IT Security News Daily Summary 2023-06-29

• 2023-06-28 – IcedID (Bokbot) activity

• Democrats, civic tech orgs back IRS plans to pilot e-filing service

• Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel

• Apple Objects to UK Bill That Would Break Encrypted Messaging

• IEC Standardization Leaders Convene in Amsterdam to Review Utility Interworking of Key Standards

• CISA Wants Exposed Government Devices Remediated In 14 Days

• 8Base Ransomware Attacks Show Spike in Activity

• VA secretary: Automation will help agency ‘make better, faster, more informed decisions’

• TXOne Networks’ Stellar Solution Safeguards Operational Stability for Organizations in Various Industries

• Center for Internet Security, CREST Join Forces to Secure Organizations Globally

• It’s 2023 and memory overwrite bugs are not just a thing, they’re still number one

• Study for high-paying cybersecurity jobs with this $40 CompTIA bundle

• The best travel VPNs of 2023: Expert tested and reviewed

• Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023

• Cued by breach postmortems, fintech refines zero trust

• OTORIO Rolls Out Advanced Attack Graph Analysis for OT Security

• Cybellum Unveils New Brand, Amplifying Commitment to Team-Centric Product Security

• Employer Demand for Technology Workers Across Europe Remains on Firm Footing

• WatchGuard Threat Lab Report Reveals New Browser-Based Social Engineering Trends

• Mend.io Launches Inaugural Open Source Reliability Leaderboard

• Invary Raises $1.85M in Pre-Seed Funding to Close Critical Gap in Zero Trust Security

• Don’t fear AI, but prepare for its wider use

• Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

• Palo Alto Networks PA Series Review: NGFW Features & Cost

• AI-Enabled Voice Cloning Anchors Deepfaked Kidnapping

• The phone monitoring app LetMeSpy disclosed a data breach

• S3 Ep141: What was Steve Jobs’s first job?

• Apple Objects To Spy Clause In UK Online Safety Bill

• Cyware Snags $30M for Threat Intel Infrastructure Tech

• How Secure Communication Can Enhance Your Organization’s Cyber Defence

• The 2023 State of Ransomware: A Resurgence Is Brewing

• How to use Android’s lockdown mode (and why)

• Now Apple takes a bite out of encryption-bypassing ‘spy clause’ in UK internet law

• Chinese balloon that US shot down was ‘crammed’ with American hardware

• IT Security Policy: Importance, Best Practices, & Top Benefits

• US Patent Office Hacked, Trademark Apps Accessed

• Cybersecurity Is the Healthcare Your Organization Needs

• From MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber Weapon

• CryptosLabs Scam Ring Preys on French-Speaking Investors, Amasses €480 Million

• Securing Healthcare Data Warehouses: Best Practices for Data Security and Privacy

• Salesforce Invests $4 Billion In UK Amid AI Push

• NSA and CISA Release Guidelines to Secure CI/CD Environments

• The Power of a 5-Minute Phone Switch Off Against Hacking

• Things CISOs Need to Know About Identity and Access Management

• Stories from the SOC: Fighting back against credential harvesting with ProofPoint

• Law enforcement’s battle against Cryptocurrency crime

• Hybrid Car Explosion Kills Two People

• The newest threat CISOs are facing that nobody is talking about

• What happened to the Idaho Health Data Exchange, and can other states learn from it?

• IP Fabric Raises $25 Million in Series B Funding

• Rapid7: Japan Threat Landscape Takes on Global Significance

• MIT Publishes Framework to Evaluate Cybersecurity Methods

• Previously undetected ThirdEye malware appears in the threat landscape

• Perception Point introduces AI model to detect and prevent BEC attacks

• WISeKey upgrades its WISeID digital identity and privacy platform

• Paracetamol maker Granules India hit by ransomware attack

• Charming Kitten’s PowerStar Malware Evolves with Advanced Techniques

• US Considers AI Chip Export Restrictions For China

• Charming Kitten APT Group Uses Innovative Spear-phishing Methods

• Human oversight key to keeping AI honest

• 3 Tips to Increase Hybrid and Multicloud Security

• Former Group-IB manager has been arrested in Kazahstan

• Redacting Documents with a Black Sharpie Doesn’t Work

• Here’s Why Multiple Top Firms are Banning ChatGPT

• Standardization of Access Management Using IDP Federation

• LockBit Dominates Ransomware World, New Report Finds

• Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes

• Keepit launches backup and recovery service for Microsoft Azure DevOps

• ThirdEye – A new Infostealer Malware Steal BIOS & Hardware Data

• Is Open-Source Security a Ticking Cyber Time Bomb?

