IT Security News Daily Summary 2023-05-24

• FDA seeks industry support to develop standardized data ‘supersets’

• Netwrix Report: Enterprises Suffer More Ransomware and Other Malware Attacks Than Smaller Organizations

• Appdome Launches Build-to-Test, Automated Testing Option for Protected Mobile Apps

• Technology Veterans James Wickett and Ken Johnson Launch DryRun Security to Bring Security to Developers

• Harvard Pilgrim Health Care Notifies Individuals of Privacy Incident

• Apria Healthcare Discloses Major Data Breach Impacting 1.8M Users

• Microsoft Catches Chinese .Gov Hackers in Guam Critical Infrastructure Orgs

• Threat Actors Compromise Barracuda Email Security Appliances

• DHS wants answers on how well digital identity systems work

• Is the census still the only reliable population data source?

• The top 6 enterprise VPN solutions to use in 2023

• Cloudflare releases new AI security tools with Cloudflare One

• Barracuda discloses zero-day flaw affecting ESG appliances

• Philly Inquirer says Cuba ransomware gang’s data leak claims are fake news

• The challenge in identifying problematic online gambling

• Facial Recognition Software: Top Vendors in 2023

• Biden Picks New NSA head, Key to Support of Ukraine, Defense of US Elections

• Top breach and attack simulation use cases

• The best security cameras of 2023

• Addigy exposes RSR update gap in 25% of managed macOS devices

• Congress Must Exercise Caution in AI Regulation

• Spearphishing report: 50% of companies were impacted in 2022

• Ransomware tales: The MitM attack that really had a Man in the Middle

• Digital security for the self‑employed: Staying safe without an IT team to help

• Google’s .zip, .mov Domains Give Social Engineers a Shiny New Tool

• Barracuda Email Security Gateway (ESG) hacked via zero-day bug

• Researchers Spot APTs Targeting Small Business MSPs

• OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps

• Top 10 Pillars of Zero Trust Networks

• DataRobot and Microsoft join forces to accelerate AI adoption

• Wipro and Google Cloud expand partnership to advance generative AI adoption

• Kasten K10 V6.0 enables organizations to create proactive ransomware protection strategies

• Kyndryl unveils new services to help Red Hat OpenShift customers move to hybrid cloud environments

• Announcing the launch of GUAC v0.1

• Memcyco Raises $10M To Deliver Real-Time Brandjacking Protection

• Apple Signs Multi-Billion Dollar Deal With Broadcom For US Chips

• Bail Rescinded For Terra Co-Founder Do Kwon

• Free VPN Service SuperVPN Exposes 360 Million User Records

• Is generative AI bad for the environment? A computer scientist explains the carbon footprint of ChatGPT and its cousins

• How Universities Can Bridge Cybersecurity’s Gender Gap

• Vulnerability Summary for the Week of May 15, 2023

• DevOps Midwest: A Community Event Full of DevSecOps Best Practices

• Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks

• Why Your Branch of the Future Needs Next-Gen SD-WAN and Prisma SASE

• Apria Loses Financial Data of Nearly Two Million Customers Due to Cyberattack

• British pregnant women are unwittingly handing over their Genetic data to China

• When internet security is a requirement, look to dedicated fiber

• Encrypting files and emails: A beginner’s guide to securing sensitive information

• Meta Starts Axing Nearly 20 Percent Of Irish Workforce

• White House releases new AI national frameworks, educator recommendations

• ‘Chin up and don’t put a lot of money to work’ — why Cramer is getting worried about the market

• Ethical Issues Mount as AI Takes Bigger Decision-Making Role in Multiple Sectors

• Kimsuky Hackers from North Korea Back in Action with Advanced Reconnaissance Malware

• China’s Assessment of Micron’s Security Was Rejected

• Onfido Acquires Airside to Strengthen Digital ID Verification

• Iranian Hackers Set Sights On Israeli Shipping & Logistics Firms

• Dell introduces Project Fort Zero to provide an end-to-end zero trust security solution

• Honeywell launches Cyber Insights to identify cybersecurity threats in OT environments

