IT Security News Daily Summary 2023-04-04

• Spring into action and tidy up your digital life like a pro

• eFile Tax Return Software Found Serving Up Malware

• New York Trump Indictment Unsealed

• Police Capture Genesis Market, Biggest Venue For Online Fraud

• Watchdog dings Energy Dept over cloud security

• White House official touts digital training programs to bridge gap in AI procurement

• How co-ops can deliver faster, less expensive procurement

• FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

• Study: Facebook Was A Major Source Of Fake News During Last Election

• Enabling Secure Digital Transformation in Healthcare

• Phone Systems Giant 3CX Supply-Chain Attack Induces A Domino Effect

• Severe Elementor Pro WP Plugin Vulnerability Actively Exploited

• Smart locks endanger tenants’ privacy and should be regulated

• Social media age verification faces practicality, privacy challenges

• The best identity theft protection & credit monitoring services in 2023

• March ransomware disclosures spike behind Clop attacks

• Myriad™ – All-Flash, Scale-Out File & Object Storage for Unstructured Data

• Rajant Returns to Compete in 2023 ‘ASTORS’ with Cardinal Breadcrumb

• Strivacity Scores $20M for CIAM Expansion Plans

• Snyk bolsters developer security with fresh devsecop, cloud capabilities

• Myriad™ – All-Flash, Scale-Out File & Object Storage for Unstructured Data

• Mysterious ‘Rorschach’ Ransomware Doubles Known Encryption Speeds

• Rorschach ransomware has the fastest file-encrypting routine to date

• Myriad™ – All-Flash, Scale-Out File & Object Storage for Unstructured Data

• Einstein tilings – the amazing “Hat” shape that never repeats!

• 5 Best LastPass Alternatives in 2023

• The Broad, Vague RESTRICT Act is a Dangerous Substitute for Comprehensive Data Privacy Legislation

• How Web 3.0 is Revolutionizing the Internet: A Technical Comparison with Web 2.0

• Myriad™ – All-Flash, Scale-Out File & Object Storage for Unstructured Data

• Absolute zero in the quantum computer

• Chinese fraudsters: evading detection and monetizing stolen credit card information

• Western Digital Network Breach – Hackers Gained Access to Company Servers

• Myriad™ – All-Flash, Scale-Out File & Object Storage for Unstructured Data

• 15M+ Services & Apps Remain Sitting Ducks for Known Exploits

• What RASP Should Have Been

• CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

• UK data regulator issues warning over generative AI data protection concerns

• ChatGPT Has a Big Privacy Problem

• Arid Viper Using Upgraded Malware In Middle East Cyberattacks

• Discover a new era of security with Microsoft at RSA 2023

• New “Rorschach” Ransomware Spread Via Commercial Product

• Inside the Lazarus Heist: Multi-Billion Dollar Theft in Two Hours

• DISH Network: Multiple Lawsuits Filed Against Dish After a Ransomware Attack

• 3CX Supply Chain Attack Compromised Cryptocurrency Companies

• Hackers launched a DDoS Attack against CheckPoint and anticipate to target it again

• Western Digital Hit By Network Security Breach

• Defend against DDoS attacks with Azure DDoS IP Protection

• Role of AI in Revolutionizing Penetration Testing

• German Police Raid FlyHosting, a DDoS-Friendly Hosting Provider

• Smarter risk analysis can help tax agencies crack down on identity fraud

• TikTok bans explained: Everything you need to know

• 3CX Supply chain attack allowed targeting cryptocurrency companies

• ChatGPT and the First Amendment: Whose Rights Are We Talking About?

• Al-Qaeda’s Looming Threat: Are We Looking Over the Wrong Horizon?

• Not all CNAPP Vendors Stack Up: Check Point CloudGuard Recognized as Representative Vendor in Gartner CNAPP Market Guide

• TikTok’s Trials and Tribulations Continue With UK Data Protection Fine

• Trustle Raises $6M Seed Funding for Access Management Tech

• Zimbra Flaw Exploited by Russia Against NATO Countries Added to CISA ‘Must Patch’ List

• New Rilide Malware Targeting Chromium-Based Browsers to Steal Cryptocurrency

• Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies

• Sorting Through Haystacks to Find CTI Needles

• North Korea Hacking Cryptocurrency Sites with 3CX Exploit

• TikTok Fined £12.7 Million For Violating Children Data Protection

• New Generation of Phishing Hides Behind Trusted Services

• How to encrypt a file on Linux (and when you should)

• Tripwire Patch Priority Index for March 2023

• How Strategic Investors Can Help Cybersecurity Startups

• Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)

• UK data watchdog fines TikTok £12.7M for failing to protect kids

• Is TestOps the Future of Software Testing?

