IT Security News Daily Summary 2023-06-28

• Critical cyber threats persist on federal networks despite recent directives

• 6 Ways Cybersecurity is Gut-Checking the ChatGPT Frenzy

• State expands streamlined, automated licensing

• LetMeSpy Phone-Tracking App Hacked, Revealing User Data

• Submarine Cables Face Escalating Cybersecurity Threats, Report

• Congress must use budget power to move tech firms out of Beijing’s orbit, former lawmaker says

• The tiny government agency behind a Chinese A.I. chip ban that’s weighing on Nvidia

• Public safety relies on behind-the-scenes technology

• Dozens of Businesses Hit Recently by ‘8Base’ Ransomware Gang

• Venn Software Snags $29M to build MDM for Laptops Technology

• DDoS attacks surging behind new techniques, geopolitical goals

• 7 Types of Penetration Testing: Guide to Pentest Methods & Types

• White House unveils fiscal 2025 cybersecurity investment priorities

• TikTok bans explained: Everything you need to know

• Social Engineering Adds Depth to Red Team Exercises

• Andariel APT Hackers Drop a New Malware On Windows Via Weaponized MS Word Doc

• Interested in $10,000,000? Ready to turn in the Clop ransomware crew?

• Cato Networks Revolutionizes Network Security With Real-Time, Machine Learning-Powered Protection

• Astrix Security Raises $25M in Series A Funding

• NetApp BlueXP updates simplify backup and recovery

• Red Access launches agentless browsing security platform

• 2023-06-28 – 30 days of Formbook: Day 24, Wednesday 2023-06-28 – “RX63”

• Data Sanctuary for Trans People

• Breaking Barriers: Aditi’s Journey Through Sight Loss to Microsoft AI Innovator

• Chatbots can be used to create manipulative content

• FIDO Alliance Publishes Guidance for Deploying Passkeys in the Enterprise

• Malwarebytes ChatGPT Survey Reveals 81% are Concerned by Generative AI Security Risks

• How to convince Top Management to invest in cybersecurity and secure software development

• Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution

• How to Manage Cyber Risk During Mergers and Acquisitions

• Cyera raises $100M to expand data security platform for AI-driven enterprises

• Astrix Security raises $25 million to further secure non-human identities

• Cybellum unveils new brand and platform capabilities

• Betacom AirGap Protection strengthens security for private 4G/5G networks

• Lawmakers concerned White House will let TikTok stay in the US

• Suncor Energy Responds to Cybersecurity Incident

• Facebook Will Now Let Parents See Who Their Kids Are Talking To On Messenger

• Generative AI Projects Pose Major Cybersecurity Risk to Enterprises

• Saudi Arabia’s Cyber Capabilities Ranked Second Globally

• Venn Redefines Remote Work Security with Innovative BYO-PC Solution

• Cybersecurity is not a tool or software piece; is a state of mind: Bridging the gap for career changers

• Toward a more resilient SOC: the power of machine learning

• Rise of AI in Cybercrime: How ChatGPT is revolutionizing ransomware attacks and what your business can do

• BT Investigated By Ofcom Over 999 Failure

• ThirdEye Infostealer Poses New Threat to Windows Users

• Experts warn of a spike in May and June of 8Base ransomware attacks

• SMBs Plagued By Exploits, Trojans, And Backdoors

• Microsoft Teams Hit By Widespread Outage

• Hundreds Of Federal Network Devices Fail New CISA Requirements

• Submarine Cables At Risk Of Nation State Sabotage, Spying

• Hackers Use PindOS Javascript Dropper to Deploy Bumblebee, IcedID Malware

• Wagner Ransomware targets Russian Computers operating on Windows

• 6 takeaways for the government workforce crisis

• Avoid juice jacking and recharge your batteries safely this summer

• Andariel’s Mistakes Uncover New Malware in Lazarus Group Campaign

• Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control

• Bitdefender acquires Horangi Cyber Security to expand its unified risk and security analytics platform

• 8Base ransomware group leaks data of 67 victim organizations

• Cynerio expands the use of generative AI across the 360 platform

• Bishop Fox expands social engineering adversarial emulation services

• Fortanix introduces Confidential Data Search for encrypted data under regulation

• Phishers Luring Users to Install Malware With Fake OnlyFans Content

• Apple Issues Security Updates for Actively Exploited Vulnerabilities in iOS

• How has AI Been Helpful in Developing Better Software?