• Ofcom Allows BT Openreach To Lower Fibre Wholesale Prices

• Memcyco Introduces Real-Time Solution to Combat Brandjacking

• SRE vs. DevOps

• OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers

• Now Live: Threat Detection and Incident Response Virtual Summit

• Lazarus Group Targeting Microsoft Web Servers to Launch Espionage Malware

• New Apple RSR Flaw Blocks MDM Functionality on macOS Devices

• Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry

• Infecting SSH Public Keys With Backdoors

• Identify and Fix XSS Vulnerabilities in Your Web App

• The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

• Quantum Attack Would Trigger Great Depression, Think Tank Warns

• OpenAI Leaders Call For Regulation To Prevent AI Destroying Humanity

• Widespread FBI Abuse Of Foreign Spy Law Sets Off Alarm Bells

• BlackCat Ransomware Takes Control With New Kernel Driver

• Netflix Puts U.S. Password Sharing Customers On Notice

• Memcyco raises $10 million to deliver real-time brandjacking protection

• Cohesity partners with Google Cloud to bring the power of AI to data security and management

• Appdome’s Build-to-Test streamlines mobile app cybersecurity testing

• US Sanctions North Korean Entities Training Expat IT Workers in Russia, China and Laos

• 5 Questions to Ask When Evaluating a New Cybersecurity Technology

• A.I. poses existential risk of people being ‘harmed or killed,’ ex-Google CEO Eric Schmidt says

• CISA, NSA Issue New IAM Best Practice Guidelines

• Improving supply chain resiliency with Red Hat Trusted Software Supply Chain

• What’s Russia Planning?

• Salt Security Uncovers API Security Flaws in Expo Framework, Issues have been Remediated

• Gartner Names Synopsys Leader in Application Security Testing for Seventh Consecutive Year

• Red Hat Service Interconnect solves cross-platform and multi-cloud communication challenges

• Axiado introduces AI-driven security processors

• Dell NativeEdge secures and automates edge infrastructure

• Europe’s largest known illegal IPTV operation dismantled by police

• Android App With 50,000 Downloads in Google Play Turned Into Spyware via Update

• Private Sector Cybersecurity Task Force Called for to Defend Democracies

• To Save the News, We Must Shatter Ad-Tech

• Password manager Bitwarden will soon be able to store passkeys

• Meta Sells Giphy At Huge Loss After CMA Order

• New Android Malware on Google Play Store with Over 50,000 Installs

• Auditing Tools for Kubernetes

• Breach Alert! Rheinmetall AG Confirms Being Hit by BlackBasta Ransomware Attack

• New Honeywell OT Cybersecurity Solution Helps Identify Vulnerabilities, Threats

• US Sanctions North Korean University for Training Hackers

• Data Stealing Malware Discovered in Popular Android Screen Recorder App

• What to Look for When Selecting a Static Application Security Testing (SAST) Solution

• Ukraine’s CERT-UA warns of espionage activity conducted by UAC-0063

• Indiana, Iowa, and Tennessee Pass Comprehensive Privacy Laws

• IT employee piggybacked on cyberattack for personal gain

• Microsoft, GitHub announce application security testing tools for Azure DevOps

• Sekoia.io raises €35 million to strengthen its positioning on the international stage

• Opti9 collaborates with Wasabi to provide clients with AI-powered ransomware detection

• Cool, Funny, Best Gaming Names – Creative Ideas For Your Ing Personality

• AnimeUltima 2023 – Top 10 Alternatives to Watch Anime Online

• Secure Your Netflix Account: Limited Sharing Can Result in Dark Web Sales for €2 per Month

• What is DKIM Email Security Technology? DKIM Explained

• Netflix Password Crackdown Arrives In UK, US

• Diversity advocate and renowned practitioner, Becky Pinkard, to be Inaugurated into Infosecurity Europe’s Hall of Fame

• Legion Malware Upgraded to Target SSH Servers and AWS Credentials

• Legion AWS credential harvester and hijacker analyzed

• White House Unveils New Efforts to Guide Federal Research of AI

• 50% of UK CEOs See Cyber as a Bigger Business Risk than the Economy

• Backup Repositories Targeted in 93% of Ransomware Attacks

• How Your Business Could Protect Its Cybersecurity in a Surprisingly Cost-Effective Fashion

• How to Streamline Communication with Microsoft Teams Operator Connect

• What Is the Ghost of Tsushima Legends Mode – Everything You Need to Know

• Security Awareness Training (SAT) is finally having its day. Here’s why.

