IT Security News Daily Summary 2023-03-09

• Lawmaker and staffer health data exposed in insurance breach

• AT&T blames marketing bods for exposing 9M subscriber account records

• ThreatBlockr Announces Partnership With Engaged Security Partners

• Keeper Security Issues Top 5 Cybersecurity Tips for 2023 College Basketball Tournament

• Forrester Study Reveals Businesses Are Insufficiently Prepared to Manage Enterprise Risks

• Cryptocurrency is fueling the ransomware boom. Here’s how to protect yourself

• Government still wrestles with digital equity, accessibility

• AT&T Vendor Breach Exposes Data on 9M Wireless Accounts

• IceFire Ransomware Portends a Broader Shift From Windows to Linux

• Congressman Darin LaHood Says FBI Targeted Him With Unlawful ‘Backdoor’ Searches

• Google Fixed Two Critical Vulnerabilities With Android March 2023 Update

• Innovation thrives when governments embrace next-gen public-private partnerships

• Is ransomware declining? Not so fast, experts say

• US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach

• New Rise In ChatGPT Scams Reported By Fraudsters

• US House reps, staff health data swiped in cyber-heist

• Supply Chain Security: What Is SLSA? Part I

• Synthetic storms provide supplemental data for hurricane damage predictions

• Medusa Gang Video Shows Minneapolis School District’s Ransomed Data

• Secure UX based on customer data can be a big advantage in a recession

• Best DevOps, Website, and Application Vulnerability Scanning Tools

• 5 Reasons You Should Care About Unmanaged Assets

• SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers

• Why Traditional Vulnerability Management isn’t Cutting it Anymore

• Hackers leak DC Health Link data with Congress Members’ details

• cyberwarfare

• White House budget proposal includes CX, fraud prevention

• Biden’s budget includes $200M for TMF

• White House budget proposal includes CX, fraud prevention asks

• Custom Chinese Malware Found on SonicWall Appliance

• S3 Ep125: When security hardware has security holes [Audio + Text]

• Who’s Behind the NetWire Remote Access Trojan?

• How to Jump-Start Your Cybersecurity Career

• Inside Threat: Developers Leaked 10M Credentials, Passwords in 2022

• And the Winners of the 2023 Cybersecurity Excellence Awards are …

• Continuous Threat Exposure Management Stops Modern Threats

• Refreshed from its holiday, Emotet has gone phishing

• LastPass Details Security Breach, Hackers Accessed Encrypted Data

• How to minimize security risks: Follow these best practices for success

• Utah’s Governor Should Veto “Social Media Regulations” Bill S.B. 152

• Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks

• Iranian APT Targets Female Activists With Mahsa Amini Protest Lures

• GitHub to introduce mandatory 2FA authentication starting March 13

• Flutterwave Hit by Unknow Hackers Lost Millions of Dollars

• Silvergate Bank To Close Down, Amid FTX Aftermath

• 2 factors make shifts to remote work successful

• 8220 Gang Behind ScrubCrypt Attack Targeting Oracle Weblogic Server

• Best MSP/MSSP Vulnerability Scanning Tool Options

• Best Enterprise Vulnerability Scanning Vendors

• Best Small and Medium-sized Business (SMB) Vulnerability Scanning Tools

• Verifiable Credentials: How has it Changed the Identity Verification Status

• TSA tells US aviation industry to boost its cybersecurity

• Acer Confirms Unauthorized Access But Says No Consumer Data Stolen

• Latest Cyberthreats and Advisories – March 3, 2023

• Top ransomware news headlines trending on Google

• RSA Algorithm: A Trusted Method for Encrypting and Securing Data

• Vulnerability Exposes Cisco Enterprise Routers to Disruptive Attacks

• Why enterprise SecOps strategies must include XDR and MDR

• Best 3 Cloud, Container and Data Lake Vulnerability Scanning Tools

• Critical RCE Bug Opens Fortinet’s Secure Web Gateway to Takeover

• Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

• Red Team vs. Blue Team: What Is It?

• US Chamber Of Commerce Seeks AI Regulation

• TikTok Initiates Project Clover Amid European Data Security Concerns

• 5 Critical Components of Effective ICS/OT Security

• Recently discovered IceFire Ransomware now also targets Linux systems

• Deanonymizing OpenSea NFT Owners via Cross-Site Search Vulnerability

• Demanding Data Privacy Measures, FBI Cyber Agent Urges Users

• Automated Red Teaming: Is It Still Relevant?