• The Robotic Falcon Manufacturer Falls Victim to Cyber Criminals, Lost £100,000

• What Is SMB? Your Guide to Server Message Blocks

• Lack Of Reliable Tech Blamed For Poor Productivity, Apogee Finds

• IBM Pays $4.6bn For Apptio To Bolster SaaS Insights

• Invary Raises $1.85 Million in Pre-Seed Funding for Runtime Integrity Solution

• What is Cyberwar?

• Flipper Hacking Device Gained Popularity Among Users

• 3 Strategies for Bringing Rigor to Software Security

• CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million

• Rise of Cybercrime as a Service Will be Worse

• Shockbyte Assures Users of Data Safety Amid Git Leak Incident

• Proton Pass password manager leaves beta: here is our take

• Most Enterprise SIEMs Fail Against MITRE ATT&CK Tactics

• A Software Bill of Materials Helps Secure Your Supply Chain

• Astrix Raises $25 Million to Help Enterprises Secure App-to-App Connections

• Socure acquires Berbix to help customers combat online identity fraud

• Thales collaborates with Google Cloud to build new, generative AI-powered security capabilities

• New Mockingjay Process Injection Method Enables Malware Evade EDR Tools

• Newly Surfaced ThirdEye Infostealer Targeting Windows Devices

• Mobile Malware and Phishing Surge in 2022

• Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution

• AnimeUltima 2023 – Top 10 Alternatives to Watch Anime Online

• Nvidia dips on report U.S. considering new A.I. chip export restrictions for China

• Open Source LLM Projects Likely Insecure, Risky to Use

• How secure are voice authentication systems really?

• EncroChat Shutdown Results In Thousands Of Arrests

• The federal government must lead on infrastructure cybersecurity

• Submarine Cables at Risk of Nation-State Sabotage, Spying: Report

• Cool, Funny, Best Gaming Names – Creative Ideas For Your Ing Personality

• Sensitive Information Stolen in LetMeSpy Stalkerware Hack

• Reminder: CFP for ICS Cybersecurity Conference Closes June 30th

• Stalkerware Vendor Hacked

• Google Axes Waze Staff Amid Consolidation

• Don’t be fooled by app-earances: Check Point Researchers spot hidden malwares behind legitimate looking apps

• How Your Real Flight Reservation Can Be Used to Scam You

• 8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses

• 5 Things CISOs Need to Know About Securing OT Environments

• Do Highly Intelligent Language Models Pose a Cyber Threat?

• Now is the Time for the Thoughtful Regulation of Crypto

• Twitter Hacker Sentenced: A look into the 2020 Twitter Crypto Scam

• Twitter Agrees To Comply With New EU Disinformation Rules

• Exposed Interfaces in US Federal Networks: A Breach Waiting to Happen

• Avast researchers uncover disturbing crowdfunding scheme

• Andariel’s silly mistakes and a new malware family

• Anatsa Banking Trojan Delivered via Google Play Targets Android Users in US, Europe

• Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack

• API Security: Navigating the Threat Landscape

• Is CMMC 2.0 Rollout on the Horizon?

• Infosecurity Europe 2023 – that’s a wrap!