• Understanding how Polymorphic and Metamorphic malware evades detection to infect systems

• Legitimate Android app transforms into data-snooping malware

• IT security analyst admits hijacking cyber attack to pocket ransom payments

• AhRat Android RAT was concealed in iRecorder app in Google Play

• Confidential Containers on Azure with OpenShift: A technical deep dive

• Pros and Cons of Android vs. iOS Game Development

• The rising trend of phishing on IPFS: What you need to know

• Virtual Event Today: Threat Detection and Incident Response Summit

• Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation

• N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware

• Why performing security testing on your products and systems is a good idea

• Facebook Hit With record-breaking $1.3 Billion Fine Over Data Rules

• Almost 300k People Affected by Ransomware Attack on Dish Network

• How to Track Ransomware Attacks: A Comprehensive Guide

• Ransomware news trending on Google

• China’s tech sector may see fewer regulatory surprises — not zero, says S&P Global Ratings

• GoldenJackal: Threat Risk For Organizations In Middle East & South Asia

• CISO-level tips for securing corporate data in the cloud

• How to avoid shadow AI in your SOC

• CISOs: How to improve cybersecurity in an ever-changing threat landscape

• 6 ChatGPT risks for legal and compliance leaders

• Navigating the quantum leap in cybersecurity

• US bans North Korean outsourcer and its feisty freelancers

• Against the Clock: Cyber Incident Response Plan

• Google Adds Guardrails to Keep AI in Check

• Hackers Use Weaponized DOCX File to Deploy Stealthy Malware

• Cloud-based IT operations are on the rise

• 2023-05-23 – Pikabot infection with Cobalt Strike

• Here’s the secret sauce that fueled Palo Alto Networks’ beat and raise despite tough times

• Palo Alto Networks CEO calls generative AI a boon for customer satisfaction and company efficiency

• Malvertising via brand impersonation is back again

• Update now! Apple issues patches for three actively used zero-days

• Google to pay $40m for “deceptive and unfair” location tracking practices

• Employee guilty of joining ransomware attack on his own company

• AI generated Pentagon explosion photograph goes viral on Twitter

• Apria Healthcare says potentially 2M people caught up in IT security breach

• What Is Sender Policy Framework? SPF Email Explained

• 2023-05-22 – Pikabot infection with Cobalt Strike

• DOJ tees up infrastructure program management recompete

• The best home security systems of 2023

• Over 300k People Affected by Ransomware Attack on Dish Network

• The Pros and Cons of Smart Homes

• IT Security News Daily Summary 2023-05-23

• Email Spoofing: What it Is & How to Prevent It

• SuperMailer Abuse Bypasses Email Security for Super-Sized Credential Theft

• Most Organizations Expect Ransomware Attack Within a Year

• 8 Data Anonymization Techniques to Safeguard User PII Data

• DOD aims to leverage AI and automation in records management

• EY survey: Tech leaders to invest in AI, 5G, cybersecurity, big data, metaverse

• Understand the Evolution of Captive Portal to Cloud Authentication Solutions

• Threat actors leverage kernel drivers in new attacks

• 5 Ways Smart Contracts Are Making A Real-World Difference

• Metadata catalog refreshes one state’s water use insights

• County’s integrated platform delivers client-focused social services

• Report: Facebook Layoffs Could Hurt Effort To Stop Misinformation

• 5 Best Bot Protection Solutions and Software for 2023

• What Security Professionals Need to Know About Aggregate Cyber Risk

• Navigating the Web with Confidence: Tips for a Cleaner, Safer Experience

• Lawmakers advocate more funds for state fusion centers

• Dell’s Project Helix heralds a move toward specifically trained generative AI

• Chinese Labs Are Selling Fentanyl Ingredients for Millions in Crypto

• The previously undocumented GoldenJackal APT targets Middle East, South Asia entities

• Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign

• Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own

• There’s Finally a Way to Improve Cloud Container Registry Security

• GAO Urges Federal Agencies to Implement Key Cloud Security Practices

• Microsoft Build 2023: Announcing new identity, compliance, and security features from Microsoft Security

• Security Challenges for Microservice Applications in Multi-Cloud Environments

• Cohesity partners with Google Cloud to empower organizations with generative AI and data capabilities

• The hidden key to stopping public sector fraud

• City greenlights autonomous vehicle testing for public transit

• How to become a bug bounty hunter: Getting started

• How to use Wfuzz to find web application vulnerabilities

• PyPI open-source code repository deals with manic malware maelstrom

• LogRhythm vs Splunk: Top SIEM Solutions Compared

• Red Hat Advanced Cluster Security Cloud Service scales cloud-native security across the hybrid cloud

• Hornetsecurity 365 Permission Manager helps companies protect critical data

• Delinea Cloud Suite updates reduce the risk of lateral movement in cybersecurity breaches

• NETSCOUT introduces visibility and instrumentation for threat detection in 4G and 5G networks

• What the Supreme Court’s Decision in Warhol Means for Fair Use

• 6 Ways to Mitigate Risk While Expanding Access

• Why Republican-led states keep leaving a group that verifies voter rolls

• How to use Bitwarden Send (and when you should)

• Microsoft Dataverse: Going from Excel to new AI-powered tools

• New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments

• A New Look for Risk in Awareness Training

• 100% OSCP Certified Team: How PacketLabs Recruits Top Talent

• How the Chrome Root Program Keeps Users Safe

• Dish confirms 300,000 people’s data was exposed in February’s attack

• A TikTok ban isn’t a data security solution. It will be difficult to enforce – and could end up hurting users

• Google Unveils Bug Bounty Program For Android Apps

• GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

• Avos Ransomware takes control of emergency systems in Bluefield University

• The intersection of telehealth, AI, and Cybersecurity

• Popular Android Screen Recorder iRecorder App Revealed as Trojan

• WhatsApp Now Allow You to Edit Sent Messages

• Fata Morgana Watering Hole Attack Targets Shipping, Logistics Firms

• Red Hat Trusted Software Supply Chain enhances an organization’s resilience to vulnerabilities

• Stytch expands its platform to offer B2B authentication

• Veriff Age Estimation prevents users from accessing age restricted products or services

• Vaultree unveils Fully Functional Data-In-Use Encryption solution for the healthcare sector

• Radware Cloud Web DDoS Protection blocks Tsunami DDoS attacks

• The Royal Gang Is Developing Its Own Malware Loader

• GoldenJackal Targets Diplomatic Entities in Middle East, South Asia

• Google announced its Mobile VRP (vulnerability rewards program)

• 12 Ways To Protect Small Businesses From Cyberattacks

• Fake ChatGPT Apps may Fraud you out of Your Money

• How Hackers Launched an Attack on European Spacecraft

• Data And Employees Of BSI Shared On The Dark Web By LockBit Ransomware Gang

• TikTok to let Oracle view source code, algorithm, and content moderation

• Red Hat Pushes New Tools to Secure Software Supply Chain

• Rheinmetall Says Military Business Not Impacted by Ransomware Attack

• Google Launches Bug Bounty Program for Mobile Applications

• Iranian Hackers Using New Windows Kernel Driver in Attacks

• Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking

• Microsoft: BEC Attackers Evade ‘Impossible Travel’ Flags With Residential IP Addresses

• TikTok to let Oracle view source code, algorithm and content-moderation

• China Says AI Disruption Could Pose ‘Serious Challenge’

• North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware

• German arms manufacturer Rheinmetall suffered Black Basta ransomware attack

• 5 Ways Hackers Will Use ChatGPT For Cyberattacks

• Conceal and White Rock Cybersecurity partner to isolate browsing sessions

• IRONSCALES and Infinigate collaborate to provide customers with email security solution

• Fusion Risk Management TPRM enhancements deliver continuous monitoring of third parties

