IT Security News Daily Summary 2023-03-17

• Hitachi Energy breached by Clop gang through GoAnywhere Zero-Day exploitation

• Innovating during a regulatory wave

• Update – New Process for (ISC)² Exam Registration

• DeveloperWeek 2023: The Enterprise Community Sharing Security Best Practices

• Assistive AI can revolutionize public safety collaboration

• Cloud Security Alliance (CSA)

• Friday Squid Blogging: New Species of Vampire Squid Lives 3,000 Feet below Sea Level

• Treating public health disconnects with interoperable data

• Microsoft Azure Warns on Killnet’s Growing DDoS Onslaught Against Healthcare

• Google: Turn off Wi-Fi calling, VoLTE to protect your Android from Samsung hijack bugs

• Chinese Hackers Exploiting 0-day Vulnerability in Fortinet Products

• Remember user experience in the zero trust journey

• Prancer Announces Integration With ChatGPT for Enhanced Security Assessments

• Eufy security cams ‘ignore cloud opt-out, store unique IDs’ of anyone who walks by

• Microsoft Outlook Vulnerability Could Be 2023’s ‘It’ Bug

• How to prevent data theft by existing and departing employees

• FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps

• Fake Telegram and WhatsApp clones aim at crypto on Android and Windows

• How banking turmoil raises the risk of cyberattacks

• McAfee Invoice Fraud Email Pretending to be a Subscription Renewal Receipt

• The Marines are launching a software factory

• Dangerous Android phone 0-day bugs revealed – patch or work around them now!

• How security access service edge (SASE) can improve performance and security for hybrid workforces

• Telegram, WhatsApp Trojanized to Target Cryptocurrency Wallets

• Technology Firms Delivering Much-Sought Encryption-in-Use

• Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm

• Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips

• Healthcare Firm ILS Alerts 4.2 Million People Of Data Breach

• Exfiltration Malware: At the Forefront of Cybersecurity Issues

• Latest Cyberthreats and Advisories – March 17, 2023

• Cybersecurity Industry News Review – March 14, 2023

• SVB’s collapse is a scammer’s dream: Don’t get caught out

• Latitude Financial Services Data Breach Impacts 300,000 Customers

• Top 5 Cyber Insurance Companies for 2023

• HinataBot, a new Go-Based DDoS botnet in the threat landscape

• Cl0p ransomware gang claims the hack of Shell, Bombardier, and Stanford U

• Hitachi becomes the next victim after a ransomware attack on GoAnywhere software

• Estonia’s e-governance revolution is hailed as a voting success – so why are some US states pulling in the opposite direction?

• Free decryptor released for Conti-based ransomware following data leak

• What Is Stack Smashing?

• SVB Collapse: A Stark Warning for Technology and Cybersecurity Startups!

• Microsoft Adds OpenAI Tech ‘Copilot’ To Word, Excel

• New ‘Trigona’ Ransomware Targets US, Europe, Australia

• US Government Warns Organizations of LockBit 3.0 Ransomware Attacks

• How access management helps protect identities in the cloud

• Best VPN for streaming in 2023: Unblock Netflix and more

• iPhone or Android slow or buggy? Do this one simple thing every week

• Top 5 Insider Threats to Look Out For in 2023

• Beyond Identity Officially Announces the Release of ‘Zero Trust Authentication’

• Cloud Data Theft is Booming According to CrowdStrike

• Threat Actors Hack US Federal Agency Using Telerik Bug to Steal Data

• Bitwarden addresses autofill issue that could be exploited to steal logins

• The One Place IT Budget Cuts Can’t Touch: Cybersecurity

• Meta Proposes Revamped Approach to Online Kill Chain Frameworks

• The Ethics of Network and Security Monitoring

• Here’s How Chinese Cyber Spies Exploited A Critical Fortinet Bug

• Health Leaders Push Feds For Cybersecurity Requirements

• 18 Zero-Day Flaws Impact Samsung Android Handsets, Wearables And Telematics

• Federal Agency Leaves Flaw Unpatched For 4 Years And Gets Hacked

• Samsung, Vivo, Google phones open to remote compromise without user interaction

• 5 Ways Heimdal® Protects You From DNS Attacks

• Growing Threat From Deep Fakes and Misinformation

• China-linked APT likely linked to Fortinet zero-day attacks

• New Zealand Moves To Ban TikTok On Its Parliament Devices

• Fake Calls Android Malware Attacking Android Users to Steal Banking Details

• A More Democratic Foreign Policy Is Possible

• Neglect for Human Rights Helped Produce the Crisis in Tunisia

• AI imager Midjourney v5 stuns with photorealistic images—and 5-fingered hands

• Federal agency hacked by 2 groups thanks to flaw that went unpatched for 4 years

• Where did FTX customer money go? Firm says Bankman-Fried took $2.2 billion

• Should You Wait for Wi-Fi 7 Before Upgrading Your Router?

