IT Security News Daily Summary 2023-03-28

• CISA director says agency is working on cyber workforce gaps

• Bitter APT group targets China’s nuclear energy sector

• NASA plans to consolidate cloud contracts

• NullMixer Polymorphic Malware Variant Infects 8K Targets in Just a Month

• MacStealer Malware Plucks Bushels of Data From Apple Users

• PGP Encryption: The Email Security Standard

• Millions of Pen Tests Show Companies’ Security Postures Are Getting Worse

• Google again accused of willfully destroying evidence in Android antitrust battle

• Watermarking ChatGPT, DALL-E and other generative AIs could help protect against fraud and misinformation

• Microsoft launches AI-powered Security Copilot

• OPINION: Why Perfection is the Enemy of Progress in Cybersecurity

• How data insights can solve geographic inequity, build regional economies

• Bitwarden Announces Secrets Management With a Combination of Open Source, End-to-End Encryption, and Ease of Use

• NextWave Program Product and Service Specializations — Breakaway 1=5

• Texas may be about to scrap a voting security system it can’t replace

• Improve your technical knowledge with 13 CompTIA courses for $54.97

• Video: How to Build Resilience Against Emerging Cyber Threats

• Microsoft Puts ChatGPT to Work on Automating Cybersecurity

• Microsoft Introduces GPT-4 AI-Powered Security Copilot Tool to Empower Defenders

• How effective asset management supports data center sustainability

• Latitude Data breach is worse than initially estimated. 14 million individuals impacted

• Exchange Online will soon start blocking emails from old, vulnerable on-prem servers

• Research Says, Mobile Phones are Listening to Your Conversations

• Hacker Returns $200 Million Stolen from Euler Finance

• Why SASE will benefit from faster consolidation of networking and security

• UK Sets Up Fake Booter Sites To Muddy DDoS Market

• North Korea’s Kimsuky Evolves into Full-Fledged, Prolific APT

• France Bans TikTok And Other ‘Fun Apps’ On Government Devices

• Essential Cybersecurity Tips to Reduce the Risk of Data Breaches

• Member Feedback on (ISC)² 2023 Bylaws Requested by April 7

• Cybersecurity Industry News Review – March 28, 2023

• (ISC)² Listens: Women Working in Cybersecurity

• Dridex malware, the banking trojan

• The FBI Has Been Buying Bulk Internet Data from This Florida Company

• Parts of Twitter’s Source Code Leaked Online On GitHub

• Legacy Application Refactoring: How To Revive Your Aging Software

• How to prevent fork bombs on your Linux development servers

• Publicly disclosed U.S. ransomware attacks in 2023

• Clipboard-Injector Attacks Target Cryptocurrency Users

• New Research Examines Traffers and the Business of Stolen Credentials

• China asks Apple to bolster its data security and privacy protections

• Apple Releases Security Patches For Older iPhone and iPad Models

• Hey, Siri: Hackers Can Control Smart Devices Using Inaudible Sounds

• Microsoft’s ‘Security Copilot’ Sics ChatGPT on Security Breaches

• Two-Week ATO Attack Mitigated by Imperva

• Silicon Labs: Logitech MX Mouse and Keyboard

• Silicon Labs: MX Master 3S Mouse

• GPT-4 kicks AI security risks into higher gear

• Microsoft Security Copilot uses GPT-4 to help security teams move at AI speed

• France Bans TikTok, Other ‘Fun’ Apps From Government Devices

• North Korea Is Now Mining Crypto to Launder Its Stolen Loot

• How to Succeed As a New Chief Information Security Officer (CISO)

• Microsoft Conduct an Emergency Fix for the Notorious ‘Acropalypse’ Bug

• Dallas County: Sold Computers May Have Public’s Personal Details

• Chinese-Designed Apps Pose Greater Privacy Risks to Americans

• CLOPS Claim to Have Hacked 130 Organizations

• Securing Cloud-Native Applications: Tips and Tricks for Secure Modernization

• National Security AI and the Hurdles to International Regulation

• Bukele Has Defeated El Salvador’s Gangs—for Now. How? And What Does It Mean for the Region?

• The Importance of Data Security and Privacy for Individuals and Businesses in the Digital Age

• The U.S. Government Restricts the Use of Spyware, White House Says

• How to Comply with the U.S. Federal Trade Commission’s (FTC) revised Safeguards Rule

• Is the future of social media subscription-based?

• ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation

• SecurityScorecard Guarantees Accuracy of Its Security Ratings

• China’s Nuclear Energy Sector Targeted in Cyberespionage Campaign

• Nigerian BEC Scammer Sentenced to Prison in US

• Compare breach and attack simulation vs. penetration testing

• Europol warns of criminal use of ChatGPT

• US President Biden Kind Of Mostly Bans Commercial Spyware

• The FBI Has Been Buying Bulk Internet Data From Team Cymru

• North Dakota To Require Cybersecurity Education In Public Schools

• Clearview AI Used Nearly 1m Times By US Police, It Tells The BBC

• New IcedID Malware Variants Shift From Banking Trojans To Ransomware

• Cymulate’s 2022 Cybersecurity Effectiveness Report reveals that organizations are leaving common attack paths exposed

• Spend on Safety Measures & Call Out Insecure Practices for Safer IoT

• Executive Order Limiting Usage Of Commercial Spyware Signed

• Wi-Fi When Traveling: 7 Ways to Get Internet for Travel

• How to Find WiFi Anywhere You Go

• Electric Carmaker Nio Pushes New-Model Battery Swap Stations

• Remote Employees: Update Your Routers (and More WFH IT Tips)

• How to protect your Windows PC from the attack that led to the Linus Tech Tips hack

• Breaking the Mold: Pen Testing Solutions That Challenge the Status Quo

• IcedID Malware Shifts Focus from Banking Fraud to Ransomware Delivery

• Pakistan-Origin SideCopy Linked to New Cyberattack on India’s Ministry of Defence

• Cybersecurity Industry News Review – March 28, 2023

• Alibaba Group To Split In Major Restructure

• Prompt engineering and jailbreaking: Europol warns of ChatGPT exploitation

• Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)

• Twitter To Demote Non-Paying Posts In Subscription Overhaul

• Introduction to Shift Left Testing

• Webinar Today: Understanding Hidden Third-Party Identity Access Risks

• 14 Million Records Stolen in Data Breach at Latitude Financial Services

• Security Vulnerabilities in Snipping Tools

• Clearview ‘Carried Out Nearly 1m Searches’ For US Police

• Europol details ChatGPT’s potential for criminal abuse

• Guaranteeing Employee Loyalty for Organisational Success

• How Do Market Leaders Get Valuable Consumer Data in 2023

• Future Data Breach Threats to UK Businesses

• How to Secure Your Mobile Device: 8 Tips for 2023

• iOS Security Update Patches Exploited Vulnerability in Older iPhones

• Thousands Access Fake DDoS-for-Hire Websites Set Up by UK Police

• Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe

• Vulnerabilities: Understand, mitigate, remediate

• Telecom giant Lumen suffered a ransomware attack and disclose a second incident

• Should you use your browser’s password manager or a dedicated app?

• France Set To Legalise AI-Powered Surveillance For Olympics

• Is the Future of Social Media Subscription-Based?

• A Recession Must Not Halt Modernisation Programmes

• Copy-paste heist or clipboard-injector attacks on cryptousers

• Cybersecurity Industry News Review – March 21, 2023

• US Reglators Seek Ban On Crypto Exchange Binance

• Hackers Earned $1,035,000 for Exploiting 27 Zero-Days at Pwn2Own Vancouver

• Become your organization’s cybersecurity expert with this $79 bundle

• Four Years Behind Bars for Prolific BEC Scammer

• President Biden Signs Executive Order Restricting Use of Commercial Spyware

• New IcedID Variants Switch From Delivering Malware To Bank Fraud

• MacStealer MacOS Malware Steals Passwords from iCloud Keychain

• US Reglators Seek To Ban Crypto Exchange Binance

• Call for Submissions to UK’s New Computer Misuse Act

• Motivations for Insider Threats: What to Watch Out For

• US Moves to Ban “Anti-Democratic” Spyware

• How to Join a Playstation Party on PC? Step by Step Guide

• Need to improve the detection capabilities in your security products?