• The newest threat CISOs are facing and nobody is talking about

• New MIT Framework Evaluates Side-Channel Attack Mitigations

• Nokod Snags $8M to Secure Low Code/No-Code Custom Apps

• DOE CIO Talks to SecurityWeek About Cybersecurity, Digital Transformation

• Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution

• UAE, Israel Ink Pivotal Joint Cyber-Threat Intelligence Agreement

• Newbie Akira Ransomware Builds Momentum With Linux Shift

• When It Comes to Secure Coding, ChatGPT Is Quintessentially Human

• Immuta simplifies data security and monitoring in Snowflake with platform updates

• Skyhigh Security enables organizations to adopt AI applications in a secure manner

• Daon introduces AI.X technology to combat deepfake threats

• Cybersecurity Faces Challenges as DDoS Attacks Surge

• How To Improve GraphQL API Security

• Causely launches Causal AI for Kubernetes, Raises $8.8M in seed funding

• We like to think we are best at digital, but maybe not

• Evaluating cybersecurity methods

• Surveillance on the Dark Side: A Technical Flaw Allows Hackers to Take Over Cameras

• New PindOS JavaScript Dropper Deploys Bumblebee, IcedID Malware

• The Evolution and Coexistence of Web 2.0 and Web 3.0

• CISA, NSA Share Guidance on Securing CI/CD Environments

• White House Outlines Cybersecurity Budget Priorities for Fiscal 2025

• PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)

• Twilio partners with Frame AI to uplevel contact center experiences with AI

• How automation is evolving SecOps—and the real cost of cybercrime

• OpenAI To Open First Overseas Office In UK

• VPN and RDP Exploitation the Most Common Attack Technique

• The Digital Marketing Landscape: Trends, Tools, and Tactics to Watch in 2023

• Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users’ Personal Data

• North Korean Hacker Group Andariel Strikes with New EarlyRat Malware

• The Right Way to Enhance CTI with AI (Hint: It’s the Data)

• Google Closes Down Augmented Reality Glasses

• TDD and the Impact on Security

• Dark Power Ransomware on the Ascent – A Technical Insight into 2023’s Latest Ransomware Strain

• 8Base Ransomware Emerges from the Shadows

• Hiring Kit: IT Audit Director

• How to View Your SSH Keys in Linux, macOS and Windows

• CipherTrust Data Security Platform as-a-Service Helps Control and Secure Your Critical Data

• Over 130 Organizations, Millions of Individuals Believed to Be Impacted by MOVEit Hack

• Japan in the Crosshairs of Many State-Sponsored Threat Actors New Report Finds

• US Prosecutors Line Up Charges in $2.5bn Healthcare Fraud Cases

• Case Study: Global bank with >$1 trillion in assets under management

• PCI DSS 4.0 Requirements – Restrict Physical Access and Log and Monitor All Access

• What is the FFIEC Cybersecurity Assessment Tool?

• Manifest Confusion Threat Undermines Trust in Entire Npm Registry

• Critical Security Flaw in Social Login Plugin for WordPress Exposes Users’ Accounts

• Experts published PoC exploits for Arcserve UDP authentication bypass issue

• Do you know what your supply chain is and if it is secure?

• Human vs Machine Identity Risk Management

• Honeywell Server Compromised by MOVEit Hackers

• Pornhub Accused of Illegal Data Collection

• Apple joins the opposition to encryption-bypassing ‘spy clause’ in UK internet law

• Akira Ransomware Expanded its Toolkit to Attack Linux Machines

• Venn Software Snags $29M to Build MDM for Laptops Technology

• Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data

• 8Base Ransomware targets only companies neglecting privacy of employees and customers

• Micropatches: What they are and how they work

• Popular generative AI projects pose serious security threat

• Threat Hunt: KillNet’s DDoS HEAD Flood Attacks – cc.py

• Global rise in DDoS attacks threatens digital infrastructure

• Guide: Attack Surface Management (ASM)

• Businesses count the cost of network downtime

• Network security guy in extradition tug of war between US and Russia

• What’s the state of Zero Trust security?

