IT Security News Daily Summary 2023-04-25

• Mobile device security policy

• Top 10 Cloud Access Security Broker (CASB) Solutions for 2023

• ReliaQuest Adds AI Capabilities to GreyMatter Intelligent Analysis

• NetWitness Partners With Palo Alto Networks, Broadcom to Launch SASE Packet Integrations at RSA Conference 2023

• Forcepoint Delivers Data Security Everywhere, Extending DLP Policies From Endpoints to the Cloud

• Akamai Introduces Prolexic Network Cloud Firewall

• Welcome to FCW Insider Chat

• Vantage Travel Experiences Data Security Incident

• SmartStoreNET: Malicious Message Leading To E-Commerce Takeover

• #RSAC: AI Can Help Save Our Democracy

• Large 2,200x DDoS Amplification Assault Due To New SLP Flaw

• Menaced by miscreants, critical infrastructure needs a good ETHOS. Ah, here’s one

• Azure Data Box

• OMB, CISA set to release common form for software self-attestation

• NASCIO’s game plan for enterprise portfolio management

• VMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023

• Texas Should Leave Its Anti-SLAPP Law Alone

• RSAC 2023: SecurityScorecard launches ‘first’ GPT-4 security ratings platform

• NASA struggles to improve workforce diversity

• Bugcrowd CTO talks hacker feedback, vulnerability disclosure

• PaperCut security vulnerabilities under active attack – vendor urges customers to patch

• ‘Good’ AI Is the Only Path to True Zero-Trust Architecture

• Active Directory Penetration Testing Cheatsheet

• DOD components on the clock to certify compliance with classified access rules in the wake of Discord leaks

• A Security Team Is Turning This Malware Gang’s Tricks Against It

• How ChatGPT and other advanced AI tools are helping secure the software supply chain

• Attackers Abuse PaperCut RCE Flaws to Take Over Enterprise Print Servers

• Cloud-native security metrics for CISOs

• #RSAC: Election Protection is CISA’s Top Priority for Next 18 Months

• BigID launches BigAI, a ‘privacy-by-design’ LLM  designed to discover data

• #RSAC: GPT-4 Empowers Cybersecurity Leaders to Make Smarter Risk Decisions

• The Decline in Ransomware: Does It Actually Increase Risks for Organizations?

• Internal Documents Show How Little the FBI Did to Correct Misuse of Section 702 Databases

• How to send password-protected emails in Gmail

• Secure Access Startup Sonet.io Emerges From Stealth With $6 Million in Funding

• Token Gets $30M Funding for Biometrics MFA Smart Ring

• NetRise Adds $8 Million in Funding to Grow XIoT Security Platform

• Exposed Artifacts Seen In Misconfigured Cloud Software Registries

• Cyera enhances its AI-powered data security platform to stop sensitive data exfiltration

• Cisco XDR prioritizes security incidents using evidence-backed automation

• SecurityScorecard introduces security ratings platform with OpenAI’s GPT-4 search system

• Yellow Pages Canada Suffered a Cyberattack

• Improving your bottom line with cybersecurity top of mind

• Cloud forensics – An introduction to investigating security incidents in AWS, Azure and GCP

• What Comes After the Digital Transformation?

• Pennsylvania says it’s eligible for up to $5.2M cyber grant

• Yellow Pages Canada Hit by Cyber-Attack, Black Basta Claims Credit

• PoC Exploit Code Released for Critical Papercut Flaw

• Iranian Hackers “Educated Manticore” Target Israel With New Tools

• Google’s Authenticator App Now Lets You Sync 2FA Codes Across Devices

• A new Mirai botnet variant targets TP-Link Archer A21

• Google Adds Generative AI To Its Cloud Security Offerings

• Artificial Intelligence Takes RSA Conference By Storm

• Terra Co-Founder And 9 Staff Indicted For Role In Crypto Collapse

• Eight Years Since The Obama-Xi Agreement, Chinese Hacking Is Worse Than Ever

• Microsoft announces the 2023 Microsoft Security Excellence Awards winners

• New SLP Vulnerability to play catalyst to 2000x DDoS attacks

• Cybersecurity for Kids: 7 Tips for Teaching the Basics

• Space Force should look to the private sector to fill data gaps, watchdog says

• DOJ’s Monaco addresses ‘misperception’ of Joe Sullivan case

• Google, Mandiant highlight top threats, evolving adversaries

• Google Finds Flaws in Intel TDX After Nine-Month Audit

• Palo Alto Networks Unit 42 expands its DFIR service globally

• Most SaaS adopters exposed to browser-borne attacks

• Thales’ new secrets management solution improves DevOps and cloud security

• Macbook Security: Do I Need Antivirus for Macbook?

