IT Security News Daily Summary 2023-04-22

• The Current State of Wireless (In)security, by Bastille CTO

• ChatGPT Can be Tricked To Write Malware When You Act as a Developer Mode

• CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

• DNS Malware Toolkit Discovered by Infoblox and Urged to be Blocked

• ChatGPT may hinder the cybersecurity industry

• For recession-proof security spending, embrace the value of multi-layered integrations

• How to Handle Secrets in Jenkins

• At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack

• Data of 2.5 Lakh Customers Sent to Personal Account by CFPB Employee

• Ransomware Attacks Surge in March 2023

• Summary Of News And Events That Happened This Week

• OpenAI’s Insatiable Need for Data is Coming Back to Harm it

• ChatGPT: A Threat to Privacy?

• First-Ever Cyber Attack Via Kubernetes RBAC to Create Backdoor on Clusters

• Criminals Are Using Tiny Devices to Hack and Steal Cars

• North Korean 3CX Hackers Also Hit Critical Infrastructure Orgs: Symantec

• The Best Laser Cutting Machine Wood: Tech Tips 2023

• 3D Revolution: The Industries Transformed by 3D Modeling – 2023 Guide

• Build or Buy your own antivirus product

• Accidental ‘write’ Permissions In Alibaba PostgreSQL Let Attackers Access Sensitive Data

• European air traffic control confirms website ‘under attack’ by pro-Russia hackers

• Accidental ‘write’ Permissions In Alibaba postgreSQL let Attackers Access Sensitive Data

• CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

• Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach

• A10 integrates Next-Gen WAF to enable multi-layered security

• Onapsis updates its platform to strenghten ERP cybersecurity

• Next DLP adds ChatGPT policy to its Reveal platform

• Virsec automates the path to zero trust workload protection

• AuKill – A Malware That Kills EDR Clients To Attack Windows Systems

• Two qudits fully entangled

• Stop This Dangerous Bill That Would Normalize Face Surveillance in California

• Update now, there’s a Chrome zero-day in the wild

• Would-be hitman busted after being fooled by parody website

• US Facebook users can now claim Cambridge Analytica settlement cash

• If Apple allows sideloading in iOS 17, how will iPhone security be affected?

• 2023-04-19 – Quick post: Qakbot (Qbot) activity, distribution tags BB24 and obama254

• Top 10 Citizenship By Investment Programs For IT Firms In 2023

• Microsoft pushes for more women in cybersecurity

• Attackers Continue to Leverage Signed Microsoft Drivers

• Be Lawfare’s Next Director of Development!

• The STOP CSAM Act Would Put Security and Free Speech at Risk

• IT Security News Daily Summary 2023-04-21

• Friday Squid Blogging: More on Squid Fishing

• Most multicloud troubles are self-inflicted, security researchers say

• How local governments can rise to the infrastructure complexity challenge

• Shields Health Breach Exposes 2.3M Users’ Data

• American Bar Association (ABA) suffered a data breach,1.4 million members impacted

• 7 Database Security Best Practices: Database Security Guide

• SSE Decoded: Answers to Your Questions About Secure Service Edge

• Common Vulnerability Scoring System (CVSS)

• ‘EvilExtractor’ All-in-One Stealer Campaign Targets Windows User Data

• North Korea’s Kimsuky APT Keeps Growing, Despite Public Outing

• TSA wants automated ID verification, ML detection algorithms at security gates

• API security becoming C-level cybersecurity concern

• Symantec: North Korean 3CX Hackers Also Hit Critical Infrastructure Orgs

• Intel Prioritizes Security in Latest vPro Chips

• EvilExtractor Infostealer Campaign Targeting Windows OS

• Chromium vulnerabilities threaten Electron app security

• How to vet your vendors: Ensuring data privacy and security compliance

• How Veza helps companies map data access and stop insider threats

• Transit agency’s cloud-based customer service boosts efficiency, visibility

• GhostToken GCP Bug Gives Entry To Attackers Into Google Accounts

• VMware patches break-and-enter hole in logging tools: update now!

• Hacking Pickleball

• Halcyon Secures $50M Funding for Anti-Ransomware Protection Platform

• China Building Cyberweapons To Hijack Enemy Satellites, Says US Leak

• DHS Announces AI Task Force, Security Sprint On China Related Threats

• WhatsApp Used In BEC Scam To Pilfer $6.4M

• APT Mint Sandstorm Quickly Exploits New PoC Hacks

• Shadow IT, SaaS Pose Security Liability for Enterprises

• Criminal Records Service Still Not Working Four Weeks After Cyber Attack

• A Corporate Secret is not Destroyed, it’s Discarded: Threat of Old Routers

• CFPB Employee Sends 256,000 Consumers’ Data to Personal Email

• Indian ICICI Bank data breach exposes 3.8 million customer information

• Identity and Access Management (IAM) in Payment Card Industry (PCI) Data Security Standard (DSS) environments.

