IT Security News Daily Summary 2023-04-28

• Appeals Court Should Reconsider Letting The FBI Block Twitter’s Surveillance Transparency Report

• Cowen’s Shaul Eyal breaks down headwinds facing cybersecurity stocks

• EVs rev up cybersecurity challenges

• Patch Management vs Vulnerability Management: What’s the Difference?

• ‘BellaCiao’ Showcases How Iran’s Threat Groups Are Modernizing Their Malware

• Cisco discloses a bug in the Prime Collaboration Deployment solution

• The Proud Boys Seditious Conspiracy Conundrum

• Beyond Anti-Virus ‘Shark Nets’: Why Current Approaches to Cybersecurity Need to Change.

• How to Improve your Security Posture and ROI

• Announcements at RSAC 2023 show alliances, AI defining the future of cybersecurity

• Army looks to bring $22B headset program into production in 2025

• OPM’s plan to upgrade federal employee data

• TCP vs UDP – Understanding the Difference

• Are people getting better at avoiding misinformation?

• OpenAI: ChatGPT Back in Italy After Meeting Watchdog Demands

• How To Manage Vulnerabilities in Modern Cloud Native Applications

• It’s time to harden AI and ML for cybersecurity

• Google Bans Thousands of Play Store Developer Accounts to Block Malware

• DOJ Detected SolarWinds Breach Months Before Public Disclosure

• Severe Flaws In Illumina DNA Sequencing Technology, CISA Warns

• Migrating FileNet Into AWS Cloud and Migrating FileNet Security Into AWS Cloud

• AI for security is here. Now we need security for AI

• Zero-trust citizen access: Secure services for residents and agencies

• ChatGPT uses for cybersecurity continue to ramp up

• Amid supply chain attacks, emerging vendor rethinks SBOM

• Firmware Looms as the Next Frontier for Cybersecurity

• DDoS is Emerging as the Most Important Business Concern for Edge Networks

• Google wins court order to force ISPs to filter botnet traffic

• Man used brother’s credentials to steal $4.8M seized Bitcoin

• Threat actor APT28 targets Cisco routers with an old vulnerability

• Google’s 2FA app update lacks end-to-end encryption, researchers find

• Germany Denies Chip Making Chemical Export Ban To China

• Ransomware Attack Disrupts IT Network at Hardenhuish School

• Secure mobile payment transactions enabled by Android Protected Confirmation

• Google bans 173,000 malicious app developers

• 401 and 403 Bypass Cheat Sheet for Penetration Testers

• Intel Posts Largest Ever Quarterly Loss, But Shares Rise

• Smart Contracts Step-By-Step: A Beginner’s Guide To Debugging and Deploying Smart Contracts With Infura and Truffle

• Global Cyber Attacks Rise by 7% in Q1 2023

• SOC Analyst Training – Cyber Attack Intrusion Analysis With SIEM Tools – 2023

• Cisco Working on Patch for Vulnerability Reported by NATO Pentester

• Russian APT Hacked Tajikistani Carrier to Spy on Government, Public Services

• Google Blocked 1.4 Million Bad Apps From Google Play in 2022

• The pros and cons of VPNs for enterprises

• Android Apps Fail to Protect User Data During Device Transfer

• SECURITY ALERT: Heimdal® Identifies Active Phishing Campaign Singleing Out Romanian Telecom Users

• Chinese hackers outnumber FBI cyber staff 50 to 1, bureau director says

• Beware of This Dangerous Android malware As It Can Hold Your Phone Hostage

• Microsoft Says No More Feature Updates For Windows 10

• How one city transformed its approach to data

• 50 Crypto Wallets Targeted by Atomic MacOS Malware

• Online Safety Bill age checks? We won’t do ’em, says Wikipedia

• Why People Skills Matter as Much as Industry Experience

• Dyson Air-Purifying Headphones To Cost £820

• SOSSA and CRA Spell Trouble for Open Source Software

• Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

• Google Authenticator’s New Syncing Feature Raises Security Concerns

• Attacks On PaperCut Servers Tied To Ransomware Groups

• Google Gets Court Order To Shut Down Malware Domains

• 6 Key Moments From House Republicans’ Hearing On Warrant-Free FISA Surveillance

