IT Security News Daily Summary 2023-05-15

• Novel Malware Strain, PIPEDREAM, Deployed by Russian-Linked Hackers Against US Energy Corporations

• VA seeks cyber operations help

• Lacework Appoints Lea Kissner As Chief Information Security Officer

• One city’s growing opioid crisis brings data-driven solutions to the front lines

• Housing authority looks to AI for voucher processing

• RA Ransomware Group Emerges With Custom Spin on Babuk

• PharMerica Leaks 5.8M Deceased Users’ PII, Health Information

• Cloudflare unveils Cloudflare One for AI to enable safe use of generative AI tools

• Buffalo Mass Shooting Victims’ Families Sue Meta, Reddit, Amazon

• Some potential: How bad software updates could over-volt, brick remote servers

• Lawmakers propose training program for federal officials on AI risks and rewards

• State AG floats ‘nation-leading’ crypto regulation

• Stellar Open XDR Nominated for Two 2023 ‘ASTORS’ Cybersecurity Awards

• Generative AI Empowers Users but Challenges Security

• 5 ways AI-driven patch management is driving the future of cybersecurity

• Toyota Discloses Decade-Long Data Leak Exposing 2.15M Customers’ Data

• Breaking the DDoS Attack Loop With Rate Limiting

• PharMerica data breach impacts more than 5.8 million individuals

• $22k awarded to SBFT ‘23 fuzzing competition winners

• Hackers remotely turn up the voltage on motherboards to brick servers

• Here are 4 stocks Jim Cramer thought about buying for the Club and the reasons why

• Establishing a Legacy of Wins in the Annual ‘ASTORS’ Awards Program

• CrowdStrike warns of rise in VMware ESXi hypervisor attacks

• Digital Rights Updates with EFFector 35.6

• Survey: Most CISOs feel their business is at risk for cyberattack

• Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble in France

• Facebook Glitch Sent Friend Request To Any Profile You Visited

• No more macros? No problem, say miscreants, we’ll adapt

• Philadelphia Inquirer possibly hit by ransomware attack

• Qilin’s Dark Web Ransomware Targets Critical Sectors

• Year-long Cyber Campaign Reveals Potent Backdoor and Custom Implant,

• Facebook glitch sent unintended friend requests to users

• Ex-Ubiquiti Employee Imprisoned For $2m Crypto Extortion Scheme

• Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs

• Discord Announces a Data Breach Involving a Support Agent

• Microsoft Security highlights from RSA Conference 2023

• How to make sure the reputation of your products and company is good

• Voting machines must be test hacked for certification, under proposed bill

• Lancefly APT Custom Backdoor Targets Government and Aviation Sectors

• How a Dutch training center is solving the challenges of classroom training with hands-on cybersecurity courses

• Not-Too-Safe Boot: Remotely Bypassing Endpoint Security Solutions And Anti-Tampering Mechanisms

• Parablu to deliver Microsoft Azure-hosted cybersecurity and data resiliency SaaS solutions

• SAP and Microsoft collaborate to help customers recruit and develop their teams

• ARM Acknowledges Side-Channel Attack But Denies Cortex-M Is Crocked

• Toyota Bungling Customer Privacy Is Becoming A Pattern

• Passkeys May Not Be For You, But They Are Safe And Easy – Here’s Why

• Pakistan Shut Down The Internet – But That Didn’t Stop Protests

• North Korean Hackers Stole $721 Million In Cryptocurrency From Japan

• A US Cyber Team’s Perspective on US Military Cyber Defense of Ukraine

• Critical WordPress Plugin Vulnerability Enables Hackers To Exploit Over 1M Sites

• ‘Greatness’ Phishing Tool Abuses Microsoft 365 Credentials

• Sam Altman Start-Up Worldcoin ‘Close To Securing $100m’

• Companies have to figure out the skills they need to reap AI benefits

• Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks

• New RA Group ransomware gang is the latest group using leaked Babuk source code

• Everbridge and samdesk partnership enables early incident triage and response

• Cloudflare One for AI helps organizations to safely use generative AI tools

• Discord Informs Users of Data Breach Involving Customer Support Provider

• Brightly Software Notifying 3 Million SchoolDude Users of Data Breach

• TSA Official: Feds Improved Cybersecurity Response Post-Colonial Pipeline

• Microsoft Advisories Are Getting Worse

• North Korea ‘Stole $721m’ In Crypto From Japan

• Today’s Biggest Threats Against the Energy Grid

• Introducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware

• How to Hire a Programmer: Step by Step Guide

• Empowering Small Businesses – Unleashing the Cyber Defense Revolution

• Why High Tech Companies Struggle with SaaS Security

• New Ransomware Gang RA Group Hits U.S. and South Korean Organizations

• Former Ubiquiti employee gets 6 years in jail for stealing confidential data and extorting company

