defenders on high alert as backdoor attacks become more common

• European Commission bans TikTok from staff gadgets

• Dole suffers a ransomware attack

• Fake ChatGPT apps are being to distribute malware and steal credit card information

• Hackers Use Open-Source Tools to Attack Shipping Companies & Medical Laboratories

• Microsoft grows automated assault disruption to cover BEC, ransomware campaigns

• One-fifth of British Folks Have Fallen Victim to Online Fraudsters

• What to expect at BSidesNYC 2023

• Malicious actors push the limits of attack vectors

• New infosec products of the week: February 24, 2023

• Ukraine invasion blew up Russian cybercrime alliances

• Stories from the SOC – RapperBot, Mirai Botnet – C2, CDIR Drop over SSH

• Employees bypass cybersecurity guidance to achieve business objectives

• Darktrace Newsroom monitors open-source intelligence sources

• Edgio enhances its Security platform with DDoS scrubbing and WAAP capabilities

• Netography Fusion enhancements provide real-time visibility of all social media traffic

• Atos 5Guard strengthens 5G security posture for organizations

• Web Components: Everything You Need to Know

• 2023-02-23 – Files for ISC Diary: URL files and WebDAV used for IcedID (Bokbot)

• Deloitte and Cyberbit partner to improve cyber readiness across industries

• Web3 blockchain enables users to take control of identity

• How To Run a Docker Container on the Cloud: Top 5 CaaS Solutions

• The alleged author of NLBrute Malware was extradited to US from Georgia

• 87% of Container Images in Production Have Critical or High-Severity Vulnerabilities

• Metomic raises $20 millions to help security teams control sensitive data

• Privacera integrates with Databricks Unity Catalog

• Why Ransomware Costs Need to be Prioritized in Your 2023 Budget

• 4 Key Security Trends For 2023

• Samsung adds Message Guard protection against zero-click exploits

• DNA testing company fined after customer data theft

• BlackCat ransomware targets another healthcare facility

• Royal Mail schools LockBit in leaked negotiation

• 5 Best Rootkit Scanners and Removers in 2023: Anti-Rootkit Tools

• Fourth Circuit: Individuals Have a First Amendment Right to Livestream Their Own Traffic Stops

• Suspected Russian NLBrute malware boss extradited to US

• Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery

• Student Medical Records Exposed After LAUSD Breach

• IT Security News Daily Summary 2023-02-23

• Modernization needs partners inside, outside government

• How data gaps feed inequity

• How to expand your search sources beyond Google and Bing

• Hydrochasma Threat Group Bombards Targets With Slew of Commodity Malware, Tools

• Generative AI Changes Everything We Know About Cyberattacks

• Russian Malware Developer Behind NLBrute Extradited to US

• GSA contract vehicle looks to solve the ‘valley of death’ problem

• Meta Is Revamping “Facebook Jail” For Violating Company’s Rules

• Forsage Founders Indicted in $340M DeFi Crypto Scheme

• AUVSI Launches Green UAS Cybersecurity Certification Program For Commercial Drones

• CDC technology office plans roadmap for public health data interoperability

• Dole production plants crippled by ransomware, stores run short

• Cyberattack on Dole Causes Temporary Salad Shortage

• FTX fiasco founder SBF faces further fraud charges

• Report: Stress will drive a quarter of cyber defenders out the door

• Linux Foundation Europe Announces Formation of OpenWallet Foundation

• Top 7 Reasons Why Use Node.js in Your Next Web Development Project

• Anonymous: Russian Radio Stations Hacked with Fake Missile Alerts

• At least one open source vulnerability found in 84% of code bases: Report

• Federal procurement is poised for reform—here’s what to keep in mind

• Unanswered Questions Cloud the Recent Targeting of an Asian Research Org

• Hydrochasma Threat Group Bombards Targets with Slew of Commodity Malware, Tools

• UL Solutions Issues Automotive Cybersecurity Assurance Program Certificate to LG Innotek

• Fortinet FortiNAC CVE-2022-39952 flaw exploited in the wild hours after the release of PoC exploit

