IT Security News Daily Summary 2023-06-13

• Spy agencies acquire commercial data with little coordination and few controls

• CISA’s new directive targets devices that can be configured over public internet

• VERT Threat Alert: June 2023 Patch Tuesday Analysis

• Cyberattacks surge to 61% of small and medium-sized businesses, says study

• Harness the Power of PKI to Battle Data Breaches

• What Reddit Got Wrong

• Spring Cloud: How to Implement Service Discovery (Part 1)

• Microsoft Patch Tuesday, June 2023 Edition

• U.S. Intelligence Has Amassed Sensitive And Intimate Data On Nearly Everyone

• Chinese Spies Caught Exploiting VMware ESXi Zero Day

• Fortinet Warns Customers Of Possible Zero Day Exploited In Limited Attacks

• MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs

• Hackers Can Steal Cryptographic Keys By Video Recording Power LEDs 60 Feet Away

• June Patch Tuesday: VMware vuln under attack by Chinese spies, Microsoft kinda meh

• Trade groups press White House to digitize forms of identification

• How targeted emails help one agency fill critical jobs

• New bill would give CISA greater cyber outreach responsibilities

• Mandiant: New VMware ESXi zero day used by Chinese APT

• Fortinet warns critical VPN vulnerability ‘may’ be under attack

• Red Hat compliance certifications and attestations achieved

• June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

• Governor signs bill paving the way for state-level AI bill of rights

• Lawmaker advocates ‘all-of-the-above’ approach to fix cyber worker shortage

• The FTC Forces Ring to Take User Privacy Seriously

• As Kentucky’s largest coal producer mines bitcoin, its power discounts draw scrutiny

• Debt deal casts doubt on CHIPS Act innovation hubs

• The best secure browsers for privacy in 2023

• Chinese Cyberspies Caught Exploiting VMware ESXi Zero-Day

• Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks

• St. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure

• Last of the Gozi 3 sentenced over Windows info-stealing malware ops

• Top 10 cybersecurity findings from Verizon’s 2023 data breach report

• oak9 adds GitLab support to alert developers of security gaps

• HashiCorp expands its identity-based security portfolio

• Google grants $12 million to bolster NYC’s cybersecurity ecosystem

• UK’s Ofcom confirms cyber attack as PoC exploit for MOVEit is released

• Cyber insurance: What is it and does my company need it?

• Gozi banking malware “IT chief” finally jailed after more than 10 years

• How Security Leaders Should Approach Cybersecurity Startups

• CosmicEnergy ICS Malware Poses No Immediate Threat, but Should Not Be Ignored

• Patch Tuesday: Critical Flaws in Adobe Commerce Software

• Fortinet Addresses Critical FortiGate SSL-VPN Vulnerability

• Clop Ransomware gang strikes London Transport for London (TfL)

• Rise of AI in Cybercrime: How ChatGPT is revolutionizing ransomware attacks and what your business can do

• The role of cybersecurity in financial institutions -protecting against evolving threats

• How can small businesses ensure Cybersecurity?

• When internet security is a requirement, look to dedicated fiber

• Crypto Wallets Under Attack By DoubleFinger Malware

• Beware: New DoubleFinger Loader Targets Cryptocurrency Wallets with Stealer

• Cynerio partners with Microsoft to ensure the security of medical and IoT devices

• IoT: Why is this Attacker’s Favorite Target?

• Nvidia’s AI Software Raises Concerns Over Exposing Sensitive Data

• Mountain View Hospital Restores Operations, Two Weeks Following the Cyberattack

• How to Prevent Phishing Attacks

• Accused Cybercriminals: Russians Charged with Hacking Mt. Gox Crypto Exchange and Manages BTC-e

• Government has a policy over people problem, civic tech leader argues

• Virtual Event Today: CISO Forum 2023 – Register to Join

• #InfosecurityEurope: Armis Highlights Riskiest Devices in Critical Infrastructure

• Seceon unveils two products for MSPs and MSSPs to quantify risk

• GuidePoint Security improves organizations’ security posture and ROI with its BASaaS

• The commonality of criminal intrusion

• Are smartphone thermal cameras sensitive enough to uncover PIN codes?

