IT Security News Daily Summary 2023-03-06

• The best travel VPNs of 2023: Expert reviews

• EPA orders US states to check cybersecurity of public water supplies

• Police raids target ‘core’ DoppelPaymer ransomware members

• NSF watchdog warns of ‘other transaction’ pitfalls as funding decisions loom

• Shein Shopping App Glitch Copies Android Clipboard Contents

• DoppelPaymer ransomware suspects cuffed, alleged ringleaders escape

• National cyber strategy ‘promising’ for state, local governments

• Alert: Scammers Pose as ChatGPT in New Phishing Scam

• VR trains responders for mass casualty events

• Police Raid Rounds Up Core Members of DoppelPaymer Ransomware Gang

• Former FBI cyber agent urges all consumers to demand data privacy action

• Modernizing identity access management with zero trust

• Cyberattack Hits Major Hospital in Spanish City of Barcelona

• An Essential Guide To Threat Modeling Cloud Platform

• GuLoader – a highly effective and versatile malware that can evade detection

• What is firewall optimization?

• Meta Cuts Prices For VR Headsets

• Top members of DoppelPaymer Ransomware gang arrested

• Product Security (DevSecOps Practices)

• Sketching out the rules for offensive cyber operations

• This 18-course ethical hacking bundle is under $50

• Police Looking for Russian Suspects Following DoppelPaymer Ransomware Crackdown

• NIST’s Quantum-Proof Algorithm Has a Bug, Analysts Say

• WhatsApp promises to make its usage terms less confusing

• Republicans want to incentivize states to recover stolen unemployment benefits

• New National Cybersecurity Strategy: resilience, regs, collaboration and pain (for attackers)

• SANS Institute Partners With Google to Launch Cloud Diversity Academy

• Faced with likelihood of ransomware attacks, businesses still choosing to pay up

• How to avoid the double-hop problem with PowerShell

• Online Therapy Company Fined For Sharing Private Consumer Data With Facebook

• Hackers Begin Publishing Data Of Oakland City Workers

• EPA releases water systems cyber requirement in tandem with national strategy

• DoppelPaymer ransomware supsects arrested in Germany and Ukraine

• Almost Half of Industrial Sector Computers Affected By Malware in 2022

• In the fragmented insurance landscape, let’s unify customer experience

• Understanding and Resolving a Common Error

• Three ways federal agencies can align with the equity executive order

• How to create an incident response playbook

• EPA Calls For Cybersecurity Improvements in Public Water Systems

• Business-grade routers compromised in low-key attack campaign

• How to make sure the reputation of your products and company is good

• Everything that you Need to Know About Securely Trading on Amazon

• Amazon Pauses Construction At Second HQ In Virginia

• EPA: States must evaluate cybersecurity of public water systems

• Ransomware payments decreased in 2022 as criminals used other extortion tactics

• DoppelPaymer Ransomware Gang Members Busted in Germany, Ukraine

• European police dismantled the DoppelPaymer ransomware gang

• Play Ransomware Starts Leaking Oakland City Data

• Earn CPE Credits For Reading (ISC)² News and Insights With Our Quiz

• Thousands of Websites Attacked Via Compromised FTP Credentials

• Here’s what makes cybersecurity giant Palo Alto Networks tick and why we like the stock so much

• Attack on Oakland City attributed to Play Ransomware

• Southeastern Louisiana University & Tennessee State Hit by Breaches

• Data Exfiltration taking place on Google Cloud Platform without trace

• Apple Lends Globalstar $252m To Aid Satellite-Connected iPhones

• New ATM Malware ‘FiXS’ Emerges

• New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims

• GoodRx, Health Data Brokerage, and the Limits of HIPAA

• Where the New National Cybersecurity Strategy Differs From Past Practice

• The Role of Marketing and PR in Incident Response

• The Role of Verifiable Credentials In Preventing Account Compromise

• From Disinformation to Deep Fakes: How Threat Actors Manipulate Reality

• GoAnywhere MFT Zero Day Disclosures Seem Slow

• The Sketchy Plan To Build A Russian Android Phone

• Secret Service, ICE Break The Law Over And Over Again With Fake Cell Tower Spying

• Chick-fil-A Hack Spells Indigestion For 71K Customers

• FTC: BetterHelp Pushed Users To Share Mental Health Info Then Gave It To Facebook

• Consumers of Chick-fil-A had Grievances Following Account Takeovers

• Information of European Hotel Chain’s Customers Discovered in Unprotected Server

• Zoom Abruptly Fires President Greg Tomb

• Suprbay.org, The Pirate Bay Web Forum Down amid Cyberattack

• New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems

• US government orders States to conduct cyber security audits of public water systems

• European Police, FBI Bust International Cybercrime Gang

• Law Enforcement Triumphs DoppelPaymer Ransomware Gang

• PS4 Controller Won’t Charge – 10 Easy Fixes

• Visa Bolsters Cybersecurity Defenses with AI and Machine Learning

• Law enforcement teams score major win against DoppelPaymer ransomware gang

• What Is Domain Generation Algorithm? Definition and Role in Malware Attacks

• BetterHelp Accused of Sharing Mental Health Data with Advertisers

• Europe Envies America’s Cybersecurity Industry. What Can We Learn from It?

