IT Security News Daily Summary 2023-02-28

• How can Vault Vision help secure your company with passwordless login?

• Top benefits of SOAR tools, plus potential pitfalls to consider

• Exfiltrator-22: The Newest Post-Exploitation Toolkit Nipping at Cobalt Strike’s Heels

• Security Architecture Review on a SASE Solution

• House Republicans offer proposal to claw back unemployment modernization funding

• Look for fraudsters to apply COVID-era tricks to new programs

• Texas Public Safety agency sent at least 3,000 driver’s licenses to organized crime group targeting Asian Texans

• LastPass breach tied to hack of engineer’s home computer

• US Marshals Ransomware Hit Is ‘Major’ Incident

• Dish: Someone snatched our data, if you’re wondering why our IT systems went down

• Southern states have the most open cyber exposures, report finds

• Building scalable, cost-effective application security

• The 5 best VPN deals right now: March 2023

• How to export your Bitwarden vault for safekeeping

• Facebook Introduces New Tool To Crack Down On Spread Of Teens’ Intimate Images

• Win for Government Transparency and Immigrant Privacy Rights at Second Circuit

• Understanding Jamstack Security

• How threat intelligence helps SecOps prevent cyberevents before they happen

• U.S. Marshals Service suffers ransomware attack, data breach

• Pig butchering scam explained: Everything you need to know

• Bitdefender released a free decryptor for the MortalKombat Ransomware family

• What is Zero Trust Security? Breaking Down a Zero Trust Architecture

• 5 Challenges Every Engineering Manager Must Overcome

• Embrace SASE With Cisco

• WannaCry Hero & Kronos Malware Author Named Cybrary Fellow

• How to spot and avoid PDF malware

• February 2023 Web Server Survey

• Zero Trust OT Security for Zero Operational Downtime

• Enforce Zero Trust for 5G Security to Work

• Partner Blueprint for Success — Breakaway 1=5

• CrowdStrike 2023 Global Threat Report: Resilient Businesses Fight Relentless Adversaries

• Pen testing report: IT budgets should focus on entire security stack

• LastPass Employee PC Hacked with Keylogger to Access Password Vault

• How SecDevOps Adoption Can Help Save Costs in Software Development

• What Is API-First?

• US Gov. Agencies Have 30 Days to Remove TikTok, Canada Follows Suit

• Pernicious Permissions: How Kubernetes Cryptomining Became an AWS Cloud Data Heist

• Crypto Scammers Game YouTube for Amplification While Keeping Under Radar, Researchers Find

• LastPass breach: Hackers put malware on engineer’s home computer to steal their password

• White House to officially ban TikTok from government devices within 30 days

• Trackd Snags $3.35M Seed Funding to Automate Vuln Remediation

• LastPass Data Stolen in August 2022 Breach Used For December Attack

• First steps in CHERIoT Security Research

• Microsoft Security Experts discuss evolving threats in roundtable chat

• Succession Wealth Fails to Keep Cyber Attackers at Bay

• 7 reasons why Endpoint Security and Response shouldn’t be ignored

• AT&T Cybersecurity announces 2023 ‘Partner of the Year Award’ winners

• NASA tests autonomous aircraft decision tech in Arizona cities

• What’s the best way to ensure your privacy with a web browser?

• Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

• China’s BlackFly Targets Materials Sector in ‘Relentless’ Quest for IP

• U.S. Marshals Service suffers a ransomware attack

• The U.S. Is Now Using Facial Recognition Rigged Drones For Special Ops

• Stupid Patent of the Month: Clocking In To Work—On an App

• Apple iPhone Vulnerability let hackers steal photos, messages and files

• Vulnerabilities Being Exploited Faster Than Ever: Analysis

• Ransomware Attack Hits US Marshals Service

• Ransomware Attack On US Marshalls Compromises Sensitive Information

• LastPass Says Employee’s Home Computer Was Hacked And Corporate Vault Stolen

• Hackers Sat On News Corp For Two Years

• Rapid7’s 2022 Vulnerability Intelligence Report

• Dish Multi-Day Outage Rolls On As Ransomware Fears Grow

• US Chips Act Bars Companies From Expanding In China

• A Tale of Two Insurrections: Lessons for Disinformation Research From the Jan. 6 and 8 Attacks

• On AI-Generated Works, Artists, and Intellectual Property

• U.S. Marshals Service Looking Into Data Theft & Ransomware Attack

• The Buffett test: This chart shows every Club holding’s spending on stock buybacks

• DNA testing biz vows to improve infosec after criminals break into database it forgot it had

• How SMB Protocol Functions and its Susceptibility to Vulnerabilities

• The DoJ Disruption of the Hive Ransomware Group Is a Short-Lived Win

• Our commitment to fighting invalid traffic on Connected TV

• 5 Cybersecurity Trends and Predictions for Secure Online Shopping in 2023 – How to Shop Securely?