• Security Benefits of Enhanced Cloud Visibility

• Build a Web3 Ticketing System and Disrupt Online Ticketing

• Google Authenticator will now sync your 2FA codes to use on different devices

• Apiiro Launches Application Attack Surface Exploration Tool

• Millions of Exposed Artifacts Found in Misconfigured Cloud Software Registries

• Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

• New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks

• Google researchers found multiple security issues in Intel TDX

• Global Infosec Award Winners Announced at RSA

• Abnormal Security expands its platform and launches new products

• VMware announces new security capabilities to help protect hybrid workforce

• How to Create a New Discord Account in 2 Minutes – A Comprehensive Guide

• Data on Resold Corporate Routers can be Used by Hackers to Access Networks

• US Sanctions Two For Aiding North Korean Crypto Thieves

• Reach Out to Peers and Vendors to Build Your Security

• Nvidia helps enterprises guide and control AI responses with NeMo Guardrails

• RSA Conference 2023 – Announcements Summary (Day 1)

• Kaspersky Analyzes Links Between Russian State-Sponsored APTs

• Building a Better SBOM

• The Political Cybersecurity Blindfold in Latin America

• Ukraine’s Nuclear Moment

• Imperva Unveils Latest API Security Enhancements

• Lookout Launches Mobile Endpoint Detection and Response for MSSPs to Help Close the Mobile Security Gap for Customers

• Iranian Hackers Launch Sophisticated Attacks Targeting Israel with Powerless Backdoor

• Spotify Surpasses Half-Billion Monthly Users

• Check Point Software Technologies and BBT.live Join Forces to Bring Enhanced Cybersecurity to Remote Networks with Secure SD-WAN Solution

• RidgeShield monitors traffic across workloads and enforces unified security policies

• Key Tech Dominating On Online Sportsbooks

• Vehicles Stolen Using High-Tech Methods by Criminals

• Modernizing Vulnerability Management: The Move Toward Exposure Management

• Google Audit Finds Vulnerabilities in Intel TDX

• Insider Q&A: OpenAI CTO Mira Murati on Shepherding ChatGPT

• Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis

• Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware

• Google adds new risk assessment tool for Chrome extensions

• GrammaTech and ArmorCode unify application security tools and intelligence

• AWS boosts Amazon GuardDuty with 3 new capabilities to protect varied workloads

• AnimeUltima 2023 – Top Alternatives to Watch Anime Online

• European Payments Initiative Buys Two Fintech Firms

• #RSAC: US DoJ Prioritizes Victim Support in Cybercrime Crackdown

• OTP Codes Synchronized Across Devices With Google Authenticator

• PaperCut Flaw Exploited to Hijack Servers, Fix Released

• Shanghai To Back Chip, AI Investments

• Google Authenticator App now supports Google Account synchronization

• IBM Security QRadar Suite streamlines security analysis throughout the incident process

• PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)

• Attackers are logging in instead of breaking in

• MITRE Caldera for OT tool enables security teams to run automated adversary emulation exercises

• Leveraging SaaS Data Security and Compliance Tools

• Check Point Research uncovers rare techniques used by Iranian-affiliated threat actor, targeting Israeli entities

• Falling Dwell Time May Be Due to Faster Threat Activity

• Cyberweapons Manufacturer QuaDream Shuts Down

• What Is Privileged Account and Session Management (PASM)?

