IT Security News Daily Summary 2023-04-11

• State grounds Chinese-made drones over security concerns

• NextGen TV to deliver data-rich emergency alerts

• Stakeholders wonder how to sustain CX momentum long-term

• Virtual Event Tomorrow: Zero Trust Strategies Summit

• Researchers Discover Well-Known Malware Hidden In Facebook Ads

• Microsoft Azure Shared Key Misconfiguration Could Lead to RCE

• Microsoft patches zero-day exploited by attackers (CVE-2023-28252)

• Protect your data with a USB condom

• The best free PC antivirus software of 2023

• A “By-Design” flaw in Microsoft Azure can allow storage accounts takeover

• Ukrainian Hackers Breach Email of APT28 Leader, Who’s Wanted by FBI

• Microsoft Patches Another Already-Exploited Windows Zero-Day

• How to Provide Relevant Threat Intelligence

• CISA releases updated guidance for zero trust security architectures

• Inside the never-ending race to update the Pentagon’s IT

• Adobe Plugs Gaping Security Holes in Reader, Acrobat

• FTX bankruptcy filing highlights security failures

• ‘Blatantly Obvious’: Spyware Offered to Cyberattackers via PyPI Python Repository

• The U.S. Deserves Stronger Spyware Protections Than Biden’s Executive Order

• 10 hot topics to look for at RSA Conference 2023

• Attention gamers! Motherboard maker MSI admits to breach, issues “rogue firmware” alert

• Nokoyawa ransomware attacks with Windows zero-day

• Major Hack Hits South Korean Exchange GDAC, $13.9M Stolen

• How to fix the top 5 API vulnerabilities

• Cybercriminals To Add Android Malware On Google Play Up To $20,000

• Protect your company data with an Ivacy VPN lifetime subscription for $18

• 7 Things Your Ransomware Response Playbook Is Likely Missing

• Where Are the Women? Making Cybersecurity More Inclusive

• Announcing the deps.dev API: critical dependency data for secure supply chains

• Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

• Strategy Reporting Essentials: A Guide to Efficient Data Collection

• 10 things to look out for when buying a password manager

• Apple Patches Two Zero-Days Exploited in the Wild

• Malicious Android Apps Sold For Up to $20,000 on Darknet

• Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code

• Don’t bet with ChatGPT – study shows language AIs often make irrational decisions

• Balada Injector Infects Nearly 1 Million WordPress Sites

• DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia

• Eliminating 2% of Exposures Could Protect 90% of Critical Assets

• Beware of companies offering paid sextortion assistance

• BigID’s data minimization capabilities enable organizations to identify duplicate data

• CYBERSECURITY INDUSTRY NEWS REVIEW – APRIL 11, 2023

• What to Look For If Your Phone Is Hacked

• Thieves Use JBL Speakers to Hack Cars with Keyless Entry

• Now ransomware leads to three more additional Cyber Threats

• Apple Patched Two New Zero-days That Were Exploited to Hack iPhones and macOS

• ICS Patch Tuesday: Siemens, Schneider Electric Address Dozens of Vulnerabilities

• Microsoft Azure Users Warned of Potential Shared Key Authorization Abuse

• OSINT Company Fivecast Raises $20 Million

• Attackers Hide RedLine Stealer Behind ChatGPT, Google Bard Facebook Ads

• Yum! Brands, the owner of KFC, Taco Bell and Pizza Hut, discloses data breach

• Yum! Brands Report Data Breach After Ransomware Attack

• Keeper Security introduces new user interface

• Two New Emergency Patches from Apple

• Design Like A Pro: Top 6 Floor Plan Software Programs For Every Budget

• Estonian Arrested: Accused of Supplying Hacking Tools to Russia

• Azure Admins Warned To Disable Shared Key Access As Backdoor Attack Detailed

• FTX’s Cybersecurity Was Hilariously Bad

• Illinois Hospital Forced Into EHR Downtime After Cyberattack

• Malware Campaign Infects A Million WordPress Sites Since 2017

• One of the Stiffest Charges Against Jan. 6 Insurrectionists Hangs on by a Thread in the D.C. Circuit

• Addressing the Security Risks of AI

• Digital Spring Cleaning: Here is How You Can Declutter Your Digital Space

• Amazon Bans Flipper Zero for Being a Card Skimming Tool

• Former Twitter Executives Sue Over $1m In Unpaid Legal Bills

• GPT has entered the security threat intelligence chat

• Recorded Future launches OpenAI GPT model for threat intel

• Israeli Irrigation Water Controllers & Postal Service Breached

• How CIEM Can Improve Identity, Permissions Management for Multicloud Deployments

• How Password Managers Can Get Hacked

• Newly Discovered “By-Design” Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers

• Syxsense platform updates simplify endpoint security and management

• ThreatX Runtime API & Application Protection goes beyond basic observability

• Indian Start-Ups Demand Delay For New Google Payment System

• SD Worx Shuts Down its UK & Ireland IT Systems Following Cyberattack

• XDR vs MDR: A Comparison of Two Detection and Response Solutions

• Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access

• #IdentityManagementDay – Best Practices to Help Keep Your Organization Secure

• What’s Going On With LastPass, and is it Safe to Use?

