IT Security News Daily Summary 2023-04-15

• HIPAA Compliance Testing in Software Applications

• GitHub Exposed a Private SSH Key: What You Need to Know

• Paint by Numbers: The Perfect Therapy for Stress, Anxiety, and Boredom

• New Android malicious library Goldoson found in 60 apps +100M downloads

• New Google Chrome Zero-day Exploited in Wide – Emergency Update!!

• New Google Chrome Zero-day Exploited to Crash Browser – Emergency Update!!

• Why privacy-preserving synthetic data is a key tool for businesses

• This New Mirai Variant Uses Peculiar Malware Distribution Methods

• Siemens Metaverse exposes sensitive corporate data

• Lazarus Group’s Deathnote Cluster: A Threat to the Defense Sector

• Digitally Crafted Swatting Service Is Wreaking Havoc Across United States

• What is Insider Attacks? : How Prepared Are You?

• Data Breaches: What Do They Mean?

• ChatGPT: Researcher Develops Malicious Data-stealing Malware Using AI

• Security Roundup: Leak of Top-Secret US Intel Risks a New Wave of Mass Surveillance

• Online Gaming Chats Have Long Been Spy Risk for US Military

• CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog

• Catch Up On News And Events That Happened This Week

• Are You Being Tracked by an AirTag? Here’s How to Check

• 2023: What Awaits Us?

• ChatGPT and You

• Volvo retailer leaks sensitive files

• European Data Protection Board Creates Task Force to Investigate ChatGPT

• Build or Buy your own antivirus product

• Google New Initiative to Reduce the Risk of Zero-Day Vulnerabilities

• Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

• PCI DSS reporting details to ensure when contracting quarterly CDE tests

• How often should security audits be?

• 2023-04-14 – Quick post: IcedID (Bokbot) activity

• Daon brings IdentityX to healthcare industry

• Cobalt Iron updates Compass platform with new data governance capabilities

• Cybercriminals Selling Python-based Hacking Tool via Telegram

• Montana’s Looming TikTok Ban Is a Dangerous Tipping Point

• Votiro collaborates with Sumo Logic to provide analytics on file-borne threats

• Deloitte and Riskified help eCommerce merchants analyze their fraud exposure

• Thales prepares to protect European infrastructures from quantum attacks

• Google Warns of New Chrome Zero-Day Attack

• 5 Best Bot Protection Solutions and Software for 2023

• Massive malvertising campaign targets seniors via fake Weebly sites

• Is AI being used for virtual kidnapping scams?

• Port scan attacks: Protecting your business from RDP attacks and Mirai botnets

• Russia-pushed UN Cybercrime Treaty may rewrite global law. It’s … not great

• Russia-pushed UN Cybercrime Treaty may rewrite global law. It’s not great

• Safety first: 5 cybersecurity tips for freelance bloggers

• A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays

• Western Digital Cyber Attack a ‘Wake Up Call for ASIC Vendors’

• IT Security News Daily Summary 2023-04-14

• How mass layoffs can create new risks for corporate security

• Russian SolarWinds Culprits Launch Fresh Barrage of Espionage Cyberattacks

• US extradites Nigerian charged in $6m email fraud scam

• Short, sweet, simple: Tips for effective government communications

• Why is ‘Juice Jacking’ Suddenly Back in the News?

• Google fixed the first Chrome zero-day of 2023

• Comunicado de prensa para Latinoamérica: La propuesta de tratado de la ONU sobre ciberdelincuencia carece de suficientes salvaguardias de derechos humanos, lo que agrava las amenazas a la privacidad y las libertades civiles en Latinoamérica

• Combating fraud and bias this tax season

• Upcoming Speaking Engagements

• Darktrace Research Reveals No Proof Of LockBit Compromise

• EFF, International Allies Warn That Proposed UN Cybercrime Treaty, Rather Than Making Us More Secure, Could Legitimize Intrusive Surveillance and Drag Down Global Privacy and Free Expression Standards

• The Biden administration tells agencies to scale back telework

• 21-year-old Air Force IT specialist charged with leaking classified documents

• Why xIoT Devices Are Cyberattackers’ Gateway Drug for Lateral Movement

• Elon Musk is reportedly planning an A.I. startup to compete with OpenAI, which he cofounded

• Smart cameras ID bus lane violators

• Pen testing amid the rise of AI-powered threat actors

• Software-Dependency Data Delivers Security to Developers

• Hacking Suicide

• Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor

• Security Is a Revenue Booster, Not a Cost Center

• Elon Musk is reportedly planning an AI startup to compete with OpenAI, which he cofounded

• 2023-04-13 – Metastealer infection

• The 2023 Federal 100

• SASE Market Worth $5.9B by 2028 — Report by MarketsandMarkets™

• Western Digital Hackers Demand 8-Figure Ransom Payment for Data

• Latam Media Briefing: Proposed UN Cybercrime Treaty Lacks Sufficient Human Rights Safeguards, Exacerbating Threats to Privacy and Civil Liberties in Latam

• International Information Systems Security Certification Consortium (ISC)2

• International guidance pushes security by design

• SASE Market Worth $5.9B by 2028 — Report by MarketsandMarkets™

• From Data Breaches and Spyware, to New Cybersecurity Guidelines…

• Compatibility mess breaks not one but two Windows password tools

• Ivanti Policy Secure: NAC Product Review

• SASE Market Worth $5.9B by 2028 — Report by MarketsandMarkets™

• SASE Market Worth $5.9B by 2028 — Report by MarketsandMarkets™

• Be Skeptical of FBI Warnings About Phone Chargers

• The reopening that wasn’t: As government employees work from home, people find services curtailed

