IT Security News Daily Summary 2023-05-20

• Royal Mail’s £1bn Losses: Strikes, Cyber Attack, and Online Shopping Crash

• 2021 data breach exposed data of 70 Million Luxottica customers

• Hackers and Cybercriminals Use Dark Web Data to Train DarkBert AI

• Balancing Industrial Secure Remote Access: Essentiality and Risk Concerns

• Mackenzie Investements: Canada’s Largest Investment Firm Confirms a Major Data Breach

• Police Blocked 20K+ Mobile Numbers Issued on Fake Papers

• Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

• ClearML Launches First Generative AI Platform to Surpasses Enterprise ChatGPT Challenges

• A TikTok ‘Car Theft’ Challenge Is Costing Hyundai $200 Million

• Hackers Use SIM Swapping Technique to Gain Access to Microsoft Azure Machines

• VirusTotal Code Insights To Include Linux, Windows Script Files

• Certified Ethical Hacker (CEH) Cheatsheet

• Meet ‘Jack’ from Romania! Mastermind Behind Golden Chickens Malware

• The Underground History of Turla, Russia’s Most Ingenious Hacker Group

• US CISA warns of a Samsung vulnerability under active exploitation

• Catch Up On This Week’s News and Events

• Build or Buy your own antivirus product

• Warning: Samsung Devices Under Attack! Critical Security Flaw Exposed

• Notorious Cyber Gang FIN7 Returns Cl0p Ransomware in New Wave of Attacks

• Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw

• RSAC 2023 | Cybersecurity research on edge computing generates big interest

• KeePass Password Manager Vulnerability Let Hackers Gain the Master Password

• Keeper Password Manager Vulnerability Let Hackers Gain the Master Password

• Teen in court after ‘$600K swiped from DraftKings gamblers’

• Dish ‘received confirmation’ stolen data deleted by ransomware gang

• Hive Ransomware? Let’s Learn All About It

• Top 5 Application Security Tools & Software for 2023

• How one city managed an IT staff consolidation

• Engagement, access, equity drive city’s evolution

• CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine

• Luxottica – 77,093,812 breached accounts

• IT Security News Daily Summary 2023-05-19

• When does an old iPhone become unsafe to use?

• OpenAI Launches ChatGPT App for iOS, Bolstering Accessibility and Safety

• Federal grants could boost whole-of-state cyber defense

• Russian IT guy sent to labor camp for DDoSing Kremlin websites

• Pentagon outlines upcoming contractor cybersecurity plan

• Pimcore Platform Flaws Exposed Users to Code Execution

• US Teenager Indicted for Credential Stuffing Attack on Fantasy Sports Website

• Data Siloes: Overcoming the Greatest Challenge in SecOps

• Apple Patches 3 Zero-Days Possibly Already Exploited

• The potential danger of the new Google .zip top-level domain

• 3 Common Initial Attack Vectors Account for Most Ransomware Campaigns

• How business email compromise attacks emulate legitimate web services to lure clicks

• February cyber incident will cost molten metal flow engineering firm Vesuvius £3.5 million

• Protect Your WhatsApp Chats From Snoopers With Chat Lock

• Check Point Software Celebrates Success of its Channel Partners at Annual Awards Gala

• 10 Years After Snowden: Some Things Are Better, Some We’re Still Fighting For

• Expect .zip and .mov domains to be used in phishing and malware attacks

• Zerto 10 for Microsoft Azure delivers disaster recovery (DR) and mobility at scale

• Accenture invests in SpiderOak to elevate satellite communications security in space

• Phishing-resistant MFA 101: What you need to know

• How feds think data can buy time for people suffering a financial shock

• Microsoft Warns of Increase in Business Email Compromise Attacks

• Details of Kia Boyz breaching car security as Kia Challenge on TikTok

• KeePass Flaw Exposes Master Passwords

• New Relic integrates infrastructure and application monitoring for faster troubleshooting

• NTT and Cisco help customers transition to IoT-as-a-Service model

• Several RCE Bugs Making Industrial IoT Devices Vulnerable to Cyberattacks

• BianLian Ransomware has Switched to Extortion-only Attacks, FBI Confirms

• First Lawsuit From TikTok Users Over Montana Ban

• GDIT launches tech strategy focused on ‘accelerators’

• New movie chronicles rise and fall of government’s first secure smartphone devices

