IT Security News Daily Summary 2023-03-15

• CISA: ‘Multiple threat actors’ used old exploit to access federal agency Servers

• 3 applications driving 5G in public safety

• Microsoft Pins Outlook Zero-Day Attacks on Russian Actor, Offers Detection Script

• DirectDefense Reports the Top Threats From 2022 and What’s Trending for 2023

• Hornetsecurity Launches VM Backup V9

• YoroTrooper APT group targets CIS countries and embassies

• Tell the UK’s House of Lords: Protect End-to-End Encryption in the Online Safety Bill

• One state’s grant management breakthrough

• Humans are still better at creating phishing emails than AI — for now

• Cyberattackers Continue Assault Against Fortinet Devices

• This Is the New Leader of Russia’s Infamous Sandworm Hacking Unit

• Cancer patient sues hospital after ransomware gang leaks her nude medical photos

• The Importance of Modern-Day Data Security Platforms

• Court Finds Facebook “Unlawfully” Used Personal Data Of Dutch Users

• SecurityScorecard Appoints Former US Congressman John Katko As Senior Advisor

• Cancer patient sues hospital after naked photos stolen and posted online

• Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector

• Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns

• How To Use Corporate Cards With Maximum Efficiency For Business

• antivirus software (antivirus program)

• Rubrik discloses data breach, blames Fortra zero-day

• 6 principles for building engaged security governance

• Government employees and defense contractors still have got bad passwords, report says

• Vodafone, Three Near Final Merger Agreement – Report

• TikTok Mulls Split From Beijing-Based ByteDance – Report

• NSA offers new tips on zero trust and identity

• Modernization takes agencies from service providers to service brokers

• Tick APT Group Hacked East Asian DLP Software Firm

• VM-Series Virtual Firewalls Beat Fortinet Fortigate in Miercom Testing

• What’s Next for Prisma SASE with New AI-Powered Innovations

• AI information retrieval: A search engine researcher explains the promise and peril of letting ChatGPT and its cousins search the web for you

• For credentials, these are the new Seven Commandments for zero trust

• NSA Shares Guidance on Maturing ICAM Capabilities for Zero Trust

• “FakeCalls” Android Malware Targets Financial Firms in South Korea

• GoatRAT Android Banking Trojan Targets Mobile Automated Payment System

• Meet Data Privacy Mandates With Cybersecurity Frameworks

• Beyond Identity launches Zero Trust Authentication to align verification with zero-trust principles

• Palo Alto announces new SD-WAN features for IoT security, compliance support

• Cybercriminals target SVB customers with BEC and cryptocurrency scams

• Dell beefs up security portfolio with new threat detection and recovery tools

• BrandPost: Reduce, reuse, recycle: Bad actors practicing the three Rs

• Humans Still More Effective Than ChatGPT at Phishing

• Earn CPE Credits For Reading (ISC)² News and Insights With Our Quiz

• 10 Ways B2B companies can improve mobile security

• Integrating Cybersecurity in UX design

• AT&T Cybersecurity announces 2023 ‘Partner of the Year Award’ winners

• Feds seek input on how to create semiconductor hubs

• Are Encryption and Zero Trust Breaking Key Protections?

• Chinese Cyberspies Hacked DLP Company Serving Military, Government Orgs

• US Charges Two Men Over Use of Hacked Law Enforcement Database for Doxing

• Rubrik Admits Data Theft In GoAnywhere Zero-Day Attack

• Cloudflare Fraud Detection will provide precise tools to detect, categorize fraud