• The Importance of Data Sciences in Today’s Day and Age

• The dark side of budgeting apps: potential security risks

• CISA Warns Of PaperCut Print Software Vulnerabilities Under Attack

• VirusTotal Code Insight: AI-powered malware analysis feature

• Japan Start-Up iSpace Prepares First Commercial Moon Landing

• Peugeot leaks access to user information in South America

• Arista Networks unveils AI-driven network identity service

• IBM’s Security QRadar Suite streamlines security analysis throughout the incident process

• How to Join a Playstation Party on PC? – Connecting with Friends

• Financial Trading Desktop And Mobile Apps To Try Out In 2023

• Cool, Funny, Best Gaming Names – Creative Ideas for Your ING Personality

• 4 Key Elements Of Successful Construction Management

• CyberSmart makes waves in SME cybersecurity market

• Root Cause Analysis for Deployment Failures

• Cloud security 101: Understanding and defending your cloud infrastructure

• Thousands of Social Media Takedowns Hit People Smugglers

• North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware

• This Evil Extractor Malware Steals Data from Windows Devices

• Indian Court Rejects Xiaomi Plea To Return Seized Funds

• Researchers Find 250 Million Artifacts Exposed in Misconfigured Registries

• UK Introduces Long-Delayed Digital Markets Legislation

• Need to improve the detection capabilities in your security products?

• Thales CipherTrust Manager Integrates with archTIS NC Encrypt to Secure Business Critical Content in Microsoft 365 Applications

• How to fortify your cryptocurrency security

• Cyber Attack news headlines trending on Google

• Securing the rapidly developing edge ecosystem

• The silent killers in digital healthcare

• AI tools help attackers develop sophisticated phishing campaigns

• Microsoft Changed the Method of Naming the Hacker Groups

• Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

• How to establish network security for your hybrid workplace

• E-mail header analysis

• The double-edged sword of open-source software

• Rethinking the effectiveness of current authentication initiatives

• Google’s here to boost your cloud security and the magic ingredient? AI, of course

• SentinelOne unveils cybersecurity AI platform

• ByteDance is pushing a new app in the U.S. as TikTok faces a ban

• On Validation, pt III

• New Events Ripper Plugins

• #RSAC: Climate Change is Increasing Cyber-Risks

• A week in security (April 17 – 23)

• Adult content malvertising scheme leads to clickjacking

• Removing the human: When should AI be used in emotional crisis? Lock and Code S03E09

• #RSAC: Cyber Intrusion Campaign Against Three US Federal Agencies Thwarted

• National Cybersecurity Alliance launches HBCU Scholarship Program

• Tangled Up: ‘Tomiris’ APT Uses Turla Malware, Confusing Researchers

• Millions of Artifacts, Misconfigured Enterprise Software Registries Are Ripe for Pwning

• Your Messaging Service Should Not Be a DEA Informant

• State health data sharing limited by access to broadband, staff and funds

• #RSAC: Understanding AI’s Role in Cybersecurity Beyond the Hype

• AuKill tool uses BYOVD attack to disable EDR software

• ZScaler and Rubrik CEOs on securing the cloud through new partnership

• IT Security News Daily Summary 2023-04-24

• Analysis paralysis: When too much data reduces decision-making

• Security Experts Warn About New Scam Involving Hackers Who Impersonate Facebook

• California Bill to Stop Dragnet Surveillance of People Seeking Reproductive and Gender-Affirming Care Passes Key Committees

• ZScaler and Robrik CEOs on securing the cloud through new partnership

• How fiends abuse an out-of-date Microsoft Windows driver to infect victims

• DHS outlines cyber priorities in release of delayed review

• How a shift to the cloud streamlined one state’s professional licensing

• Google Workspace Extends Enterprise-Grade Security and Device Management for Hybrid Work With Okta and VMware

• Beyond Anti-Virus ‘Shark Nets’: Why Current Approaches to Cybersecurity Need to Change

• ImmuniWeb AI Platform

• How this gang abuses an out-of-date Microsoft Windows driver to infect victims

• NIST sets sights on implementing identity provisions from the CHIPS Act

• Misconfigured Registries: Security Researchers Find 250 Million Artifacts Exposed

• First US Appellate Court to Decide Finds Geofence Warrant Unconstitutional

• How Cyber Insurance Changed Cybersecurity

• Is the Biden administration’s management agenda getting back on track?