• Azure admins warned to disable shared key access as backdoor attack detailed

• Samsung Engineers Feed Sensitive Data to ChatGPT, Sparking Workplace AI Warnings

• How to Use Apple’s New All-In-One Password Manager

• Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security

• South Korea Fines Google £26m For Blocking Rival App Store

• [eBook] A Step-by-Step Guide to Cyber Risk Assessment

• Apple rushes fixes for exploited zero-days in iPhones and Macs (CVE-2023-28205, CVE-2023-28206)

• Ethereum Upgrade Set To Release Billions In Value

• Yum Brands Discloses Data Breach Following Ransomware Attack

• Potential Outcomes of the US National Cybersecurity Strategy

• Apple Rolls Out Zero-Day Patches to Older iOS, macOS Devices

• Car Thieves Hacking the CAN Bus

• Military Intel Leak Investigated By US Officials

• CISA Urges to Fix Backup Exec Bug Exploited to Deploy Ransomware

• GitGuardian’s honeytokens in codebase to fish out DevOps intrusion

• Apple released emergency updates to fix recently disclosed zero-day bugs on older devices

• UK Casino Site Bonuses – A Guide to Maximizing Your Bankroll

• What is the Most Gambling Addicted Country?

• Gamblers in the USA

• China’s SenseTime Shows AI Chat, Image Tools

• 30 Ransomware Prevention Tips

• Microsoft Exchange Server 2013 Reaches End of Support

• US Scrambles to Investigate Military Intel Leak

• Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages

• 40% of IT security pros say they’ve been told not to report a data leak

• KFC Owner Discloses Data Breach

• Vodafone Fixes Broadband Outage That Affected Thousands

• 3 overlooked cloud security attack vectors

• A cyber attack hit the water controllers for irrigating fields in the Jordan Valley

• Latitude Financial Refuses to Pay Ransom

• Alibaba Launches ChatGPT-Like AI Chatbot

• Cyber spring cleaning: Maintaining your digital home

• Need to improve the detection capabilities in your security products?

• Reduce SaaS App Risks with Cloud Security Broker & Zero Trust

• Tesla Employees Shared Sensitive Images of Cameras on Customers‘ Cars

• Round-Robin DNS Explained. What It Is and How It Works

• FBI warns: avoid public charging stations

• How to transform cybersecurity learning and make content more engaging

• Making risk-based decisions in a rapidly changing cyber climate

• Why it’s time to move towards a passwordless future

• People disclose more personal info when question is repeated

• Criminal businesses adopt corporate behavior as they grow

• Consumers take data control into their own hands amid rising privacy concerns

• Australian Finance Company Refuses Hackers’ Ransom Demand

• Renewed Focus on Incident Response Brings New Competitors and Partnerships

• Ethereum’s Shanghai Update Opens a Rift in Crypto

• AI can crack most password in less than a minute

• Generative AI and Cybersecurity: Advantages and Challenges

• FBI: Don’t use public phone charging stations

• Last-gen ultralight laptops are nearly as fast as new models—and much cheaper

• How the cops buy a “God view” of your location data, with Bennett Cyphers: Lock and Code S04E09

• 4 ways to secure your remote work setup

• Tesla Sued Over Workers’ Alleged Access to Car Video Imagery

• Metaverse as a New Game Reality: Does it Make Sense to Invest in VR Development?

• How much to infect Android phones via Google Play store? How about $20k

• KillNet Claims Creating Gay Dating Profiles with NATO Logins

• DHA preps for MHS Genesis follow-on contract

• In SAS v. WPL, the Federal Circuit Finally Gets Something Right on Computer Copyright

• Organizations Have Security Priorities Mismatched as Breaches Continue to Rise

• The Practical Side of ZTNA: How it Helps Harden Defenses

• Inside FTX: Jokes about misplaced funds, diabolical IT, poor oversight, and worse

• IT Security News Daily Summary 2023-04-10

• Apps for Sale: Cybercriminals Sell Android Hacks for Up to $20K a Pop

• API Governance: Best Practices and Strategies for Effective API Management

• VA paid for but didn’t deploy an emergency communications system

• How an AI tool could crack your passwords in seconds

• Apple squashes iOS, macOS zero-day bugs already exploited by snoops

• Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads

• Cybersecurity Risks and Threats in the Satellite Sector: An Overview

• ARPA-H nets data, design experts in new Presidential Innovation Fellows cohort

• Pair of Apple Zero-Days Under Active Exploit; Patch & Update Accordingly

• People can only tell if AI wrote something 50% of the time

• County sees huge performance gains when permitting moves to the cloud

• FBI warns of public ‘juice jacking’ charging stations that steal your data. How to stay protected

• Israel Faces Fresh Wave of Cyberattacks Targeting Critical Infrastructure

• Clearing visibility and unifying security tools with a cloud-native application protection platform (CNAPP)