• Cerebral Admits to Revealing Patient Information to Meta, TikTok, and Google

• Microsoft SmartScreen vulnerability delivers Magniber Ransomware

• Amazon Sets 2024 For Launch Of Project Kuiper’s Satellite Service

• Microsoft Patch Tuesday, March 2023 Edition

• CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

• Using Employment Offers, North Korean Hackers Target Security Researchers

• How Scammers Trap Businesses

• UK Mulls TikTok Ban On Government Devices

• Silicon In Focus Podcast: The State of 5G

• AI-Generated Voice Deepfakes Aren’t Scary Good—Yet

• PEN-200 (PWK): Updated for 2023

• Cookie Clicker Garden Guide to Unlocking Every Seed – Quick Tutorial

• Exploring the impact of Machine Learning on Horse Racing Betting Strategies

• Protect against cyberattacks with the new Azure Firewall Basic

• Meet the 2023 (ISC)² Bylaws Committee

• Psychological Tactics Used by Cybercriminals to Conduct Malicious Activities

• How to View Your Google Chrome Saved Passwords

• (Ab)using Adobe Acrobat Sign to distribute malware

• Forget the hybrid cloud; it’s time for the confidential cloud

• Dero, Monero Cryptojackers Fighting for Same Kubernetes Clusters

• Russian Cyberspies Abuse EU Information Exchange Systems in Government Attacks

• Top 30 incident response interview questions

• YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

• Tesla App Lets Man Accidentally Steal A Model 3 That Wasn’t His

• Dutch Court Finds Facebook Misused Data In Class Action Suit

• Crims Exploit Microsoft, Fortinet Flaws Before Any Patches Exist

• Pair Accused Of Breaking Into US Law Enforcement Database, Posing As Cops

• UK Security Minister Scrutinizes TikTok App Over Security Threats

• Pair accused of breaking into US law enforcement database, posing as cops

• Why Security Practitioners Should Understand Their Business

• Social Media Isn’t a Public Function, but Maybe the Internet Is

• Logistical Lessons From Ukraine—and What It Means for Taiwan

• What is Reverse Tabnabbing and What Can You Do to Stop It?

• SMBs Orgs Want Help, but Cybersecurity Expertise Is Scarce

• MyCena Strengthens Payment Cards Storage And Access Security In Card Processing Businesses To Reduce Fraud

• SnapDragon Monitoring eyes international growth after sharp increase in turnover

• OpenAI Announces ChatGPT Upgrade Called GPT-4

• OpenAI Announces GPT-4, the Successor of ChatGPT

• Dell launches new security offerings for data protection, MDR

• GOBruteforcer: an Active Web Server Harvester

• Singapore businesses stumbling over what security culture entails

• Hawaii Health Department Says Death Records Compromised in Recent Data Breach

• SAP Releases Five ‘Hot News’ Notes on March 2023 Patch Day

• The Rise of the BISO in Contemporary Cybersecurity

• Are We Doing Enough to Protect Our Unstructured Data?

• AI-Generated Voice Deep Fakes Aren’t Scary Good—Yet

• Data loss prevention company hacked by Tick cyberespionage group

• How Mirel Sehic relies on simplicity to focus on product security

• Fans of Last Of Us warned of rising phishing and malware scams

• Most Common Remote Work Security Risks

• SAP Fixes Five Critical Vulnerabilities With Newly Released Security Update

• LockBit Ransomware Claims to Have Stolen SpaceX Data from One of Its Contractors

• The Future of VIN Decoding: How AI and Machine Learning are Transforming the Automotive Industry

• Security Firm Rubrik breached by Clop gang through GoAnywhere Zero-Day exploitation

• Meta To Layoff Another 10,000 Staff

• Can your SASE solution block these top malware?

• User forgetfulness drives preference for biometrics over passwords

• Data Security Firm Rubrik Targeted With GoAnywhere Zero-Day Exploit

• The World’s Real ‘Cybercrime’ Problem

• A Spy Wants to Connect With You on LinkedIn

• YoroTrooper Cyberspies Aims At EU Embassies, CIS Energy Orgs

• Security Organization Rubrik Affected by the GoAnywhere Zero-day Attacks

• UK Bank Limits Crypto Payments to Smother Fraud

• The Different Methods and Stages of Penetration Testing

• New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

• Get 3 years of rock-solid protection with Surfshark VPN for $83.99

• Phishing Campaigns Use SVB Collapse to Harvest Crypto

• Business on the dark web: deals and regulatory mechanisms

• Wanna Make Your Smartphone Last Longer? Here’s What To Do

• Threat Actors Deliver Malware Using AI-Generated Youtube Videos

• What are Rootkits? How to prevent them

• What is CSAF (Common Security Advisory Framework)?