• EU Security and Privacy Laws: What to Expect in 2023 and beyond

• Romance scams loss termed to have reached £10k on an average in UK

• Running a security program before your first security hire

• What you need before the next vulnerability hits

• How CIAM safely orchestrates your customers’ journey and its benefits

• Best Practices for Secure Remote Development

• Apple Issues Urgent Security Update for Older iOS and iPadOS Models

• Balancing security risks and innovation potential of shadow IT teams

• What the food and building industry can teach us about securing embedded systems

• Tausight expands its AI-based PHI Security Intelligence platform to cover new attack vectors

• US president Biden kind of mostly bans commercial spyware

• How CISOs Can Reduce the Danger of Using Data Brokers

• Apple patches everything, including a zero-day fix for iOS 15 users

• Using Artificial Intelligence in Finance

• Web Testing Tutorial: Comprehensive Guide With Best Practices

• Food giant Dole reveals more about ransomware attack

• Bogus Chat GPT extension takes over Facebook accounts

• Ransomware gunning for transport sector’s OT systems next

• GitHub accidentally exposes RSA SSH key

• Solving the password’s hardest problem with passkeys, featuring Anna Pobletts

• AU10TIX partners with Microsoft on decentralized verifiable credentials

• Hunters integrates its SOC Platform with Databricks Lakehouse

• Study Reveals Inaudible Sound Attack Threatens Voice Assistants

• Lawyers cough up $200k after health data stolen in Microsoft Exchange pillaging

• Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices

• ChatGPT for state and local agencies? Not so fast.

• Turning hackers’ behavior against them

• Twitter’s Source Code Leak on GitHub a Potential Cyber Nightmare

• Clop Keeps Racking Up Ransomware Victims With GoAnywhere Flaw

• IT Security News Daily Summary 2023-03-27

• State mandates K-12 cyber education

• New MacStealer macOS malware appears in the cybercrime underground

• How to prepare for a world without passwords

• ODNI official details efforts to use automation to speed talent recruitment timelines

• The best security cameras of 2023: Protect your home

• It’s time to update all of your Apple devices again. Here’s why

• Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April

• A Review Of Helm And Kubernetes For Your DevOps Pipeline

• GitHub Publishes RSA SSH Host Keys by Mistake, Issues Update

• Portion of Twitter’s proprietary source code leaked on GitHub

• Reducing health disparities through effective data management

• Passwords vs Passwordless: A Debate on Online Security

• Planned Login-dot-gov deployment at IRS is postponed

• Hackers Earn Over $1 Million at Pwn2Own Exploit Contest

• US to Adopt New Restrictions on Using Commercial Spyware

• Imperva recognized as a Strong Performer in Forrester Wave: Data Security Platforms, Q1 2023

• How to secure your GitHub account with two-factor authentication

• How shift left security and DevSecOps can protect the software supply chain

• White House bans government ‘operational’ use of commercial spyware in executive order

• Analysis of 7 single-vendor SASE platforms

• 7 Women Leading the Charge in Cybersecurity Research & Analysis

• Upgrading Online Security with Password Managers

• Twitter Says Source Code Was Leaked on GitHub, Now It’s Trying to Find the Culprit

• Introduction To OpenSSH

• The best home security cameras of 2023

• Microsoft assigns CVE to Snipping Tool bug, pushes patch to Store

• Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu and more Pwned

• 2023-03-24 – IcedID (Bokbot) with BackConnect traffic and Cobalt Strike

• Australia Dismantles BEC Group That Laundered $1.7 Million

• GoAnywhere Zero-Day Attack Hits Major Orgs

• Drive to Pervasive Encryption Boosts Key Management

• Pwn2Own Hacking Competition Awards Over $1 Million In Vancouver

• US needs improved regulation to foster drone R&D

• How often should security audits be?

• US Lawmakers Push TikTok Ban Bill After CEO Testimony

• Musk’s Neuralink ‘Approached Partner’ For Human Trials

• Microsoft Fixes Security Flaw in Windows Screenshot Tools

• AI and Twitter could help predict opioid deaths

• Three Variants of IcedID Malware Discovered

• 20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison

• Pleading TikTok to “Think of the Children” Misses the Point

• How to make sure the reputation of your products and company is good

• Source Code of Twitter leaked on GitHub

• New MacStealer Targets Catalina, Newer MacOS Versions

• GoAnywhere Hack Targets UK Pension Protection Fund

• TikTok Bans: Governments Worldwide Take Action Over Security and Privacy Concerns