• State lawmakers pitch gold-backed cryptocurrency

• Google to kill Dropcam, Nest Secure hardware next year

• High-Stakes Ransomware Response: Know What Cards You Hold

• Ping Identity launches decentralized identity management

• IPFS Network Technology is Being Used in More Phishing Attacks

• PingIdentity launches decentralized identity management

• How and Why to Put Multicloud to Work

• Russia’s Joker DPR Claims Access to Ukraine Troop Movement Data

• SD Worx shuts down UK and Ireland services after cyberattack

• CISA adds zero-day bugs in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog

• Learn what you need to protect your business with ethical hacking for just $45

• Microsoft, Fortra are this fed up with cyber-gangs abusing Cobalt Strike

• MSI Confirms Cyberattack, Issues Firmware Download Guidance

• New Tool Helps Facebook Users Opt Out Of Data Tracking

• Qbot: The Ever Expanding Malware Family

• Tasmanian Hit by Big Data Breach Confirmed by Minister

• Could infrastructure dollars solve the lack of broadband in public housing?

• The best personal safety alarms of 2023

• Sophos patches three issues in the Sophos Web Security appliance, one of them rated as critical

• Vimeo To Pay $2.25M In AI-Related Biometric Privacy Lawsuit

• Leaked Pentagon Documents Provide Rare Window Into Depth Of US Intelligence On Allies And Foes

• Nexx Fixes Vulnerability By Breaking Customers’ Devices

• Dish Network Lawsuits Pile Up After Crippling Ransomware Attack

• MSI Hit By Cyberattack, Warns Against Installing Knock-Off Firmware

• Oldest Law Practice in NYC Hacked, over 90,000 Clients Impacted

• How to make sure the reputation of your products and company is good

• White House Cybersecurity Strategy warns of “Complex Threat Environment”

• Rilide Malware: Hackers Use Malicious Browser Extension to Bypass 2FA and Steal Crypto

• A New Era of Data Analytics: Exploring the Innovative World of Data Lakehouse Architectures

• Most Attack Paths Are Dead Ends, but 2% Lead to Critical Assets: Report

• Veritas Vulnerabilities Exploited in Ransomware Attacks Added to CISA ‘Must Patch’ List

• Microsoft: Iranian Gov Hackers Caught in Azure Wiper Attacks

• Iran-linked MERCURY APT behind destructive attacks on hybrid environments

• Estonian National Charged in U.S. for Acquiring Hacking-Tools

• AI can Crack Your Password in Seconds, Here’s how to Protect Yourself

• FBI warns against using public phone charging stations

• Alcasec Hacker, aka “Robin Hood of Spanish Hackers,” Arrested

• How LockBit Changed Cybersecurity Forever

• Rethinking Cybersecurity’s Structure & the Role of the Modern CISO

• Hackers Flood NPM with Bogus Packages Causing a DoS Attack

• Estonian National Charged in U.S. for Acquiring Electronics and Metasploit Pro for Russian Military

• When it comes to technology, securing your future means securing your present

• Nexx Garage Door Cyber Vulnerabilities: Risks in Smart Home Security

• Cornwall Mines ‘May Have To Export’ Lithium For EVs

• What’s at Stake for the Ukrainian National Bar Association

• Content Moderation Through the Apple App Store

• Report Details ‘Unauditable’ Chaos At FTX

• Container Security: Top 5 Best Practices for DevOps Engineers

• Detailed Analysis Of The Best Password Managers In 2023

• IDENTITY MANAGEMENT DAY 2023: Advice from Cyber Pros

• Top 10 Cybersecurity Trends for 2023: From Zero Trust to Cyber Insurance

• PC Shipments Slump 29 Percent, Led By Apple

• Okta as Code: Identity Management in the Cloud Native Era

• Report: FTX Collapse Due To ‘Hubris, Incompetence, Greed’

• Hardware Giant MSI Hacked – Ransomware Group Issues Demand

• Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign

• AI: The Double-Edged Sword of Cybersecurity

• How Does Your Snap Score Go Up? 5 Ways to Increase It

• Dutch Government to Adopt RPKI on All Its Networks for Safety Reasons

• Five New Actively Exploited Vulnerabilities Added by CISA to its KEV Catalog

• Protecting your business with Wazuh: The open source security platform

• Samsung employees unwittingly leaked company secret data by using ChatGPT

• Volkswagen To Build EV Academy In China’s Hainan

• BBC Protests ‘Government Funded’ Label On Twitter

• Tesla To Build Major Battery Plant In Shanghai

• Overview of Google Play threats sold on the dark web

• Software developers, how secure is your software?

• CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

• Ransomware gang attacks MSI and demands $4m for decryption

• How to detect and respond to a DDoS network cyber attack

• MSPs urged to refine security solutions in response to growing SMB needs

• Cybercriminals use simple trick to obtain personal data

• 5G connections set to rise past 5.9 billion by 2027

• What is Cloud Mining and How Does it Work?

Generated on 2023-04-11 23:55:33.020535