IT Security News Daily Summary 2023-03-21

• DOD partners with GSA to get sustainable products to agencies

• Text alerts could streamline benefits redetermination processes

• New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict

• Secure Your Online Privacy: How to Choose the Best VPN in 2023

• ZenGo finds transaction simulation flaw in Coinbase, others

• .NET Devs Targeted With Malicious NuGet Packages

• Cyberpion Rebrands As IONIX

• What is firewall optimization?

• FTC extends deadline by six months for compliance with some changes to financial data security rules

• We’re back! Our grand return to live events

• Renowned Researcher Kelly Lum Passes Away

• Florida city water cyber incident allegedly caused by employee error

• Ransomware gangs’ harassment of victims is increasing

• BlackBerry Announces New Patent Sale Transaction With Patent Monetization Company for Up to $900M

• Research Highlights Cyber Security’s Underestimated Role As a Business and Revenue Enabler

• You just gonna take that AWS? Let Microsoft school your users on cloud security?

• Privacy Rights Group Targets Facebook Political Microtargeting Practice

• BigID’s Data Security Posture Management Solution Integrates With SOAR Platforms

• Normalyze Granted Patent for Data Security Posture Management (DSPM)

• Verosint Launches Account Fraud Detection and Prevention Platform

• Cybersecurity Skills Shortage, Recession Fears Drive ‘Upskilling’ Training Trend

• New ShellBot bot targets poorly managed Linux SSH Servers

• Civil Rights Organizations File Amicus Brief in Support of EFF Lawsuit Against Discriminatory SFPD Surveillance

• Ferrari Discloses Ransomware Attack; Refuses to Pay Ransom

• Google Pixel phones had a serious data leakage bug – here’s what to do!

• Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

• ChatGPT Bug Exposes Conversation History Titles

• 4 key trends from the Gartner IAM Summit 2023

• 13 Cloud Security Best Practices for 2023

• What Is The Microsoft Print Spooler Vulnerability?

• Ferrari In A Spin As Crims Steal A Car-Load Of Customer Data

• Just Eat Cuts 1,700 Jobs As Delivery Growth Slows

• Zoom Paid Out $3.9 Million in Bug Bounties in 2022

• Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager

• Over 2400 Fake Pages Found Targeting Job Seekers in Middle East, Africa

• Ex-Meta Security Staffer Accuses Greece Of Spying On Her Phone

• Nation-State Threat Actors Exploited Zero Days The Most In 2022

• Cybersecurity Industry News Review – March 21, 2023

• US Rules Bar $52bn Chip Funds From Benefiting China

• CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone

• Name That Toon: It’s E-Live!

• How Jan. 6 Committee Staffers Have Filled in the Blanks

• What Is Observability, And Why Is It Crucial To Your Business?

• Is Shoulder Surfing a threat to Cybersecurity

• Google Releases Bard Chatbot To Public

• Breach Forums to Remain Offline Permanently

• Carol Shaw: The groundbreaking career of this video game pioneer

• OneNote, Many Problems? The New Phishing Framework

• A roadmap to zero-trust maturity: 6 key insights from Forrester

• CISA: Election security still under threat at cyber and physical level

• What is the National Cybersecurity Strategy? A cybersecurity expert explains what it is and what the Biden administration has changed

• Key Findings: UK Cybersecurity Breaches Survey 2022

• Ransomware Risk Management: A Cybersecurity Framework Profile

• Learn cybersecurity skills by participating in real projects

• Hackers Use NuGet Packages to Target .NET Developers

• New ‘Bad Magic’ Cyber Threat Disrupt Ukraine’s Key Sectors Amid War

• 2022 Zero-Day exploitation continues at a worrisome pace

• NBA Alerts Fans After Hack Of The Third-Party Service Provider

• Ferrari data breach: Client data exposed

• 2022 witnessed a drop in exploited zero-days

• Adobe launches Firefly generative A.I., which lets users type to edit images

• UK Ranks Fourth In World For Big Tech Data Requests

• Adobe launches Firefly generative A.I. that lets you type to edit images

• Hacker Gang Holds Amazon’s Ring to Ransom

• Home Security: Breaches and Ransomware Making it Impossible to Review Firms and Their Security

• Shoulder Surfing: What is it and how to Protect Yourself?