• Don’t get scammed by fake ChatGPT apps: Here’s what to look out for

• CommonMagic Malware Implants Linked to New CloudWizard Framework

• How You, or Anyone, Can Dodge Montana’s TikTok Ban

• Three New Zero-Day Vulnerabilities Fixed By Apple

• Homeland Security Employs AI to Analyze Social Media of Citizens and Refugees

• Cyber Signals: Shifting tactics fuel surge in business email compromise

• Google Upgrades Its Vulnerability Reward Program Rules For Android, Devices

• US Supreme Court Leaves Protections For Internet Companies Unscathed

• Millions Of Android TVs And Phones Come With Malware

• Cisco Squashes Critical Bugs In Small Biz Switches

• FTC To Crack Down On Biometric, Health Privacy Violations

• Zerto Cyber Resilience Vault allows users to monitor for encryption-based anomalies

• Check Point CloudGuard secures Microsoft Azure Virtual WAN

• Juniper Networks and ServiceNow partner to deliver E2E automation for MSPs and enterprises

• Strata Identity unifies Maverics ID Orchestration functions across environments

• Cyberattack That Stole Personal Data of 16,000 Law Society Members, What Was Lacking?

• Urgent Patches: macOS Ventura 13.4, iOS 16.5 fix 3 actively exploited vulns

• NPM packages found containing the TurkoRat infostealer

• How to prevent against the 5 main types of insider threats

• Preinstalled ‘Guerrilla’ Malware Infects Millions of Smartphones Worldwide

• Top 5 search engines for internet‑connected devices and services

• Experts Warn of Voice Cloning-as-a-Service

• Keep Your Friends Close and Your Identity Closer

• UK Government Unveils Long-Awaited £1 Billion Semiconductor Strategy

• Educating Your Board of Directors on Cybersecurity

• Google Debuts Quality Ratings for Security Bug Disclosures

• Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

• Toyota Japan confirms decade-long security breach affecting more than 2M customers

• Take action now to avoid BianLian ransomware attacks, US Government warns organisations

• Multiple Vulnerabilities Found in the Kiddoware Kids Place Parental Control Android App

• Teen Charged in DraftKings Data Breach

• Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

• Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409)

• Researchers Identify Second Developer of ‘Golden Chickens’ Malware

• Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware

• Dr. Active Directory vs. Mr. Exposed Attack Surface: Who’ll Win This Fight?

• Security Risks of New .zip and .mov Domains

• Apple Deploys Emergency Patches To Thwart 3 Zero-Day Threats

• Lemon Gang Pre-Infects 9 Million Android Devices With Malware

• Google To Begin Disabling Third-Party Chrome Cookies In Q1 2024

• #CRESTCon: White House Shifts US Cybersecurity Strategy Towards International Cooperation

• DarkBERT could help automate dark web mining for cyber threat intelligence

• Keeper Password Vulnerability Let Hackers Gain the Master Password

• CloudWizard APT: the bad magic story goes on

• Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities

• Cloudflare Unveils New Secrets Management Solution

• A Mysterious Group Has Ties to 15 Years of Ukraine-Russia Hacks

• Application Control 101: Definition, Features, Benefits, and Best Practices

• Laptop Keeps Shutting Off? Here’s How to Fix It

• UK’s GDPR replacement could wipe out oversight of live facial recognition

• Hackers steal the SSN of nearly 6 million people

• Rust-Based Info Stealers Abuse GitHub Codespaces

• NCSC: It’s Time for CISOs to Prioritize Accessibility

• Lemon Group Exploits 8.9 Million Pre-Infected Android Phones

• Silicon Pulse: Your Tech News Update: Episode 3

• Teen Charged in DraftKings Credential Stuffing Case

• Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Critical Cisco Switch Vulnerabilities Allow Remote Exploitation

• Microsoft VMs hijacked in cloud Cyber Attack

• The Vital Importance of Cybersecurity for Profit-Making Organizations

• New infosec products of the week: May 19, 2023

• WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

• Europe: The DDoS battlefield

• Inadequate tools leave AppSec fighting an uphill battle for cloud security

• Exploring the tactics of phishing and scam websites in 2023

• Apple warns of three WebKit vulns under active exploitation, dozens more CVEs across its range

• Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!

• Apple fixed three new actively exploited zero-day vulnerabilities

• The Internet Dodges Censorship by the Supreme Court

• KeePass vulnerability allows attackers to access the master password

• Child safety app riddled with vulnerabilities: Update now!

• Zip domains, a bad idea nobody asked for

• APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Generated on 2023-05-20 23:55:24.037320