• Travelling? These Are 5 Tips For Better Online Safety

• Preventing a USB Killer Threat

• Info-stealer Ransomware hit Government Organisations

• Visa, Mastercard ‘Pause Crypto Partnerships’ Amidst Meltdown

• US Marshals Service Hit By Major Ransomware Attack

• Zero-Day Exploits: The Anatomy of Unexpected Attacks

• Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain

• New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises

• Bitdefender Releases Free MortalKombat Ransomware Decryptor

• LassPass breach: Hackers put malware on engineer’s home computer to steal their password

• ‘Hackers’ Behind Air Raid Alerts Across Russia: Official

• 33 New Adversaries Identified by CrowdStrike in 2022

• New ‘Exfiltrator-22’ Post-Exploitation Framework Linked to Former LockBit Affiliates

• Rapid7: Attackers exploiting vulnerabilities ‘faster than ever’

• LastPass: Keylogger on home PC led to cracked corporate password vault

• Industry Embraces Single-Vendor SASE as Cato Reports Record Growth

• Are our pets leaking information about us?

• Cybersecurity Industry News Review: February 28, 2023

• LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC

• The power of community participation with Faye Francy, Executive Director, Auto-ISAC

• What Must You Do Before Uploading Your Sensitive Data to the Cloud?

• Busting Myths Around Cybersecurity Team Training

• Massive Blaze Shuts Down Apple Supplier Plant In India

• How to Obtain EV Code Signing Certificate for Azure?

• How SlashNext is using generative AI to shut down ChatGPT phishing attacks

• Vouched Raises $6.3 Million for Identity Verification Platform

• Apple Users Need to Update iOS Now to Patch Serious Flaws

• China Is Relentlessly Hacking Its Neighbors

• The future of cyber insurance

• The Buffett test: This one chart shows how much every Club holding spends on stock buybacks

• EU Narrows App Store Charges Against Apple

• US Electric Cooperative Association Launches Commercial OT Security Solution

• Vulnerability in Popular Real Estate Theme Exploited to Hack WordPress Websites

• CrowdStrike: Threat actors shifting away from ransomware

• LastPass: The crooks used a keylogger to crack a corporate password vault

• London Honeypots Being Attacked 2000 Times Per Minute

• Application Security vs. API Security: What is the difference?

• CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog

• Meta Forms AI Team To Compete With ChatGPT

• APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

• Funding Your Business Expansion in 2023: 4 Considerations and Options

• Foxconn Expands In China’s Henan After Factory Disruption

• Phone Attacks and MFA Bypass Drive Phishing in 2022

• Canada Bans TikTok From Government Devices

• Operational Security: 8 best practices to create a comprehensive OPSEC program

• Deepfakes: What they are and tips to spot them

• Experts Spot Half a Million Novel Malware Variants in 2022

• LastPass DevOps Engineer Breached To Steal Password Vault Data

• Critical Flaws in WordPress Houzez Theme Exploited to Hijack Websites

• London Honeypots Attacked 2000 Times Per Minute

• 15 odd and interesting gift ideas for hackers in 2023

• News Corp outfoxed by IT intruders for years

• Need to improve the detection capabilities in your security products?

• Resecurity identified the investment scam network ‘Digital Smoke’

• Russian hacktivists DDoS hospitals, with pathetic results

• CENTRAL BANK DIGITAL CURRENCIES

• How to safely file your taxes online

• US Marshals Service leaks ‘law enforcement sensitive information’ in ransomware incident

• LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

• CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

• Decrypting Cyber Risk Quantification

• Security teams have no control over risky SaaS-to-SaaS connections

• Expert strategies for defending against multilingual email-based attacks

• It only takes one over-privileged identity to do major damage to a cloud

• Ransomware Attack on servers of the US Marshals Service

• LastPass publishes final analysis of hack into password infrastructure

• (ISC)² Research Finds Cybersecurity Professionals to be Least Impacted by Layoffs in 2023