• EncroChat Bust Leads to 6500 Arrests in Three Years

• Discover the Best Methods to Identify Facebook Profile Visitors – Alternatives You Need to Know About

• Unveiling the Truth: Why You Should Read Online Casinos Reviews Before Playing

• IBM QRadar SIEM Vulnerability Enables XSS Attack and Information Disclosure

• Experts Unconvinced by Upskill in UK Cyber Program

• Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

• AWS AppFabric aggregates security data across SaaS applications

• Why performing security testing on your products and systems is a good idea

• EncroChat dismantling led to 6,558 arrests and the seizure of $979M in criminal funds

• Google AI aggression makes Bernstein research downgrade Alphabet

• Smartphone Ransomware: Understanding the Threat and Ways to Stay Protected

• The magic formula for big data companies to outshine the competition

• Preparing health systems for cyber risks and insurance coverage

• What is NFV

• Understanding AI risks and how to secure using Zero Trust

• Cisco AsyncOS Software Flaw Let Remote Hackers Launch XSS Attack

• Economic volatility drives businesses to MSPs

• SupremeBot and Mario cross the finish line together

• 81% concerned about ChatGPT security and safety risks, Malwarebytes survey shows

• Software company accused of illegally profiling millions of mobile phone users

• Company finds lost SSD—and confidential data—for sale on eBay

• Understanding ransomware reinfection: An MDR case study

• Hackers Hiding DcRAT Malware in Fake OnlyFans Content

• 2023-06-26 – 30 days of Formbook: Day 22, Monday 2023-06-26 – “G0E8”

• 2023-06-27 – 30 days of Formbook: Day 23, Tuesday 2023-06-27 – “FGH2”

• Syxsense Unveils Novel Unified Endpoint Management Strategy

• Mockingjay process injection technique allows EDR bypass

• Miscreants leak texts and info siphoned by Android stalkerware app LetMeSpy

• Trans-Rights Hacktivists Steal City of Ft. Worth’s Data

• Mockingjay Slips By EDR Tools With Process Injection Technique

• UCLA, Siemens Among Latest Victims of Relentless MOVEit Attacks

• IT Security News Daily Summary 2023-06-27

• Multiagency plan aims to boost biotechnology workforce

• Flipper Zero hacking tool is a big hit

• Cops’ total pwnage of ‘secure’ EncroChat nets 6,500+ arrests, €740m in funds – so far

• House, Senate China hawks concerned White House will let TikTok stay in the US

• Digital literacy, not bans, should shape social media guardrails

• Censys finds hundreds of exposed devices in federal orgs

• Typing Incriminating Evidence in the Memo Field

• Suncor Energy Cyberattack Impacts Petro-Canada Gas Station Payment Operations

• Microsoft at NICE Conference: Resetting expectations and enabling diversity in the cybersecurity workforce

• Warning: JavaScript registry npm vulnerable to ‘manifest confusion’ abuse

• Immuta updates its Data Security Platform for Databricks to strengthen AI workload protection

• CISA to launch new cyber supply chain resource hub

• HashiCorp Buys BluBracket for Secrets Scanning Tech

• Caller ID woes contributed to SSA disability backlog

• DHS looks to invest in digital credentialing

• How FIDO2 Powers Up Passkeys Across Devices

• U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison

• The digital future may rely on ultrafast optical electronics and computers

• Most Enterprise SIEMs Blind to MITRE ATT&CK Tactics

• Pilot Applicant Information for American, Southwest Hacked

• 5 Mistakes To Avoid in Your API Strategy

• Seizure of EncroChat Enables Police Access to 115 Million Conversations

• Enterprise SIEMs Miss 76 Percent of MITRE ATT&CK Techniques

• Outdated flood data could drown out actual infrastructure needs

• ChatGPT users at risk for credential theft

• SolarWinds hack explained: Everything you need to know

• Cequence Security strengthens API protection platform with generative AI and no-code security automation

• AI ethics toolkit updated to include more assessment components

• BeeKeeperAI Platform for AI Development on Sensitive Data Receives $12M in Funding