• Surveillance camera insecurities argument comes to one inevitable conclusion: Always update

• Why blocking ads is good for your digital health

• Criminal secure messaging system takedown: 6500+ arrests and €900 million+ seized

• Interview Questions

• How To Safeguard Your Data With Cloud MRP System

• NPM Plagued With ‘Manifest Confusion’ Malware-Hiding Weakness

• 6 Ways Cybersecurity Is Gut-Checking the ChatGPT Frenzy

• Russian Spies, War Ministers Reliant on Cybercrime in Pariah State

• US and Sweden to partner on emerging energy research

• Drones enlisted for real-time monitoring of public events

• Using Electromagnetic Fault Injection Attacks to take over drones

• IT Security News Daily Summary 2023-06-28

• Critical cyber threats persist on federal networks despite recent directives

• 6 Ways Cybersecurity is Gut-Checking the ChatGPT Frenzy

• State expands streamlined, automated licensing

• LetMeSpy Phone-Tracking App Hacked, Revealing User Data

• Submarine Cables Face Escalating Cybersecurity Threats, Report

• Congress must use budget power to move tech firms out of Beijing’s orbit, former lawmaker says

• The tiny government agency behind a Chinese A.I. chip ban that’s weighing on Nvidia

• Public safety relies on behind-the-scenes technology

• Dozens of Businesses Hit Recently by ‘8Base’ Ransomware Gang

• Venn Software Snags $29M to build MDM for Laptops Technology

• DDoS attacks surging behind new techniques, geopolitical goals

• 7 Types of Penetration Testing: Guide to Pentest Methods & Types

• White House unveils fiscal 2025 cybersecurity investment priorities

• TikTok bans explained: Everything you need to know

• Social Engineering Adds Depth to Red Team Exercises

• Andariel APT Hackers Drop a New Malware On Windows Via Weaponized MS Word Doc

• Interested in $10,000,000? Ready to turn in the Clop ransomware crew?

• Cato Networks Revolutionizes Network Security With Real-Time, Machine Learning-Powered Protection

• Astrix Security Raises $25M in Series A Funding

• NetApp BlueXP updates simplify backup and recovery

• Red Access launches agentless browsing security platform

• 2023-06-28 – 30 days of Formbook: Day 24, Wednesday 2023-06-28 – “RX63”

• Data Sanctuary for Trans People

• Breaking Barriers: Aditi’s Journey Through Sight Loss to Microsoft AI Innovator

• Chatbots can be used to create manipulative content

• FIDO Alliance Publishes Guidance for Deploying Passkeys in the Enterprise

• Malwarebytes ChatGPT Survey Reveals 81% are Concerned by Generative AI Security Risks

• How to convince Top Management to invest in cybersecurity and secure software development

• Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution

• How to Manage Cyber Risk During Mergers and Acquisitions

• Cyera raises $100M to expand data security platform for AI-driven enterprises

• Astrix Security raises $25 million to further secure non-human identities

• Cybellum unveils new brand and platform capabilities

• Betacom AirGap Protection strengthens security for private 4G/5G networks

• Lawmakers concerned White House will let TikTok stay in the US

• Suncor Energy Responds to Cybersecurity Incident

• Facebook Will Now Let Parents See Who Their Kids Are Talking To On Messenger

• Generative AI Projects Pose Major Cybersecurity Risk to Enterprises

• Saudi Arabia’s Cyber Capabilities Ranked Second Globally

• Venn Redefines Remote Work Security with Innovative BYO-PC Solution

• Cybersecurity is not a tool or software piece; is a state of mind: Bridging the gap for career changers

• Toward a more resilient SOC: the power of machine learning

• Rise of AI in Cybercrime: How ChatGPT is revolutionizing ransomware attacks and what your business can do

• BT Investigated By Ofcom Over 999 Failure

• ThirdEye Infostealer Poses New Threat to Windows Users

• Experts warn of a spike in May and June of 8Base ransomware attacks

• SMBs Plagued By Exploits, Trojans, And Backdoors

• Microsoft Teams Hit By Widespread Outage

• Hundreds Of Federal Network Devices Fail New CISA Requirements

• Submarine Cables At Risk Of Nation State Sabotage, Spying

• Hackers Use PindOS Javascript Dropper to Deploy Bumblebee, IcedID Malware

• Wagner Ransomware targets Russian Computers operating on Windows

• 6 takeaways for the government workforce crisis

• Avoid juice jacking and recharge your batteries safely this summer

• Andariel’s Mistakes Uncover New Malware in Lazarus Group Campaign

• Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control

• Bitdefender acquires Horangi Cyber Security to expand its unified risk and security analytics platform

• 8Base ransomware group leaks data of 67 victim organizations

• Cynerio expands the use of generative AI across the 360 platform

• Bishop Fox expands social engineering adversarial emulation services

• Fortanix introduces Confidential Data Search for encrypted data under regulation

• Phishers Luring Users to Install Malware With Fake OnlyFans Content

• Apple Issues Security Updates for Actively Exploited Vulnerabilities in iOS

• How has AI Been Helpful in Developing Better Software?