• AI/ML advancements outpacing government policies, cyber experts warn

• Evil Extractor Targets Windows Devices to Steal Sensitive Data

• Arizona Teachers’ Sensitive Data Stolen in Ransomware Attack on TUSD

• Hackers are Employing This Top Remote Access Tool to Get Unauthorised Access to Your Company’s Networks

• DevSecOps: AI is reshaping developer roles, but it’s not all smooth sailing

• Trojanized Installers Used to Distribute Bumblebee Malware

• Security a top priority in the software development process, report finds

• Google Cloud Platform Vulnerability Led to Stealthy Account Backdoors

• Five Eyes Agencies Issue Cybersecurity Guidance for Smart Cities

• Abandoned WordPress Plugin Abused for Backdoor Deployment

• How to create an SBOM, with example and template

• Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining

• Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

• Using the iPhone Recovery Key to Lock Owners Out of Their iPhones

• Cisco and VMware Issues Security Updates For Critical Flaws

• How the Talent Shortage Impacts Cybersecurity Leadership

• The Tangled Web of IR Strategies

• The Black Sea Grain Deal: Fragile Cooperation Between Ukraine and Russia

• Celebrities Lose Blue Ticks, As Twitter Purges Legacy Verified Accounts

• Open Questions After Halkbank

• ICICI Bank Data Leak – Millions of Customers’ Sensitive Data Exposed

• Malware is proliferating, but detection measures bear fruit: Mandiant

• 14 Kubernetes and Cloud Security Challenges and How to Solve Them

• GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform

• Alphabet To Merge AI Units Deepmind And Google Brain

• Stay Ahead of Cyberthreats with Proactive Threat Hunting

• US Medical Service Data Breach Impacts 2.3M People

• GitHub Announces New Security Improvements

• #CYBERUK23: Five Takeaways From the NCSC Conference on the UK’s Cyber Strategy

• Q1 2023 Cyber Attacks Statistics

• The Rise Of Online Betting Houses In Japan: A Threat To Society Or An Economic Opportunity?

• Microsoft To Remove Twitter From Advertising Platform, Musk Threatens Lawsuit

• Securing our Sustainable Future

• Top Considerations for Securing AWS Lambda, part 1

• Capita Confirms Data Breach After Ransomware Group Offers to Sell Stolen Information

• House Committee Hears Testimony on DC Health Data Breach

• The War on Passwords Enters a Chaotic New Phase

• N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX

• Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

• Cybercriminals Abusing an Abandoned WordPress Plugin for Malicious Code Injection

• International cops urge Meta not to implement secure encryption for all

• The Best Crypto Games For Winning Big

• 3CX Cyber Attack: It Was The Aftermath Of Another Supply-Chain Attack

• 6 Best Marketing Data Extractor Tools for Your Business Needs

• Russian APT28 Group Exploiting Vulnerabilities in Cisco Routers

• Operation DreamJob – New Linux Malware Linked With 3CX Supply-Chain Attack

• Millions of Records With Sensitive Data Leaked by ICICI Bank

• Russia-linked APT28 Group Exploiting Vulnerabilities in Cisco Routers

• Government Agencies Release Blueprint for Secure Smart Cities

• China Developing Anti-Satellite Weapons – Report

• Intro to phishing: simulating attacks to build resiliency

• Healthcare organisations urged to improve system security

• Capita: Data Was Taken in March Cyber Incident

• The Ultimate Guide To Building A Passive Income Portfolio 2023

• 5 Best Airflow PC Cases to Buy in 2023 – Beat the Heat

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Is Twitter Blue Tick removal a data security concern

• Understanding the Different Types and How to Detect Them

• Thanks for fixing the computer lab. Now tell us why we shouldn’t expel you?

• Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products

• Scammers using social media to dupe people into becoming money mules

• New infosec products of the week: April 21, 2023

• The staying power of shadow IT, and how to combat risks related to it

• How Can You Identify and Prevent Insider Threats?

• Bugcrowd’s new self-serve PTaaS enable buyers to manage pen tests directly online

• Cofense Protect+ defends mid-size organizations from cyber threats

• Armorblox releases Graymail and Recon Attack Protection to stop malicious emails

• Sotero Ransomware Protection encrypts data to prevent theft and extortion

• Top three factors leading to burnout at work

• We’ve built A.I. and machine learning into our platform instead of ‘bolting’ them on: Software firm

• Catalyst Award

• Industry Eagle Award

• Government Eagle Award

• Infamous ransomware gang is now trying to target Mac users

• ChatGPT won’t take over from humans for now, says Infosys founder

• 3CX Breach Was a Double Supply Chain Compromise

• ChatGPT won’t take over from humans for now, says founder of Indian tech giant

• Talon Cyber Security collaborates with Microsoft to provide ChatGPT access

• Dashlane launches Confidential SSO powered by AWS Nitro Enclaves

• Intruder joins Google Cloud Partner Advantage program

• Orange Cyberdefense strengthens position in healthcare security sector

• Fancy Bear known to be exploiting vulnerability in Cisco routers

• FTC tackles tech support scams by chasing payment processor firms

• QBot changes tactic, remains a menace to business networks

• What your peers said: G2 comparison of top Endpoint Security vendors

• Multinational ICICI Bank leaks passports and credit card numbers

Generated on 2023-04-22 23:55:25.659936