• Dark Web Monitoring: Unveiling the Underground Ecosystem of Cybercriminals

• EU Restarts Apple Tax Case Before EU’s Top Court

• Enterprises Must Prepare Now for Shorter TLS Certificate Lifespans

• Amazon’s PillPack Reports Data Breach Affecting More Than 19,000

• China Hasn’t Told Micron Why It Failed Security Review, Or What Its Ban Means

• Uncle Sam Strangles Criminals’ Cash Flow By Reining In Money Mules

• Ads For Lucrative Jobs In Asia Fail To Mention Chance Of Slavery As Crypto-Scammer

• KeePass Bug Lets Attackers Extract The Master Password From Memory

• FBI Warns of Hackers Exploiting Public Charging Stations to Steal iPhone Data

• This Brute-force Fingerprint Attack has the Potential to Compromise Your Android Phone

• Hypervisors and Ransomware: Defending Attractive Targets

• SFPD Obtained Live Access to Business Camera Network in Anticipation of Tyre Nichols Protest

• Ensuring Qr Code Safety: Best Practices For Secure Scanning

• How To Reduce The Security Risk Of Remote Work

• Mastercard collaborates with HealthLock to protect medical data

• WithSecure releases Cloud Security Posture Management to identify insecure cloud configurations

• N-able partners with JCDC to reduce security risk for MSPs

• ESET: Android App ‘iRecorder – Screen Recorder’ Trojanized with AhRat

• How To Plan An App Launch

• Microsoft China Exec Warns Of Hasty China AI Investments

• New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East

• The Rising Threat of Secrets Sprawl and the Need for Action

• Why is electronics so important today and how to secure your data?

• Schools’ AI Weapon Detection Systems Accused Of Flaws

• Mitigating Risks in Cloud Native Applications

• Cutting Through the Noise: What is Zero Trust Security?

• Two-Thirds of IT Leaders Say GDPR Has Reduced Consumer Trust

• A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

• Regulator Group Proposes First Global Crypto Rules

• AppMap: A map to reduce developer toil

• A Bright Future for Forensic Analysis

• #TripwireBookClub – How to Hack Like a Legend

• Simple OSINT techniques to spot AI-fueled disinformation, fake reviews

• Future Exploitation Vector: File Extensions as Top-Level Domains

• TikTok Sues Montana Over App Ban

• Employer Of Record Germany And Hiring: What You Need To Know

• FBI Misuse of Surveillance Tool on Jan. 6 Protesters

• WhatsApp Lets Users Edit Sent Messages – For 15 Minutes

• Meet the GoldenJackal APT group. Don’t expect any howls

• An Exploding Pentagon In A Fake Photo Sends Twitter Into Frenzy

• Privileged Access Management (PAM) Best Practices

• IAM-Driven Biometrics: The Security Issues with Biometric Identity and Access Management

• Need to improve the detection capabilities in your security products?

• China Bans U.S. Chip Giant Micron, Citing “Serious Cybersecurity Problems”

• 8 Key Components of a CIAM Platform

• BlackCat Ransomware affiliate uses signed kernel driver to evade detection

• BrutePrint – Bruteforce Attack to Bypass User Authentication on Smartphones

• 7 access management challenges during M&A

• Ads for lucrative jobs in Asia fail to mention chance of slavery as crypto-scammer

• Cyber threat with iPhone Phone Link feature on Windows 11 laptops

• Online scams target bargain-hunting holiday travelers

• The fragmented nature of API security ownership

• Gap between OT security assumptions and reality

• FCW Insider Chat: The top winners of the Fed100

• A Threat to Passkeys? BrutePrint Attack Bypasses Fingerprint Authentication

• China hasn’t told Micron why it failed security review, or what its ban means

• Interview With a Crypto Scam Investment Spammer

• A week in security (May 15-21)

• Update now: 9 vulnerabilities impact Cisco Small Business Series

• ChatGPT: Cybersecurity friend or foe?

• Webinar recap: EDR vs MDR for business success

• Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11

• Uncle Sam strangles criminals’ cashflow by reining in money mules

• Newly Public FISC Opinion is The Best Evidence For Why Congress Must End Section 702

Generated on 2023-05-24 23:55:35.824050