IT Security News Daily Summary 2023-04-07

• VA delays rollout of new electronic health record system again

• UN Cybercrime Treaty Timeline

• Texas may dial back bitcoin mining incentives

• Almost Half of Former Employees Say Their Passwords Still Work

• Decoding the U.N. Cybercrime Treaty

• National Park Service considers a digital park pass

• Iowa agency realignment includes tech tweaks

• Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days

• Microsoft, Fortra get court order to disrupt Cobalt Strike

• MSI confirms security breach after Money Message ransomware attack

• Welcome to open source, Elon. Your Twitter code just got a CVE for shadow ban bug

• Meet Anthalon, fighting for freedom of the press

• New Research Spotlights BEC Tactics, Other Emerging Security Trends

• Company that launched 2FA is pioneering AI for digital identity

• Cyberespionage threat actor APT43 targets US, Europe, Japan and South Korea

• More phishing campaigns are using IPFS network protocol

• Phishing from threat actor TA473 targets US and NATO officials

• Defining policy vs. standard vs. procedure vs. control

• EFF to Ninth Circuit: Twitter Has First Amendment Right to Ban Users, Including Presidents

• Company that launched 2FA pioneering AI for digital identity

• Push Notification Is More Secure Than SMS 2FA, So Why the Reluctance to Enable It?

• Hackers can Open Smart Garage Doors From Anywhere in the World

• Malicious Attacks Use Log4j Bugs

• Google Mandates Easy Account Deletion for Android Apps

• Microsoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike Tools

• Best Patch Management Practices to Follow to Keep Your Business Secured

• Critical Security Flaws Identified in Popular Japanese Word Processing Software

• LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

• DoJ: Estonian Man Tried to Acquire US-Made Hacking Tools for Russia

• MERCURY and DEV-1084: Destructive attack on hybrid environment

• Most commonly used PINs putting smart phones to cyber risks

• What Is a DMZ Network? Definition, Architecture & Benefits

• Watch: How to Build Resilience Against Emerging Cyber Threats

• Bad Actors Will Use Large Language Models — but Defenders Can, Too

• Printers Pose Persistent Yet Overlooked Threat

• TikTok, Other Mobile Apps Violate Privacy Regulations

• Deriving Intel From Open Reporting

• Cyber Incident Cripples UK Criminal Records Office

• Preemption and the Known Unknowns of the Trump Indictment

• Microsoft, Fortra Gains Legal Rights Against Cobalt Strike Abuse

• Sophos Study Finds Most Firms Struggle To Execute Essential Security Tasks

• 5 ChatGPT security risks in the enterprise

• Ransomware Gang Leaked 600GB of Data Stolen From Oakland City Servers

• Using a Private Version of ChatGPT as an Enabler for Risk and Compliance

• Secret US Documents on Ukraine War Plan Spill Onto Internet: Report

• LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

• The best Amazon security camera deals of April 2023: Ring and Blink spring sales

• Cybercriminals ‘CAN’ Steal Your Car, Using Novel IoT Hack

• Researchers Uncover Thriving Phishing Kit Market on Telegram Channels

• Rilide browser extension steals MFA codes

• MSI Breach Claimed By Money Message Ransomware Gang

• Sony Lashes Out At CMA’s ‘Irrational’ Reversal Over Microsoft Activision Buy

• Technical, Legal Action Taken to Prevent Abuse of Cobalt Strike, Microsoft Software

• Sophos Patches Critical Code Execution Vulnerability in Web Security Appliance

• Tesla Retail Tool Vulnerability Led to Account Takeover

• Microsoft aims at stopping cybercriminals from using cracked copies of Cobalt Strike

• How to choose a hosting provider for a high-traffic website

• Samsung To Cut Chip Production, Amid Profit Decline

• It’s this easy to seize control of someone’s Nexx ‘smart’ home plugs, garage doors

• OpenAI To Proffer Solutions To Italy’s ChatGPT Ban

• Phishing emails from legit YouTube address hitting inboxes

• What Is a Software Restriction Policy?

• 3CX Cyberattack: Cryptocurrency Firms at Risk

• 250+Captions, Quotes for Profile Picture (Trendy & Unique)

• OpenAI to Offer Remedies to Resolve Italy’s ChatGPT Ban

• With ICMP magic, you can snoop on vulnerable HiSilicon, Qualcomm-powered Wi-Fi

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Telegram – New Market Place for Selling Phishing Toolkits & Services

• Are Source Code Leaks the New Threat Software vendors Should Care About?

• Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool

• Free VPN Amnezia Helps Users Avoid Censorship in Russia

• CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products

• Cyberthreats take a toll on IT teams’ work on other projects

• New infosec products of the week: April 7, 2023

• April 2023 Patch Tuesday forecast: The vulnerability discovery race

• Tesla staff sharing in-car customer images

• Analysis: Hackers Exploit Zero-Day to Siphon $1.5 Million From Bitcoin ATMs

• Identity and Access Management (IAM) in Payment Card Industry (PCI) Data Security Standard (DSS) environments.

• API security: the new security battleground

• Influence of data breaches on Merger and Acquisition deals

• Companies carry unquantified levels of risk due to current network security approaches

• Outcome-based cybersecurity paves way for organizational goals

• Workspot launches Cloud PC with 99.99% SLA availability

• McAfee+ offers identity restoration and lost wallet assistance in Italy

• AuthenticID launches identity document liveness detector

• LastPass Security Dashboard now features dark web monitoring

• ISACA updates CMMI model to increase its flexibility and adaptability

• UK Criminal Records Office Crippled by Potential Ransomware Attack

• IoT garage door exploit allows for remote opening attack

• New tool allows you to opt out of Facebook’s targeted advertising

• Google aims to reduce data theft with app data and account deletions

• Visitors of tax return e-file service may have downloaded malware

• Uber data theft: Driver info stolen after law firm breached

• Fight AI With AI

• New Dark Web Market Styx: Focuses on Money Laundering, Identity Theft

• 24 Top Open Source Penetration Testing Tools

• FTC Safeguards Rule: Get Compliant and Get on With Business

• Sewage surveillance spots respiratory viruses

• How do your benefits enrollment sites measure up?

• Cleaning up your social media and passwords: What to trash and what to treasure

• IT Security News Daily Summary 2023-04-06

• Cyber Academy’s inaugural class to bolster city defenses

• Pentagon lags on software buying reforms, GAO says

• DDoS attacks rise as pro-Russia groups attack Finland, Israel

• CISA director details plan to address security risks in open source software

• Twitter ‘Shadow Ban’ Bug Gets Official CVE

• ‘BEC 3.0’ Is Here With Tax-Season QuickBooks Cyberattacks

• Phishers migrate to Telegram

• IRS outlines tech modernization, CX plans as part of $80 billion overhaul

• Comparing enabled and enforced MFA in Microsoft 365

• Chatbot Controversy in Europe: Italy Blocks ChatGPT. What’s next?

• Russia has a stash of scary malware? We’re shocked

• A fight against floppy discs evolves into a prison rights crusade

• How to delete yourself from internet search results and hide your identity online

• Facebook Is Giving Users More Control Over Spam In Their Feeds

• Australia Is Scouring the Earth for Cybercriminals — the US Should Too

• Google Wants Android Apps To Have More Control Of Data Policy

• 119 arrested in Genesis Market takedown

• Designing Your Threat Hunting Framework from Scratch – Core Essentials

• Media Briefing: Proposed UN Cybercrime Treaty Negotiations Headed in Troubling Direction, Sidestepping Human Rights Protections and Threatening Free Expression, EFF and Allies Warn

• DevOps threat matrix

• Attaining Document Security in FileNet Content Management System

• Using ChatGPT as an Enabler for Risk and Compliance

• Cisco Patches Code and Command Execution Vulnerabilities in Several Products

• Threat Actors Increasingly Use Telegram For Phishing Purposes

• IT Spending To Grow 5.5 Percent In 2023, Predicts Gartner

• Uber Drivers’ Data Exposed in Breach of Law Firm’s Servers

• Secure hybrid and remote workplaces with a Zero Trust approach

• AI Chatbot leads to a married man’s suicide

• Tesla Staff Shared Sensitive Customer Images – Report

• The barriers to getting more unconnected households online

• Hack and enter! The “secure” garage doors that anyone can open from anywhere – what you need to know

• S3 Ep129: When spyware arrives from someone you trust

• Google Mandates Data Deletion Policy For Android Apps

• It Takes AI Security to Fight AI Cyberattacks

• How HTTPS Works And Overview Of Its Components

• Adobe Reset User Passwords as Precaution Against Data Breach Risks

• Google to Block Android Loan Apps Accessing User Photos, Contacts & Videos

• Thieves Use CAN Injection Hack to Steal Cars

• Google Wants Android Users to Have More Control Over Their Data

• What is Ransomware? Everything You Should Know

• Money Message ransomware group claims to have hacked IT giant MSI

• Rorschach ransomware deployed by misusing a security tool

• Why Chaos Engineering is a Good Stress Test Strategy

• Data of 3700 Customers Exposed by the Service NSW Bug

• Controversial Cybersecurity Practices of ICE

• Amazon’s $1.7bn iRobot Acquisition Triggers UK Antitrust Inquiry

• Securing Medical Devices is a Matter of Life and Death

• What to Discuss at RSA Conference — and It’s Not ChatGPT

• Identity Federation: Simplifying Authentication and Authorization Across Systems