• (ISC)² Security Congress 2023 Begins Call for Presentations

• How to delete your Twitter account and protect your data, too

• Sensitive DoD emails exposed by unsecured Azure server

• Wiper Malware Surges Ahead, Spiking 53% in 3 Months

• Valve’s Anti-Cheat Measures in Dota 2 Lead to 40,000 Account Bans

• Auto Remediation of GuardDuty Findings for a Compromised ECS Cluster in AWSVPC Network Mode

• Transcription Security Essentials: How to Protect Your Data in the Digital Age

• Understanding purple teaming benefits and challenges

• Inside the PEIR purple teaming model

• S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]

• Metomic Raises $20 Million to Protect Sensitive Data in SaaS Applications

• Vault Vision Launches One Click Passwordless Logins With Passkey User Authentication

• Cris Thomas: Space Rogue, From L0pht Hacker to IBM Security Influencer

• WinorDLL64 Backdoor Linked to Lazarus Group

• (ISC)² Opens Security Congress 2023 Call for Presentations

• Rezilion Research Discovers Hidden Vulnerabilities in Hundreds of Docker Container Images

• Why Are My Employees Integrating With So Many Unsanctioned SaaS Apps?

• You Can’t Trust App Developers’ Privacy Claims on Google Play

• CISA Releases Three Industrial Control Systems Advisories

• Cisco Releases Security Advisories for Multiple Products

• VMware Releases Security Updates for Carbon Black App Control

• Moving Connected Device Security Standards Forward

• Researchers Develop AI Cyber Defender to Tackle Cyber Actors

• How Does Modern Software Work?

• Advantages of the AWS Security Maturity Model

• CISA Releases Three Industrial Control Systems Advisories

• Cisco Releases Security Advisories for Multiple Products

• VMware Releases Security Updates for Carbon Black App Control

• Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware

• A Deep Dive into the Evolution of Ransomware Part 2

• Russian Radio Stations Hacked with Fake Missile Alerts

• What will security and threat prevention look like in Web3?

• Microsoft to expand program that grows economic development in rural areas

• Top Takeaways From CloudNativeSecurityCon 2023

• The European Commission has banned its staff from using TikTok over security concerns

• The Current State of Play in Israel’s Constitutional Showdown

• Stories from the SOC  – The case for human response actions

• NSA says: Do these things to keep your home network safe from cyberattack

• Dozens of Malicious ‘HTTP’ Libraries Found on PyPI

• NPM Repository Flooded With 15,000 Phishing Packages

• Russian Authorities Claim Ukraine Hackers Are Behind Fake Missile Strike Alerts

• Post-Quantum Algorithm Vulnerable To Side Channel Attacks

• Ukraine Suffered More Data-Wiping Malware Than Anywhere, Ever

• New Class Of Apple Bugs Found In iOS, MacOS

• E.U. Bans TikTok From Commission Devices Over Cybersecurity

• Feds push local election officials to boost security ahead of 2024

• What are the pros and cons of digital workers?

• These experts are racing to protect AI from hackers. Time is running out

• Batteries Are Ukraine’s Secret Weapon Against Russia

• Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products

• Users looking for ChatGPT apps get malware instead

• Remember to Clear the Cache on Your iPhone

• Nevada Ransomware Group targets 5000 victims in US and Europe

• Fake ChatGPT apps spread Windows and Android malware

• TikTok Banned From EU Commission Phones Over Cybersecurity

• Cybersecurity VC Funding Topped $18 Billion in 2022: Report

• Stealthy Mac Malware Delivered via Pirated Apps

• Hackers Use S1deload Stealer to Target Facebook, YouTube Users

• The Push to Ban TikTok in the US Isn’t About Privacy

• Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

• Most Ransomware Attacks in 2022 Took Advantage of Outdated Bugs

• Nearly Half Cybersecurity Leaders Set To Change Jobs, Warns Gartner

• This Will Be the Year of the SBOM, for Better or for Worse

• Proven Techniques for Effective Email Spam Filtering

• NSA Released Checklist To Secure Home Wi-Fi Network

• What is an Incident Response Professional?

