IT Security News Daily Summary 2023-05-30

• Clean energy advancements hinge on steady funding, Energy official says

• Unmonitored networks put US nuclear arsenal at risk, GAO finds

• Windows 11: Enforcing password resets for local group users

• 421M Spyware Apps Downloaded Through Google Play

• Go Phish: How Attackers Utilize HTML Files to Evade Security

• SimpleTire Database Leak: Over 2.8 Million Records Exposed

• State looks to better assess vendor security

• IoT network streamlines state DOT traffic monitoring

• Agencies launch initiative to better identify minority-owned contractors

• Google offers certificate in cybersecurity, no dorm room required

• The Rush to SaaS Modernization Can Result in Reputational Damage

• Tenet and LayerZero Forge Cross-Chain LSD Adoption

• Debt limit deal would save feds’ paychecks, but freeze agency spending

• Federal Judge Makes History in Holding That Border Searches of Cell Phones Require a Warrant

• Pegasus-pusher NSO gets new owner keen on the commercial spyware biz

• The Perfect Blend: Qdoba’s SASE Information

• Vendors: Threat actor taxonomies are confusing but essential

• PyPI enforces 2FA authentication to prevent maintainers’ account takeover

• The Challenges with Passkeys: Addressing Limitations

• Authorization: Get It Done Right, Get It Done Early

• Budget and tech challenges loom over IRS’s direct file pilot

• GOP-led states plan new voter data systems to replace one they rejected

• Serious Security: Verification is vital – examining an OAUTH login bug

• Undetected Attacks Against Middle East Targets Conducted Since 2020

• Attackers hacked Barracuda ESG appliances via zero-day since October 2022

• EU’s Proposed Cyber Resilience Act Raises Concerns for Open Source and Cybersecurity

• Elon Musk Withdraws Twitter from EU’s Disinformation Code of Practice

• 9M Dental Patients Affected by LockBit Attack on MCNA

• New macOS vulnerability, Migraine, could bypass System Integrity Protection

• Telesign Trust Index a call to action for any enterprise that’s discounting cybersecurity

• Human Error Fuels Industrial APT Attacks, Kaspersky Reports

• Nigerian Cybercrime Ring’s Phishing Tactics Exposed

• CERN Spots Strange Higgs Boson Decay Breaking The Rules

• ABB Confirms Data Stolen In Black Basta Ransomware Attack

• Artificial Intelligence Could Lead To Extinction, Experts Warn

• Hacker Wins $105k For Reporting Flaws In Sonos One Speakers

• Introduction to the purpose of AWS Transit Gateway

• Warning: Lazarus Targets Windows IIS Web Servers For Initial Access

• Things ChatGPT cannot but Google Bard can do

• DogeRAT Malware Impersonates BFSI, Entertainment, E-commerce Apps

• Facebook Under Pressure For Allowing Racist Content To Spread In Australia

• ‘Hot Pixel’ Attack Exploits Novel GPUs and SoCs to Siphon Browsing History

• Raidforums Database Leak: Data of 460,000 Users Dumped Online

• How Web3 Is Driving Social and Financial Empowerment

• Now Social Engineering Attackers Have AI. Do You?

• PCI DSS 4.0: How to Delight the Auditors

• How Large is Your Target? Advice for the Smallest Businesses

• A database containing 478,000 RaidForums members leaked online

• RaidForums Members Data Leaked on New Hacking Forum

• Promoting Trust in Facial Recognition: Principles for Biometric Vendors

• Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

• China Approves Microsoft-Activision Deal ‘Unconditionally’

• Incident Response Guide

• Many Vulnerabilities Found in PrinterLogic Enterprise Software

• Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack

• PyPI Enforcing 2FA for All Project Maintainers to Boost Security

• Pentagon Leaks Emphasize the Need for a Trusted Workforce

• Why Attackers Target the Gaming Industry

• TenSec 2019

• Exploiting Wi-Fi Stack on Tesla Model S

• Tencent Keen Security Lab joins GENIVI Alliance

• Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars

• Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars

• Nvidia Set To Surpass $1tn As AI Surge Continues

• Google CTF 2023 – Rewards over $32,000 For Winners

• Implementing Risk-Based Vulnerability Discovery and Remediation

• CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security

• Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

• Is Your Organization Prepared Against Insider Threats?

• Enhancing Collaboration and Efficiency in DataOps With Git

• Demystifying SPF Record Limitations

• Frontegg launches entitlements engine to streamline access authorization

• Tricks of the trade: How a cybercrime ring operated a multi‑level fraud scheme

• Operation Red Deer

• Facebook Shares Private Information With NHS Trusts

• Laravel vs. Django: A Head-to-Head Comparison

• Bitcoin Trades At Steep Discount On Binance Australia

• Check Point offers new OffSec course via the MIND Learning and Training Portal

• Ransomware Gangs Adopting Business-like Practices to Boost Profits

• Beware of the new phishing technique “file archiver in the browser” that exploits zip domains

• To Save the News, We Must Ban Surveillance Advertising

• Play-to-Earn Games: A Beginner’s Guide

• Samsung ‘Pushes For Tax Payouts’ In Vietnam

• Get 9 cybersecurity courses for just $46

• April 2023 Cyber Attacks Timeline

• Crypto Bosses Look To China Ahead Of Hong Kong Rules

• The Right Help Desk for You: Is It That Complicated?

