IT Security News Daily Summary 2023-06-20

• Passwords out, passkeys in: are you ready to make the switch?

• Netskope Enables Secure Enterprise Use of ChatGPT and Generative AI Applications

• Cymulate Announces Security Analytics for Continuous Threat Exposure Management

• eSentire’s AI Investigator Chatbot Aids Human Response to Security Incidents

• Vacant White House cyber post draws concern amid global software breach

• Mayors: There’s a mental health crisis in every city

• Oreo cookie maker says crooks gobbled up staff info

• Jordanian Cyber Leaders Kick Off Cybersecurity Framework Development

• 100K+ Infected Devices Leak ChatGPT Accounts to the Dark Web

• NineID Raises $2.6M to Build a Secure Bridge Between the Digital and Physical Worlds of Corporate Security

• New Tsunami botnet targets Linux SSH servers

• Modern Access Control Explained

• How to Get Started With Istio in Kubernetes in 5 Steps

• Bipartisan bill proposes blue-ribbon panel to address AI risks, regulations

• Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps

• Going On the Defensive: Turning the Tide on The Cybersecurity Vulnerabilities Of Smart Home Devices With Value-Added Services

• Communicating Cyber Risk

• Data Governance – Data Privacy and Security – Part 1

• Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products

• Passwordless security gains ground for authentication

• Fresh Ransomware Gangs Emerge As Market Leaders Decline

• BlackCat Ransomware Group Claims to Have Stolen 80GB of Data from Reddit

• Reddit confirms BlackCat gang pinched some data

• Choosing the Right Functions in C Programming: Strcpy vs. Strncpy

• 5 ways generative AI will help bring greater precision to cybersecurity

• AI could shore up democracy – here’s one way

• FEMA’s buyout program reduces flood risk. But does it deepen segregation?

• Okta moves passkeys to cloud, allowing multi-device authentication

• Reddit Braces for Data Leak as Hackers Threaten to Expose Stolen Information

• Microsoft Acknowledges Hacking Incident Targeting Outlook and OneDrive in June

• Largest US Publisher Sues Google Over Online Ad Monopoly

• Animal movement powers new GPS wildlife tracker

• Schneider Power Meter Vulnerability Opens Door to Power Outages

• IRONSCALES boosts email security with generative AI capabilities

• eSentire AI Investigator provides real-time answers to security data queries

• Blockchain security: Everything you should know for safe use

• Implement zero trust to improve API security

• #InfosecurityEurope: Certifications Are No Guarantee of Security

• Mysterious Mystic Stealer Spreads Like Wildfire in Mere Months

• Hackers Threatened to Leak 80GB of Data Allegedly Stolen From Reddit in February

• All Veterans Affairs police officers to be issued bodycams, dashcams by end of 2023

• Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack

• Russian APT Group Caught Hacking Roundcube Email Servers

• ASUS warns router customers: Patch now, or block all inbound requests

• #InfosecurityEurope: Certifications are no guarantee of security

• Hackers Will Be Quick to Bypass Gmail’s Blue Check Verification System

• Protect and manage browser extensions using Chrome Browser Cloud Management

• 100,000 Hacked ChatGPT Accounts Discovered on Dark Web

• #InfosecurityEurope: Digital Dependence Means Government and Industry Must Bolster Collaboration

• Smart Pet Feeders Expose Personal Data

• CYE Hyver enhancements empower organizations with real-time risk analysis module

• Next DLP Scoped Investigations separates employee identity from their behavioral data

• Biden hosts an AI Forum in San Francisco

• Next-Generation Firewalls: A comprehensive guide for network security modernization

• Digital dumpster diving: Exploring the intricacies of recycle bin forensics

• Suzuki Agrees To Make “Flying Cars” With SkyDrive

• Megaupload Developers Plead Guilty to Avoid US Extradition

• Majority of Users Neglect Best Password Practices: Keeper Security

• Securing the Secure: The Importance of Secure Software Practices in Security Software Development

