IT Security News Daily Summary 2023-06-24

• DFIR Core Principles

• Someone is sending mysterious smartwatches to the US Military personnel

• Web Application Security: A 2023 Guide

• Android Users Beware: Glitch in 999 Call Feature Raises Concerns

• Remote Work and the Cloud Create Various Endpoint Security Challenges

• Malaysia Threatens Legal Action Against Facebook For Failing To Remove Harmful Content

• Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam

• U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

• Gen Digital Falls Prey to MOVEit Data Breach Attack

• Here’s Why Cybercriminals are Shifting Their Base from Tor to Telegram

• All You Need to Know About the ‘Vehicle Privacy Report’

• Founder of the World’s Largest Hacker Forums Arrested

• Confidential computing: 5 support technologies to explore

• Google bug bounties inch closer to Microsoft’s payouts

• Update Your iPhone Right Now to Fix 2 Apple Zero Days

• Flying this weekend? This $6 USB condom will protect your data from suspicious outlets

• Amazon Faces Lawsuit for Deceptive Prime Practices

• Passport Forgery Suspect Do Kwon Jailed in South Korea

• Unlock the Power of Smart Lighting in Your Business – The Latest Trends & Technologies

• Build or Buy your own antivirus product

• New JavaScript-based Dropper Delivers Bumblebee and IcedID Malware

• Amazon Sued For Tricking Users to Get Prime Subscriptions

• Dell Technologies World 2023: Q&A on how Dell sees security at the edge

• 5 facts to know about the Royal ransomware gang

• Microsoft Azure AD flaw can lead to account takeover

• CISA orders govt agencies to fix recently disclosed flaws in Apple devices

• Civil Society Calls on Tech Firms to Oppose Protest Song Ban

• Californians: Tell the Governor and Legislature to Keep Their Promise on Broadband Funding

• IT Security News Daily Summary 2023-06-23

• Silobreaker Unveils Geopolitical Threat Intelligence Capabilities With RANE at Infosecurity Europe 2023

• ITDR Combines and Refines Familiar Cybersecurity Approaches

• NSA: BlackLotus BootKit Patching Won’t Prevent Compromise

• House Oversight members want Login.gov documents outlining $187M modernization award

• Public transit systems remain vulnerable to cyber threats

• Suspicious Smartwatches Mailed to US Army Personnel

• Chinese Espionage Malware Targets European Healthcare via USB Drives

• Democrats call YouTube ‘extremely irresponsible’ for election misinformation rollback

• 5 Best Chrome VPN Extensions for 2023

• Palo Alto Networks CTO Talks Securing ‘Code to Cloud’

• 11 Key Steps of the Patch Management Process

• VMware fixed five memory corruption issues in vCenter Server

• Most government software stinks. Here’s what you can do about it.

• EE To Deploy Temporary 4G, 5G Masts To Bolster Capacity

• Top 10 threat modeling tools, plus features to look for

• AWS Reveals $100m Programme To Fund AI Initiatives

• Dell Technologies World 2023: Interview with Rob Emsley on data protection, recovery and more

• GSA activates 5-year option on Alliant 2 IT vehicle

• The Pentagon’s ambitious AI plans look less and less like ChatGPT

• Why Legacy System Users Prioritize Uptime Over Security

• Microsoft Teams Attack Skips the Phish to Deliver Malware Directly

• NSA Releases Guide to Combat BlackLotus Malware

• First AI advisory committee report stresses getting regulatory balance right

• NIST launches new working group to tackle AI risks

• Air taxis are taking off. Cities should start planning now

• Patched OpenSSH Exploited for IoT, Linux Cryptomining

• Ransomware and phishing attacks continue to plague businesses in Singapore

• Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

• Black Hat Asia 2023: Cybersecurity Maturity and Concern in Asia

• Et tu, Brute? From Coworker and Confidant to Cybercriminal

• Business Logic Attacks: Why Should You Care?

• A Year Since Dobbs, The Fight For Reproductive Privacy and Information Access Continues

• Congress needs ‘private sector buy-in’ to address cyber workforce shortage

• Another state signals its intent to leave the voter data system

• NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections

• US Military Personnel Warned of Malicious Smartwatches

• Supply chain security for Go, Part 2: Compromised dependencies

• Russia-Aligned Hackers Trying to Disrupt Canada’s Energy Sector

• Student Sues Whiteworth University for Ransomware Attack

• OpenSSH Trojan Campaign Targets IoT and Linux Systems

• Inside the Dangerous Underground Abortion Pill Market Growing on Telegram

• Fortinet fixes critical FortiNAC RCE, install updates asap

• Wallarm API Abuse Prevention protects organizations against bot-based attacks

• Meta To Pull News On Facebook, Instagram In Canada

• NIST wants to help prevent cyberattacks on the water sector

• USB Drives Used as Trojan Horses By Camaro Dragon

• Cybercrime Group ‘Muddled Libra’ Targets BPO Sector with Advanced Social Engineering