• Oops! ChatGPT Shares AI Chat Histories with the Wrong Crowd

• BFSI Sector at the Forefront of Cyberattacks

• Google Pixel Vulnerability Allows Recovery of Cropped Screenshots

• Malicious NuGet Packages Used to Target .NET Developers

• News Analysis: UK Commits $3 Billion to Support National Quantum Strategy

• Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant

• Oleria Scores $8M Seed Funding for ID Authentication Technology

• Passkeys: A Modern Solution For All Your Password Troubles

• ChatGPT Bug Temporarily Exposes AI Chat Histories to Other Users

• China Approves More Imported Games As Crackdown Eases

• Crypto ATM Manufacturer General Bytes Suffers $1.5m Bitcoin Theft

• Controlling Third-Party Data Risk Should Be a Top Cybersecurity Priority

• Decoding the Defense Department’s Updated Directive on Autonomous Weapons

• The DEA Portal Hack was Perpetrated by Two Cybercriminals Last Year

• Ferrari Announces Data Breach. Customers Risk Data Leakage

• Researchers Reveal Insights into CatB Ransomware’s Advanced Evasion Methods

• US Citizen Hacked by Spyware

• IAM Startup Aembit Secures How Workloads Connect to Services

• New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

• China Chip Boss Targeted By Anti-Graft Probe

• Oleria raises $8M to make multi-factor authentication adaptive

• The Best Defense Against Cyber Threats for Lean Security Teams

• New ShellBot DDoS Malware Targeting Poorly Managed Linux Servers

• Amazon To Cut 9,000 More Jobs

• Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

• Ferrari Reveals Data Breach After Getting Ransom Demand

• Banking Trojan Mispadu Found Responsible for 90,000+ Credentials Stolen

• How Emerging Trends in Virtual Reality Impact Cybersecurity

• The Five Don’ts of Facebook Marketplace

• General Bytes Bitcoin ATMs Hacked to Steal Funds

• NCSC Launches Two New Tools for Small Businesses

• From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

• Mandiant Zero-Day Exploitation Report 2022

• Building Your Dream Network by Custom Net Development Company

• CASPER Attack Targets Air-Gapped Systems Via Internal Speakers

• Ferrari Reveals Data Breach Ransom Attack

• Bringing observability to cloud security

• Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

• Top 4 Bitcoin Casinos

• How to Make Valorant Account – A Complete Guide

• Ex-Meta security staffer accuses Greece of spying on her phone

• Need to improve the detection capabilities in your security products?

• The Future of Betting: How Technology Is Changing the Game for Bookmakers And Bettors

• Ferrari Hacked – Attackers Gained Access to Company’s IT Systems

• Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw

• Bad magic: new APT found in the area of Russo-Ukrainian conflict

• Self-Sovereign Identities, The Next Step in Privacy-First User Experience

• Bitwarden’s unlock with PIN feature is convenient, but also a security risk

• Putin to staffers: Throw out your iPhones, or ‘give it to the kids’

• The Scorched-Earth Tactics of Iran’s Cyber Army

• Details of ransomware attack on Ferrari and NBA

• Data backup, security alerts, and encryption viewed as top security features

• Threat actors are experimenting with QR codes

• The impact of AI on the future of ID verification

• 5 rules to make security user-friendly

• Podcast Episode: So You Think You’re A Critical Thinker

• Google suspends top Chinese shopping app Pinduoduo

• Analysis: Lookalike Confusable Domains Fuel Phishing Attacks

• Third party Cybersecurity risks in securing the supply chain

• 2023-03-17 – Emotet Epoch 5 activity

• Eurotech introduces cybersecurity-certified edge AI solutions

• ForgeRock Enterprise Connect Passwordless reduces the risk of password-based attacks

• Australian FinTech takes itself offline to deal with cyber incident that caused data leak

• OpenVPN With Radius and Multi-Factor Authentication

• Ferrari Says Ransomware Attack Exposed Customer Data

• Ferrari in a spin as crims steal a car-load of customer data

• Technology and Software Redefine Business Operations

• 19 Most Common OpenSSL Commands for 2023

• Mastercard acquires Baffin Bay Networks to improve customer security

• Wipro and Secret Double Octopus provide enterprises with stronger authentication mechanisms

• DotRunpeX: The Malware That Infects Systems with Multiple Families

• A week in security (March 13 – 19)

• “ViLE” members posed as police officers and extorted victims

• Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles

• Treasury’s system tracking federal debt still needs security improvements, GAO says

• Defining endpoint security in a zero-trust world

• IT Security News Daily Summary 2023-03-20

• Acropalypse flaw in Google Pixel’s Markup tool allowed the recovery of edited images

• ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not?

• CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws

• FIDO (Fast Identity Online)

• ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises

• Privacy fail: Pictures cropped, redacted by Google Pixel phones can be recovered

• UI modernization, identity verification limit state fraud loss

• Resident data profiles trigger targeted emergency response

• Aembit Scores $16.6M Seed Funding for Workload IAM Technology

• 4 cloud API security best practices

• Facebook Is Finally Rolling Out Paid Verification System For Improved Security

• Mirai Hackers Use Golang to Create a Bigger, Badder DDoS Botnet

• AI Has Your Business Data

• State cyber workforce challenges reaching ‘crisis levels’

• When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

• Techno-nationalism explained: What you need to know

• ForgeRock, Double Secret Octopus offer passwordless authentication for enterprises

• BECs double in 2022, overtaking ransomware

• FBI arrests suspected BreachForums owner in New York

• Threat Actors Using Go-based HinataBot to launch DDoS Attacks

• Bitcoin ATM customers hacked by video upload that was actually an app

• Cops Nab BreachForums Boss in New York

• EU Lawmakers Must Reject This Proposal To Scan Private Chats

• Sign The Petition And Tell EU Legislators: Don’t Scan Us

• Two Charged in Alleged Hacking of Drug Enforcement Agency’s Web Portal

• Public Key and Private Key Pairs: Know the Technical Difference

• Analysis of the recent volatility in the cryptocurrency market

• Voice deepfakes are calling – here’s what they are and how to avoid getting scammed

• KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps

• Mispadu Trojan Steals 90,000+ Banking Credentials From Latin American Victims

• CBP Is Expanding Its Surveillance Tower Program at the U.S.-Mexico Border–And We’re Mapping It

• HinataBot – A New Botnet Could Launch Massive 3.3 Tbps DDoS Attacks

• Rising Cyberattacks Increase Stress on Healthcare Industry

• How to make sure the reputation of your products and company is good

• Italian agency warns ransomware targets known VMware vulnerability

• BreachForums Admin Arrested in New York

• Cyberattackers Hoop NBA Fan Data via Third-Party Vendor

• DataSurgeon – Extract Sensitive Information (PII) From Logs

• (ISC)² Listens: Women Working in Cybersecurity

• Google Project Zero issues vulnerability alert on Samsung Exynos Modems

• Alleged Owner of BreachForums Arrested: Why It Matters

• OPM gives agencies guidance for a new program to rotate cybersecurity employees across agencies

• Public sector work equals high job satisfaction

• Waterfall Security, TXOne Networks Launch New OT Security Appliances

• Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes

• Two ‘ViLE’ Cybercrime Group Members Charged in 2022 Hacking of DEA Portal

• BianLian ransomware group shifts focus to extortion

• BBC Bans TikTok From Corporate Devices

• SecurityBridge Introduces The SAP Management Dashboard

• Threat actors abuse Adobe Acrobat Sign to distribute RedLine info-stealer

• How Much Will Each Stolen Client SSN Cost You Now That You Have Been Pwned?

• Why You Should Opt Out of Sharing Data With Your Mobile Provider

• On the Unconstitutionality of Iran’s Current Constitution

• Twenty Years Later, the U.S. Military Is Still Lost in Iraq

• Royal Dirkzwager Attacked By Play Ransomware Group

• A Cancer Patient’s Fight for Justice Against a Hospital Ransomware Attack

• BreachForums Mastermind Pompompurin Arrested in New York

• Taiwan Financial Regulator ‘To Oversee Crypto’

• Cybercriminals capitalize on Silicon Valley Bank’s demise

• Technological Advancements Boosting Crypto Poker Adoption

• OpenAI CEO Sam Altman says he’s a ‘little bit scared’ of A.I.

• The Role of Finance Departments in Cybersecurity

• Shouldering the Increasingly Heavy Cloud Shared-Responsibility Model

• New DotRunpeX Malware Delivers Multiple Malware Families via Malicious Ads

• OpenAI CEO Sam Altman said he’s a ‘little bit scared’ of A.I.

