IT Security News Daily Summary 2023-05-18

• How To Check IP Addresses for Known Threats and Tor Exit Node Servers in Java

• Change Control Doesn’t Work: When Regulated DevOps Goes Wrong

• Should governments ban TikTok? Can they?

• KeePass 2.X Master Password Dumper allows retrieving the KeePass master password

• EEOC alerts employers to AI discrimination risks

• Trojan-Rigged Phishing Attacks Pepper China-Taiwan Conflict

• 5 useful search engines for internet‑connected devices and services

• Acronis adds EDR to endpoint security

• Facebook To Face Record Privacy Fine Over Transferring User Data

• ClearML unveils ClearGPT, a generative AI platform overcoming ChatGPT challenges

• Okta’s Security Center opens window to customer insights, including threats and friction

• Support the “My Body, My Data” Act

• 4 priorities B2B technology leaders should strive to meet this year

• Bill to cut software costs advances in Senate

• Investors Make $6M Bet on Manifest for SBOM Management Technology

• Passage by 1Password brings passkeys to any website

• How to scan container images with Docker Scout

• What Is IBM Hybrid Cloud Mesh?

• Gentex confirms data breach by Dunghill ransomware actors

• 10 Types of AI Attacks CISOs Should Track

• API Security: Why You No Longer Feel Secure

• Ensuring Online Privacy and Security: Best Practices and Strategies

• Accelerating Security Risk Management

• S3 Ep135: Sysadmin by day, extortionist by night

• Microsoft Azure VMs Highjacked in Cloud Cyberattack

• Google May Delete Your Old Accounts. Here’s How to Stop It

• Microsoft decides it will be the one to choose which secure login method you use

• Ex ByteDance Staffer Alleges Beijing Had ‘Supreme Access’ To All Data

• Researchers Uncovered Notorious QakBot Malware C2 Infrastructure

• How to turn on Private DNS Mode on Android (and why you should)

• Bitwarden Passwordless.dev simplifies passkey implementation for developers

• ServiceNow and NVIDIA join forces to build generative AI across enterprise IT

• Komprise automates data governance for IT

• Concentric AI unveils deep-learning driven detection capabilities

• ExtraHop protects organizations from accidental misuse of AI tools

• What Is Istio Service Mesh?

• Google Public Sector names new board of directors

• A ‘stronger, faster’ intelligence community is possible with AI

• Embedding Security by Design: A Shared Responsibility

• This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide

• Build a Cloud Tagging Strategy in 5 Steps

• HEAT and EASM: What to Know About the Top Acronyms at RSA

• Skyflow launches ‘privacy vault’ for building LLMs

• Why Amazon S3 is a ransomware target and how to protect it

• Apple’s App Store Blocks $2bn in Fraudulent Transactions

• Cyber Warfare Escalates Amid China-Taiwan Tensions

• Beware of ChatGPT and Midjourney imposters

• Poland Blames Russia After DDoS Attacks On News Websites

• Apple’s App Store Blocks $2b in Fraudulent Transactions

• Satori Augments Its Data Security Platform With Posture Management and Data Store Discovery Capabilities

• OX Security Launches OX-GPT, AppSec’s First ChatGPT Integration

• ‘If it gets hit, we’ll buy more,’ Jim Cramer says of this cybersecurity firm

• Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

• Industrial Secure Remote Access Is Essential, but Firms Concerned About Risks

• Montana Signs Ban on TikTok Usage on Personal Devices

• Once Again, Malware Discovered Hidden in npm

• Zero Trust + Deception: Join This Webinar to Learn How to Outsmart Attackers!