• Lawyers For FTX’s Sam Bankman-Fried Hint At Trial Delay

• Beware of Fake Facebook Profiles, Google Ads Pushing Sys01 Stealer

• U.S. House and Senate members Data Hacked, Offered for Sale

• Introducing Avast One Platinum

• What is a Red Teamer? All You Need to Know

• Netherlands To Restrict Some Chip Technology Exports

• Suspected Chinese Cyber Spies Target Unpatched SonicWall Devices

• Dems, Repubs Eye Up Ban On Chat Apps They Don’t Like

• U.S. Chamber Of Commerce Calls For AI Regulation

• Hundreds Of US Lawmakers And Staffers Affected By Data Breach

• Risk Management in Construction Projects: How to Mitigate Potential Issues?

• Jenkins Server Vulnerabilities Chained for Remote Code Execution

• Dozens of Exploited Vulnerabilities Missing From CISA ‘Must Patch’ List

• QuSecure Unveils Quantum-Resilient Communications Satellite Link

• IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks

• Vicious Cycle: How Press Bias Fed FISA Abuse in the Trump-Russia Panic

• The Indian Telecommunication Bill Engenders Security and Privacy Risks

• What TikTok’s Data Decision Means For Cybersecurity

• Gearing up for UK Cyber Week: Helping businesses fight back against cyber crime

• Attacks are Being Outmanoeuvred by AI Cybersecurity in Novel Ways

• Customers’ Accounts Were Exposed in the Verizon breach

• ‘Skinny’ Cyber-Insurance Policies Create Compliance Path

• Netherlands Joins US In China Chip Export Restrictions

• The US RESTRICT Act Gains More Support From Lawmakers

• Fake ChatGPT Chrome extension targeted Facebook Ad accounts

• Google Discontinuing Chrome Tool for Removing Unwanted Software

• Defeating the Deepfake Danger

• Fortinet Patches Critical Unauthenticated RCE Vulnerability in FortiOS

• Understanding the Shared Responsibility Model, Critical Step to Ensure Cloud Security

• Iranian Hackers Target Women Involved in Human Rights and Middle East Politics

• Does Your Help Desk Know Who’s Calling?

• Become your business’s cybersecurity expert

• You Cannot Secure Your Data by Network Penetration Testing

• Acer Confirms Huge 160GB Data Breach

• Congress Members Warned of Significant Health Data Breach

• Cado Security Banks $20M in Series B Funding

• ChatGPT Integrated Into Cybersecurity Products as Industry Tests Its Capabilities

• Watch Sessions: Ransomware Resilience & Recovery Summit

• Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)

• Putin’s Deepfake Campaign: A New Weapon in the War Against Dissent

• ScamBots and ScAmazon – Intego Mac Podcast Episode 282

• Britain Cybersecurity firm issues warning against Microsoft ChatGPT

• Apple Delivers New iPhone 14…In Yellow

• 8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks

• Is your security team concerned with unmanaged devices?

• February 2023’s Most Wanted Malware: Remcos Trojan Linked to Cyberespionage Operations Against Ukrainian Government

• Cloud security platform lands $20M to automate incident response in the cloud

• Flashpoint: Threat vectors converging, increasing damage

• VulnCheck: CISA’s KEV missing 42 vulnerabilities from 2022

• Tehran Targets Female Activists in Espionage Campaign

• There’s A RAT In mi Note, What Am I Gonna Do?

• 10 Best Fan Control Software for Windows 2023 – Optimize Your System’s Cooling

• You better keep this Bitwarden setting turned off

• Revelstoke Security Raises $20 Million for SOAR Platform

• House Members at Risk After Insurer Data Breach

• Fortinet Issues Critical RCE Vulnerability in FortiOS & FortiProxy

• Airlines and Airports Brace for New TSA Cybersecurity Measures Amidst Persistent Threats

• Major Healthcare Data Breach Impacts U.S. House Members

• Lazarus Group Hacks South Korean Financial Entity via Zero-Day Vulnerability

• 100M+ Downloaded Shein App Found Copying Clipboard Content on Android Phones

• Malvertising through search engines

• Silicon Insights: How to Evolve Your Enterprise’s Digital Marketing: Part 1

• Fifth of Government Workers Don’t Care if Employer is Hacked

• CloudBees flaws in Jenkins server can lead to code execution

• Google One expands security features to all plans with dark web report, VPN access

• Do you know what your supply chain is and if it is secure?