• Dark Web Data Leak Exposes RaidForums Members

• BrutePrint Attack allows to unlock smartphones with brute-forcing fingerprint

• A Comprehensive Guide to Online Gaming Withdrawals in Michigan

• Pension Funds Warn Members Over Capita Breach

• Disaster recovery in the cloud

• Retailer Database Error Leaks Over One Million Customer Records

• Nine Million MCNA Dental Customers Hit by Breach

• Amazon Offers Term Time-Only Working Amidst Strikes

• The Gravitational Pull of Data

• Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

• What Are the Key Trends in Cybersecurity Right Now?

• The root causes of API incidents and data breaches

• Need to improve the detection capabilities in your security products?

• Podcast Episode: Who Inserted the Creepy?

• Nvidia Builds AI Supercomputer In Israel Amidst Surging Demand

• Cybersecurity news headlines trending on Google

• New Phishing Attack Abuses .Zip Domain to Emulate Fake WinRAR Within the Browser

• Organizations spend 100 hours battling post-delivery email threats

• Generative AI: The new attack vector for trust and safety

• Penetration tester develops AWS-based automated cracking rig

• DOD submits classified cyber strategy to Congress

• A week in security (May 22-28)

• 2023-05-29 – Pcap and malware for ISC Diary (ModiLoader/Remcos RAT)

• IT Security News Daily Summary 2023-05-29

• Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals

• GitLab Released Emergency Fix For Critical Vulnerability – Update Now!

• Android Phone Hacked by ‘Daam’ Virus, Government Warns

• Chinese-Sponsored Hacking Group Targeting Critical U.S. Infrastructure, Microsoft Claims

• The Media & Entertainment Industries’ Major Public Cloud Security Issues

• Invicta Malware Delivered Through Fake GoDaddy Refund Invoices

• The Top 10 endpoint security challenges and how to overcome them

• The Future of Data Security: Staying Ahead of AI Threats

• XSS Flaw Riddled Beautiful Cookie Consent Banner WP Plugin

• New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

• How to make sure the reputation of your products and company is good

• US Augusta City targeted by BlackByte Ransomware Group

• New Phishing Kit: File Archivers in the Browser

• Nvidia Builds AI Supercomputer In Israeli Amidst Surging Demand

• Comparing Cloud Hosting vs. Self Hosting

• New Go-written GobRAT RAT targets Linux Routers in Japan

• Is Cybersecurity An Unsolvable Problem?

• OneMain Pays $4.5M After Ignored Security Flaws Caused Data Breaches

• AI Opinion: I Do Not Think Ethical Surveillance Can Exist

• Senator Wyden Seems Surprised By US Govt Spyware Stance

• Arm Rolls Out Next-Gen Smartphone Chip Tech

• Data Breach at MCNA Dental Insurer Impacts 9 Million Users

• Kyocera AVX: Electronic Manufacturer Company the Current Target of LockBit

• Free VPN Experiences Massive Data Breach, Putting Users at Risk

• Jimbos Protocol Hack: $7.5 Million Lost in Latest DeFi Attack

• Researchers analyzed the PREDATOR spyware and its loader Alien

• New Mirai Variant Campaigns are Targeting IoT Devices

• Top Cyberattacks Revealed in New Threat Intelligence Report

• 3 Challenges in Building a Continuous Threat Exposure Management (CTEM) Program and How to Beat Them

• AceCryptor: Cybercriminals’ Powerful Weapon, Detected in 240K+ Attacks

• Foxconn Raises Pay At Key China iPhone Plant

• China ‘To Put Humans On Moon’ By 2030

• Gaming Popularity Reaching Transcendental Status

• New Bandit Malware Attacks Browsers to Steal Personal & Financial Logins

• Why is Montana banning TikTok?

• Lawyer Submits Brief With False ChatGPT-Generated References

• The Royal & BlackCat Ransomware: What you Need to Know

• A Brief Introduction to the World of IP Addresses

• New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

• Twitter Quits EU Code Of Practice On Disinformation

• Tech-Driven House Hunting: How Technology is Revolutionizing the Rental Search Process

• Online Marketing Essentials: Budgeting and Strategy for Growing Businesses

• 5 Ways Technology is Simplifying the Certificate of Conduct Application Process

• Main Features of World of Warcraft Wrath of the Lich King

• Singapore Wealth Fund Cuts Pay Amidst FTX Fallout

• Protecting your business: Advice to SMB CEOs from a former CIO

• Software developers, how secure is your software?

• Don’t Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims

• Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

• New York county still dealing with ransomware eight months after attack

• Critical Google Cloud’s SQL Service Flaw Exposes Sensitive Data

• PyPI Implements Mandatory Two-Factor Authentication for Project Owners

• CISO-approved strategies for software supply chain security

• What is SaaS Security? – Types, Challenges, Threats & Protection Guide

• Now ransomware hackers targeting backups for ransom pay assurance

• Cybersecurity Research Topics for Beginners: Exploring the Fundamentals

• Digital nomads drive changes in identity verification

• Company size doesn’t matter when it comes to cyberattacks

• Top public cloud security concerns for the media and entertainment industry

• 3 principles biometric vendors should embrace to promote trust in facial recognition technology

Generated on 2023-05-30 23:55:19.167474