• Protect your money: AT&T email accounts under attack by hackers

• FDA, CISA: Illumina Medical Devices Vulnerable to Remote Hacking

• Biden’s Spyware Order: A Needed First Step

• Google Authenticator Introduces Google Account Sync

• Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

• Why Your Detection-First Security Approach Isn’t Working

• New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets

• AI Powers the Branch of the Future, Today

• EU moves to regulate tech titans with Digital Services Act

• RTM Locker Ransomware Gang Targets VMware ESXi Servers

• Managed Threat Hunting: The Next Step from Traditional Cybersecurity

• Attackers Can Hide Malicious Apps Using the Ghost Token Flaw

• RSA Conference 2023 – ICS/OT Cybersecurity Roundup

• RTM Locker Ransomware Variant Targeting ESXi Servers

• Cyber Certainty: Investing in Resilience During a Post-Correction Market

• ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection

• Ukraine cyber police arrested a man for selling data of 300M people

• Google Bans And Deletes 173K Bad Developers Accounts In 2022

• Rapture, a Ransomware Family With Similarities to Paradise

• Cyber Certainty: Investing in Resilience During a Post Correction Market

• AuKill Malware Actively Used To Disable EDR In Ongoing Attacks

• Critical Vulnerability in Zyxel Firewalls Leads to Command Execution

• Google obtained a temporary court order against CryptBot distributors

• Man Gets Four Years for Stealing Bitcoins Seized by Feds

• Attention Online Shoppers: Don’t Be Fooled by Their Sleek, Modern Looks — It’s Magecart!

• How To Install Acer Care Center in Windows 7, 8.1, 10, 11, Mac, Linux, and Ubuntu

• How To Install Vidmate PC, Mac, Linux, Ubuntu – Step-by-Step Guide

• Minecraft Clones with 35 Million Installs Contained Adware

• Google Bans 173,000 Bad Developers in 2022

• Cosmos Bank Cyber Attack – 11 Accused in Cyber Fraud Case

• Charming Kitten Using New Malware in Multi-Country Attacks

• Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Is mood tracking feature in Apple iOS 17 a privacy concern

• It is illegal to use undetectable spying devices on partners

• Password reset woes could cost FTSE 100 companies $156 million each month

• New infosec products of the week: April 28, 2023

• The double-edged sword of generative AI

• Get ready for RSA 2023: Stronger Together

• Git Project Security Vulnerabilities Let Attackers Execute Arbitrary Code

• Imperva® and Fortanix Partner to Protect Confidential Customer Data

• 5G surpasses expectations, becomes a global game-changer

• Phishing-resistant MFA shapes the future of authentication forms

• Many Public Salesforce Sites are Leaking Private Data

• Swissbit iShield Key Pro safeguards online accounts, web services

• Program Execution

• ChatGPT writes insecure code

• Fileless attacks: How attackers evade traditional AV and how to stop them

• Magecart threat actor rolls out convincing modal forms

• Google sues CryptBot slingers, gets court order to shut down malware domains

• Uptycs Launches Cloud Security Early Warning System

• Tessian Fully Integrates With M365 To Provide Threat Protection and Insider Risk Protection

• Microsoft is busy rewriting core Windows code in memory-safe Rust

• DHS cyber talent management system boasts just 80 hires after nearly two years

• #RSAC: AI Dominates RSA as Excitement and Questions Surround its Potential in Cybersecurity

• Delinea Onsite RSA Conference Survey Reveals Cloud Security Remains Top Cybersecurity Concern in 2023

• MajorKey Accelerates Pureplay Information Security Strategy With Acquisition of Legion Star

• The Return of the Joint Service Academy Cybersecurity Summit

• IT Security News Daily Summary 2023-04-27

• Critical VMware Vulnerabilities Let Attackers Execute Arbitrary Code

• Q1 marked lowest VC funding for security in a decade, but there’s a silver lining

• DHS R&D arm to drive climate change response under new bill

• City pilots sensors that track street activity, detect conflicts

• Can Fortran survive another 15 years?