• Join Our #BetheResource – Torches Challenge 2023

• Potential Risk of Privilege Escalation in Azure AD Applications

• Biden to meet with AI experts to talk regulation and safety

• New ‘RDStealer’ Malware Targets RDP Connections

• OT:Icefall: Vulnerabilities Identified in Wago Controllers

• Over 100,000 ChatGPT Accounts Found in Dark Web Marketplaces

• ExaGrid Version 6.3 guards customers against external threats

• Photos: Infosecurity Europe 2023

• Orange Business, Orange Cyberdefense and Palo Alto Networks improve security for enterprises

• Cymulate Exposure Analytics provides users with an attacker’s view of their cyber resilience

• Google Seeks To Move Some Pixel Production To India

• #InfosecurityEurope: CISOs Must Be Better Marketers and Negotiators

• Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices

• One Overlooked Element of Executive Safety: Data Privacy

• As Data Gravity Goes Up, are Clouds Becoming Black Holes?

• Attackers discovering exposed cloud assets within minutes

• Facebook Rolls Back Controversial Misinformation Rules

• Adobe’s $20bn Deal For Figma At Risk From EU Regulators – Report

• PCI compliance

• #InfosecurityEurope: How to Weather the Coming Cybersecurity Storm

• Rorschach Ransomware: What You Need to Know

• We Can’t Do It Alone: Sharing Threat Intelligence Makes Everyone Safer

• Edgescan EASM allows organizations to secure their critical assets and applications

• Black Kite releases two modeling solutions for ransomware and business interruption scenarios

• Info Stealing Malware Dropped via Only Fans

• Progress Software Advises MOVEit Customers to Patch Third Severe Vulnerability

• #InfosecurityEurope: Michael Johnson Reminds Security Pros Where Success Comes from

• #InfosecurityEurope: ThriveDX Launches Cyber Academy for Enterprise to Address Skills Shortages

• Data Leak At Law Firm Sets Australia’s Elites Scrambling

• Over 100,000 ChatGPT Accounts Found For Sale On Dark Web

• Hacktivist Group Anonymous Sudan A Bear In Wolf’s Clothing

• Pentagon’s Secret Service: Monitoring Social Media for Criticism of Generals

• Microsoft: Disruptions in Outlook, Cloud Platform Services Were Caused by a Cyberattack

• Understanding Blockchain: The Network of Networks

• Massive Data Breach: Clop Ransomware Gang Targets MOVEit Transfer, Millions of Driver’s Licenses at Risk

• #InfosecurityEurope: Ironscales Launches GPT-Powered Chat Assistant for Self-Service Threat Reporting

• Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices

• How to Solve “Tap to Load” Problem on Snapchat – Troubleshooting Tips

• The Reddit Files: Hackers Demand $4.5M Ransom and API Access Waiver

• Helping production agencies deliver

• One overlooked element of executive safety: Data privacy

• Australian Government Says Its Data Was Stolen in Law Firm Ransomware Attack

• Fulfilling Expected SEC Requirements for Cybersecurity Expertise at Board Level

• How Much Does Penetration Testing Cost? 11 Pricing Factors

• Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer

• SaaS in the Real World: How Global Food Chains Can Secure Their Digital Dish

• Enterprises Planning Expansion Worry Over Connectivity, Expereo Finds

• Kafka: Navigating GDPR Compliance

• Tackling Data Sovereignty with DDR

• Understanding Cyber Resilience: Building a Holistic Approach to Cybersecurity

• Compromised Linux SSH servers engage in DDoS attacks, cryptomining

• Malwarebytes launches Reseller Partner Program to drive partner profitability

• Netskope Intelligent SSE helps enterprises securely manage employee use of generative AI apps

• Silobreaker unveils new geopolitical threat intelligence capabilities With RANE

• Why Businesses Should Consider Implementing Proxy Servers for Enhanced Security

• Supply Chain Attack: Abandoned S3 Buckets Used for Malicious Payloads

• The Benefits of Paying More Than the Minimum on Credit

• New CA/B Forum Code Signing Requirements in Effect – Is Your Organization Compliant?

• Over 100,000 compromised ChatGPT accounts found for sale on dark web

• Terra Co-Founder Do Kwon Prison Sentence

• Sign in to Leak Your Credentials – Attackers Abusing Legitimate Services

• ASUS Releases Patches to Fix Critical Security Bugs Impacting Multiple Router Models

• A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

• Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)

• 2023 Zero Trust Security Report Highlights

• The Real Value-Add of Red Teaming

• VirusTotal += Docguard

• Understanding the Microsoft Teams Vulnerability: The GIFShell Attack

• #InfosecurityEurope: Netskope Sets Out to Help Enterprises Safely Use ChatGPT

• Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces

• ASUS addressed critical flaws in some router models

• 4 Tips for Cultivating a Healthy Work Environment for Your Employees

• Need to improve the detection capabilities in your security products?