• Sam Bankman-Fried Allegedly Received $2.2 Billion From FTX Entities

• New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

• THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter

• AI-Generated YouTube Videos Spread Raccoon, RedLine, and Vidar Info-stealers

• Google Glass Ends For Business Users

• A New Security Category Addresses Web-borne Threats

• TikTok to be banned from UK Government Phones

• A Present As An Investment

• Exploitation of Recent Fortinet Zero-Day Linked to Chinese Cyberspies

• New Espionage Group ‘YoroTrooper’ Targeting Entities in European, CIS Countries

• Should Your Organization Be Worried About Insider Threats?

• CNAPP in a Snap — How Agentless Workload Posture Improves Security Velocity

• Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware

• The importance of updating software and applying patches

• ICO Reprimands Metropolitan Police for Data Snafu

• ChipMixer Crypto Mixer Shutdown By German & US Authorities

• Makop Ransomware: The Arsenal of Cybercriminals Becomes Known

• BianLian Ransomware: The Dangerous Shift Toward Pure Data Extortion

• SXSW 2023: Protecting your digital identity in cyber warfare

• Russian Military Preparing New Destructive Attacks: Microsoft

• Turbocharge your IT career with cybersecurity training for just $50

• Vishing Campaign Targets Social Security Administration

• DDoS-as-a-service Attacks. What Are They and How Do They Work?

• Latest Cyberthreats and Advisories – March 17, 2023

• Get Ready for 2023: Top Online Games To Expect This Year

• All GTA Games in Order of Release Date – A Grand Retrospective

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

• Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

• New infosec products of the week: March 17, 2023

• How healthcare CISOs can automate cloud security controls

• SVB account holders targeted with phishing, scams

• Hackers shifting cybercrime focus towards smart phones and tablets

• Most security pros turn to unauthorized AI tools at work

• How ChatGPT is changing the cybersecurity game

• Voices of Women in Cyber – (ISC)² Candidate Nidhi Kannoujia

• International Women’s Day: Must-Watch Webinars by Women in Cybersecurity

• Grace Hopper: The Woman Who Changed How We Code and Test

• Elevate Identity enables security teams to automate customization of conditional access policies

• Tracking the global spread of malware

• Atakama Enterprise protects unstructured data against exfiltration

• HYPR launches Enterprise Passkeys for Microsoft Azure

• Perception Point adds DLP capabilities to detect, prevent, and remediate web threats

• Dell’s new security offerings help enterprises secure their devices, systems and clouds

• BIgID’s secrets detection capabilities reduce risk from potential data breaches and leaks

• Feds arrest and charge exiled Chinese billionaire over massive crypto fraud

• Trustwave partners with Trellix to improve detection and response for security teams

• Lessons on Career Growth with AT&T Cybersecurity CMO, Jill Sanders

• Here’s how Chinese cyber spies exploited a critical Fortinet bug

• Microsoft Targets Critical Outlook Zero-Day Flaw

• Veeam and Carahsoft provide the public sector with modern data protection solutions

• CyberGRX integrates with ServiceNow to develop risk-reducing programs

• Managing Risk in Crypto Trading: Techniques for Minimizing Your Exposure to Market Volatility

• APT Actors Exploited Telerik Vulnerability in Govt IIS Server – CISA

• AWS IP Address Management

• Ransomware attack hits ANOTHER school

• Hackers threaten to leak STALKER 2 assets if devs don’t heed demands

• Facebook illegally processed user data, says court

• Emotet adopts Microsoft OneNote attachments

• 10 Network Security Threats Everyone Should Know

• Baseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hack

• What Policymakers Need to Know About the First Amendment and Section 230

• Microsoft Outlook Zero-Day Vulnerabilities Exposed

• IT Security News Daily Summary 2023-03-16

• FTX inner circle helped itself to $3.2B, liquidators say

• Use After Free: An IoT Security Issue Modern Workplaces Encounter Unwittingly

• Securing Collaboration at the Speed of Business

• Sell tickets to Fans, Not to Bots.