• Webinar Tomorrow: Understanding Hidden Third-Party Identity Access Risks

• ‘Grim’ Criminal Abuse of ChatGPT is Coming, Europol Warns

• 5 Best Password Managers (2022): Features, Pricing, and Tips

• Malvertising Gives Cybercriminals Access to Big Technologies

• Watch Out for These Common Signs to Identify an Email Phishing Scam

• The Role of Human Resources in Cybersecurity

• Updates from the MaaS: new threats delivered through NullMixer

• CISA Unleashes Untitled Goose Tool To Honk At Danger In Microsoft’s Cloud

• Five Takeaways From TikTok CEO’s Congress Grilling

• Android App From China Executed Zero Day Exploit On Millions Of Devices

• Singapore Businesses Stumbling Over What Security Culture Entails

• Twitter Takes Legal Action After Source Code Leaked Online

• Critical Vulnerability Fixed In WooCommerce Payments WordPress Plugin

• Hackers Exploited Critical Microsoft Outlook Vulnerability To Gain Exchange Server Access

• Cybersecurity vs. Everyone: From Conflict to Collaboration

• Climate Change Advisory Opinion Requests: Risk and Reward

• GitHub Rotates Publicly Exposed RSA SSH Private Key

• OpenAI: ChatGPT Payment Data Leak Caused By Open-Source Bug

• 10 Best Browser Based FPS Games in 2023 – No Downloads No Limits

• Zoom launches Okta Authentication for E2EE to verify identity

• Baidu Shows Corporate Chatbot Skills In Closed Session

• Latitude Financial Data Breach: 14 Million Customers Affected

• Scaling Your Testing Efforts With Cloud-Based Testing Tools

• Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits

• Technical analysis of China-linked Earth Preta APT’s infection chain

• A bug revealed ChatGPT users’ chat history, personal and billing data

• BEC scammers are after physical goods, the FBI warns

• Cookie Clicker Garden Guide to Unlocking Every Seed – Quick Tutorial

• Women in Cybersecurity – History to Today

• Intel Co-Founder Gordon Moore Dies At 94

• The Power of Docker Images: A Comprehensive Guide to Building From Scratch

• GitHub Suspends Repository Containing Leaked Twitter Source Code

• Gone in 120 seconds: Tesla Model 3 child’s play for hackers

• VERT Reads All About It – Cybersecurity News March 27, 2023

• New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords

• Where SSO Falls Short in Protecting SaaS

• Hacks at Pwn2Own Vancouver 2023

• 14 Million Customer Details Breached In Latitude Financial Firm

• Congratulations to Our 2023 CPX 360 Award Winners in EMEA

• Alibaba’s Jack Ma Returns To China After Year’s Absence

• Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools

• Earth Preta’s Cyberespionage Campaign Hits Over 200

• Failed Silicon Valley Bank Assets Acquired By Rival

• Financial Institutions and Cybersecurity Risk: Why you need ISO27001

• Avoiding the Pitfalls of Tax Season: Philadelphia Warns Against Sophisticated Phishing Attacks

• Parts of Twitter`s Source Code Were Leaked on GitHub, According to Elon Musk

• China crisis is a TikToking time bomb

• NCA Harvests Info on DDoS-For-Hire With Fake Booter Sites

• Known unknowns: Refining your approach to uncategorized web traffic

• Twitter Says Source Code Posted Online

• New BEC Tactics Enable Fake Asset Purchases

• Latitude Financial Admits Breach Impacted Millions

• How scammers employ IPFS for email phishing

• Software developers, how secure is your software?

• Malicious Python Package uses Unicode support to evade detection

• What Goes “App” Could Take You Down

• They Posted Porn on Twitter. German Authorities Called the Cops

• ChatGPT users data leaked because of bug vulnerability

• Artificial Intelligence vs Machine Learning: Understanding the Differences

• ChatGPT Exposes Email Address of Other Users – Open-Source Bug

• Prioritizing data security amid workforce disruptions

• Veterans Affairs committee Dems offer bills to streamline VA operations

• The era of passive cybersecurity awareness training is over

• Understanding adversaries through dark web intelligence

• CISA to Start Issuing Early-Stage Ransomware Alerts

• In Memoriam – Gordon Moore, who put the more in “Moore’s Law”

Generated on 2023-03-28 23:55:26.304543