• Admin of the darknet carding platform Skynet Market pleads guilty

• 5 ways security leaders are using real-world exercises

• Kyndryl and SAP boost partnership to ease digital transformation

• Teradata collaborates with FICO to help customers reduce fraud

• New Relic launches AWS Systems Manager Distributor integration

• BeeKeeperAI releases EscrowAI to expedite the development and deployment of AI in healthcare

• China’s Access to TikTok User Data Raises Privacy Concerns

• Generative AI Empower Users, But it May Challenge Security

• Hackers Target Apple macOS Systems with a Golang Version of Cobalt Strike

• Google Refuses to Disclose Reason for Withholding Bard AI in EU

• New Top-Level Domains, .Zip and .Mov; Geacon Malware; and Google to Delete Dormant Accounts

• Google Introduces Dark Web Monitoring For Gmail Users

• Survey: 45% of gov employees may walk if agencies reduce remote work flexibility

• New SBOM Hub Helps All Stakeholders in Software Distribution Chain

• Quantum Decryption Brought Closer by Topological Qubits

• WithSecure Launches New Range of Incident Response and Readiness Services

• LexisNexis Risk Solutions Cybercrime Report Reveals 20% Annual Increase in Global Digital Attack Rate

• Twitter’s Top Users Posting Less, Pew Research Finds

• How To Conduct a Secure Code Review

• How to password-protect a file in Apple Pages (and when you might want to)

• Google Announces New Rating System for Android and Device Vulnerability Reports

• Eagle Eye Networks and Brivo Announce $192M Investment — One of the Largest Ever in Cloud Physical Security

• LayerZero Labs Launches $15M Bug Bounty; Largest in the World

• ActZero Teams Up With UScellular to Secure Mobile Devices From Ransomware Attacks

• 3 Ways Hackers Use ChatGPT to Cause Security Headaches

• Babuk is Customized by RA Ransomware Group

• Is Patching the Holy Grail of Cybersecurity?

• Wipro Delivers Palo Alto Networks Zero Trust OT Security Solutions

• DOJ Links Iran, China, And Russia To Five IP-Theft Related Cases

• Polish News Websites Hit By DDoS Attacks

• Six Million Patients’ Data Feared Stolen From PharMerica

• Threat Actor Bypasses Detection, Protections In Microsoft Azure Serial Console

• How To Design Reliable IIoT Architecture

• State-Sponsored Cybercrime Group`s Infrastructure Revealed

• Montana First US State To Ban China’s TikTok

• Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware

• Cisco Says PoC Exploits Available for Newly Patched Enterprise Switch Vulnerabilities

• PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords

• Join This Webinar — Zero Trust + Deception: Learn How to Outsmart Attackers!

• Avoiding Reputational Damage by Conquering Insider Threats

• Unveiling The Power Of Cybersecurity Monitoring Capability Guide

• Aqua Security collaborates with ServiceNow to accelerate cloud native risk remediation

• Elevating Your Pc Sports Gaming Experience: The Best Gadgets Of 2023

• Exploring The Future Of Handheld Play: Top Six Portable Gaming Devices Of 2023

• FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

• Guide to Choosing the Best Family Cell Phone Plan

• How to Reduce Exposure on the Manufacturing Attack Surface

• Cisco fixes critical flaws in Small Business Series Switches

• Unfolding The Future: Technological Innovations In Video Game Development

• ChatGPT Leveraged to Enhance Software Supply Chain Security

• Critical fixed critical flaws in Cisco Small Business Switches

• DevSecOps Capability Guide

• Key Metrics In Evaluating DevOps Threat Matrix

• BT To Cut 55,000 Jobs By 2030

• 8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency

• Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks

• Time Taken For Hackers to Crack Passwords Revealed

• How Dominica Citizenship By Investment Compares To Other Programs – 2023 Guide

• New Top-Level Domains, .Zip and .Mov; Geacon Malware; and Goggle to Delete Dormant Accounts

• Government Publishes Playbook to Enhance Smart City Security

• New Cloud Data Leak Adds to Capita’s Woes

• WhatsApp Adds ‘Chat Lock’ To Secure ‘Intimate’ Messages

• New Android & Google Device Vulnerability Reward Program – Rewards of up to $15,000!

• Identity Crimes Remain at All-Time High in 2022

• Ransomware in the Name of Charity: MalasLocker Targets Zimbra

• Do you know which data breaches you have fallen victim to?