• ‘Anonymous Sudan’ Claims Responsibility for DDoS Attacks Against Israel

• 35M Downloads Of Android Minecraft Clones Spreads Adware

• How to block tracking pixels in Apple Mail (and why you might want to)

• #RSAC: Organizations Warned About the Latest Attack Techniques

• Microsoft is busy rewriting core Windows library code in memory-safe Rust

• Clean up technical debt before chasing shiny objects, state CTO advises

• 10 ways to speed up your internet connection today

• The best browsers for privacy in 2023

• Report: Facebook And Instagram Are Still Widely Used For Child Sex Trafficking

• How post-quantum cryptography will help fulfill the vision of zero trust

• Secureworks CEO weighs in on XDR landscape, AI concerns

• China’s ‘Evasive Panda’ Hijacks Software Updates to Deliver Custom Backdoor

• Threat Actor Names Proliferate, Adding Confusion

• User Data Governance and Processing Using Serverless Streaming

• Global Cyberattacks Continue to Rise with Africa and APAC Suffering Most

• Why security and resilience are essential for enterprise risk management

• Were you caught up in the latest data breach? Here’s how to find out

• Automated Bots Pose Growing Threat To Businesses

• Elon Musk Meets US Lawmakers To Discuss AI Regulation

• Design Patterns for Microservices: Ambassador, Anti-Corruption Layer, and Backends for Frontends

• Implementing RBAC in Quarkus

• S3 Ep132: Proof-of-concept lets anyone hack at will

• ChatGPT Security and Privacy Issues Remain in GPT-4

• SANS Reveals Top 5 Most Dangerous Cyberattacks for 2023

• Tenable report shows how generative AI is changing security research

• VA’s health record ‘reset’ has budget fallout

• How Target built its DevSecOps culture using psychology

• Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

• Vodafone Appoints Finance Boss Margherita Della Valle As Group CEO

• Cybersecurity: Why It’s More Important Than Ever

• Takeaways from our investigation into Wisconsin’s racially inequitable dropout algorithm

• (ISC)2 Urges Countries to Strengthen Collaboration on Cybersecurity Regulation

• Continuous Scanning Is Imperative for Effective Web Application Security

• The White House National Cybersecurity Strategy Has a Fatal Flaw

• NSA Cybersecurity Director Says ‘Buckle Up’ for Generative AI

• Researchers found the first Linux variant of the RTM locker

• Good, Better And Best Security

• Industrial Espionage: Here’s All You Need to Know

• PCI DSS reporting details to ensure when contracting quarterly CDE tests

• How I Got Started: SOC Analyst

• #RSAC: Cyber-Attacks on Civilian Infrastructure Should Be War Crimes, says Ukraine Official

• Vietnamese Hackers Linked to ‘Malverposting’ Campaign

• CommScope Workers Left In The Dark After A Ransomware Attack

• Email Threat Report 2023: Key Takeaways

• What Is a Ping Flood and How to Prevent It?

• Intel allows Google to hack its servers

• Semiconductor Revenue To Decline In 2023, Gartner Warns

• Charming Kitten targets critical infrastructure in US and elsewhere with BellaCiao malware

• RTM Locker Ransomware Targets Linux Architecture

• Why you should practice rollbacks to prevent data loss in a ransomware attack

• UK Regulator Defends Microsoft Activision Decision, After Angry Response

• 3 in 4 Americans worry AI will take their jobs

• CISA aims to reduce email threats with serial CDR prototype

• #RSAC: Securing Software Supply Chains Requires Outside-the-Box Thinking

• APT Groups Expand Reach to New Industries and Geographies

• What Is Cyber Threat Hunting? Process, Types and Solutions

• How we fought bad apps and bad actors in 2022

• Canada Attempts to Control Big Tech as Data Gets More Potent

• APT Groups Tomiris and Turla Target Governments

• TP-Link WAN-Side Vulnerability Exploited to Install Mirai Malware

• Aadya Raises $5 Million for SMB-Focused Security Platform

• Crooks use PaperCut exploits to deliver Cl0p and LockBit ransomware

• Hackers Leaked Minneapolis Students’ Psychological Reports

• Sifting Through The Top Cyber Myths In The Military Service Branches

• Microsoft Probes Complaints Of Edge Leaking URLs To Bing

• VMware Releases Patches For Workstation, Fusion Exploits

• SSL vs. TLS: Which should you be using?

• Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

• Technologies Such As ChatGPT And Applications Are Affecting Modern Services

• What Is a Root Certificate? Differences Between Root and Intermediate Certificates

• Combating Kubernetes — the Newest IAM Challenge

• Security Risks of AI

• Microsoft Admits PaperCut Servers Used In LockBit and Cl0p Ransomware

• TP-Link High-Severity Flaw Added to Mirai Botnet Arsenal

• Zero Trust Data Security: It’s Time To Make the Shift

• Innovation Sandbox: Cybersecurity Investors Pivot to Safeguarding AI Training Models

• New ‘Atomic macOS Stealer’ Malware Offered for $1,000 Per Month

• Chinese Cyberspies Delivered Malware via Legitimate Software Updates

• Climate Change Impacts on Subsea Cables and Ramifications for National Security—A Legal Perspective

• 911? We Have an Emergency: Cyberattacks On Emergency Response Systems

• Photos: RSA Conference 2023 Early Stage Expo

• How To Choose The Right Software Development Service Provider For Your Startup

• Major Iot Technology Trends To Watch Out For In 2023

• Secure API Management For IoT: Basics And Fundamentals

• Tenable Makes Generative AI Security Tools Available to the Research Community

• Photos: RSA Conference 2023, part 3

• Thales CTE-RWP protects critical files and folders from ransomware attacks

• Skyhigh Security unveils major updates to product portfolio

• Securing Public Sector Software Throughout 2023 and Beyond

• Big Tech Crackdown Looms as EU, UK Ready New Rules

• Google Obtains Court Order to Disrupt CryptBot Distribution

• LimeRAT Malware Analysis: Extracting the Config

• CryptoRom: OkCupid scam cost Florida man $480k – we followed the money to Binance

• New LOBSHOT Malware Deployed Via Google Ads

• Cisco Zero-Day Flaw: Let Remote Attackers Launch XSS Attacks

• Brace Yourself for the 2024 Deepfake Election

• Securing Safari Browsers with Perception Point’s New Safari Extension

• Google Goes After CryptBot Distributors Stealing Sensitive Data

• PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates

• ThreatX strengthens API and application protection with Botnet Console and API Catalog 2.0

• OFAC Takes Action Against Accused Providing Material Support To North Korean Hackers

• Meta Pleases Investors After Sales Rise, As Profits Dive

• When Cyberattacks Have Nothing to Do with You – The Escalation of DDoS Cyberattacks due to Hacktivism

• RSA Conference 2023 – Announcements Summary (Day 3)

• Microsoft: Cl0p Ransomware Exploited PaperCut Vulnerabilities Since April 13

• Chinese APT Alloy Taurus Is Back – Linux Variant of PingPull Malware Is Active

• April 2023 Web Server Survey

• RTM Locker’s First Linux Ransomware Strain Targeting NAS and ESXi Hosts

• APT trends report Q1 2023

• Man Arrested for Selling Data on 300 Million Victims to Russians

• Microsoft Blames Clop Affiliate for PaperCut Attacks

• What Is SOC-as-a-Service (SOCaaS) and How Could Your Company Benefit?

• How To Install Mcent Browser In PC ( Windows 7, 8, 10, 11, and Mac )

• Despite Soaring Prices, Cybersecurity Insurance Keeps Growing Briskly

• Iranian Charming Kitten APT used a new BellaCiao malware in recent wave of attacks

• AI to Aid Democracy

• GitHub introduces private vulnerability reporting for open source repositories

• AI Is Everywhere, and How to Set Up an Old Mac as a Server – Intego Mac Podcast Episode 289

• Quest Software Podcast: The Democratisation of Data: Episode 4: In Data We Trust?

• Google Goes After CryptBot Distributors

• Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

• The Importance Of Youtube Tags For Video Optimization And Discovery

• How To Install Premiere Pro Transitions

• Drones will deliver medical supplies through this pioneering 5G service

• Do you know what your supply chain is and if it is secure?

• The State of Responsible Technology

• What Are the Latest Developments from Thales in Data Security and IAM at RSA Conference 2023?

• The true numbers behind deepfake fraud

• LockBit Ransomware Group feels ashamed for the Cyber Attack

• Generative AI and security: Balancing performance and risk

• New Phishing Attacks Using ChatGPT to Develop Sophisticated Campaigns

• eBook: Security Compliance for CISOs

• CISOs struggle to manage risk due to DevSecOps inefficiencies

• Why juice jacking is overhyped

• Tessian Respond enables security teams to identify and respond to email threats

• How to set up your own Mac server (with an old or new Mac)

• Accenture partners with Palo Alto Networks to improve visibility across IT networks

• Decoy dog toolkit plays the long game with Pupy RAT

• APC warns about critical vulnerabilities in online UPS monitoring software

• Update your PaperCut application servers now: Exploits in the wild

Generated on 2023-04-28 23:55:24.112391