IT Security News Daily Summary 2023-04-08

• What is phishing? Everything you need to know to protect yourself from scammers

• Tesla Employees Allegedly Shared Customers’ Private Videos and Photos

• Organizations Struggle with Data Breach Disclosure

• How to stay safe on public Wi-Fi: 5 tips you need to know before you connect

• New adaptive platform customizes online certification training for a personalized experience

• Latest Cyberthreats and Advisories – March 31, 2023

• Challenges in Securing Critical Infrastructure: Modern Solutions Required

• Taiwanese PC Company MSI Falls Victim to Ransomware Attack

• Genesis Market: The Fall of a Cybercrime Website

• ThingsBoard: Default Static Key in IoT Platform Gives Attackers Admin Access

• How to think like a hacker: Essential offensive skills for cybersecurity professionals

• Review Of News And Events That Happened This Week

• ChatGPT: Mayor Announces Legal Action in Response to Fake Bribery Allegations

• FBI Obtained Detailed Database Exposing 59K+ Users of the Cybercrime Genesis Market

• Sophos Says Nearly Every Company Was Attacked Last Year

• Pinduoduo, a Top Chinese Shopping App, Is Laced With Malware

• New Money Message Ransomware Gang Hits MSI, Threatens of Data Leak

• Deriving Value From Open Reporting

• MSI warns against installing unofficial firmware after suffering a cyberattack

• Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise

• Build or Buy your own antivirus product

• Don’t Get Hooked: How Scammers are Reeling in YouTube Users with Authentic Email Phishing

• Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

• Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari

• A New Weaponized Browser Extension Bypass Two-factor Authentication

• New CISSP Exam Registration Process for 2023

• Apple issues emergency patches for spyware-style 0-day exploits – update now!

• Forescout Platform: NAC Product Review

• MSI hit in cyberattack, warns against installing knock-off firmware

• Urgent Patches: macOS Ventura 13.3.1, iOS 16.4.1 fix 2 actively exploited vulns

• Kali Linux Penetration Testing Tutorial: Step-By-Step Process

• Urgent Patches: macOS Ventura 13.3.1, iOS & iPadOS 16.4.1, Safari 16.4.1 fix 2 actively exploited vulns

• What is Network Security? Definition, Threats & Protections

• Microsoft and Fortra to Take Down Malicious Cobalt Strike Infrastructure

• Apple addressed two actively exploited zero-day flaws

• MSI Confirms Cyberattack After Fresh Demand From Ransomware Group

• UN Cybercrime Draft Treaty Timeline

• IT Security News Daily Summary 2023-04-07

• VA delays rollout of new electronic health record system again

• UN Cybercrime Treaty Timeline

• Texas may dial back bitcoin mining incentives

• Almost Half of Former Employees Say Their Passwords Still Work

• Decoding the U.N. Cybercrime Treaty

• National Park Service considers a digital park pass

• Iowa agency realignment includes tech tweaks

• Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days

• Microsoft, Fortra get court order to disrupt Cobalt Strike

• MSI confirms security breach after Money Message ransomware attack

• Welcome to open source, Elon. Your Twitter code just got a CVE for shadow ban bug

• Meet Anthalon, fighting for freedom of the press

• New Research Spotlights BEC Tactics, Other Emerging Security Trends

• Company that launched 2FA is pioneering AI for digital identity

• Cyberespionage threat actor APT43 targets US, Europe, Japan and South Korea

• More phishing campaigns are using IPFS network protocol

• Phishing from threat actor TA473 targets US and NATO officials

• Defining policy vs. standard vs. procedure vs. control

• EFF to Ninth Circuit: Twitter Has First Amendment Right to Ban Users, Including Presidents

• Company that launched 2FA pioneering AI for digital identity

• Push Notification Is More Secure Than SMS 2FA, So Why the Reluctance to Enable It?