• Risk Tolerance: Understanding the Risks to your Organization

• Do you know what your supply chain is and if it is secure?

• Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)

• Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions

• Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands

• Ransomware – Stop’em Before They Wreak Havoc

• OpenAI CEO concerned that ChatGPT could compromise US elections 2024

• Apple Blocked Over $2 Billion in Fraudulent Transactions & 1.7 Malicious Apps

• Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks

• Meet “AI”, your new colleague: could it expose your company’s secrets?

• Your KeePass Master Password may be at risk, but a fix is coming

• Organizations’ cyber resilience efforts fail to keep up with evolving threats

• Introducing Permit.io: Simplifying access control and policy management for developers

• Enhancing open source security: Insights from the OpenSSF on addressing key challenges

• Happy Mother’s Day! Serving, surviving, and thriving as a mom with a cyber career

• Scans required for PCI DSS compliance

• Identity crimes: Too many victims, limited resources

• Lacroix Shuts Down Facilities After Ransomware Attack

• Predicting the future of endpoint security in a zero-trust world

• Six million patients’ data feared stolen from PharMerica

• Why Using Generative AI for OKRs Is Generally a Bad Idea

• PharMerica breach impacts almost 6 million people

• Leaked Babuk ransomware builder code lives on as RA Group

• The Top 4 Ransomware Vulnerabilities Putting your Company in Danger

• The EVM Compatibility Chronicles — Part I

• Poll: 61% of Americans say AI threatens humanity’s future

• Malware turns home routers into proxies for Chinese state-sponsored hackers

• Researchers show ways to abuse Microsoft Teams accounts for lateral movement

• Belkin smart plug plagued by security flaw, with no fix in sight

• New DarkBert AI was trained using dark web data from hackers and cybercriminals

• More School Districts Join Lawsuit Against Facebook Over Harm To Young Users

• Monitoring the dark web to identify threats to energy sector organizations

• How to Enable Advanced Data Protection on iOS, and Why You Should

• How agencies can clean up criminal records to automate expungement

• 10 Best Third-Party Risk Management Software & Tools for 2023

• Lemon Group Uses Millions of Pre-Infected Android Phones to Enable Cybercrime Enterprise

• IT Security News Daily Summary 2023-05-17

• Unveiling the Power of Threat Models: Enhancing Cyber Intrusion Detection for Data Analysts

• IBM Security Guardium Ranked as a Leader in the Data Security Platforms Market

• ChatGPT can rapidly build solutions for network defense

• How the Wrong Content Type Introduced a Vulnerability in Odoo

• BianLian Cybercrime Group Changes Attack Methods, CISA Advisory Notes

• 5 Ways Security Testing Can Aid Incident Response

• ‘Strictly limit’ remote desktop – unless you like catching BianLian ransomware

• Is it Getting Harder to Pigeonhole Games into Specific Genres?

• The future of zero trust is about more than thwarting hackers, officials say

• Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says

• Top 10 facial recognition software vendors for 2023

• PaperCut vulnerability abused by several threat actors could impact 70,000 organizations

• Houthi-Backed Spyware Effort Targets Yemen Aid Workers

• Phishing attacks already using the .zip TLD

• Saving the News From Big Tech

• County builds future-ready transportation IT network

• US offers $10m bounty for Russian ransomware suspect outed in indictment

• Apple Boots a Half-Million Developers From Official App Store

• The US Post Office Is Spying on the Mail. Senators Want to Stop It

• Acronis launches Advanced Security + EDR for MSPs

• Enzoic’s identity breach monitoring solution protects accounts and data from fraud

• Satori enhances its platform to help companies proactively protect data

• Broadcom Offers Remedies To Ease EU Worries Over VMware Deal

• Announcing The BlueHat Podcast: Listen and Subscribe Now!