• Investors Place Early $4 Million Bet on Stack Identity

• Experts released PoC Exploit code for actively exploited PaperCut flaw

• SPanel: Taking Website Security to the Next Level

• If you haven’t patched Microsoft Process Explorer, prepare to be pwned

• AI-generated spam may soon be flooding your inbox – and it will be personalized to be especially persuasive

• North Korean Foreign Trade Bank Representative Charged in Crypto Laundering Conspiracies

• KuCoin Twitter Account Hacked, Losses $22.6K In Crypto Scam

• Huntress: Most PaperCut Installations Not Patched Against Already-Exploited Security Flaw

• Adrian Stone Joins Moderna as CISO

• Double zero-day in Chrome and Edge – check your versions now!

• #RSAC: Computer Science Courses Must Teach Cybersecurity to Meet US Government Goals

• Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

• Don’t let manual processes hold you back, automate your AppSec

• Google Authenticator now supports Google Account synchronization

• Stay compliant and protect sensitive data with Zero Trust security

• Securing the Edge Ecosystem Global Research released – Complimentary report available

• Microsoft launches bug bounty program for the new Bing

• Scammers Impersonate Meta in Facebook Campaign With 3200 Profiles

• Google Cloud Announces New Security AI Workbench and Ecosystem Expansion at RSAC 2023

• Proton Launches ProtonPass Password Manager With E2E Encryption

• Mullvad VPN Received Data Warrant – Had None To Share

• Introducing VirusTotal Code Insight: Empowering threat analysis with generative AI

• Google releases security LLM at RSAC to rival Microsoft’s GPT-4-based copilot

• Incident response policy

• RSA Conference 2023 highlights strength through alliances

• US Navy Contractor Fincantieri Marine Group Hit by Cyber-attack

• ZeroFox to Acquire LookingGlass, Broadening Global Attack Surface Intelligence Capabilities

• Akamai Brand Protector defends against phishing attacks and fake websites

• Flashpoint Ignite accelerates cross-functional risk mitigation and prevention

• D3 Security MSSP Client Portal simplifies information sharing between MSSPs and clients

• DNS Layer Security Explained. How It Stops Ransomware and Other Cyberattacks

• Getting started with the CDMC framework—Microsoft’s guide to cloud data management

• How to make sure the reputation of your products and company is good

• SSD with in-built ransomware prevention capabilities

• DHS announces first-ever AI task force

• Gmail App Passwords: What they are, how to create one, and why to use them

• Tomiris and Turla APT Groups Collaborate to Target Government Entities

• Cisco Unveils Solution to Rapidly Detect Advanced Cyber Threats and Automate Response

• Avoiding Mandatory Transparency’s Pitfalls in Online Safety Legislation

• The Supreme Court’s Halkbank Decision Explained

• Tourist Cyber Threats Exposed: Where and When to Use a Travel VPN

• ChatGPT: A Game-Changer or a Cybersecurity Threat

• The IRS is Deploying Four Investigators Across the Globe to Combat Cybercrime

• The Needs of a Modernized SOC for Hybrid Cloud

• SentinelOne experiments with GPT-4 as part of new threat hunting platform

• North Korean Hackers Target Mac Users With New ‘RustBucket’ Malware

• New Data Sharing Platform Serves as Early Warning System for OT Security Threats

• Capita Admits Data Stolen During Cyberattack

• Pro-Russian Hackers Target European Air Traffic Control

• GhostToken Vuln Could Permanently Expose Data Of Google Users

• If You Haven’t Patched Microsoft Process Explorer, Prepare To Get Pwned

• The Incidence of EvilExtractor Malware Rises Across Europe and the U.S.

• EFF and ECNL’s Comment to the Meta Oversight Board on the Term ‘Shaheed’

• 10 Best Practices for Using Kubernetes Network Policies

• Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack

• Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

• 3CX breach linked to previous supply chain compromise

• Organizations are stepping up their game against cyber threats

• Trellix Threat Intelligence enhancements accelerate threat analysis and response

• How To Build Your Online Course And Get Some Profit Out Of It?

• UK Government Pledges £100m For AI Taskforce

• These two countries are teaming up to develop AI for cybersecurity

• Cybersecurity Survival: Hide From Adversarial AI

• EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

• China To Explore 3D Printing For Moon Base

• CrowdStrike Introduces CrowdStream to Accelerate and Simplify XDR Adoption

• Palo Alto Networks Takes Aim At Cyberattacks With the Expansion of Unit 42’s Digital Forensics & Incident Response Service Globally

• Rethinking Safer AI: Can There Really Be a ‘TruthGPT’?