• Digital-First Economy Has Transformed Role of CISO

• Steering Mobility Data to a Better Privacy Regime

• These are the most-loved Club stocks on Wall Street. Here’s where we stand

• 100K+ ChatGPT Login Credentials Leaked to the Dark Web

• Millions of GitHub repositories vulnerable to RepoJacking: Report

• Ransomware and phishing attacks continue to plague businesses in Southeast Asia

• CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws

• In Other News: Microsoft Win32 App Isolation,Tsunami Hits Linux Servers, ChatGPT Credentials Exposed on Dark Web

• How to Maximize the Value of Penetration Tests

• UPS Data Harvested for SMS Phishing Attacks

• Microsoft’s Bootkit Patches Offer False Sense Of Security Against BlackLotus Threat, NSA Says

• JavaScript Dropper Delivers Bumblebee And IcedID Malware

• Why Is It So Rare To Hear About Western Cyber Attacks?

• GCHQ Warns Ransomware Crews Are Targeting Law Firms

• Report: U.S. Intelligence Gathers ‘Sensitive and Intimate’ Data From ‘Nearly Everyone’

• PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

• PAIG combats the unpredictability of generative AI

• Tanium strengthens threat identification capabilities and enhances endpoint reach

• Digital Espionage: German Intelligence Agency’s NFT Collection Sets New Recruitment Standards

• The Rate of Rorschach Ransomware is Increasing; Here’s How to Safeguard Yourself

• Easy Configuration Fixes Can Protect Your Server from Attack

• Think Your Secrets are Safe in their Vault? Think Again

• How Government Contractors & Agencies Should Navigate New Cyber Rules

• Why Successful Central Bank Digital Currencies require Partnership engagement

• 12 Benefits of a VPN: Advantages of Network Protection

• What Is SCM (Security Configuration Management)?

• BlackLotus bootkit patch may bring “false sense of security”, warns NSA

• VMware Patches Code Execution Vulnerabilities in vCenter Server

• Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking

• Deception Technologies Have a Maturity Problem

• More than 1 in 3 UK&I workers are likely to click a phishing link

• API Security Is a Hot Topic, Here’s Why

• Celerium Compromise Defender detects and disrupts cyber compromise activity

• Microsoft Teams vulnerability allows attackers to deliver malware to employees

• McAfee releases online protection solution for small businesses

• UPS Discloses Data Breach Caused by an SMS Phishing Campaign

• UK cyberspies warn ransomware crews targeting law firms

• #InfosecurityEurope: BlackBerry Cybersecurity President Warns Against Heavy-Handed AI Regulation

• The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins

• 2.5M Genworth Policyholders and 769K Retired California Workers and Beneficiaries Affected by Hack

• Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware

• Aviatrix appoints Doug Merritt as Chairman, CEO, and President

• An Overview of the Different Versions of the Trigona Ransomware

• Inside the Illicit Market for Abortion Pills on Telegram

• The Importance of Training Employees in Cybersecurity

• Governmental Agencies Ordered by CISA to Patch Vulnerabilities Exploited by Russian APT Groups

• NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems

• IoT devices and Linux-based systems targeted by OpenSSH trojan campaign

• NCSC Updates Cybersecurity Guidance for the Legal Sector

• Millions of GitHub Repositories Are Vulnerable To RepoJacking

• Microsoft Teams Vulnerability Let Attackers Deliver Malware From External Accounts

• Manchester University Breach Victims Hit with Triple Extortion

• Keep it schtum!

• FBI Analyst Gets Three Years For National Security Breach

• New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices

• More than a million GitHub repositories potentially vulnerable to RepoJacking

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Silicon UK Pulse: Your Tech News Update: Episode 8

• Apple M1 Chips face LockBit Ransomware threat in development

• Can we get loan to pay ransom in ransomware attacks

• New infosec products of the week: June 23, 2023

• Operationalizing zero trust in the cloud

• Chinese malware intended to infect USB drives accidentally infects networked storage too

• Why Sucessful Central Bank Digital Currencies require Partnership enagement

• Law enforcement’s battle against Cryptocurrency crime

• Insurance companies neglect basic email security

• Security investments that help companies navigate the macroeconomic climate

• US cyber ambassador says China knows how to steal its way to dominance of cloud and AI

• What is XSS (Cross-Site Scripting)? – A Detailed Understanding Of the Type of XSS

• 2023-06-21 – 30 days of Formbook: Day 17, Wednesday 2023-06-21 – ModiLoader for XLoader “NVP4”

• Files for an ISC diary (obama271 Qakbot)

• 2023-06-22 – 30 days of Formbook: Day 18, Thursday 2023-06-22 – “K2L0”

• From details to big picture: how to improve security effectiveness

• Unveiling the Dark Side of AI: How Prompt Hacking Can Sabotage Your AI Systems

• Enhancing Customer Engagement with Client Portals

• 6 tips for a cybersecure honeymoon

• Reducing your attack surface is more effective than playing patch-a-mole

• Update now! Apple fixes three actively exploited vulnerabilities

• UPS warns customers of phishing attempts after data accessed

• Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023

Generated on 2023-06-24 23:55:28.327358