• The ethics of biometric data use in security

• 10 US states that suffered the most devastating data breaches in 2022

• White House: No More TikTok on Gov’t Devices Within 30 Days

• LastPass: The crooks used a keylogger to crack a corporatre password vault

• Vouched raises $6.3 million to enhance its platform

• Red Hat and Samsung partner on new 5G RAN solution

• LiveRamp enhances identity resolution services on Snowflake

• LastPass says employee’s home computer was hacked and corporate vault taken

• SpaceX unveils “V2 Mini” Starlink satellites with quadruple the capacity

• Twitter Payments chief is out as layoffs cut 10% of Twitter staff, report says

• Linux is not exactly “ready to run” on Apple silicon, but give it time

• Facial recognition algorithms hit new accuracy highs in latest NIST test

• Feeling VEXed by software supply chain security? You’re not alone

• Fake ROBLOX and Nintendo game cracks drop ChromeLoader malware

• LastPass: hackers breached the computer of a DevOps engineer in a second attack

• 5 Best Practices for a Multi-Factor Authentication (MFA) Strategy

• 2023 Predictions

• A week in security (February 20 – 26)

• TikTok probed over child privacy practices

• Fighting online censorship, or, encryption’s latest surprise use-case, with Mallory Knodel: Lock and Code S04E05

• How to work from home securely, the NSA way

• Special Report: The State of Software Supply Chain Security 2023

• Configure Kubernetes Health Checks

• Attackers Were on Network for 2 Years, News Corp Says

• Active Digital Identity Apps to Surpass 4.1B by 2027

• IT Security News Daily Summary 2023-02-27

• DevSecOps: The Broken or Blurred Lines of Defense

• Workforce gaps could impact zero trust rollout

• Data to treat the rising cost of prescriptions

• How to create a CSIRT: 10 best practices

• Building an incident response framework for your enterprise

• Wiz Reaches $10B Valuation With Consolidated Cloud Security Platform

• Rights groups push ICE to end contract with LexisNexis

• Cyberattack on Boston Union Results in $6.4M Loss

• LastPass Says DevOps Engineer Home Computer Hacked

• Threat actors leak Activision employee data on hacking forum

• Introducing Exphash: Identifying Malicious DLLs With Export Hashing

• How New Cybersecurity Regulations Are Shaping the Medical Device Industry

• Workforce gaps could impact zero trust roll out

• Vouched Raises $6.3M to Expand AI Identity Verification Offering to Telemedicine and Healthcare

• How to build future-facing ERP

• Dish multi-day outage rolls on as ransomware fears grow

• A Deep Dive into the Evolution of Ransomware Part 3

• Immuta and ServiceNow partner to tackle cloud data visibility crisis

• What’s the secret to getting to the cloud? Just do it

• PureCrypter Malware Targets Governments Through Discord

• Palo Alto Announces Zero-Trust Security Solution for OT

• All CVEs Are Not Created Equal

• How to Reduce Code Risk Using Pipelineless Security

• Mobile Banking Trojans Surge, Doubling in Volume

• Dutch police arrest three cyberextortion suspects who allegedly earned millions

• Cloud security provider Wiz raises $300M for consolidated CSPM/CNAPP platform

• digital signature

• Researchers Discover Nearly 200,000 New Mobile Banking Trojan Installers

• Edgio Strengthens Security Offering With WAAP Enhancements and DDoS Scrubbing Solution

• ThreatHunter.ai Launches “More Eyes” Program to Help Large Organizations Mitigate Cyber Threats

• Summary of Oral Arguments in Rep. Scott Perry Phone Seizure Case

• Researchers Highlight Security Issues With Email Forwarding Protocols

• Facebook Whistleblower Wants To Force The Company To Be More Transparent

• How the Ukraine War Opened a Fault Line in Cybercrime, Possibly Forever

• News Corp Reveals Two-Year-Long Breach

• 5 reasons to adopt a Zero Trust security strategy for your business

• Meta Announces a New AI-powered Large Language Model

• Online Tracking: What Do You Need to Know?

• Challenges With Software Supply Chain & CNAPP

• How to make sure the reputation of your products and company is good

• Integrating Cybersecurity in UX design

• Beware of Malicious 2FA Apps in App Store and Google Play that Deploys Malware

• NCA executive director shares top cybersecurity risks in 2023

• US National Cyber Strategy Pushes Regulation, Aggressive Hack-Back Operations

• Danish Hospitals Struck By Cyberattack From ‘Anonymous Sudan’

• 2023: The Year of AI? A Closer Look at AI Trends

• Ransomware Attack Compromises Indigo Employees’ Data

• Data Breach occurs at Stanford University

• ChromeLoader Malware Poses as Steam, Nintendo Game Mods

• Researchers Share New Insights Into RIG Exploit Kit Malware’s Operations

• Shocking Findings from the 2023 Third-Party App Access Report

• MWC 2023: EU Business Chief Calls For ‘Focus On Future’

• SpaceX Cancels Space Station Crew Launch At Last Minute

• How to use zero trust and IAM to defend against cyberattacks in an economic downturn

• Should organizations swear off open-source software altogether?