• BadTrip: A chain of fake travel sites abuses search ads to commit fraud and credential theft

• Hackers Modified Cobalt Strike Capabilities to Attack macOS Users

• Insider Threats and Software Development: What You Should Know

• Microsoft Teams Features Amp Up Orgs’ Cyberattack Exposure

• Boomi introduces Boomi AI to accelerate business transformation

• Next integrates with Splunk to help security teams consolidate security processes

• Barracuda SecureEdge strengthens security for businesses and MSPs

• New Android & Google Device Vulnerability Reward Program Initiatives

• Don’t Mess With Texas’ Anti-SLAPP Law

• US Offers $10 Million Reward For Russian Hacker

• New RA Hacker Group Attack Organizations in the U.S. & Threaten to Leak Data

• Federal CIO says IDEA Act guidance coming this summer

• Access to Energy Sector ICS/OT Systems Offered on Hacker Forums

• Talking Security Strategy: Cybersecurity Has a Seat at the Boardroom Table

• Digital Privacy Legislation is Civil Rights Legislation

• Navigating the complex world of Cybersecurity compliance

• Preventing sophisticated phishing attacks aimed at employees

• Russian scientists develop new communication medium through quantum teleportation

• Meta Paid Verification Arrives For UK Users

• Facebook & Instagram Begun Rolling Out Paid Blue Tick Service

• Social Engineering Risks Found in Microsoft Teams

• Cleo and Cognizant join forces to accelerate digital transformation of the supply chain

• ServiceNow releases generative AI capabilities for the Now Platform to deliver workflow automation

• Neurotechnology MegaMatcher IDMS handles the most common identity lifecycle procedures

• BatLoader Impersonates ChatGPT and Midjourney in Cyber-Attacks

• Here’s How ChatGPT is Charging the Landscape of Cyber Security

• Possible Cyberattack on ‘The Philadelphia Inquirer’ Disrupts Printing Operations

• Energy Industry Faces Increasing Dark Web Cyber Threats

• How to Protect Your Organization From Vulnerabilities

• How to deny websites access to your location in Safari (and why you should)

• These ransomware victims are paying more to recover data

• 4 Countries Join NATO Cyber Defense Center

• Sunday Paper Debacle: Philadelphia Inquirer Scrambles to Respond to Cyberattack

• ammune.ai integrates with Intel to protect Kubernetes clusters from API attacks

• Inseego and UScellular launch 5G indoor router FX3100

• Vodafone To Cut 11,000 Jobs, After Strategic Review

• Are Ransomware Attacks Declining, or Has Reporting Worsened?

• secure access service edge (SASE)

• OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users

• Oil And Gas Sectors Lag Behind Other Industries In Gathering Intel

• Ex-Apple Engineer Accused Of Stealing Self-Driving Car Secrets

• Malware Turns Home Routers Into Proxies For Chinese Hackers

• Upstart Encryption App Walks Back Privacy Claims, Pulls From Stores After Probe

• Twitter Sued Over Saudi Spying That Landed User In Prison

• Warning Issued About BianLian Ransomware Attacks By CISA & FBI

• Critical Infrastructure Organizations Warned of BianLian Ransomware Attacks

• Apple Blocked 1.7 Million Applications From App Store in 2022

• I Was an RSAC Innovation Sandbox Judge — Here’s What I Learned

• Preventing Bot Attacks and Online Fraud on APIs

• Mental Health Awareness Week: Improving Cyber Mindfulness with KnowBe4’s Anna Collard

• Mithril Security raises €1.2 million to protect data privacy in AI

• KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

• Syam Nair joins Zscaler as CTO

• Amartus partners with ServiceNow to offer industry standard inter-party automation process and APIs

