IT Security News Daily Summary 2023-05-26

• If Businesses Are To Get A Grip On Cybersecurity, They Need To Close Gender Gap

• 2 Lenses for Examining the Safety of Open Source Software

• US govt pushes spyware to other countries? Senator Wyden would like a word

• Gaming Firms and Community Members Hit by Dark Frost Botnet

• GAO identifies new infosec deficiencies in IRS system controls

• Solving digital inequity with resident input

• Dell called on NVIDIA hardware for Project Helix generative AI

• 130K+ Patients’ Social Security Numbers Leaked in UHS of Delaware Data Breach

• Prisons ‘under attack’ from drones delivering contraband

• CIO-SP4 protests move toward final decision

• How to use Google Smart Lock on iOS to lock down your Google Account

• Mirai Malware Hits Zyxel Devices After Command Injection Bug

• Tesla Whistleblower Leaks 100GB of Data, Revealing Safety Complaints

• List of Malicious Chrome Extensions: 9 Popular Add-Ons

• Why you should consider outcome-based security

• Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives

• Edgewater Wireless launches MLX 488 WiFi7 Spectrum Slicing platform

• Keysight E5081A ENA-X produces error vector magnitude measurements

• Time to challenge yourself in the 2023 Google CTF!

• Data Does Not Slow Down For Justice – how smart IT systems can better protect victims of serious crime

• Does Congress need a chief data officer?

• Phishing Domains Tanked After Meta Sued Freenom

• Events Ripper Updates

• Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data

• Rheinmetall Hit by BlackBasta Ransomware: Disruption to Arms Production

• How Inductive Automation’s endpoint security strategy makes manufacturing more secure

• Eliminating the speedbumps in EV charging station buildout

• What Is ZTNA? Zero Trust Network Access Explained.

• Using Ransomware to Extort Employers by Impersonating a Gang

• Insider threat leads to Tesla data breach

• iRecorder Android App Targeted Its Users With AhRAT Malware

• Dark Frost Botnet targets the gaming sector with powerful DDoS

• Augusta Cyberattack Claimed By BlackByte Ransomware Group

• Coalesce Partner Program helps automate the modern data stack

• Hopr raises $500K to accelerate product-led go-to-market strategy

• New Russian-Linked Malware Poses “Immediate Threat” to Energy Grids

• Iranian Attackers Employ Novel Moneybird Ransomware to Target Israeli Organizations

• Ericsson Whistleblower Awarded $279m By SEC

• Despite Tech Layoffs, Cybersecurity Positions are Hiring

• Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

• Dutch Watchdog Looking Into Alleged Tesla Data Breach

• BlackByte Ransomware Crew Claims City Of Augusta, Georgia

• CosmicEnergy Malware Poses Plausible Threat To Electric Grids

• Google Cloud Patches Vulnerability In CloudSQL Service

• Cognigy and Black Box partnership to accelerate deployment of conversational AI

• GitLab announces AI-DevSecOps platform GitLab 16

• How Safe Is Your Wearable Device?

• CosmicEnergy: The New Russian-Linked Malware Targets Industrial System

• Companies May Now Prepare for a Shorter TLS Certificate Lifespans

• Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation

• Predator Android Spyware: Researchers Sound the Alarm on Alarming Capabilities

• 5 Must-Know Facts about 5G Network Security and Its Cloud Benefits

• Twitter Likely To Quit EU Code Against Disinformation, Says Official

• EFF at RightsCon 2023

• NCC Group Releases Open Source Tools for Developers, Pentesters

• Watch Now: Threat Detection and Incident Response Virtual Summit

• Zyxel Firewalls Hacked by Mirai Botnet

• Google Cloud Users Can Now Automate TLS Certificate Lifecycle

• Buhti Ransomware: Blacktail’s Newest Operation Affects Multiple Countries

• Elon Musk’s Neuralink Brain Chip Approved For Human Testing

• APT Hacker Group Attacking SMBs to Use Their Infrastructure

• New CosmicEnergy ICS malware threatens energy grid assets

• Rogue IT security worker failed to cover his tracks

• CIAM in insurance: A unified, secure user experience with a single login

• The Impact Of Technology On Modern Dating

• New Info Stealer Bandit Stealer Targets Browsers, Wallets

• Romania’s Safetech Leans into UK Cybersecurity Market

• Phishers use encrypted file attachments to steal Microsoft 365 account credentials

• Has Technology Brought Us Closer Together Or Further Apart?