• How to Defend Against Extortion Groups Like Lapsus$

• Styx Marketplace Provides Hub for Financial Cybercrime

• So Russia has a stash of scary malware? Imagine our shock

• Financial Fraud-Focused Cybercrime Marketplace ‘Styx’ Emerges

• The Pope’s Security Gets a Boost With Vatican’s MDM Move

• President Biden Delivers Remarks On “Risks Of Artificial Intelligence”

• CAN Do Attitude: How Thieves Steal Cars Using Network Bus

• Robin Hood Hacker Suspected Of Selling Stolen Info Cuffed

• ACRO Yanks Portal Offline Amid Cyber Security Incident

• Making Unilateral Norms for Military AI Multilateral

• Provisional Measures at the ICJ in the Cases of Armenia and Azerbaijan

• Experts Warn of Advanced Evasion Techniques as Rorschach Ransomware Emerges

• The Dangerous Weak Link in the US Food Chain

• Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation’s Crown Jewels

• Google Play apps will allow users to initiate in-app account deletion

• How to avoid accidents with these 3 types of technology

• How to Find Aesthetic Wallpapers for Google Pixel 3XL

• Ofcom Crackdown After ISPs Miss Broadband Switching Deadline

• OCR Labs exposes its systems, jeopardizing major banking clients

• STYX Marketplace: An Emerging Platform Aiding Financial Crimes

• ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access

• Mullvad Browser Emerges As The New Privacy-Focused Alternative From Mullvad VPN

• YouTube Alerts About Phishing Emails that Appear Authentic

• How Much Money Have I Spent on League of Legends? – Counting the Cost

• Supply Chain Attacks, Garage Doors, and Exploding USB Drives – Intego Mac Podcast Episode 286

• OpenAI Faces Possible Defamation Lawsuit Over ChatGPT Content

• Google Introduces Data Deletion Policy for Android Apps

• Cybersecurity M&A Roundup: 41 Deals Announced in March 2023

• Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

• Threat Report Portugal: Q3 & Q4 2022

• Research on AI in Adversarial Settings

• CAN do attitude: How thieves steal cars using network bus

• Amazon, Microsoft Cloud Services Face UK Antitrust Probe

• Success of Genesis Market Takedown Attempt Called Into Question

• FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Crackdown

• Typhon Info-Stealing Malware Comes Back Harder to Detect

• Cybercrime Unmasked: Insights from “Inside the Halls of a Cybercrime Business”

• Prolific Spanish Teen Hacking Suspect Arrested

• Synopsys’ Next Gen Polaris Software Integrity Platform Levels Up Application Security Testing

• Two-Fifths of IT Pros Told to Keep Breaches Quiet

• What Is Scareware and How to Prevent It?

• International Cyber Operation Shuts Down Notorious Genesis Market

• Criminal records office yanks web portal offline amid ‘cyber security incident’

• We’re All in this Together: Thoughts on the PwC 2023 Global Digital Trust Insights Report

• UK Criminal Records Office Crippled by “Cyber Incident”

• Monitor Keeps Entering Power Save Mode? Here’s How to Fix It

• Cops cuff teenage ‘Robin Hood hacker’ suspected of peddling stolen info

• Do you know what your supply chain is and if it is secure?

• Resecurity uncovers STYX, new cybercriminal platform focused on financial fraud

• ImmuniWeb unveils major updates to its AI platform

• A third of organizations admit to covering up data breaches

• IT and security pros pressured to keep quiet about data breaches

• North Korea dedicates a hacking group to fund cyber crime

• How to defend lean security teams against cyber threats

• Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online

• Assessing AI’s acquired knowledge from an organization’s database

• How Can You Identify and Prevent Insider Threats?

• The hidden picture of malware attack trends

• The staggering cost of identity fraud for financial services

• Synopsys enhances Polaris Software Integrity Platform with fAST offerings

• Industrial Defender launches Phoenix to secure SMBs operations

• Stamus Networks U39 uncovers hidden anomalies in a proactive threat hunt

• 1Kosmos integrates with ForgeRock to add biometric passwordless authentication to apps

• Fake ransomware demands payment without actually encrypting files

• Western Digital confirms breach, affects My Cloud and SanDisk users

• TikTok misused children’s data, faces $15.6M fine

• Update Android now! Google patches three important vulnerabilities

• 9 vital criteria for effective endpoint security: Insights from the ‘Endpoint Security Evaluation Guide’ eBook

Generated on 2023-04-07 23:55:28.162323