• Patient’s STD Test Results Posted To Facebook After Privacy Breach

• Leveraging Behavioral Analysis to Catch Living-Off-the-Land Attacks

• Policy as Code vs Compliance as Code

• 3 Ways to Evolve Your Cybersecurity Operations

• The Biden administration may eye CSPs to improve security, but the real caveat emptor? Secure thyself

• Project Zero: Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Exploits

• Government Hasn’t Justified a TikTok Ban

• Over $10bn Lost To Online Frauds – FBI Internet Crimes 2022 Report

• Got Conti? Here’s the ransomware cure to avoid paying up

• How to build a trustworthy election system

• US Marshals Service Data Sold on Russian Hacker Forum

• VA, Oracle are negotiating a five-year option on troubled health record software contract

• FDIC fails to establish effective controls to secure sensitive data, report says

• $3B Crypto-Mixer Money Laundering Operation Seized by Cops

• Microsoft sheds light on a year of Russian hybrid warfare in Ukraine

• A zero-trust roadmap for cybersecurity in manufacturing — from a 98-year-old company

• S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]

• $3B Crypto Laundering Operation Seized by Cops

• Samsung To Spend $228 Billion On South Korean Chip Plant

• Why community digital equity discussions should be in person

• The best VPN deals right now: March 2023

• The best security keys of 2023: Expert tested

• Threat Actors Changing Tactics

• Penetration Testing with Kali Linux 2023 released: New modules, exercises, challenges (PEN-200)

• Civil Society Organizations Urge Ghana’s Parliament to Reject Repressive Anti-LGBTQ+ Bill

• Cybersecurity company SentinelOne beats earnings estimates: ‘a great year for us’

• Critical Microsoft Outlook Bug PoC Shows How Easy It Is To Exploit

• VA, Oracle negotiate five-year option on troubled health record software contract

• ChatGPT could make phishing more sophisticated

• Meta Develops New Kill Chain Thesis

• Senator Warner on the Restrict Act and a US TikTok Ban

• Cybercriminals Devising More Tactics For Phishing Attacks

• Future-Proofing Your Business Against Insider Threats

• February 2023 Cyber Attacks Statistics

• TSMC Founder Backs US Efforts To Slow China’s Chip Sector

• Crypto exchange Fiatusdt leaked trove of users KYC data

• 5 Common Firewall Misconfigurations and How to Address Them

• US Government IIS Server Breached via Telerik Software Flaw

• Change Is Coming to the Network Detection and Response (NDR) Market

• Guild Education controls API abuse with Salt Security

• Can a Barista Become Your Next SOC Analyst?

• Cybersecurity Industry News Review: March 7, 2023

• 2022 Industry Threat Recap: Manufacturing

• New York City tech chief Matt Fraser commands attention

• ChipMixer Crypto Laundromat Shut Down By German, US Authorities

• Polish intelligence dismantled a network of Russian spies

• TikTok Banned From UK Government Phones

• CISA Urgent Warning: Adobe ColdFusion Bug Exploited As A Zero-day in the Wild

• Poland Breaks up Russian Spy Ring

• Mozilla Patches High-Severity Vulnerabilities With Release of Firefox 111

• U.S. federal agency hacked via 3-year-old Telerik UI flaw

• UK Joins US, Canada, Others in Banning TikTok From Government Devices

• BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion

• Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

• YouTube becomes a heaven to malware stealers

• Rapid7 Acquires Minerva Labs to Extend Leading Managed Detection and Response Service

• New Malware Sample Of Defunct TeamTNT Threat Group Raises Concerns

• Bad Actors Exploited RCE In Progress Telerik To Hack US Agency

• Security Firm Rubrik Is Latest To Felled By GoAnywhere Vulnerability

• UK.gov bans TikTok from its devices as a ‘precaution’ over spying fears

• Enterprise Attack Surface Widening Access Control Gap in Microsoft Active Directory

• After Hundreds of Penetration Tests, Here are Top 5 Lessons

• Stay Alert Against Messages Like ‘Account Suspended, Update PAN’

• Microsoft: 17 European Nations Targeted by Russia in 2023 as Espionage Ramping Up

• Webinar Today: How to Build Resilience Against Emerging Cyber Threats

• CISA Seeks Public Opinion on Cloud Application Security Guidance

• Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

• U.S. Releases Footage Of Drone Crash With Russian Jet Over Black Sea

• Cybercriminals Exploit SVB’s Downfall for Phishing

• Ring Data Breach: What you Need to Know About the Home Security Company Attack

• 5 Ways to Fight School Ransomware Attacks

• Water Wars: Marcos Vows Philippines ‘Will Not Lose One Inch of Its Territory’ in the South China Sea

• Integrating the Art and Science of Wargaming

• Budget 2023: Industry Reaction To Quantum Investments etc

• What Does a Network Security Engineer Do?