• CISA Asks Manufacturers to Prioritize Cybersecurity in Product Design

• SASE Market Worth $5.9B by 2028 — Report by MarketsandMarkets™

• Most of US IT professionals asked to stay silent about data breaches

• Chinese fraudsters: evading detection and monetizing stolen credit card information

• RTM Locker Gang Targets Corporate Environments with Ransomware

• Top Endpoint Detection and Response (EDR) Solutions in 2023

• SASE Market Worth $5.9B by 2028 — Report by MarketsandMarkets™

• Kodi discloses data breach after its forum was compromised

• LinkedIn Deploys New Secure Identity Verification For All Members

• Inside Look At Cybercriminal Organizations

• Ether Jumps To 11-Month High In Wake Of Software Upgrade

• Linux Kernel Logic Allowed Spectre Attack On Major Cloud Provider

• Robots are everywhere – improving how they communicate with people could advance human-robot collaboration

• Microsoft warns accounting firms of targeted attacks as Tax Day approaches

• Hyundai Experiences Cybersecurity Issues: Breach and App Bugs

• SASE Market Worth $5.9B by 2028 — Report by MarketsandMarkets™

• Spyware Offered to Cyberattackers via PyPI Python Repository

• How To Build on Linea: A ZK-rollup on Ethereum

• CISA Introduces Secure-by-design and Secure-by-default Development Principles

• FBI Arrests 21-Year-Old Guardsman in Leak of Classified Military Documents

• Kodi Data Breach Hits 400,000 Users’ Records & Private Messages

• How To Easily Cut Cloud Costs In A Time Of Soaring Expenses

• Employing Zero Trust to Defend Against Backdoor Attacks

• WordPress Security: 1 Million WordPress Sites Hacked via Zero-Day Plug-in Bugs

• Enforcement of Cybersecurity Regulations: Part 3

• Why Divergent Civil Society and Military Approaches Matter for CHMR-AP Implementation

• Detection Methods: Do You Know Where Your Credentials are?

• What the Recent Collapse of SVB Means for Privacy

• WhatsApp announces features to prevent account takeover

• Google To Face Trial Over Sonos Patents, Judge Rules

• Improve AWS Security and Compliance With CDK-nag?

• How to completely remove your data from LastPass’s servers (eventually)

• Google, CISA Warn of Android Flaw After Reports of Chinese App Zero-Day Exploitation

• Microsoft Warns Accounting, Tax Return Preparation Firms of Remcos RAT Attacks

• Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities

• 3 Ways Tech Can Help To Build Stronger Customer Relationships

• Firmware Caution Advises MSI Cyberattack

• Western Digital hackers claim to have copied 10TB of company data

• LATEST CYBERTHREATS AND ADVISORIES – APRIL 14, 2023

• Murdered Tech Executive Knew His Alleged Killer, Say Police

• For cybercriminal mischief, it’s dark web vs deep web

• Juniper Networks Patches Critical Third-Party Component Vulnerabilities

• UK Education Sector Suffered Most from Ransomware in 2022

• Gaining an Advantage in Roulette

• Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen

• RTM Locker, a new RaaS gains notorieties in the threat landscape

• WhatsApp Improves Defense Against Malware-Based Account Takeover

• Humans Needed To Avoid Cybersecurity Missteps, Gartner Says

• Darktrace Denies Getting Hacked After Ransomware Group Names Company on Leak Site

• Cerbos Raises $7.5 Million for Authorization Platform

• While Twitter wants to sell its verification, Microsoft will do it for free on LinkedIn

• Glamourizing fraudsters hurts victims of fraud, and society

• Post-Quantum Cryptography (PQC): Three Easy Ways to Prepare

• Syxsense’s Latest Product Release Gives Organizations Robust Capabilities to Easily Automate Complex Security and IT Management Playbooks

• Hackers Shifting DDoS Attacks to VPS Infrastructure for Increased Power

• Zelle users targeted with social engineering tricks

• Five Arrests in Crackdown on $98m Investment Fraud Gang

• Volume of Opaque Breach Notices Surges in Q1

• Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice

• Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Linux kernel logic allowed Spectre attack on ‘major cloud provider’

• Over 12k Indian Govt websites disrupted due to cyber-attack from Indonesia

• The Security Risks of ChatGPT in an Enterprise Environment

• Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products

• New infosec products of the week: April 14, 2023

• To improve security, consider how the aviation industry stopped blaming pilots

• Conquering modern data stack complexities

• Organizations face an uphill battle to keep their sensitive data secure

• Tactics that make crypto giveaway scams so successful

• WhatsApp New Features Protect Users From Unknown Account Take-Over Attacks

• OGUsers (2022 breach) – 529,020 breached accounts

• Cymulate ASM bridges vulnerability management and ASM gaps in hybrid infrastructure

• Cerbos Cloud manages and enforces authorization policies

• Code42 Instructor now offers risk reduction training videos to Microsoft Teams

• Entrust offers zero-trust solutions for authentication, HSM, and multi-cloud compliance

• Qwiet AI releases a suite of targeted AppSec and DevSecOps services

• DirectDefense and Claroty join forces to secure XIoT environments

• SentinelOne announces integration of firewalls and NDR capabilities with key industry players

• Troubleshooting No Signal Monitor Issue: Steps to Get Computer Display Back

• Google Pay accidentally handed out free money, bug now fixed

• Sextortion “assistance” scammers con victims further

• Ransomware in France, April 2022–March 2023

• Ransomware review: April 2023

• Infosys Uses Cortex XSIAM to Revolutionize Your SOC

• Palo Alto Networks Named a Leader in 2023 Magic Quadrant for SSE

Generated on 2023-04-15 23:55:24.713940