• ‘PureCrypter’ Downloader Used to Deliver Malware to Governments

• US Sanctions Several Entities Aiding Russia’s Cyber Operations

• As Social Engineering Attacks Skyrocket, Evaluate Your Security Education Plan

• Signal CEO Signals Signal Will Exit The UK If Law To Weaken Encryption Passes

• China Makes It Even Harder For Data To Leave Its Shores

• Russian Charged With Smuggling US Counterintel Tech

• Microsoft: For Better Security, Scan More Exchange Server Objects

• PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks

• How Much Can the Speech or Debate Clause Protect Mike Pence?

• The Jurisdiction of the New Data Protection Review Court

• 1-15 February 2023 Cyber Attacks Timeline

• News Corp: Hackers sat undetected on its network for 2 years

• Stanford University Data Breach – Ph.D. Admission Data Leaked

• How Breached Companies Become the Face of Change

• Cloud Security Firm Wiz Raises $300 Million at $10 Billion Valuation

• Microsoft Exchange admins advised to expand antivirus scanning

• QNAP starts bug bounty program with rewards up to $20,000

• Advance Your Cybersecurity Career with Toolkits from (ISC)² and BUiLT

• China makes it even harder for data to leave its shores

• Growing Demand For Skilled Cybersecurity Workforce In This Digital Age

• Canada Launches Latest TikTok Data Privacy Probe

• Twitter Cuts 10 Percent Of Staff, Including #SleepWhereYouWork Exec

• US-Led ‘Chip 4’ Alliance Holds First Senior-Level Meeting

• Setting Up an SSL in a Spring Boot Application

• How to Find the Best iGaming Sites to Gamble At in 2023? For Maximum Fun and Profit

• Media Giant News Corp Discloses New Details of Data Breach

• QNAP Offering $20,000 Rewards via New Bug Bounty Program

• Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

• Beware of ChatGPT Clones: A Surge of Fraudulent Apps Exploiting OpenAI’s Chatbot

• Russian charged with smuggling US counterintel tech to Motherland

• Apple iOS Vulnerability Could Expose Users’ Messages And Photos

• Stanford University Discloses Data Breach – Ph.D. Admission Data Leaked

• ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

• FTC reveals alarming increase in scam activity, costing consumers billions

• Resecurity identified the investment scam network Digital Smoke

• Approximately 3 T.B. of U.S. Military Emails were Left Unattended on the Internet

• PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks

• PureCrypter Malware Targets Government Entities in Asia-Pacific and North America

• Missing China Bank Founder ‘Working With Authorities’

• The great power pivot and the intelligence community

• 9 Ways Cyber Attackers are Looking to Exploit Government Agencies in 2023

• The 10 Most Common Website Security Attacks (and How to Protect Yourself)

• Palo Alto Networks Unveils Zero Trust OT Security Solution

• North Carolina Business Magnate Indicted in $2bn Fraud Case

• PureCrypter used to deliver AgentTesla to govt organizations

• The mobile malware threat landscape in 2022

• Dashlane password manager braces for passwordless future

• Australian Battery Start-Up Takes Over Failed Britishvolt

• Governments Targeted by Discord-Based Threat Campaign

• Police Arrest Trio in Multimillion-Dollar Extortion Case

• ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

• Dish Network Offline Following Cyberattack, Staff Disconnected

• Software developers, how secure is your software?

• Find a Provider for Securing Your Company with Passwordless Login

• Hacker Claim Telecom Provider Data Including Source Code, Employee Data Stolen

• Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme

• The importance of synchronizing siloed security solutions

• Wiper malware goes global, destructive attacks surge

• Stay one step ahead: Cybersecurity best practices to prevent breaches

• Foiling intellectual property theft in a digital-first world

• Ransomware attack on Dish Network

• When Low-Tech Hacks Cause High-Impact Breaches

• Third-party risks overwhelm traditional ERM setups

• Top Morningstar strategist names a deeply discounted tech stock, in a sector poised for strong growth

• Contrast Security adds Microsoft Azure Functions support to evaluate serverless risks

• Beware rogue 2FA apps in App Store and Google Play – don’t get hacked!

Generated on 2023-02-28 23:55:27.376255