• US RESTRICT Act Gains Support, Empowers Biden to Ban Foreign Tech

• New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

• Security Risks of Continuous Deployment and How to Solve Them

• Voices of Women in Cyber – (ISC)² Candidate Nidhi Kannoujia

• White House Cybersecurity Strategy Will Make Big Tech Step Up in Ongoing Cyber Struggle

• The Top Five Most Fun Cybersecurity Mistakes in TV and Movies

• AT&T Cybersecurity announces 2023 ‘Partner of the Year Award’ winners

• Governance of Zero Trust in manufacturing

• CloudBees flaws in Jenkins server can lead to code execution

• How the SYS01 Campaign Uses Multiple Evasion Tactics to Avoid Detection in Cyber Espionage

• Your Cannot Secure Your Data by Network Penetration Testing

• New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

• What CISOs need to understand about document signing

• Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits

• Navigating data classification in the era of extensive cloud adoption

• Inadequate patches and advisories increase cyber risk

• Optiv launches OT cyber services to help organizations identify business-specific OT risks

• 11:11 Managed Backup for Cohesity secures on-premises data

• GrammaTech unveils new versions of its CodeSentry binary SCA platform

• What does your Mac do when it’s sleeping?

• Suspected Chinese cyber spies target unpatched SonicWall devices

• Code42 and SentinelOne partner to reduce the risks associated with insider threats

• Concentric AI collaborates with CTERA to improve data security posture management

• Dems, Repubs eye up ban on chat apps they don’t like

• Establishing a Proactive Cybersecurity Plan

• Gender Diversity in Cybercrime Forums: Women Users on the Rise

• Trust emerges as the path forward for digital assets in 2023

• Organizations are understanding security is key to saving money, says CrowdStrike CEO

• 50% of good jobs are over-credentialed, says Former IBM CEO Ginni Rometty

• DoppelPaymer ransomware group disrupted

• DeepStreamer: Illegal movie streaming platforms hide lucrative ad fraud operation

• Ransomware review: March 2023

• BlackMamba: Using AI To Generate Polymorphic Malware

• Imperva Announces Joining the EDB GlobalConnect Technology Partner Program and Certification of Imperva’s DSF Agents to Support EDB Postgres Advanced Server and Community PostgreSQL Databases

• A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!

• ‘Skinny’ Cyber Insurance Policies Create Compliance Path

• IT Security News Daily Summary 2023-03-08

• Emotet Resurfaces Yet Again After 3-Month Hiatus

• Edgeless Systems Raises $5M to Advance Confidential Computing

• Monitor Azure Virtual Network Manager changes with event logging

• Authenticate With OpenID Connect and Apache APISIX

• How blockchain can improve digital evidence collection and collaboration

• Broadband equity means access and adoption, not just infrastructure rollouts

• TSA issues cybersecurity amendment for aviation industry

• With tablets, hybrid classes inmates prep for cloud jobs

• TSA Issues Urgent Directive to Make Aviation More Cyber Resilient

• Veeam warns to install patches to fix a bug in its Backup & Replication product

• BlackLotus UEFI bootkit Can Bypass Secure Boot on Windows

• IRS CIO moving to Treasury CTO post

• 40% of Global ICS Systems Attacked With Malware in 2022

• Elon Musk Admits “Massive Decline” In Ad Revenue

• Solving the Enduring Pain of Authorization With Aserto’s Co-Founder and CEO, Omri Gazitt

• The best VPN deals right now: March 2023

• The FBI Just Admitted It Bought US Location Data

• Why Healthcare Cybercrime is the Perfect Storm

• 10 iPhone Privacy Settings You Need to Change for Better Security

• AWS Multi-Account Strategy and Landing Zone

• Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware

• Can I Code Without My Laptop

• Access management must get stronger in a zero-trust world

• Google One brings VPN feature to more plans, adds dark web monitoring for personal info