• Hackers can Open Smart Garage Doors From Anywhere in the World

• Malicious Attacks Use Log4j Bugs

• Google Mandates Easy Account Deletion for Android Apps

• Microsoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike Tools

• Best Patch Management Practices to Follow to Keep Your Business Secured

• Critical Security Flaws Identified in Popular Japanese Word Processing Software

• LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

• DoJ: Estonian Man Tried to Acquire US-Made Hacking Tools for Russia

• MERCURY and DEV-1084: Destructive attack on hybrid environment

• Most commonly used PINs putting smart phones to cyber risks

• What Is a DMZ Network? Definition, Architecture & Benefits

• Watch: How to Build Resilience Against Emerging Cyber Threats

• Bad Actors Will Use Large Language Models — but Defenders Can, Too

• Printers Pose Persistent Yet Overlooked Threat

• TikTok, Other Mobile Apps Violate Privacy Regulations

• Deriving Intel From Open Reporting

• Cyber Incident Cripples UK Criminal Records Office

• Preemption and the Known Unknowns of the Trump Indictment

• Microsoft, Fortra Gains Legal Rights Against Cobalt Strike Abuse

• Sophos Study Finds Most Firms Struggle To Execute Essential Security Tasks

• 5 ChatGPT security risks in the enterprise

• Ransomware Gang Leaked 600GB of Data Stolen From Oakland City Servers

• Using a Private Version of ChatGPT as an Enabler for Risk and Compliance

• Secret US Documents on Ukraine War Plan Spill Onto Internet: Report

• LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

• The best Amazon security camera deals of April 2023: Ring and Blink spring sales

• Cybercriminals ‘CAN’ Steal Your Car, Using Novel IoT Hack

• Researchers Uncover Thriving Phishing Kit Market on Telegram Channels

• Rilide browser extension steals MFA codes

• MSI Breach Claimed By Money Message Ransomware Gang

• Sony Lashes Out At CMA’s ‘Irrational’ Reversal Over Microsoft Activision Buy

• Technical, Legal Action Taken to Prevent Abuse of Cobalt Strike, Microsoft Software

• Sophos Patches Critical Code Execution Vulnerability in Web Security Appliance

• Tesla Retail Tool Vulnerability Led to Account Takeover

• Microsoft aims at stopping cybercriminals from using cracked copies of Cobalt Strike

• How to choose a hosting provider for a high-traffic website

• Samsung To Cut Chip Production, Amid Profit Decline

• It’s this easy to seize control of someone’s Nexx ‘smart’ home plugs, garage doors

• OpenAI To Proffer Solutions To Italy’s ChatGPT Ban

• Phishing emails from legit YouTube address hitting inboxes

• What Is a Software Restriction Policy?

• 3CX Cyberattack: Cryptocurrency Firms at Risk

• 250+Captions, Quotes for Profile Picture (Trendy & Unique)

• OpenAI to Offer Remedies to Resolve Italy’s ChatGPT Ban

• With ICMP magic, you can snoop on vulnerable HiSilicon, Qualcomm-powered Wi-Fi

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Telegram – New Market Place for Selling Phishing Toolkits & Services

• Are Source Code Leaks the New Threat Software vendors Should Care About?

• Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool

• Free VPN Amnezia Helps Users Avoid Censorship in Russia

• CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products

• Cyberthreats take a toll on IT teams’ work on other projects

• New infosec products of the week: April 7, 2023

• April 2023 Patch Tuesday forecast: The vulnerability discovery race

• Tesla staff sharing in-car customer images

• Analysis: Hackers Exploit Zero-Day to Siphon $1.5 Million From Bitcoin ATMs

• Identity and Access Management (IAM) in Payment Card Industry (PCI) Data Security Standard (DSS) environments.

• API security: the new security battleground

• Influence of data breaches on Merger and Acquisition deals

• Companies carry unquantified levels of risk due to current network security approaches

• Outcome-based cybersecurity paves way for organizational goals

• Workspot launches Cloud PC with 99.99% SLA availability

• McAfee+ offers identity restoration and lost wallet assistance in Italy

• AuthenticID launches identity document liveness detector

• LastPass Security Dashboard now features dark web monitoring

• ISACA updates CMMI model to increase its flexibility and adaptability

• UK Criminal Records Office Crippled by Potential Ransomware Attack

• IoT garage door exploit allows for remote opening attack

• New tool allows you to opt out of Facebook’s targeted advertising

• Google aims to reduce data theft with app data and account deletions

• Visitors of tax return e-file service may have downloaded malware

• Uber data theft: Driver info stolen after law firm breached

Generated on 2023-04-08 23:55:26.554206