• Data Security Firm Cyera Attracts $100M Investment

• Why Cyber Funding Flows for Rural Water Systems

• Why the FDA’s SBOM Mandate Changes the Game for OSS Security

• Benefits of Using NFV with SASE

• Digital dumpster diving: Exploring the intricacies of recycle bin forensics

• How Application Allowlisting Combats Ransomware Attacks

• Anatsa Banking Trojan Targets Banks in US, UK and DACH Region

• Delinea Privilege Manager enhancements reduce phishing effectiveness

• Index Engines CyberSense 8.3 identifies malicious changes indicative of cyberattack

• Submarine Cables vulnerable to Cyber Attacks

• Third-Party Vendor Hack Exposes Data at American, Southwest Airlines

• Gas Stations Impacted By Cyberattack On Canadian Energy Giant

• Siemens Energy, UCLA Latest Confirmed Victims In MOVEit Hack

• Prominent Cryptocurrency Exchange Infected With Previously Unseen Mac Malware

• American And Southwest Airlines Pilot Candidate Data Exposed

• A Major Public Pension Fund Suffered a Massive Data Breach

• American and Southwest Airlines Witness Data Breach

• Zyxel Command Injection Vulnerability Let Attackers Execute OS Commands

• Study Reveals Alarming Gap in SIEM Detection of Adversary Techniques

• Six years on from NotPetya: an analysis from Tom Gol, CTO for research at Armis

• BeeKeeperAI raises $12.1 million to accelerate AI development on privacy protected healthcare data

• Is ChatGPT Capable of Substituting IT Network Engineers? Here’s All You Need to Know

• ‘Muddled Libra’ Targets BPO Sector with Advanced Social Engineering

• AI ‘Kidnapping’ Scams: A Growing Threat

• Angular Best Practices For Developing Efficient and Reliable Web Applications

• 3-Year Probe Into Encrypted Phones Led to Seizure of Hundreds of Tons of Drugs, Prosecutors Say

• Patented.ai Raises $4 Million for AI Data Privacy Solution

• Experts found hundreds of devices within federal networks having internet-exposed management interfaces

• CalypsoAI raises $23 million to drive product development of its LLM security solutions

• LexisNexis RiskNarrative helps organizations reduce risk and financial crime

• Seeing is No Longer Believing as Deepfakes Become Better and More Dangerous

• Fashion Retailer Mounts First Challenges To EU Content Rules

• What is Data Loss Prevention (DLP)?

• Occupational Safety and Health Administration (OSHA)

• New Mockingjay Process Injection Technique Could Let Malware Evade Detection

• New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain

• Vulnerability Summary for the Week of June 19, 2023

• South Korea Claims Former Samsung Employee Stole Chip Secrets

• PyCharm Fix for Certificate Verify Failed: Unable To Get Local Issuer Certificate

• Hundreds of Devices With Internet-Exposed Management Interface Found in US Agencies

• Socure Acquires ID Verification Company Berbix for $70 Million

• The complete guide to ransomware

• Submarine Cables at Growing Risk of Cyber-Attacks

• Preventing Cyberattacks on Schools Starts With K–12 Cybersecurity Education

• 45,000 NYC Public School Students’ Data Stolen in MOVEit Breach

• Anatsa Malware Spotted on Google Play Attack Banking Customers

• Unraveling the Power of Python: A Beginner’s Guide to Using Python for Website Analysis

• Accenture Teams with Palo Alto Networks to Bolster Zero Trust Security

• BigID expands partnership with Databricks to automate security and governance

• Around the World, Threats to LGBTQ+ Speech Deepen

• What Is A Project Health Check And Why It Is Important

• Petro Canada Suffers App Issues Amidst Suncor Energy Cyberattack

• It’s Elementary Privacy, Watson!

• The Trickbot/Conti Crypters: Where Are They Now?