• Russian Influence Duo Targets Politicians, CEOs for Embarrassing Video Calls

• Thank you and goodbye to the Chrome Cleanup Tool

• OSV and the Vulnerability Life Cycle

• AI Takes Center Stage: How Artificial Intelligence is Revolutionizing the Marketing Industry

• Despite the Risk of Ransomware Attacks, Businesses Continue to Pay

• CISA still has work to do to fix agency weaknesses revealed by SolarWinds, watchdog says

• AI-Powered ‘BlackMamba’ Keylogging Attack Evades Modern EDR Security

• Microsoft Tells UK It Will Licence Call Of Duty To Sony For A Decade

• NIST renews cyber center partnership, launches small business focus

• US RESTRICT Act Gains Supports, Empowers Biden to Ban Foreign Tech

• The 8 Best Vulnerability Scanner Tools for 2023

• Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

• 4 best-practices to keep your Windows Server estate secure and optimized

• Mistakes by Threat Actors Lead to Disruption, Not Just Better Blocking

• White House cybersecurity plan collides with SecOps reality

• Lazarus Group Targets South Korean Finance Firm Via Zero-Day Flaw

• In the Jan. 6 Lawsuits, the Justice Department Cuts Trump Loose

• State Legislatures Threaten Right to Anonymous Speech

• Voices of Women in Cyber – (ISC)² Candidate Nidhi Kannoujia

• ChatGPT Added To Salesforce’s Slack

• Lawmaker: Schools need federal advocate to negotiate cyber contracts

• SYS01 Stealer Targets Critical Infrastructure With Google Ads

• North Korea-linked Lazarus APT used a 0-day in a recent attack

• New Info Stealer SYS01 Targets Key Government Infrastructure

• Does Antivirus Detect and Remove All Malware?

• Grace Hopper: The Woman Who Changed How We Code and Test

• U.S. DoD Puts CPD At Heart of Its New Cyber Workforce Strategy

• NSA offers tips to safeguard home networks from cyber attacks

• UK Government Introduces New Data Protection Bill

• Intel Seeks $5 Billion More In Subsidies For German Chip Plant – Report

• New Facebook Malware Is Targeting Government Employees, Business Accounts And More

• Lacework Launches Secured by Women Initiative

• The US Air Force Is Moving Fast on AI-Piloted Fighter Jets

• DarkTrace Warns Of Rise In AI-Enhanced Scams Since ChatGPT Release

• TikTok Unveils New European Data Security Regime

• Info Stealer Targets Facebook Business Accounts

• Acer Confirms Server Intrusion After Miscreant Offers 160GB Cache Of Stolen Files

• The West Accuses TikTok of Espionage & Data Mining

• New MOTW Bypass Method Introduced by LockBit

• The Complete Guide to Apple Watch Bands

• Vulnerabilities In TPM 2.0 Could Expose Cryptographic Keys

• ‘Sys01 Stealer’ Malware Targeting Government Employees

• Biden administration raises software liability questions

• Surge in Cloud Adoption Means a Greater Data Attack Surface for Healthcare and Financial Services

• Plagued by slow internet? Try these 11 ways to speed up your connection

• Rising Public Cloud Adoption Is Accelerating Shadow Data Risks

• Asset Tokenization on Blockchain is the Future of Real Estate?

• BrandPost: Protecting the Edge Is More Important Than Ever

• BrandPost: How 3 Tools Can Revitalize Your Security Strategy

• BrandPost: Is Your XDR Strategy Incomplete?

• How CISOs can do more with less in turbulent economic times

• Hard-coded secrets up 67% as secrets sprawl threatens software supply chain

• Finding Your Grit with Deloitte’s Deborah Golden

• Steps To Planning And Implementation Of Application Security

• International Women’s Day: Only One Fifth of Cybersecurity Leadership Roles filled by Women

• Research Reveals ‘Password’ Still the Most Common Term Used by Hackers to Breach Enterprise Networks

• APT41: Cyberespionage Group Targets Asian Materials Industry

• Hackers Using Facebook Ads to Attack Critical Infrastructure Employees

• Modem vs router: What’s the difference?

• Chrome 111 Patches 40 Vulnerabilities

• Virtual Event Today: Ransomware Resilience & Recovery Summit

• FBI & Pentagon Officials Developed “Truly Unconstrained” Facial Recognition

• Tech Giants Go Cloud-Native Shopping

• A New Emotet Campaign Is Ongoing After a Three-month Break

• International Women’s Day: Must-Watch Webinars by Women in Cybersecurity

• Making the most of your time at the RSA 2023 conference

• Has Adoption of ‘Connected Devices’ Outpaced Security?