• Over Half of Security Leaders Lack Confidence in Protecting App Secrets, Study Reveals

• DDoS threats and defense: How certain assumptions can lead to an attack

• OneTrust enhances data policy engine to identify data security and privacy risks

• Dragos Partner Program helps users strengthen OT cybersecurity

• NETSCOUT introduces Visibility Without Borders platform

• New Research Shows Potential of Electromagnetic Fault Injection Attacks Against Drones

• Romanian Operator of Bulletproof Hosting Service Sentenced to Prison in US

• Top 42 Cybersecurity Companies To Know in 2023

• Why Critical Infrastructure Remains a Ransomware Target

• Adversary-in-the-Middle Attack Campaign Hits Dozens of Global Organizations

• AMD Spurs AI Interest With Forthcoming MI300 Chip

• BreachForums Returns Under the Control of ShinyHunters Hackers

• ChatGPT and the Race to Secure Your Intellectual Property

• Google’s ChromeOS aims for enterprise with security and compatibility

• A database containing data of +8.9 million Zacks users was leaked online

• Insider Threat vs Outsider Threat: Which is Worse?

• Cato Networks Breaks SASE Speed Barrier (Again) With 5 Gbps Encrypted Tunnels to Sites and the Cloud

• ‘Aggressive’ China cyberattacks are the ‘defining threat’ of our time, top U.S. cyber official says

• Struggling Huawei Clinches Major China Mobile 5G Contract

• How to hack Facebook with just a phone number

• #InfosecurityEurope: What TechUK’s New Plan Means for Cybersecurity

• Dragos Launches OT Cyber Industry’s Only Global Partner Program to Span Technology, Services, Threat Intelligence, and Training

• PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

• Automation Anywhere and Google Cloud join forces to accelerate the adoption of AI

• Accenture announced a $3 billion investment in AI

• AI-powered malware is a growing security concern, CyberArk survey finds

• Strengthening Data Security: 5 Critical Controls to Protect Your Business

• Pros and Cons of Multi-Step Data Platforms

• Data of 8.8 Million Zacks Users Emerges Online

• Ransomware Attack Played Major Role in Shutdown of Illinois Hospital

• Bank of China Boosts Hong Kong Crypto With Tokenised Security

• #InfosecurityEurope: Leading Cybersecurity Providers to Share Insights on Breach Containment

• UFO Whistleblower, Meet a Conspiracy-Loving Congress

• Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack

• Webinar – Mastering API Security: Understanding Your True Attack Surface

• Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

• Identifying the Idaho Killer

• Zacks Investment Research Faces Larger Data Breach Affecting 8.8 Million Users

• Amazon Uses AI To Track Down Fake Reviews

• CoWIN Data Leak – Personal Data of COVID Vaccine Recipients Leaked on Telegram

• Ethical AI and Responsible Data Science: What Can Developers Do?

• #InfosecurityEurope: Top Five Things to Check Out at This Year’s Event

• Art = Human + Machine

• These Microsoft Office security signatures are ‘practically worthless’

• US FTC Seeks Injunction Blocking Microsoft-Activision Deal

• Microsoft Pays $20m to Settle Another FTC COPPA Case

• Armis Identifies Riskiest OT and ICS Devices across CNI

• What Is the Future of Virtual Reality (VR) in Casino Gaming?

• Ofcom Hit By MOVEit Extortion Hack

• Malicious hackers are weaponizing generative AI

• Equipment reassignment checklist

• Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks

• Ofcom Latest MOVEit Victim as Exploit Code Released

• Russia-Ukraine war sending shockwaves into cyber-ecosystem

• Ransomware Insurance: Security Strategies to Obtain Coverage

• Yaccarino Lays Out Vision For Twitter 2.0 As ‘Global Town Square’

• Historic Zacks Breach Impacts Nearly Nine Million

• UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day

• US charges two men with Mt. Gox heist, the world’s largest cryptocurrency hack

• ChatGPT and Data Privacy

• Incorporating cloud security teams into the SOC enhances operational efficiencies

• Building a hyper-connected future with 6G networks

• Quantum computing’s threat to national security

• How to achieve cyber resilience?

• Need to improve the detection capabilities in your security products?

• Critical FortiOS and FortiProxy Vulnerability Likely Exploited – Patch Now!