• Microsoft Patches Two Zero Days This Month

• Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

• Key aerospace player Safran Group leaks sensitive data

• What You Can Learn from the World’s Biggest Ransomware Attacks

• Tailscale: Fast and easy VPNs for developers

• Why performing security testing on your products and systems is a good idea

• Respecting Privacy and Data Protection: World Consumer Rights Day

• India to use Artificial Intelligence to curb power thefts and check usage

• Latest Cyberthreats and Advisories – March 3, 2023

• Guiding publications for US strategy on Quantum Information Science (QIS)

• How to switch from LastPass to RoboForm password manager

• So, you want to deploy air-gapped Kubernetes, huh?

• Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

• SVB collapse’s mix of money, urgency and uncertainty makes it irresistible to scammers

• Best practices for securing the software application supply chain

• Exfiltration malware takes center stage in cybersecurity concerns

• Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

• Top 50 most impersonated brands by phishing URLs

• Startpage enhances search features to make privacy accessible to anyone

• Tanium expands XEM platform with enhanced device and policy management

• Motorola Solutions releases new Avigilon security suite to improve enterprise security

• Concentric AI’s DSPM solution detects sensitive or business critical content

• China sought control of submarine cables to spy, says Micronesia

• Still using authenticators for MFA? Software for sale can hack you anyway

• Two U.S. Men Charged in 2022 Hacking of DEA Portal

• Beyond Price Point: Analyzing Differences in Cloud Storage Options

• Canonical collaborates with MediaTek to optimize Ubuntu for IoT innovations

• Cloudflare integrates with Atlassian, Microsoft, and Sumo Logic to boost zero trust security

• Microsoft fixes two 0-days on Patch Tuesday – update now!

• What is Network Security? Definition, Threats & Protections

• How Patch Tuesday Keeps the Beat After 20 Years

• LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries

• Crims exploit Microsoft, Fortinet flaws before any patches exist

• How To Use Artificial Intelligence to Ensure Better Security

• “Just awful” experiment points suicidal teens at chatbot

• Clop ransomware is victimizing GoAnywhere MFT customers

• Crims find Microsoft and Fortinet flaws before the vendors issue fixes

• LockBit Ransomware Claims Data Breach at SpaceX Contractor

• IT Security News Daily Summary 2023-03-14

• Optiv More Than Doubles Federal Presence With ClearShark Acquisition

• Microsoft Patch Tuesday fix Outlook zero-day actively exploited

• USDS alum Lynn Overmann talks priorities in new role as Beeck Center’s director

• Microsoft Zero-Day Bugs Allow Security Feature Bypass

• Camozzi Group and Radiflow Announce Collaboration on Industrial Systems Cybersecurity

• Digital Rights Updates with EFFector 35.3

• Product Review of SpecOps Password Policy

• CISA launches pilot to spot ransomware vulnerabilities

• The best VPN trials of 2023: Top VPNs to test for free

• Samsung Next Invests in Mitiga, Brings Total Funding to $45M

• Don’t Rely Solely on Privileged Access Management (PAM) To Secure Your Accounts

• Health info exchange streamlines foster care services

• Attack campaign on edge appliance: undetected since 2021 and resists firmware update

• Learn the basics of cybersecurity with this $60 web-based training package

• An assessment of ransomware distribution on darknet markets

• Broken Object Level Authorization: API security’s worst enemy

• Password mismanagement still at the heart of security issues

• How agencies can help constituents find accurate information quicker

• VERT Threat Alert: March 2023 Patch Tuesday Analysis

• Microsoft Patches 80 Security Vulns, Warns of Outlook Zero-Day Exploitation

• Microsoft SmartScreen Zero-Day Exploited to Deliver Magniber Ransomware

• Lawsuit Claims That Mark Zuckerberg Knew About Facebook Addiction Problems

• CISA Trials Ransomware Warning System for Critical Infrastructure Orgs

• LockBit Threatens to Leak Stolen SpaceX Schematics

• Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)