• Emotet Recurs: Avoids Macro Security Using OneNote Attachments

• A Guide to Understanding XDR Security Systems

• Running WordPress on Azure for secure, fast and global content delivery

• Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen

• Emotet Malware Spreads Out Through Malicious Microsoft OneNote Attachments

• NordVPN Rolls Out Meshnet For Public, Including Non-Subscribers

• Baidu Shares Rise On Positive Ernie AI Reviews

• Hackers can hijack Samsung and Pixel phones by knowing phone number

• First Dero cryptojacking campaign targets unprotected Kubernetes instances

• The FBI Warns SIM Swapping Attacks Are Rising. What’s That?

• Inside The DEA Tool Hackers Allegedly Used To Extort Targets

• Chinese Warships Seem To Be Messing With Passenger Planes

• Go-Based HinataBot Latest Botnet To Focus On DDoS Attacks

• Fighting VPN Criminalization Should Be Big Tech’s Top Priority

• BBC to staff: Uninstall TikTok from our corporate kit unless you can ‘justify’ having it

• NBA Notifying Individuals of Data Breach at Mailing Services Provider

• Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm

• FBI Detains Owner Of Notorious Cybercrime Forum, BreachForums

• Huawei ‘Replaced 13,000 Components’ After Sanctions

• Emotet is back after a three-month hiatus

• Bitcoin Surges Above $28,000 Amidst Banking Turmoil

• Detecting Malicious Packages on PyPI: Malicious package on PyPI use phishing techniques to hide its malicious intent

• UK Ransomware Incident Volumes Surge 17% in 2022

• Researchers Shed Light on CatB Ransomware’s Evasion Techniques

• New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches

• YouTube Reinstates Donald Trump Account After Two-Year Ban

• A Look at The 2023 Global Automotive Cybersecurity Report

• Don’t fail an audit over a neglected annual policy review

• New York Man Arrested for Running BreachForums Cybercrime Website

• Adobe Acrobat Sign Abused to Distribute Malware

• “Hinata” Botnet Could Launch Massive DDoS Attacks

• How to protect online privacy in the age of pixel trackers

• Waterfall Security Solutions launches WF-600 Unidirectional Security Gateway

• HinataBot: The Latest Go-based Threat Is Launching DDoS Attacks

• Ensuring Security in Online Betting: What Bookmakers Are Doing to Protect Your Data

• Elden Ring Controller Not Working – Simple Fixes

• SMBs don’t see need for cyber insurance since they won’t experience security incidents

• Nominations are Open for 2023’s European Cybersecurity Blogger Awards

• 7 guidelines for identifying and mitigating AI-enabled phishing campaigns

• Crypto Investment ‘Scam’ Defrauds Thousands Of Users

• Scam Robocalls Forecast to Cost $58bn This Year

• What Is Shoulder Surfing? How Does It Affect Cybersecurity

• What Is the Command Key on Windows Keyboard? – Ticket to Computer Efficiency

• How To Automate Your Business Expenses?

• Cloudflare announces AI-powered Fraud Detection tool

• Fears of wider hacking theft as Latitude stays offline

• Software developers, how secure is your software?

• How to Hide Instagram Account and Prevent Other Users from Finding You

• Anthropic introduces Claude, a “more steerable” AI competitor to ChatGPT

• Microsoft is testing a built-in cryptocurrency wallet for the Edge browser

• Vessels claiming to be Chinese warships are messing with passenger planes

• Emotet Rises Again: Evades Macro Security via OneNote Attachments

• Online Sleuths Untangle the Mystery of the Nord Stream Sabotage

• Play ransomware gang hit Dutch shipping firm Royal Dirkzwager

• Police pounce on ‘pompompurin’ – alleged mastermind of BreachForums

• Detecting face morphing: A simple guide to countering complex identity fraud

• We are scared of Artificial Intelligence says OpenAI CEO

• Most mid-sized businesses lack cybersecurity experts, incident response plans

• IT security spending to reach nearly $300 billion by 2026

• How to best allocate IT and cybersecurity budgets in 2023

• The Army is putting all its network efforts under one roof

• NBA Cyber Incident – Fans’ Personal Information Exposed

Generated on 2023-03-21 23:55:28.828070