• NSA says: Do these things to keep your home network safe from cyber attack

• Vulnerability Summary for the Week of February 13, 2023

• Salt Security Thrives in the Channel

• How to Browse Plenty of Fish (POF) Without Signing Up? – 2023 Dating Guide

• European Commission Suspends TikTok On Corporate Devices

• Russian Accused of Developing NLBrute Malware Extradited to US

• Vulnerability Summary for the Week of February 13, 2023

• Section 230 Won’t Protect ChatGPT

• Vulnerability Summary for the Week of February 13, 2023

• Samsung Enhances Bixby So Users Can Clone Their Voices

• The Secret Vulnerability Finance Execs are Missing

• Google Paid Security Researchers Bug Bounties Of $12 Million

• Cybersecurity layoffs in 2023: What to expect?

• Datacenters in China, Singapore cracked by crims who then targeted tenants

• A Secure Access Service Edge (SASE) Guide for Leaders

• Webinar Today: Building Sustainable OT Cybersecurity Programs

• Warning! New Malware Hijacks YouTube and Facebook Accounts

• Why the US Congress Wants to Ban TikTok

• Lazarus Group Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

• New Hacking Cluster ‘Clasiopa’ Targeting Materials Research Organizations in Asia

• Cyberwar Lessons from the War in Ukraine

• The Benefits of Playing in an Online Casino Singapore

• Amazon Closes Acquisition Of Healthcare Provider One Medical

• Many cyber operations conducted by Russia are yet to be publicly disclosed, says Dutch intelligence

• Researchers find hidden vulnerabilities in hundreds of Docker containers

• New S1deload Malware Hijacking Users’ Social Media Accounts and Mining Cryptocurrency

• Researchers Warn: Cybercriminals Are Targeting Data Center Providers

• The Best ASIC Mining Equipment: Review on The Market

• Twitter and Two-Factor Authentication – Intego Mac Podcast Episode 280

• Winning Combinations: Check Point 2023 CPX Americas Customer Awards

• Fortinet FortiNAC Vulnerability Exploited in Wild Days After Release of Patch

• Cisco Patches High-Severity Vulnerabilities in ACI Components

• Ransomware Hackers Ask Victims For Cyber Insurance Details

• ICO Calls on Accountants to Improve SME Data Protection

• MyloBot Botnet Spreads Globally, 50,000+ Devices Infected Daily

• Russian Invasion Sparks Global Wiper Malware Surge

• Phishing Sites and Apps Use ChatGPT as Lure

• Nudge Security launches SaaS attack surface management capabilities

• CyberGRX Portfolio Risk Findings enables customers to identify riskiest vendors

• Netwrix Privilege Secure eliminates standing privileged accounts across on-premises databases

• Malwarebytes Application Block restricts access to outdated and unsafe apps

• Lacework releases composite alerts feature to help customers identify and remediate threats

• What Are DNS Records? Types and Role in DNS Attacks Mitigation

• Bitwarden’s desktop app now supports passwordless login for web vault

• Meta Prepping Fresh Round Of Layoffs – Report

• Do you know what your supply chain is and if it is secure?

• Bitdefender Premium Security Plus detects threats across multiple operating systems

• Xcitium ZeroDwell Containment isolates all unknown or suspect code entering an organization

• The potential pitfalls of open source management

• CISOs struggle with stress and limited resources

• Insider threats must be top-of-mind for organizations facing layoffs

• Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries

• Russian authorities claim Ukraine hackers are behind fake missile strike alerts

• Datacenters in China, Singapore, cracked by crims who then targeted tenants

• Microsoft ChatGPT usage virtually banned by JPMorgan Chase

• A new Workgroup aims to improve smart home data privacy

• Latest Cyberthreats and Advisories – February 17, 2023

• GuLoader – a highly effective and versatile malware that can evade detection

• GKE Cluster Optimization: 14 Tactics for a Smoother K8s Deployment

• Lawyers join forces to fight common enemy: The SEC and its probes into cyber-victims

• Scott Lundgren and John Spiliotis join NetSPI Board of Directors

• Sublime Security raises $9.8 million to boost email security

• DarkLight partners with Resecurity to improve enterprise cybersecurity posture

• HardBit ransomware tailors ransom to fit your cyber insurance payout

• The 5 most dangerous cyberthreats facing businesses this year

Generated on 2023-02-24 23:55:35.304790