• A Complete Guide on ERR_SSL_PROTOCOL_ERROR

• CrowdStrike report shows identities under siege, cloud data theft up

• Microsoft squashes Windows bug exploited to inflict ransomware misery

• Why it’s time for a pivot on digital identity

• Adobe fixed ColdFusion flaw listed as under active exploit

• Upcoming Speaking Engagements

• Windows SmartScreen proves to be dumb – zero-day bug fixed after Google alert

• Magniber ransomware actors exploiting Microsoft zero day

• Adobe Warns of ‘Very Limited Attacks’ Exploiting ColdFusion Zero-Day

• information security (infosec)

• Firefox 111 patches 11 holes, but not 1 zero-day among them…

• Access Control Gap in Microsoft Active Directory Widens Enterprise Attack Surface

• From Power Plants to eWallets: The role of ZTNA in the gig economy

• Beware of Fake Calls! It’s not really your bank calling. Check Point Research draws attention to a new Android Malware

• How to use free satellite data to monitor natural disasters and environmental changes

• YoroTrooper Espionage Campaigns Target CIS, EU Countries

• Who Is Responsible for the NetWire Remote Access Trojan?

• DEV-1101 Updates Open Source Phishing Kit

• How Businesses Can Get Ready for AI-Powered Security Threats

• White House seeks $74 billion for federal civilian IT in 2024

• A new federal program looks to connect smart buildings with smart policy

• CISA Creates New Ransomware Vulnerability Warning Program

• How AI Could Write Our Laws

• ADC’s New Argentina Report Flags How ISPs Can Do More for Users’ Data Privacy

• Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

• AI being used for destruction by China

• Researchers Investigating $197 million heist from Euler Finance

• Hackers Steal $199m From UK Crypto Start-Up Euler Labs

• Ransomware Group Claims Theft of Valuable SpaceX Data From Contractor

• Deepfakes, Synthetic Media: How Digital Propaganda Undermines Trust

• DEV-1101 AiTM phishing kit is fueling large-scale phishing campaigns

• SVB Collapse: An Attackers Paradise you Should Beware of

• Discord Upgraded Their Privacy Policy

• NatWest Adds Crypto Limits As Scams Proliferate

• ALPHV ransomware gang claims it has hacked Amazon’s Ring

• Fake ChatGPT Chrome Extension with Thousands of Installs Steal Facebook Logins

• DevSecOps: The Future of Secure Software Development

• Attackers Turn To AI Generated YouTube Videos To Spread Info Stealers

• Botnet That Knows Your Name And Quotes Your Email Is Back With New Tricks

• LockBit Brags They Will Leak Thousands Of SpaceX Blueprints

• Zoll Medical Says Intruders Had Access To 1M+ Patient, Staff Records

• Employees Are Entering Sensitive Business Data Into ChatGPT

• What Is Cyber Essentials and How Can Heimdal Help Your Organization Achieve CE Compliance?

• FBI’s Report Shows: Investment Fraud Caused Loses of Over $3 Billion in 2022

• KamikakaBot Malware Used to Attack Southeast Asian Government Agencies

• Patch Tuesday March 2023 – Microsoft Releases Fixes for 23 Vulnerabilities

• LastPass Breach: CISA Warns of Exploited Plex Bug

• Targeting Businesses Globally, the Medusa Ransomware Gang Gains Momentum

• CISA Program Warns Critical Infrastructure Organizations Vulnerable to Ransomware Attacks

• How the Best CISOs Drive Operational Resilience

• Digitizing the Battlefield: Using Social Media to Track U.S. Weapons in Ukraine