• Understanding and Mitigating the MOVEit Incidents

• UK set to ramp up citizen surveillance program

• Hackers Are Actively Using New Mystic Stealer Malware in Cyber Attacks

• Cyber Attack on European Investment Bank and Redditt

• Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign

• Data leak at major law firm sets Australia’s government and elites scrambling

• 10 open-source recon tools worth your time

• ChatGPT and data protection laws: Compliance challenges for businesses

• The significance of CIS Control mapping in the 2023 Verizon DBIR

• What if the browser was designed for the enterprise?

• Demand for STEM training skyrockets

• The future of passwords and authentication

• The Need for Innovation in DFIR

• GraphQL vs gRPC: Which One Creates More Secure APIs?

• Decrypting Cyber Risk Quantification

• A week in security (June 12 – 18)

• Phishing scam takes $950k from DoorDash drivers

• US dangles $10 million reward for information about Cl0p ransomware gang

• VPN for Privacy: Shielding Your Online Activities from Prying Eyes

• Valence Revolutionizes SaaS Security with AI

• Hackers Threaten to Release Reddit Data Unless API Changes Are Rolled Back

• IT Security News Daily Summary 2023-06-19

• Asus Patches Highly Critical WiFi Router Flaws

• Experts found components of a complex toolkit employed in macOS attacks

• Unlocking the Secrets of Smooth Domain Transfers: A Step-by-Step Guide

• These are the most hacked passwords. Is yours on the list?

• Cloud security leader Zscaler bets on generative AI as future of zero trust

• The best home security systems of 2023

• Fortinet Quietly Patched Pre-Auth RCE Flaw In Fortigate Firmware

• Stripe Payment Gateway Plugin Patched Serious IDOR Flaw

• New Skuld Malware Targets Windows To Steal Data

• New GravityRAT Android Malware Variant Steals WhatsApp Backups

• This Side-Channel Attack Exploits SMS Delivery Reports To Retrieve Location

• Data Breach at New BreachForums: 4,000 members’ data leaked

• 2023-06-17 – 30 days of Formbook: Day 13, Thursday 2023-06-17 – “MR04”

• 2023-06-18 – 30 days of Formbook: Day 14, Thursday 2023-06-18 – “JY05”

• 2023-06-19 – 30 days of Formbook: Day 15, Thursday 2023-06-19 – “CE18”

• Microsoft: DDoS attacks caused M365, Azure disruptions

• Megaupload duo will go to prison at last, but Kim Dotcom fights on…

• The best VPN services for iPhone and iPad in 2023

• Best VPN for streaming TV and movies in 2023

• New Information Stealer ‘Mystic Stealer’ Rising to Fame

• Consumer Data: The Risk and Reward for Manufacturing Companies

• CIOp Attacks: Ransomware Group Reveal Names of the MOVEit Zero-Day Attack Victims

• Mastering Proactive Defense: The Changing Face of Threat Hunting

• #InfosecurityEurope: Asset Visibility Gaps Jeopardize Security Compliance in NHS Trusts, Report Finds

• Law enforcement’s battle against Cryptocurrency crime

• Secure Coding Best Practices

• ESET PROTECT Elite protects users against ransomware and zero-day threats

• How to make sure the reputation of your products and company is good

• Breached credentials of UK top universities available on dark web

• Binance Issues Cease-And-Desist Notice To ‘Binance Nigeria’

• New Mystic Stealer Malware Targets 40 Web Browsers and 70 Browser Extensions

• The US Navy, NATO, And NASA Are Using A Shady Chinese Company’s Encryption Chips

• MOVEit Customers Urged To Patch Third Critical Vulnerability

• Bill Allowing CISA To Assist Foreign Governments Passes Senate Committee

• Abandoned S3 Bucket Used To Launch Malicious Payloads

• Microsoft Admits DDoS As Cause Of Recent Cloud Outages

• New Stealer Malware on the Rise: Mystic Stealer

• 73% of consumers trust what generative AI wants us to see

• Keep it, Tweak it, Trash it – What to do with Aging Tech in an Era of Consolidation

• Ransomware Gang Takes Credit for February Reddit Hack

• Akeyless Launches SaaS-based External Secrets Manager

• Western Digital Blocks Unpatched Devices From Cloud Services

• EU member states are urged to restrict without delay 5G equipment from risky suppliers

• iStorage launches datAshur PRO+C with Type-C USB interface

• Guess what happened to this US agency using outdated software?