• UK telco watchdog Ofcom, Minnesota Dept of Ed named as latest MOVEit victims

• Ransomware related news headlines trending on Google

• Experts released PoC exploit for MOVEit Transfer CVE-2023-34362 flaw

• The intersection of telehealth, AI, and Cybersecurity

• China’s cyber now aimed at infrastructure, warns CISA boss

• India probes medical info ‘leak’ to Telegram

• 2023-06-10 – 30 days of Formbook: Day 6, Saturday 2023-06-10 – “SN84”

• 2023-06-11 – 30 days of Formbook: Day 7, Sunday 2023-06-11 – GuLoader Formbook “XCHU”

• 2023-06-12 – 30 days of Formbook: Day 8, Monday 2023-06-12 – “EE2Q”

• API Security: Unveiling Best Practices for a Secure Digital Ecosystem

• Balancing User and Business Needs: The Key to Successful Digital Product Strategy

• A week in security (June 5 – 11)

• Public and free WiFi: Can I safely use it?

• More MOVEit vulnerabilities found while the first one still resonates

• Strava heatmap loophole may reveal users’ home addresses

• The California Legislature Must Stay The Course on Broadband Funding

• Unsealed: Charges against Russians blamed for Mt Gox crypto-exchange collapse

• House cyber panel’s NDAA draft prioritizes commercial tech, expert engagement

• Researchers Report First Instance of Automated SaaS Ransomware Extortion

• Pink Drainer Posed as Journalists, Stole $3M from Discord and Twitter Users

• IT Security News Daily Summary 2023-06-12

• Facebook Accused Of Discrimination In Job Ads Around The World

• Use of Multifactor Authentication (MFA) Nearly Doubles Since 2020, Okta Secure Sign-in Trends Reports Finds

• Fortinet squashes hijack-my-VPN bug in FortiOS gear

• Use of Multi-Factor Authentication (MFA) Nearly Doubles Since 2020, New Okta Secure Sign-In Trends Reports Finds

• Industry calls for clarity after White House extends software security form deadline

• Modern grants management requires data fabric agility and low-code simplicity

• Posing as journalists, Pink Drainer pilfers $3.3M in crypto

• Better data sharing begins with dispelling staff mistrust

• The best VPN services for iPhone and iPad in 2023

• MoveIT Transfer attacks highlight SQL injection risks

• 10 Important Security Tasks You Shouldn’t Skip

• RomCom Threat Actor Targets Ukrainian Politicians, US Healthcare

• A Massive Vaccine Database Leak Exposes IDs of Millions of Indians

• The US Is Openly Stockpiling Dirt on All Its Citizens

• Microsoft stole our stolen dark web data, says security outfit

• Efforts to get data equity-ready will also support AI

• Intellihartx data breach exposed the personal and health info of 490,000 individuals

• History revisited: US DOJ unseals Mt. Gox cybercrime charges

• How To Optimize the Performance and Security of Your Website Using Modern Tools and Techniques

• Why Data Security is the Unsung Hero Driving Business Performance

• ‘Stealth Soldier’ Attacks Target Libyan Government Entities With Surveillance Malware

• VMware’s DEX solution empowers IT teams with data-driven insights

• The Six Best Ways To Safeguard Data Centers With Robust Security Solutions

• Reducing security debt

• Supply Chain Attack Defense Demands Mature Threat Hunting

• Indian CoWIN data breach not true says government

• Understanding AI risks and how to secure using Zero Trust

• Forrester Names Check Point a Leader in Enterprise Email Security Wave

• TuxCare SecureChain for Java strengthens software supply chain security

• Erik Prusch joins ISACA as CEO

• To Save the News, We Need an End-to-End Web

• Meta’s Ambitious Move: Launching a Dedicated App to Challenge Twitter’s Dominance

• Cybersecurity Defense: Employee Cybersecurity Awareness Now a Priority

• A Hacking Group Spotted Combining Cybercrime and Cyberespionage

• Aberdeen AI Trial helps Doctors Spot Breast Cancers

• How to make sure the reputation of your products and company is good

• ‘We are not greedy,’ Cramer says, urging market discipline

• Generative AI Threatens Digital Identity Verification, Says Former CTO of Aadhar

• University of Manchester Cyber Attack – Hackers Stolen Sensitive Data

• Stellar Cyber collaborates with Mimecast to minimize email-based attack impacts

• The multiplying impact of BEC attacks

• It’s time to patch your MOVEit Transfer solution again!