• Zimperium Launches Unified Mobile Security Platform for Threat Detection, Visibility, and Response

• Hackers Abuse Outdated Eval PHP WordPress Plugin To Deploy Backdoors

• Machine Learning and Deep Learning with GPU servers

• Evil Extractor Infostealer Targets Windows In Recent Phishing Campaign

• Attackers Abuse Kubernetes RBAC to Deploy Persistent Backdoor

• Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites

• Study: 84% of Companies Use Breached SaaS Applications – Here’s How to Fix it for Free!

• Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

• Cato Networks Introduces Instant RBI Featuring Single-Click Activation

• Enterprise-Attacking Malware Toolkit Analyzing 70 Billion DNS Queries Daily

• 5 Years On: What did we learn from the Government Cryptojacking Attack?

• External Signs of Narcissism – Raising Awareness to Avoid Collateral Damage

• SolarWinds Platform Update Patches High-Severity Vulnerabilities

• Critical Flaw in Inea ICS Product Exposes Industrial Organizations to Remote Attacks

• Yellow Pages Canada Alerts of Cyberattack As Black Basta Leaks Data

• Threat Actors Can Use Old Routers’ Data to Breach Corporate Networks

• US Urges South Korea Not To Fill Micron Shortfall In China

• Silicon In Focus Podcast: How Green is Your Tech Budget?

• Former OpenSea Employee Faces Criminal Charges Over NFT Trades

• If you haven’t patched Microsoft Process Explorer, prepare to get pwned

• Outpost24 Appoints New Chief Strategy Officer

• VMware plugs security holes in VMware Aria Operations for Logs (CVE-2023-20864, CVE-2023-20865)

• Securing Your Business Through Advanced Detection Technology

• The Future Of ‘fortnite’ Is In The Hands Of Its Players

• Ireland is the next country to ban TikTok

• ViperSoftX Updates Encryption, Steals Data

• UK Threatens End-to-End Encryption

• Does my local police station use face recognition?

• 38 Countries Take Part in NATO’s 2023 Locked Shields Cyber Exercise

• 7 Security Tips When Setting Up Your Smart Home

• Lockbit Ransomware Aims To Target macOS Systems – But May Not Be As Successful

• GhostToken Zero-Day Vulnerability Found In Google Cloud

• Budget Shopping App Temu Launches In Europe

• Ghosttoken – A Zero-Day Bug Let Hackers Create Invisible Google Accounts

• Cloud Complexity Means Bugs Are Missed in Testing

• Ofcom Finds Millions Missing Out On Cheaper Broadband

• Twitter Restores Blue Ticks For High-Profile Users

• The K-12 Report: A Cybersecurity Assessment of the 2021-2022 School Year

• Spring is the Perfect Season for a Digital Declutter

• American Bar Association Breach Hits 1.5 Million Members

• Hackers can hack organizations using data found on their discarded enterprise network equipment

• How product security reached maturity

• Resecurity to showcase innovative cybersecurity solutions at RSA Conference 2023

• 3CX Hackers Also Compromised Critical Infrastructure Firms

• Tomiris called, they want their Turla malware back

• Software developers, how secure is your software?

• New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web

• Tails Operating System: The Means To Privacy and Security On Internet

• Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers

• A third-party’s perspective on third-party InfoSec risk management

• Unlocking the passwordless era

• Lung Cancer detection possible 10 Years prior with AI

• What is offensive Cyber Capabilities

• Over 70 billion unprotected files available on unsecured web servers

• How CISOs navigate security and compliance in a multi-cloud world

• MEO – 8,227 breached accounts

• Study of past cyber attacks can improve organizations’ defense strategies

• That 3CX supply chain attack keeps getting worse: More victims found

• Expel Vulnerability Prioritization identifies critical and‌ damaging vulnerabilities

• Patented.ai releases LLM Shield to safeguard sensitive info from chatbots

• Chinese scientists calculate the Milky Way’s mass as 805 billion times that of our Sun

Generated on 2023-04-25 23:55:40.021439