• Breaking Barriers: How a Business Coach Can Support Your Professional Development

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

• Silicon UK Pulse: Your Tech News Update: Episode 4

• Don’t fall for it! How scammers are tricking businesses with fake invoices

• Heimdal®’s Threat Prevention Endpoint Wins ‘Cloud-Based Solution of the Year’ at the Network Computing Awards 2023

• AI demand accelerates NVIDIA market value to $1 trillion

• Will AI technology change our lives to good or bad

• New infosec products of the week: May 26, 2023

• New Buhti ransomware uses leaked payloads and public exploits

• Phishers use encrypted file attachments steal Microsoft 365 account credentials

• CosmicEnergy, Russian New Strain Of Malware Attacking Electric Grids

• Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

• Cybercriminals masquerading as MFA vendors

• Strengthening travel safety protocols with ISO 31030

• Threat actors exploit new channels for advanced phishing attacks

• Fresh perspectives needed to manage growing vulnerabilities

• BlackByte ransomware crew lists city of Augusta after cyber ‘incident’

• It’s 2023 and Sri Lanka doesn’t have a cyber security authority

• Russia’s War in Ukraine Shows Cyberattacks Can Be War Crimes

• “Beautiful Cookie Consent Banner” WordPress plugin vulnerability: Update now!

• Hasta La Vista Human Powers — Automating the Automation

• Operation Magalenha: Brazilian Hackers Hit Portuguese Banks in Malware Attack

• SSA says it will offer data matches to government benefit programs

• Experts laud GDPR at five year milestone

• Launch your cybersecurity career with this ethical hacking bundle

• D-Link fixes two critical flaws in D-View 8 network management suite

• Chinese state-sponsored hackers infiltrated U.S. naval infrastructure, secretary of the Navy says

• User-friendly data reporting helps one agency tackle hate acts

• CosmicEnergy Malware Emerges, Capable of Electric Grid Shutdown

• Red Hat Tackles Software Supply Chain Security

• ‘Volt Typhoon’ Breaks Fresh Ground for China-Backed Cyber Campaigns

• IT Security News Daily Summary 2023-05-25

• DHS’ cyber agency seeks small biz support for strategic planning

• Building better maps with open data on building heights

• Lazarus Group Striking Vulnerable Windows IIS Web Servers

• Chinese state-sponsored hackers infiltrated U.S. naval infrastructure, Secretary of the Navy says

• Spotted: Suspected Russian malware designed to disrupt Euro, Asia energy grids

• RBAC With API Gateway and Open Policy Agent (OPA)

• 9 smart contract vulnerabilities and how to mitigate them

• Game over for negligence: What game companies need to know about fast-approaching new trust and safety regulations

• House passes bill to permanently authorize VA’s tech training program

• Microsoft warns of Volt Typhoon, latest salvo in global cyberwar

• Chinese hackers targeting U.S. critical infrastructure

• Netflix’s Password-Sharing Ban Offers Security Upsides

• Smart contract vulnerabilities and how to mitigate them

• Prepare for the Azure Security Engineer Associate certification

• Zyxel firewall and VPN devices affected by critical flaws

• Victory in California! Police Instructors Can’t Claim Copyright Protections to Block Release of Use-of-Force and Other Training Materials

• AI Technology Is Drastically Disrupting the Background Screening Industry

• Memcyco Delivers Real-Time Brandjacking Detection and Protection Solution

• Perception Point Report Finds That Advanced Phishing Attacks Grew by 356% in 2022