• Socure’s $70 million acquisition of Berbix: What it means for the identity verification market

• The end of plaintext: Fortanix launches breakthrough for searching encrypted data

• Cato Networks Revolutionizes Network Security with Real-Time, Machine Learning-Powered Protection

• New Stellantis Unit Takes Aim At EV Charging Anxiety

• Chrome 114 Update Patches High-Severity Vulnerabilities

• CalypsoAI Raises $23 Million for AI Security Tech

• Baidu Says Ernie AI Beats ChatGPT In Key Metrics

• EncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million Seizure

• Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation

• Understanding Business Logic Abuse and Its Detection Challenges

• EncroChat dismantling lead to 6500 arrests, EUR 900 million seized

• CalypsoAI secures $23 million to lead enterprise AI security market

• Gas Stations Impacted by Cyberattack on Canadian Energy Giant Suncor

• Ory vs Keycloak vs SuperTokens

• Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland

• Schneider Electric and Siemens Energy are two more victims of a MOVEit attack

• Meta Launches VR Subscription Service Quest+

• Google Takes Android Antitrust Challenge To Indian Supreme Court

• China Vows To Push AI Across Society, Industry

• The Night 17 Million Precious Military Records Went Up in Smoke

• How to Solve “Tap to Load” Problem on Snapchat – Troubleshooting Tips

• How to Login to GoDaddy Account – 3 Popular Methods

• The unhappy reality of cloud security in 2023

• Inside DHS’ quest to streamline customer experience and ease public burden

• Over Half of UK Banks Are Exposing Customers to Email Fraud

• How AI Is Improving Cybersecurity

• What is the Gramm-Leach-Bliley Act (GLBA)?

• What (Still) Needs to be Done to Secure the U.S. Power Grid in 2023?

• NCSC Launches Cyber Risk Management Toolbox

• How to Login to Godaddy Account – 3 Popular Methods

• Tackling the cyber skills gap with AI

• Payments Lobby: Anti-APP Fraud Policies Could Increase Scams

• China’s Baidu claims its Ernie Bot beats ChatGPT on key tests as A.I. race heats up

• Chrome Security Update – 4 High-Severity Vulnerabilities Patched

• JOKERSPY used to target a cryptocurrency exchange in Japan

• Need to improve the detection capabilities in your security products?

• Breaking GPT-4 Bad: Check Point Research Exposes How Security Boundaries Can Be Breached as Machines Wrestle with Inner Conflicts

• Small and Medium Businesses Day: Tips on Securing the Backbone of National Economies

• Cortex Leads New Ways to Introduce AI-powered Capabilities

• Are GPT-Based Models the Right Fit for AI-Powered Cybersecurity?

• How to Reach Compliance with HIPAA

• Pilot Logins of American and Southwest Airlines Stolen in Data Breach

• New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks

• How cybercrime is impacting SMBs in 2023

• Mayor candidate slaps Latitude with $1 million lawsuit for data breach

• How cyber insurance empowers CISOs

• Next-Generation Firewalls: A comprehensive guide for network security modernization

• 2023-06-24 – 30 days of Formbook: Day 20, Saturday 2023-06-24 – version 3.8 “AK”

• 2023-06-25 – 30 days of Formbook: Day 21, Sunday 2023-06-25 – “CX01”

• 2023-06-25 – 30 days of Formbook: Day 22, Monday 2023-06-26 – “G0E8”

• A deep-dive demo of NetSPI’s Attack Surface Management (ASM) platform

• Widespread BEC attacks threaten European organizations

• 95% fear inadequate cloud security detection and response

• Why endpoint management is key to securing an AI-powered future

• Cloud security advice and expertise at your fingertips

• Validation – This Time, Tool Validation

• A week in security (June 19 – 25)

• OpenSSH trojan campaign targets Linux systems and IoT devices

• Malvertising: A stealthy precursor to infostealers and ransomware attacks

• 9 basic security tips for seniors

• Citizen of Croatia charged with running the Monopoly Market drug marketplace

Generated on 2023-06-28 23:55:25.490208