• Self-Propagating, Fast-Encrypting ‘Rorschach’ Ransomware Emerges

• CardinalOps Extends MITRE ATT&CK-based Detection Posture Management

• Foreign Cash Flows Into China On Alibaba Breakup Plan

• TikTok Fined £12.7m For Violating UK Data Privacy Laws

• TikTok Fined £12.7m For UK Data Protection Law Breaches

• Hey Siri, Use This Ultrasound Attack To Disarm A Smart-Home System

• UK’s Offensive Hacking Unit Takes On Military Opponents And Terrorist Groups

• Microsoft Will Block Dangerous Extensions In OneNote

• Uber Driver Info Stolen Yet Again: This Time From Law Firm

• How To Start A Reseller Hosting Business

• kissCartoon 2023- Top 20 Alternatives to Watch Cartoon Online

• Revolutionizing Banking System: The Power of White Label Payment Platforms

• ICO Fines TikTok £12.7m Over Children’s Data

• WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android

• How to Use HashiCorp Boundary for Secured Remote Access

• CYBERSECURITY INDUSTRY NEWS REVIEW – APRIL 4, 2023

• Designing Tabletop Exercises That Actually Thwart Attacks

• Japan Set To Ramp Chip Spending Amidst US Push

• Uber Driver Data Stolen Again From the Servers of Law Firm

• 3CX Supply Chain Attack: North Korean Hackers Likely Targeted Cryptocurrency Firms

• Cybereason Raises $100 Million, Appoints New CEO

• NATO Seeks Contractors to Test Security of Web Assets

• Think Before You Share the Link: SaaS in the Real World

• Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks

• CVE-2023-26360 – Adobe ColdFusion Arbitrary Code Execution

• Dark Web Narco Gangs are a Major Concern for Law Enforcement

• Virgin Media Broadband Outage Affects Thousands

• A Tiny Blog Took on Big Surveillance in China—and Won

• OneNote Security Tightened By Microsoft To Block 120 File Extensions

• My Cloud Goes Down While Data Storage Giant Announces Network Breach

• 15 Million Systems Are Vulnerable to CISA KEV Flaws

• Learn how to provide your company with maximum security for $79

• HTTP/S DDoS Attacks Soar 487% in Three Years

• The Future of CS:GO Skins: What’s Next for Collectors and Traders

• Tesla Told To Pay $3.2m In Racial Harrassment Lawsuit

• Distributed Energy Resources and Grid Security

• US Authorities Seize $112m From “Pig Butchering” Scammers

• DoJ cracks down on cryptocurrency fraud, seizes $112 million in linked funds

• How Blockchain Technology Will Impact These Top 5 Industries

• Crypto Firms Are Likely Target for 3CX Attacks

• Brightness Keeps Going Down on iPhone Screen? Try These Fixes

• VirusTotal += Deep Instinct

• Martha Lane-Fox Warns Against AI ‘Hysteria’

• Virgin Orbit Files For Bankruptcy In US

• Cyber spring cleaning: Decluttering your digital home

• New data extortion email campaign copying ransomware gang techniques

• Need to improve the detection capabilities in your security products?

• Safe Travels? Check Point Research puts a spotlight on a growing underground market selling flight points, hotel rewards and stolen credential of airline accounts

• The Security Challenges of Generative AI Tools: Can a Loose Prompt Sink Your Ship?

• Obsidian’s SSPM solution enables organizations to increase their SaaS security

• Podcast Episode: Losing Until We Win: Realistic Revolution in Science Fiction

• Bank rewrote ads for infosec jobs to stop scaring away women

• What are the Mobile App Security Best Practices

• Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions

• After Italy, Germany to issue ban on the ChatGPT use

• Android April 2023 Security Updates fix several critical vulnerabilities

• Shadow data slipping past security teams

• Streamlining cybersecurity decision-making for analysts and CISOs

• How can organizations bridge the gap between DR and cybersecurity?

• Vulnerabilities impacting multiple QNAP operating systems (CVE-2022-27597, CVE-2022-27598)

• Australia takes its turn to kick TikTok off government kit

• FTC extends deadline by six months for compliance with some changes to financial data security rules

• IRS system doesn’t meet all cloud security requirements, watchdog says

• Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack

• Guardz launches dedicated cybersecurity platform for MSPs and IT professionals

• Lack of security employees makes SMBs sitting ducks for cyber attacks

• 2023-04-03 – IoC update: Qakbot (Qbot) TCP port 65400 traffic changes IP address

• Cyber Insurance Coverage FAQ with DataStream CEO

• Hey Siri, use this ultrasound attack to disarm a smart-home system

• On Validation

• Data-storage firm Western Digital confirms cyberattack disrupted operations

• UK says its offensive cyber operations are ‘accountable, precise, and calibrated’

• A week in security (March 27 – April 2)

• TikTok: What’s going on and should I be worried?

• Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer

• Big changes to Twitter verification: How to spot a verified account

• New macOS malware steals sensitive info, including a user’s entire Keychain database

• Jeff Otto joins Riskified as CMO

• What do the inkblots tell you? Check Point Researchers Unveil “Rorschach,” previously unseen, fastest ever Ransomware

• Deadlines loom for contractor TikTok ban

• AI Company Scraped 30 Billion Photos From Facebook To Build Facial Recognition Database

• UK outsourcing services provider Capita suffered a cyber incident

• IT Security News Daily Summary 2023-04-03

• Data to help communities get ahead of water shortages

• DoJ Recovers $112M in Crypto Stolen With Romance Scams

• New VPN Malvertising Attack Drops OpcJacker Crypto Stealer

• Zero trust for web and application access: Developing a cybersecurity playbook for BYOD and beyond

• Trade group floats cyber national guard plan

• For Cybercrime Gangs, Professionalization Comes With ‘Corporate’ Headaches

• New guide looks to slash ‘time tax’ on benefits applications

• Passwordless authentication could cure user verification ills

• Uber driver info stolen yet again: This time from law firm

• AI Art Generators and the Online Image Market

• How We Think About Copyright and AI Art

• Source of 3CX supply chain attack unclear as fallout continues

• Data Breach Strikes Western Digital

• Cisco to Acquire Cloud Security Firm Lightspin for Reported $200 Million

• Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms

• April brings tulips, taxes … and phisherfolk scammers

• Massive 3CX Supply Chain Hack Targeted Cryptocurrency Firms

• Latitude Financial Reveals Extent of Cyber Attack: 14 Million Customers Affected

• Researchers claim they can bypass Wi-Fi encryption (briefly, at least)

• Capita: Cyber-attack broke some of our IT systems

• Cybersecurity unaligned with business goals is reactive … and flawed: Study

• Tor Project Creates New Privacy-Focused Browser using VPN Layer

• Regulating AI: 3 experts explain why it’s difficult to do and important to get right

• Why medical device vulnerabilities are hard to prioritize

• Top 26 Cybersecurity Experts & Accounts to Follow on Twitter

• 10 Reasons why businesses need mobile device management (MDM)

• A Serial Tech Investment Scammer Takes Up Coding?

• US DoD Unveils Website For Hack the Pentagon Bug Bounty Program

• Capita Cyberattack Made Its Microsoft Office 365 Programs Inaccessible

• TikTok to Comply With US Law, Protect User Data From China

• Capita confirms security attack caused pre-weekend outages

• Why Endpoint Resilience Is Important

• Adaptive Access Technologies: Enhancing Security and Agility in Today’s Business Environment

• Supply Chain Attack Targets 3CX App: What You Need to Know

• Ukrainian Police Arrests Suspects Accused of Stealing $4.3M From Victims Across Europe

• How to make sure the reputation of your products and company is good

• Western Digital shuts systems due to Cyber Attack

• The other digital divide

• Unapproved Apps Used By 32% of Remote Workers

• Name That Edge Toon: Tower of Babble

• How Good Is Your Advanced Threat Management?

• Hackers Exploit WordPress Plugin Flaw That Gives Full Control Of Millions Of Sites

• Western Digital Confirms Digital Burglary, Calls In Law Enforcement

• TMX Finance Breach Affects Nearly Five Million Customers

• Azure Bug Could Have Allowed Access To Critical Systems

• A Microsoft Azure Flaw Could Compromise Bing and Office 365

• Deep Instinct += VirusTotal

• Elementor Pro Plugin Vulnerability Exploited to Hack WordPress Websites

• ChatGPT, the AI Revolution, and the Security, Privacy and Ethical Implications

• Western Digital took its services offline due to a security breach

• Robust Consumer Protection Can Support a Rights-Respecting Digital Future

• Paris To Ban E-Scooters After Referendum

• Western Digital Security Breach – Hackers infiltrate Internal Systems

• Grazie Ragazzi – But It’s Not Ferrari Who’s Saying It This Time!

• The Important Role of SOAR in Cybersecurity

• Tesla Sets New Record With Q1 Vehicle Shipments

• Okay, so ChatGPT just debugged my code. For real.

• BYOD and personal apps: A recipe for data breaches

• 4 Steps for Shifting Left & Winning the Cybersecurity Battle

• Incomplete without Sweden: Finland’s NATO accession and the future of “Nord-NATO”

• 3CX supply chain attack: What do we know?