• Bcrypt, a Popular Password Hashing Algorithm, Starts Its Long Goodbye

• State turns to the cloud to manage transportation projects

• Microsoft warning about China hacking highlights tensions in South China Sea, says Phosphorus CEO

• Netflix’s Password Sharing Crackdown Goes Global: 103 Countries Affected

• AI Revolutionizes Job Searching, Promotions, and Workplace Success in America

• Virgin Galactic Spaceplane Lands Safely After Test Flight

• How to conduct a smart contract audit and why it’s needed

• WithSecure launches ‘outcome-based’ security at Sphere23 conference

• S3 Ep136: Navigating a manic malware maelstrom

• The Imperative of Automating Fraud Detection in Financial Institutions

• Bank of Ghana Opens SOC to Enable Threat Intelligence Sharing

• EU Approves Viasat Inmarsat Merger

• How I Got Started: White Hat Hacker

• New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids

• Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation

• Users dish on ransomware protection, recovery at VeeamON

• Data Breach At Apria Healthcare Affects 2 Million People Now Notified

• NordPass unveils File Attachments functionality

• Civil Liberties Groups Demand California Police Stop Sharing Drivers’ Location Data With Police In Anti-Abortion States

• Cyber agencies unveil updated ransomware guide

• Advanced Phishing Attacks Surge 356% in 2022

• Reflections On Ten Years Past The Snowden Revelations

• Google Trust Services ACME API available to all users at no cost

• Happy Mother’s Day! Serving, surviving, and thriving as a mom with a cyber career

• Expo Framework API Flaw Reveals User Data in Online Services

• ChatGPT now generates Malware mutations

• Google Introduces Mobile VRP For Its Android Apps

• NCSC Warns Against Chinese Cyber Attacks on Critical Infrastructure

• Google Cloud Bug Allows Server Takeover From CloudSQL Service

• ‘Operation Magalenha’ Attacks Gives Window Into Brazil’s Cybercrime Ecosystem

• Zyxel Issues Critical Security Patches for Firewall and VPN Products

• Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry

• Tufin R23-1 prevents security blind spots with improved network access automation

• AI Knife Detection System Fails at Hundreds of US Schools

• Microsoft Issues Alert Over Rise in Advanced Phishing Scams

• How is 3-2-1 Backup Policy now Out-dated?

• Criminal Digitisation: How UK Police Forces Use Technology

• Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

• Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised

• Security Pros: Before You Do Anything, Understand Your Threat Landscape

• New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grid

• Chinese Hackers That Triggered US Alarm Hit Defense Targets

• Why Are 1.8M Apria Patients Just Now Being Notified Of A 2021 Breach?

• API Bug In OAuth Dev Tool Opened Apps To Account Hijacking

• UN Official And Others In Armenia Hacked By NSO Group Spyware

• Legion Malware Expands Scope To Target AWS CloudWatch Monitoring Tool

• So the FBI ‘persistently’ abused its snoop powers. What’s to worry about?

• Microsoft Appeals CMA Veto Of Activision Blizzard Acquisition

• New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

• Cynet Protects Hospital From Lethal Infection

• China-linked APT Volt Typhoon targets critical infrastructure organizations

• Invisible Chinese Hackers Penetrate American Bases And Guam

• Corvus Signal provides continuous threat analysis, tailored alerts and always-on recommendations

• Dangerous Regions: Isolating Branch Offices in High-Risk Countries

• What Makes React.js and Node.js the Best Technologies for Building High-Performance Web Apps in 2023?

• CISO Criminalization, Vague Cyber Disclosure Rules Create Angst for Security Teams

• Malicious Windows Kernel Drivers Utlized in BlackCat Ransomware Attacks

• Downing Street Acknowledges ‘Existential’ Risk Of AI

• How Cross-Chain DEXes are Democratizing the Crypto Market?