• Darktrace unveils AI models that help protect data privacy and intellectual property

• Threat Actors Target the University of Manchester in Cyberattack

• What Is User Access Review?

• Patching Required! New Critical SQL Injection Vulnerabilities Found in MOVEit

• Salesforce Offers ‘Open’ Generative AI Suite

• PM: UK Can Be ‘Home Of Global AI Safety Regulation’

• Merging DevOps and SecOps is a Great Idea: Get Started Now

• Latest broadband map could mean less money for some states

• Doing Less With Less: Focusing on Value

• US Charges Russians With Hacking Cryptocurrency Exchange

• US Government Provides Guidance on Software Security Guarantee Requirements

• Researchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio Installer

• FUD Malware obfuscation engine BatCloak continues to evolve

• Understanding Neurodiversity in the Workplace to Create a Better Workplace Environment for Everyone

• Data Flows Between UK and US to be Simplified Under New Agreement

• With the market overbought, we’re booking some profits in this cybersecurity firm

• Lantum S3 bucket leak is prescription for chaos for thousands of UK doctors

• China Launches Supply Chain Expo Amidst US Pressure

• Baidu Ranks Top In Chinese ChatGPT-Style Chatbot Tests

• Strengthening Your Web App Security: Preventing SQL Injections

• VA to lean on automation, better IT to tackle wave of benefits claims

• Software Supply Chain: The Golden Container Ship

• Intellihartx Informs 490k Patients of GoAnywhere-Related Data Breach

• Hold it – more vulnerabilities found in MOVEit file transfer software

• Twitch ‘Removes’ New Ad Rules Following Outcry

• Swiss Fear Government Data Stolen in Cyberattack

• New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward

• Swiss Government Targeted by Series of Cyber-Attacks

• Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully Undetectable

• Why Now? The Rise of Attack Surface Management

• Checklist for how to become a business owner by selling your skills and passion

• Critical RCE Flaw Discovered in Fortinet’s FortiGate SSL-VPN Vulnerability, Patches Released

• Meta ‘Prepares To Launch Twitter Rival’

• Two Russian Nationals Charged in Connection with Mt Gox Hack

• An Anti-Porn App Put Him in Jail and His Family Under Surveillance

• Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency

• Fortinet Patches Critical FortiGate SSL VPN Vulnerability

• Ukrainian Hackers Take Out Russian Banking Infrastructure

• Fortinet urges to patch a critical RCE flaw in Fortigate firewalls

• Thousands Of Reddit Forums Go Dark In Protest

• New Banking AitM Phishing and BEC Attacks Financial Organisations – Microsoft

• The Role of the SEC in Enforcing InfoSec Legislation

• Minding Your Data Leaks: Simple Steps to Help Prevent Leaks

• Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk

• Thales Partners with Google Cloud to Build New, Generative-AI Powered Security Features

• Hackers Impersonate Journalists to Steal Millions via Twitter and Discord

• Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme

• AI boosts Code Language and File Format identification on VirusTotal

• What Attacks Can Network Penetration Testing Prevent?

• Software developers, how secure is your software?

• Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls – Patch Now!

• Xplain data breach also impacted the national Swiss railway FSS

• Super Smash Flash 2 Unblocked – Let’s Play – 2023

• Cyber Attack news headlines trending on Google

• How Zero Trust helps CIOs and CTOs in Corporate Environments

• 100+ Best Ethical Hacking & Pentesting Tools – 2023

• Apple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs

• FBI: FISA Section 702 Absolutely Critical To Spy On, Err, Protect Americans

• Nvidia’s AI Software Tricked Into Leaking Data

• Progress Software Issues New Critical Fix For MOVEit Transfer App

• Online Muggers Make Serious Moves On Unpatched Microsoft Bugs

• Examining the long-term effects of data privacy violations

• Building a culture of security awareness in healthcare begins with leadership

• Lack of adequate investments hinders identity security efforts

• Cyber extortion hits all-time high

Generated on 2023-06-13 23:55:32.196047