• Breaking Down a Cyberattack, One Kill Chain Step at a Time

• ICS Patch Tuesday: Siemens, Schneider Electric Address Over 100 Vulnerabilities

• Cloud Forensics Startup Mitiga Completes $45M Series A

• ChatGPT and the Growing Threat of Bring Your Own AI to the SOC

• Why Healthcare Boards Lag Other Industries in Preparing for Cyberattacks

• ReversingLabs adds new context-based secret detection capabilities

• 1 Million People Affected By Zoll Medical Data Breach

• BYD Rules Out UK EV Plant ‘Because Of Brexit’

• What You Need to Know to Create a Winning Hybrid Workplace

• Stalkerware has grown by 239% worldwide over the past three years

• Orgs Have a Long Way to Go in Securing Remote Workforce

• CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs

• Elon Musk, BYD Deny Reported Battery Split

• Fortinet Finds Zero-Day Exploit in Government Attacks After Devices Detect Integrity Breach

• Ring Denies Falling Victim to Ransomware Attack

• The Prolificacy of LockBit Ransomware

• GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks

• Advanced actor targets Fortinet FortiOS in attacks on govt entities

• Artificial Intelligence, Virtual Courts, and Real Harms

• How to Stay Ahead of Device Certificate Expiration

• Cloud incident response nets another $45M with Mitiga’s latest funding

• LastPass not the last password manager? Tips for switching password managers

• Telehealth startup shares your data with tech giants

• India ‘Considers’ Mandatory Smartphone Security Screening

• NetWire Remote Access Trojan Maker Arrested

• What actually is database integrity?

• Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

• Ubuntu Core now compatible with the Arm SystemReady IR systems specification

• LA Housing Authority Suffers Year-Long Breach

• The Revolutionizing Power of AI In Cybersecurity

• Almost half of IT leaders consider security as an afterthought, research reveals

• $197 Million in Cryptocurrency Stolen in Euler Finance Attack

• 16-28 February 2023 Cyber Attacks Timeline

• Bitcoin Surges 20 Percent After SVB Fiasco

• Report: Hackers leaked over 721 million passwords in 2022

• UK Crypto Firm Loses $200m in Cyber-Attack

• Cybersecurity Industry News Review – March 14, 2023

• Tim Cook ‘Pushed Forward’ Apple VR Headset Launch

• California Court Says Uber, Lyft Workers Are Contractors

• MI5 Launches New Agency to Tackle State-Backed Attacks

• Why Do My Apps Keep Crashing on Android? – Troubleshooting Tips

• Need to improve the detection capabilities in your security products?

• Dissecting the malicious arsenal of the Makop ransomware gang

• UK refreshes national security plan to stop more of China’s secret-stealing cyber-tricks

• Kali Linux 2023.1 Released With Tools for Blue and Purple Teams

• We can’t wait for SBOMs to be demanded by regulation

• Educating girls on how to be their own cyber hero

• Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities

• Cyber Attack news headlines trending on Google

• Security in the cloud with more automation

• Organizations need to re-examine their approach to BEC protection

• The rise of AI threats: Is your business prepared to face ChatGPT?

• Product showcase: Permit.io – Application-level permissions with a no-code UI

• Latest Cyberthreats and Advisories – March 10, 2023

• 8 Common Cybersecurity issues when purchasing real estate online: and how to handle them

• This Texas Bill Would Systematically Silence Anyone Who Dares to Talk About Abortion Pills

• Adtran and Satelles offer new levels of security for synchronization network infrastructure

• ZTNA vs VPN: Secure Remote Work and Access

• A week in security (March 6 – 12)

• Breast cancer photos published by ransomware gang

• WhatsApp refuses to weaken encryption, would rather leave UK

• “Brad Pitt,” a still body, ketchup, and a knife, or the best trick ever played on a romance scammer, with Becky Holmes: Lock and Code S04E06

• LockBit brags: We’ll leak thousands of SpaceX blueprints stolen from supplier

Generated on 2023-03-15 23:55:31.833876