• How to Stay GDPR Compliant While Sending Cold Emails

• 160 GB of Acer data is now available for sale on the dark web

• Cloud trends 2023: Cost management surpasses security as top priority

• Syxsense Platform: Unified Security and Endpoint Management

• Can You Use Sublimation Ink for Regular Printing?

• How to Check Twitch Chat Logs: A Comprehensive Guide

• Snapchat Vulnerability Could Allow Deleting Users’ Content Spotlight

• Pros & cons of using free VPNs in 2023

• White House Backs Bill That Could Lead To Nationwide Ban Of TikTok

• Hacker Leaks 73M Records from Indian HDFC Bank Subsidiary

• CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

• TSA Requires Aviation Sector to Enhance Cybersecurity Resilience

• Freenom Suspends Domain Registrations After Being Sued by Meta

• Securing Your Supply Chain Through Cyber Risk Management

• BlackLotus Malware Hijacks Windows Secure Boot Process

• China says it’s ‘puzzled’ after report Germany might ban Huawei from parts of 5G mobile network

• The White House Makes a Step Toward Nationwide TikTok Ban

• Musk Apologises After Mocking Fired Twitter Director

• International Women’s Day: Achieving Gender Parity in the C-Suite and Advancing Equity in the Cybersecurity Industry

• Officials Targeted with Romance Scams and Android Trojans

• Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

• Security 360 Reports Shows That Threat Actors Are Targeting BYOD And Company Devices

• PIM vs PAM vs IAM: What’s The Difference?

• Acer Discloses Data Breach: 160GB of Sensitive Information for Sale

• How IT Consultancy Improves Security?

• Is Uno the first next-generation password manager?

• China-linked APT Sharp Panda targets government entities in Southeast Asia

• Government Claims New UK GDPR Will Save Firms Billions

• The state of stalkerware in 2022

• Steps To Planning And Implementation Of Cloud Security

• Application Security Capability Guide

• Measuring Investment Performance: Common Pitfalls to Avoid

• Securing ways to share workplace passwords

• Cyber-Threat Detections Surge 55% in 2022

• Three Levels of Change: Approval, Purpose, and Careful Monitoring

• What Are Parameter Tampering Attacks?

• Sharp Panda Targets Southeast Asia in Espionage Campaign Expansion

• Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

• Grace Hopper: The Women Who Changed How We Code and Test

• Why performing security testing on your products and systems is a good idea

• VMware NSX Manager bugs actively exploited in the wild since December

• CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

• How STEM education can solve talent shortages, improve cybersecurity

• Three crucial moments when founding a cybersecurity startup

• Boeing signs off anti-jamming tech that keeps satellites online

• 8 Common Cybersecurity issues when purchasing real estate online: and how to handle them

• An assessment of ransomware distribution on darknet markets

• How to gain data access to accounts of our dead near and dear

• PoC Exploit Released For Critical Microsoft Word RCE Bug

• AI is taking phishing attacks to a whole new level of sophistication

• Attackers exploit APIs faster than ever before

• New Kensington privacy screens protect against visual hacking

• Akamai unveils new service and tools to help users reduce attack surface

• Persona Graph proactively surfaces and blocks hidden fraud rings

• ChatGPT’s API Is Here. Let the AI Gold Rush Begin

• Why do Businesses Need to Focus More on Cybersecurity

• SANS Institute and Google collaborate to launch Cloud Diversity Academy

• Alert: Crims are hijacking these DrayTek routers to attack businesses

• Acer confirms server intrusion after miscreant offers 160GB cache of stolen files

• 4 Things You May Not Know About Performance Analytics Technology

• Section 702’s Unconstitutional Domestic Spying Program Must End

• 2023-03-07 – Emotet infection with spambot traffic

• Warning issued over Royal ransomware

• Play ransomware gang leaks City of Oakland data

• DoppelPaymer ransomware group disrupted by FBI and European police agencies

• These DrayTek routers are under actual attack – and there’s no patch

• 6G mobile internet will launch in 2030, telecom bosses say, even as 5G adoption remains low

Generated on 2023-03-09 23:55:28.210059