• Cybersecurity Must Adopt a New Approach to Combat Underground Cybercrime Activities

• Vulnerability Management in DevSecOps

• Get 408 hours of cybersecurity training with this $80 bundle

• US Department of Energy Receives Dual Ransom Demands Amidst Expanding MOVEit Hack Fallout

• Name That Toon: Time to Spare?

• Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems

• PHP Hosting Explained ─ A Comprehensive Guide for Beginners

• Eve, Blade Team Up For Electric Flights In Europe

• ‘Sign in to continue’ and suffer : Attackers abusing legitimate services for credential theft

• Watch on Demand: 2023 CISO Forum Sessions

• IBM expands collaboration with Adobe to help users navigate the complex generative AI landscape

• Oil Industry Giant Shell Under Siege: Clop Group’s Ransomware Attack Exposes Vulnerabilities

• A History of Ransomware and the Cybersecurity Ecosystem

• Decoding Identity and Access Management For Organizations and Consumers

• US Investors Sniffing Around Blacklisted NSO Group Assets

• Generative AI Has Its Risks, But the Sky Isn’t Falling

• Intel Reaches Deal With Germany Over Magdeburg Chip Plant

• Introducing AI-guided Remediation for IaC Security / KICS

• Fighting Fire with Fire: Combatting LLM-Generated Social Engineering Attacks With LLMs

• Jaguar Land Rover Looks To AI To Secure Supply Chain

• Microsoft Discloses DDoS Attack Impact with Limited Details

• Microsoft confirms DDoS attacks against M365, Azure Portal

• A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

• Android GravityRAT Spyware Steals WhatsApp Backup Files

• MOVEit Customers Urged to Patch Third Critical Vulnerability

• Microsoft Confirms Hacking of Outlook & OneDrive – Layer 7 DDoS Attacks

• Power LED Side-Channel Attack

• Jack Ma Meets With Students In Japan, China

• Foxconn Boss Discusses iPhone Plant Chaos, EV Plans

• Intel Invests $25bn In Israel Chip Plant

• SBOM Security: Fundamentals and Best Practices

• State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

• Importance Of Phone Validation For Businesses: Ensuring Accurate Customer Data

• How to Protect Against the Four Largest Cybersecurity Threats to Your Supply Chain

• US Offers $10m Reward For MOVEit Attackers

• Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions

• Inside of the WASP’s nest: deep dive into PyPI-hosted malware

• Millions of UK University Credentials Found on Dark Web

• Diicot cybercrime gang expands its attack capabilities

• Outsource to infill on cyber security

• UK Pledges Millions in Cyber-Defense Aid to Ukraine

• Software developers, how secure is your software?

• With dead-time dump, Microsoft revealed DDoS as cause of recent cloud outages

• Singapore is not looking to regulate A.I. just yet, says the city-state’s authority

• Get a $10m reward for information about Clop Ransomware Gang

• Enhancing Cybersecurity through Effective Cybersecurity Intelligence

• How to simplify the process of compliance with U.S. Executive Order 14028

• Goodbyes are difficult, IT offboarding processes make them harder

• Three cybersecurity actions that make a difference

• Exploring the role of AI in cybersecurity

• 10 Best Vulnerability Scanner Tools For Penetration Testing – 2023

• Untangling the web of supply chain security with Tony Turner

• Is ChatGPT Ready to Disrupt Cybersecurity?

• With dead-time dump, Microsoft revealed DDoS as cause of cloud outages

• Soap2day Shuts Down Permanently – Free Legal and Paid Alternatives

• Microsoft: June Outlook and cloud platform outages were caused by DDoS

Generated on 2023-06-20 23:55:27.210900