• U.S. Transportation Department Breach Exposes Data of 237,000 Employees

• Architecture Matters When it Comes to SSE

• Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

• Security Journeys: From Change Management to Compliance

• Common Social Media Scams and How to Avoid Them

• US Gov offers a $10M reward for a Russian ransomware actor

• Understanding Cyber Risk and the C-Suite

• Safeguarding Your Data Under GDPR Regulations

• Acronis Launches EDR Solution with Potential for AI Integration

• Veza launches Authorization Platform on the Snowflake Data Cloud

• Entro raises $6 million to address secret-based breaches

• Brivo and Eagle Eye Networks announce $192 million investment

• TP-Link routers implanted with malicious firmware in state-sponsored attacks

• How To Play Defense Paladin Class In World Of Warcraft Dragonflight

• Another security calamity for Capita: An unsecured AWS bucket

• Outdated Technology Could Cost Your Business a Lot

• How to Use News API for Powerful Data Analysis: Unlocking Insights

• Microsoft Digital Defense Report: Nation-State Threats and Cyber Mercenaries

• Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

• Identifying a Patch Management Solution: Overview of Key Criteria

• Prisma Access Achieves DoD IL5 Provisional Authorization

• Adarma Announces Management Expansion Amid Rapid Growth

• VirusTotal += Mandiant Permhash: Unearthing adversary infrastructure and toolkits by leveraging permissions similarity

• Chrome 113 Security Update Patches Critical Vulnerability

• Cybersecurity M&A Roundup for May 1-15, 2023

• Lacroix Closes Production Sites Following Ransomware Attack

• Entro Raises $6M to Tackle Secrets Sprawl

• Google To Cull Inactive Accounts At Year End

• Six things you do every day on the Internet that can leave you unprotected

• This is the USB flash drive James Bond would use

• The True Cost of a Free Telly TV

• Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs

• Microsoft Secure Boot Bug

• Technology based acquisition news trending on Google

• Inactive Google accounts will be deleted

• Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store

• UNC3944 Uses Azure Serial Console for Stealthy Access to Virtual Machines

• 10 Best Smallest Atx Cases For Compact Pc Builds In 2023 – Power In A Tiny Package

• The Transformative Power of Artificial Intelligence Across Industries

• DoJ Charges Ex Apple Engineer With Stealing Trade Secrets

• How to reduce your devops tool sprawl

• US Offering $10M Reward for Russian Man Charged With Ransomware Attacks

• Cyber-Resilience Programs Failing on Poor Visibility

• ChatGPT Scams Are Infiltrating Apple’s App Store and Google Play

• Minas – on the way to complexity

• US Offers $10 Million For Russian Ransomware Operator’s Capture

• Capita Recommends Its Customers to Assume Their Data Was Stolen

• US Offers $10m Reward For Alleged Prolific Ransomware Actor

• State-Sponsored Sidewinder Hacker Group’s Covert Attack Infrastructure Uncovered

• Don’t panic. Google offering scary .zip and .mov domains is not the end of the world

• NSO Group Spends Millions Lobbying US Government

• Mitigating Risks of AI Apps: Keeping Your Users Productive & Your Data Safe

• ChatGPT Chief Testifies on AI risks To US Congress

• Why performing security testing on your products and systems is a good idea

• Multiple flaws in Teltonika industrial cellular router expose OT networks to hack

• Upstart encryption app walks back privacy claims, pulls from stores after probe

• U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator

• University admission platform Leverage EDU exposed student passports

• Lancefly APT Hackers Using Custom Backdoor to Attack Government Orgs

• Malicious open-source components threatening digital infrastructure

• Preparing for federal supply chain security standardization

• The CIS Benchmarks Community consensus process

• Infamous cybercrime marketplace offers pre-order service for stolen credentials

• You may not care where you download software from, but malware does

• Temu accused of data risks after sister app was suspended for malware

• Ransomware-as-a-service groups rain money on their affiliates

• Getting a Public SSL Certificate Free of Cost for a Lifetime

• Cyphercon 6: Staying Up Late for Cybersecurity

• Feds offer $10m reward for info on alleged Russian ransomware crim

• Composite Objects and Constellations

• Debt Collection Firm Credit Control Corporation Hit by Major Data Breach

• 3 reasons to use a VPN

Generated on 2023-05-18 23:55:30.813080