• Expanding Macroeconomic Pressure And Attack Surface Will Drive Security Automation In 2023

• ARM Disappoints UK With Decision To List Only In New York

• 557 CVEs Added to CISA’s Known Exploited Vulnerabilities Catalog in 2022

• Cybercrime Marketplace Leaks Over 2.1 Million Payment Cards

• BetterHelp Shared Users’ Sensitive Health Data, FTC Says

• Ransomware Operators Leak Data Allegedly Stolen From City of Oakland

• Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine

• Top Proxy Vendors USA 2023

• Why Your Business Needs IT Management

• This Algorithm Could Ruin Your Life

• New National Cybersecurity Strategy

• Experts Reveal Google Cloud Platform’s Blind Spot for Data Exfiltration Attacks

• Cloud-Native Threats in 2023

• How to Access and Sign In to an Old Hotmail Account – 7 Easy Steps

• Ericsson Pleads Guilty Over Bribery Charges, Axes 8,500 Jobs

• Cybersecurity M&A Roundup: 35 Deals Announced in February 2023

• Hatch Bank data breach caused by the exploitation of the GoAnywhere MFT zero-day

• PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

• BidenCash Leaks Database with Over 2 Million Stolen Credit Cards

• Prevention-focused SASE Solution is Here: Check Point leads the way, per new Miercom Report

• What is Malware as a Service (MaaS)?

• Stop Working in Silos: Integrating with APIs

• City of Oakland Faces Major Data Leak

• Critical Vulnerabilities Allow Hackers to Take Full Control of Wago PLCs

• UK Government Plans Skills Boost for Public Sector Fraud Fight

• Threat landscape for industrial automation systems for H2 2022

• TPM 2.0 Library Flaws May Affect Billions Of IoT Devices

• FTC Proposes $7.8m Fine for BetterHelp

• Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm

• Software developers, how secure is your software?

• Colour-Blind, a fully featured info stealer and RAT in PyPI

• How to achieve and shore up cyber resilience in a recession

• 6 cybersecurity and privacy Firefox add-ons you need to know about

• Eye4Fraud – 16,000,591 breached accounts

• Third party Cybersecurity risks in securing the supply chain

• Stories from the SOC  – The case for human response actions

• Cisco to acquire Valtix

• Popular fintech apps expose valuable, exploitable secrets

• XIoT risk and the vulnerability landscape

• MQsTTang – Chinese Hackers Using Custom Malware To Evade AV Detection

• OneTrust Certification Automation helps businesses transcend traditional compliance barriers

• iD Tech – 415,121 breached accounts

• Where are the women in cyber security? On the dark side, study suggests

• Understanding Academic Software Solutions

• A Privacy Hero’s Final Wish: An Institute to Redirect AI’s Future

• IT Security News Weekly Summary – Week 09

• IT Security News Daily Summary 2023-03-05

• Credential Stuffing attack on Chick-fil-A impacted +71K users

• How to avoid billion-dollar fines due to unsecured messaging apps

• New CISO appointments, February 2023

• Iron Tiger updates malware to target Linux platform

• BrandPost: It’s Time to Create More Opportunities for Women in Cybersecurity

• HPE to acquire Axis Security to deliver a unified SASE offering

• Nicaragua’s Political Repression Will Continue Despite Prisoner Release

• Dubai’s Crypto Industry Introduces New Licensing Regulations

• A GoAnywhere MFT hack Exposes Hatch Bank’s Data Breach

• Crypto Scammer Monkey Drainer Shuts Down Criminal Operations

• For Your Mid to Large-Sized Firm, Here Are Four Best Cybersecurity Practices

• Digital Resignation is Initial Stage of Safeguarding Privacy Online

• Browser Security report reveals major online security threats

• Beware of Bot Malware: Understanding the Dangers and How to Protect Your Computer

• Best Ways To Change Your Password On A Chromebook

• Stay Ahead of the Game: How AI Can Help You Avoid Cybersecurity Traps

• Week in review: LastPass breach, GCP data exfiltration, UEFI bootkit

• Cyberattack on British Retailer WH Smith Exposes Employees` Data

• Chinese Hackers Are Using a New Backdoor to Deploy Malware

• How Royal Ransomware Could Wreak Havoc on the U.S. Digital Economy

• Scanning Attack: What It Is and How to Protect Your Organization Against It?

• LBB – 39,288 breached accounts

• Cyber Security Management System (CSMS) for the Automotive Industry

• How to use Bitwarden passwords on the go

• Play Ransomware gang has begun to leak data stolen from City of Oakland

• RADIUS server authentication: Old but still relevant

• Security Affairs newsletter Round 409 by Pierluigi Paganini

• Akamai acquires Ondat to strengthen its cloud computing offerings

• Snowflake and AWS expand partnership to drive customer-focused innovation

Generated on 2023-03-06 23:55:21.373932