• Microsoft Addresses a New Azure AD Vulnerability Affecting Bing Search & Key Apps

• Western Digital Reveals Network Breach, My Cloud Is Unavailable

• New Research Highlights Increased Security Risks Posed by Remote Working and BYOD

• Keeping secrets safe

• Sundar Pichai Promises the Release of an Upgraded Bard AI Chatbot Soon

• Mullvad VPN and Tor Project Release Mullvad Browser

• Western Digital Shuts Down Services Due to Cybersecurity Breach

• US Defense Department Launches ‘Hack the Pentagon’ Website

• Microsoft OneNote Starts Blocking Dangerous File Extensions

• Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

• LogRhythm releases new cybersecurity capabilities to improve operational efficiency

• Snapchat Account Is Locked How To Unlock(Temporarily/Permanently)

• New adaptive platform customizes online certification training for a personalized experience

• “It’s The Service Accounts, Stupid”: Why Do PAM Deployments Take (almost) Forever To Complete

• Italian Watchdog Bans OpenAI’s ChatGPT Over Data Protection Concerns

• Western Digital Hit by Network Security Breach – Critical Services Disrupted!

• Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

• 1-15 March 2023 Cyber Attacks Timeline

• Western Digital confirms network security incident. Some systems offline

• Unpacking the Structure of Modern Cybercrime Organizations

• TikTok Owner ByteDance Sees Revenues Soar 30 Pct

• Western Digital confirms digital burglary, calls in law enforcement

• Best Data Science Programmes You Can Pursue Online

• Google Faces £3.4bn UK Lawsuit Over Adtech Dominance

• Quantum Titan’s AI Deep Learning Engines Detect and Block Zero-Day Phishing Attacks in Real Time

• Europe, North America Most Impacted by 3CX Supply Chain Hack

• 4.8 Million Impacted by Data Breach at TMX Finance

• ICE Is Grabbing Data From Schools and Abortion Clinics

• UK Runs Fake DDoS-for-Hire Sites

• TMX Financial Reveals 4.8 Million Persons Affected By Data Breach

• E3 Video Game Gala Event Cancelled

• Money Message: The Newest Ransomware Gang that Threatens Organizations

• Elementor Pro Vulnerability Actively Exploited by Threat Actors

• Mullvad VPN and Tor Project Create New Privacy-Focused Mullvad Browser

• Italy Bans ChatGPT Over Personal Data Risk

• The impact of Quantum Computing on cybersecurity

• 5 Secure Ways to Avoid Crypto Theft in 2023

• Dish Network Hit with Multiple Securities Class Action Lawsuits

• Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service

• Malware and machine learning: A match made in hell

• Western Digital network security incident and service outage

• Key Project Management Skills in 2023

• Consumer Loans Firm TMX Reveals Major Data Breach

• Malwarebytes unveils WorldBytes to help users reveal the hidden cyber threats around them

• SCCM Alternative for Patch Management

• Silicon UK In Focus Podcast: How to Combat Cloud Fraud

• Twitter Revokes New York Times Checkmark

• Life finds a way: OneNote malware on the rise

• Moobot botnet spreads by targeting Cacti and RealTek flaws

• How To Install Stripchat US In PC ( Windows 7, 8, 10, and Mac )

• How To Outwit The Dealer In Live Casino Games: Thinking Faster & Making The Right Decisions

• Malware exploits decade old Windows bug, which has an opt-in fix

• Outsourcer Capita Claims to Have Contained “Cyber Incident”

• WebSockets are a Pain – A Journey in Learning and Leveraging

• Quest Software Podcast: The Democratisation of Data: Episode 1: The Data Landscape Today

• 3CX decided supply chain attack indicator was a false positive after VirusTotal tests

• Software developers, how secure is your software?

• How to secure your Twitter account with 2FA

• Three big Cybersecurity fears of TikTok answered

• Super FabriXss Vulnerability in Microsoft Azure SFX Leads to Unauthenticated RCE

• How airlines can embrace IT system modernization

• Rookout’s Snapshots: The fourth pillar of observability for more secure applications

• Passbolt: Open-source password manager for security-conscious organizations

• Vietnam threatens to cut off two million mobile subscribers

• Infosec products of the month: March 2023

• Managing the risks of unstructured data growth

• Millions still exposed despite available fixes

• SpaceX moves Starship to launch site, and liftoff could be just days away

• Google Bard gets better at homework with improved math and logic capabilities

• ‘I’ve never seen anything like this:’ One of China’s most popular apps has the ability to spy on its users, say experts

• Elon Musk appears to offer $1 million bounty to ‘convict’ those responsible for Twitter ‘botnets’

• Metaverse could drive up profits — but most businesses may not be ready to invest yet

• School principal resigns after paying $100,000 to Elon Musk impersonator

• LATEST CYBERTHREATS AND ADVISORIES – MARCH 24, 2023

• The advantages of an anti-exec leadership team

Generated on 2023-04-04 23:55:25.325734