• Advantech’s industrial serial device servers open to attack

• Google’s .zip Top Level domain is already used in phishing attacks

• Toyota Japan confirms decade-long security breach

• UK Further Restricts Microsoft-Activision Buy

• Kioxia, Western Digital ‘Accelerate’ Merger Talks

• Tripwire Products: Quick Reference Guide

• Beyond the firewall: How social engineers use psychology to compromise organizational cybersecurity

• 5.8 Million People Affected by Data Breach at PharMerica

• Capita Cyberattack Hits UK Pension Funds

• PharMerica Discloses Data Breach Impacting 5.8 Million Individuals

• WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch

• Micro-Star International Signing Key Stolen

• What Is Endpoint Privilege Management?

• Toyota Disclosed a Ten-Year Long Data Breach

• New ‘MichaelKors’ Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

• Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign

• Third-Party Patch Management: A Comprehensive Guide

• How Digitalization Is Simplifying Company Registration Processes

• Mike Lynch Extradited To Face Trial In California

• CISA: Several Old Linux Vulnerabilities Exploited in Attacks

• Philadelphia Inquirer Hit by Cyberattack Causing Newspaper’s Largest Disruption in Decades

• Water Orthrus’s New Campaigns Deliver Rootkit and Phishing Modules

• Criminal Website Genesis ‘Still Online’ After Takedown

• Discord Breached After Service Agent Targeted

• Toyota: Tragic Data Breach, 2 Million Vehicles Affected For Ten Years

• Is human threat hunting a fool’s errand?

• SquareX’s vision: A future where internet security is a non-issue

• How To Install Swapper Configuration In PC ( Windows 7, 8, 10, and Mac )

• Sigstore: Roots of trust for software artifacts

• US Says VoIP Firm Delivered Billions of Scam Robocalls

• 6 Myths of the Enterprise Browser: What you should know

• Cisco Umbrella for Government: Enabling Advanced Public Sector Cybersecurity

• Cyberdefense will need AI capabilities to safeguard digital borders

• UK Pension Scheme: Members Should Assume Capita Data Theft

• CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware

• Former ByteDance executive alleges TikTok of wrongful conduct

• How To Install Desprotetor de links In PC ( Windows 7, 8, 10, and Mac )

• Musk Names Linda Yaccarino As Twitter Chief

• An important system on project [REDACTED] was all [REDACTED] up

• Software developers, how secure is your software?

• Former Ubiquiti Employee Gets 6 Years in Jail for $2 Million Crypto Extortion Case

• What Is a Remote Code Execution Attack? Definition, Risks, and Mitigation Measures

• Ransomware corrupts data, so backups can be faster and cheaper than paying up

• The UK’s Secretive Web Surveillance Program Is Ramping Up

• Arm acknowledges side-channel attack but denies Cortex-M is crocked

• Ghanian children involved in Britain Catfishing Romance Scams

• How is information stored in cloud secure from hacks

• Bad bots are coming for APIs

• Web entity activity reveals insights into internet security

• Toyota’s bungling of customer privacy is becoming a pattern

• SIEM for SAP – Log Evaluation to Attack Detection

• The Cybercrime Blame Game: It’s Time to Unite the Industry Against a Common Enemy.

• IT Security News Weekly Summary – Week 19

• IT Security News Daily Summary 2023-05-14

• The latest variant of the RapperBot botnet adds cryptojacking capabilities

• XWorm Malware Exploits Critical Follina Vulnerability in New Attacks

• Hackers Come up With Innovative Methods to Enforce Ransomware Payment

• ChatGPT is about to revolutionize cybersecurity

• Capita warns customers to assume that their data was stolen

• Microsoft 365 Phishing Attacks Made Easier With ‘Greatness’

• Trafficstealer Exploits Container APIs for Malicious Redirections

• 1Password Confirms No Security Breach After “Password Changed” Alerts Panicked Users

• Google Account To Support Passwordless Sign-ins With PassKeys

• Android Device Migration Tools Allow Unauthorized App Cloning

• Conti Ransomware Group Poses $20 Million Threat to Costa Rican Government

• Beware of “Quishing”: Fraudsters Steal Data Using QR Codes

• Dragos Hacked: Cybersecurity Firm Reveals “Cybersecurity Event”, Extortion Attempt

• What Makes Bitcoin NFTs Different from Other NFTs?

• Google Launches Next-Gen Large Language Model, PaLM 2

• How to Use Google Authenticator

• Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

• Week in review: Microsoft fixes two actively exploited bugs, MSI private code signing keys leaked

• DangerousPassword – Hackers Use New Attack Pattern to Infect Devices With Malware

• Cyber Security Management System (CSMS) for the Automotive Industry

Generated on 2023-05-15 23:55:23.160744