• How the Pentagon mobilized to support tech startups after bank failure

• Data Breach at Independent Living Systems Impacts 4 Million Individuals

• Make Your Picks: Cyber Madness Bracket Challenge Starts Today

• NCSC Calms Fears Over ChatGPT Threat

• US Federal Agency Hacked By Exploiting Telerik Vulnerability in IIS Server

• Australia’s Latitude Financial Hit by Cyberattack, Exposing 328K Client Data

• SASE 101: Understanding the Fundamentals of Secure Access Service Edge

• SECURITY ALERT: Actively Exploited Microsoft Outlook Vulnerability Imperils Microsoft 365 Apps

• Technology Transforming Roulette in 2023: How Hardware and Software are Improving the Game

• Accelerate Your Strategic Decision-Making: 2023 Insurer’s Guide

• UK bans TikTok on government devices following U.S. move

• FBI shuts down 11-year-old NetWire RAT malware

• Container Security: Don’t Let Your Guard Down

• TikTok confirms the U.S. has threatened ban if Chinese parent ByteDance doesn’t sell stake

• Amazon call scams are on the rise — here’s what you need to know

• Cybercriminals, APT Exploited Telerik Vulnerability in Attacks on US Government Agency

• Russia-Linked APT ‘Winter Vivern’ Targeting Governments in Europe, Asia

• Budget 2023: Chancellor Pledges £2.5 Billion For Quantum Computing

• Multiple threat actors exploited Progress Telerik bug to breach U.S. federal agency

• Two Young US Men Charged, Hacked Into DEA Portal In 2022

• CISA Warns of Adobe ColdFusion Vulnerability Exploited in the Wild

• For Sale: Data Supposedly Coming from the US Marshals Service Hack

• Autonomy’s Mike Lynch Fights US Extradition Attempt

• Silicon Insights: How to Evolve Your Enterprise’s Digital Marketing: Part 2

• Checkmate: Check Point Research exposes security vulnerabilities on Chess.com

• GigaOm Recognizes CloudGuard AppSec as a Leader in Innovation and Feature Play in its 2023 Radar Report for Application and API Security

• Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

• Hornetsecurity VM Backup V9 protects users against ransomware threats

• Russian hacktivist group targets India’s health ministry

• Why red team exercises for AI should be on a CISO’s radar

• When and how to report a breach to the SEC

• Facebook ‘Unlawfully’ Used Dutch Personal Data: Court

• BEC Volumes Double on Phishing Surge

• Rise of Ransomware Attacks Main Focus for SOCs, research finds

• How ChatGPT can become a security expert’s copilot

• Secureworks IR team saw BEC attacks double in 2022

• Phishing Hackers Defeat 2FA via Man-in-the-Middle Attacks

• How Retiring Gas and Coal Plants Affects Grid Stability

• Chinese SilkLoader Malware Sold to Russian Cyber-Criminals

• CISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities Catalog

• Appian Protect safeguards sensitive and highly regulated data

• Amazon Linux 2023: Create and execute cloud-based applications with enhanced security

• 10 Best Browser Based FPS Games in 2023 – No Downloads No Limits

• Do you know what your supply chain is and if it is secure?

• Dashlane: Pricing, features, and how to get started

• What’s Wrong with Manufacturing?

• Analysis: Where Next As Europol Hails Rare DoppelPaymer Ransomware Success

• Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency

• ChatGPT: The real Evil Twin

• How Do Attackers Hijack Old Domains and Subdomains?

• Cyber attribution: Vigilance or distraction?

• How do attackers hijack old domains and subdomains?

• Navigating the future of digital identity

• How two-step phishing attacks evade detection and what you can do about it

• Identity theft of 225,000 customers takes place at Latitude Financial Services

• CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild

• Virtual patching: Cut time to patch from 250 days to

• Rushed cloud migrations result in escalating technical debt

• The Aftermath of Ola Bini’s Unanimous Acquittal by Ecuadorian Court

• Latest Cyberthreats and Advisories – March 10, 2023

• What We Learned from The Royal Mail Ransomware Chat

• A Ransomware Gang Claims to Have Hacked the Security Camera Company Amazon Ring

• NETGEAR launches Nighthawk RS700 WiFi 7 router

• Check Point Research conducts Initial Security Analysis of ChatGPT4, Highlighting Potential Scenarios For Accelerated Cybercrime

• Two US Citizens Charged for Hacking into DEA Portal in 2022

• Russia-linked APT29 abuses EU information exchange systems in recent attacks

• Neurotechnology unveils new biometric recognition algorithms in MegaMatcher 13.0

• ReversingLabs adds secrets detection capabilities to SSCS platform

• Update now! Microsoft fixes two zero-day bugs

Generated on 2023-03-17 23:55:26.783028