• Heads Up CEO! Cyber Risk Influences Company Credit Ratings

• Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

• European Cybersecurity Firm Sekoia.io Raises $37.5 Million

• Apria Healthcare Notifying 2 Million People of Years-Old Data Breaches

• How Cybersecurity Reporting Tools Can Help Enhance Your Incident Response Capabilities

• Samsung ASLR Bypass Flaw Is Actively Exploited – Warns CISA

• Buhti Ransomware Adopts Stolen Encryptors For Windows & Linux

• Microsoft, Five Eyes Warn Of Chinese Spying On US Critical Infrastructure

• Wireshark 4.0.6 Released – Fix for 9 vulnerabilities

• Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

• Webinar with Guest Forrester: Browser Security New Approaches

• Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks

• Phishing campaign targets ChatGPT users

• Five Eyes agencies detail how Chinese hackers breached US infrastructure

• North Korea-linked Lazarus APT targets Microsoft IIS servers to deploy malware

• New security model launched to eliminate 95% of cyber breaches

• Tips to Protect Against Holiday and Airline Scams

• Latest Chinese state-sponsored attacks on critical US infrastructure spies a continuation of trend, Reports Check Point Research

• Azure Virtual WAN security is enhanced by Check Point CloudGuard, now Generally Available

• Check Point Announces Quantum DDoS Protector X Series with Advanced SecOps Capabilities

• Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances

• GitLab Security Update Patches Critical Vulnerability

• Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations

• Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)

• 16-30 April 2023 Cyber Attacks Timeline

• Facial recog system used by Met Police shows racial bias at low thresholds

• Virgin Orbit Shuts Down After Chapter 11 Filing

• File Upload Security and Malware Protection

• Why Today’s Online Entertainment Can Be Compulsive and Self-Control Techniques

• When Does Your iPhone Become Unsafe to Use? – Intego Mac Podcast Episode 293

• Be Cyber-Vigilant on Your Cruise with These Cyber Security Tips

• China’s Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected

• Abusing Web Services Using Automated CAPTCHA-Breaking Services and Residential Proxies

• Biden Picks New NSA Head, Key to Support of Ukraine, Defense of US Elections

• Microsoft Catches Chinese .Gov Hackers Targeting US Critical Infrastructure

• SMBs Targeted by State-Aligned Actors for Financial Theft and Supply Chain Attacks

• AI Used to Create Malware, WithSecure Observes

• Combining GCN and Route Fifty: A note to our readers

• Do you know what your supply chain is and if it is secure?

• Apria Healthcare Hacked – Over 2M Users Data Exposed

• Cybersecurity Asset Inventory in Your Home

• The Rise of the Sovereign Cloud

• Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites

• KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

• Navigating the complex world of Cybersecurity compliance

• OneNote documents have emerged as a new malware infection vector

• Fully Encrypted GuLoader Uses Google Drive to Download Payloads

• The Security Hole at the Heart of ChatGPT and Bing

• GUAC 0.1 Beta: Google’s Breakthrough Framework for Secure Software Supply Chains

• Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware

• What are the Common Security Challenges CISOs Face?

• Microsoft alerts United States on Volt Typhoon Cyber Attack campaign

• The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals

• Combining FCW and Nextgov: A Note to Our Readers

• 12 vulnerabilities newly associated with ransomware

• Realistic simulations are transforming cybersecurity training

• How smart bots are infecting and exploiting the internet

• Five Eyes and Microsoft accuse China of attacking US infrastructure again

• Space Force will look at how to hack targets from space

• Debt ceiling furloughs are unconstitutional, union will argue before court next week

• Top 10 Cloud Workload Protection Platforms (CWPP) in 2023

• CISA updates ransomware guidance

• Webinar alert: How Coffee County Schools safeguards 7500 students and 1200 staff

• Tracking down a trojan: An inside look at threat hunting in a corporate network

• Rheinmetall attacked by BlackBasta ransomware

• This legit Android app turned into audio-snooping malware – and Google missed it

Generated on 2023-05-26 23:55:27.501816