• The Robotic Falcon Manufacturer Falls Victim to Cyber Criminals, Lost £100,000

• What Is SMB? Your Guide to Server Message Blocks

• Lack Of Reliable Tech Blamed For Poor Productivity, Apogee Finds

• IBM Pays $4.6bn For Apptio To Bolster SaaS Insights

• Invary Raises $1.85 Million in Pre-Seed Funding for Runtime Integrity Solution

• What is Cyberwar?

• Flipper Hacking Device Gained Popularity Among Users

• 3 Strategies for Bringing Rigor to Software Security

• CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million

• Rise of Cybercrime as a Service Will be Worse

• Shockbyte Assures Users of Data Safety Amid Git Leak Incident

• Proton Pass password manager leaves beta: here is our take

• Most Enterprise SIEMs Fail Against MITRE ATT&CK Tactics

• A Software Bill of Materials Helps Secure Your Supply Chain

• Astrix Raises $25 Million to Help Enterprises Secure App-to-App Connections

• Socure acquires Berbix to help customers combat online identity fraud

• Thales collaborates with Google Cloud to build new, generative AI-powered security capabilities

• New Mockingjay Process Injection Method Enables Malware Evade EDR Tools

• Newly Surfaced ThirdEye Infostealer Targeting Windows Devices

• Mobile Malware and Phishing Surge in 2022

• Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution

• AnimeUltima 2023 – Top 10 Alternatives to Watch Anime Online

• Nvidia dips on report U.S. considering new A.I. chip export restrictions for China

• Open Source LLM Projects Likely Insecure, Risky to Use

• How secure are voice authentication systems really?

• EncroChat Shutdown Results In Thousands Of Arrests

• The federal government must lead on infrastructure cybersecurity

• Submarine Cables at Risk of Nation-State Sabotage, Spying: Report

• Cool, Funny, Best Gaming Names – Creative Ideas For Your Ing Personality

• Sensitive Information Stolen in LetMeSpy Stalkerware Hack

• Reminder: CFP for ICS Cybersecurity Conference Closes June 30th

• Stalkerware Vendor Hacked

• Google Axes Waze Staff Amid Consolidation

• Don’t be fooled by app-earances: Check Point Researchers spot hidden malwares behind legitimate looking apps

• How Your Real Flight Reservation Can Be Used to Scam You

• 8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses

• 5 Things CISOs Need to Know About Securing OT Environments

• Do Highly Intelligent Language Models Pose a Cyber Threat?

• Now is the Time for the Thoughtful Regulation of Crypto

• Twitter Hacker Sentenced: A look into the 2020 Twitter Crypto Scam

• Twitter Agrees To Comply With New EU Disinformation Rules

• Exposed Interfaces in US Federal Networks: A Breach Waiting to Happen

• Avast researchers uncover disturbing crowdfunding scheme

• Andariel’s silly mistakes and a new malware family

• Anatsa Banking Trojan Delivered via Google Play Targets Android Users in US, Europe

• Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack

• API Security: Navigating the Threat Landscape

• Is CMMC 2.0 Rollout on the Horizon?

• Infosecurity Europe 2023 – that’s a wrap!

• EncroChat Bust Leads to 6500 Arrests in Three Years

• Discover the Best Methods to Identify Facebook Profile Visitors – Alternatives You Need to Know About

• Unveiling the Truth: Why You Should Read Online Casinos Reviews Before Playing

• IBM QRadar SIEM Vulnerability Enables XSS Attack and Information Disclosure

• Experts Unconvinced by Upskill in UK Cyber Program

• Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

• AWS AppFabric aggregates security data across SaaS applications

• Why performing security testing on your products and systems is a good idea

• EncroChat dismantling led to 6,558 arrests and the seizure of $979M in criminal funds

• Google AI aggression makes Bernstein research downgrade Alphabet

• Smartphone Ransomware: Understanding the Threat and Ways to Stay Protected

• The magic formula for big data companies to outshine the competition

• Preparing health systems for cyber risks and insurance coverage

• What is NFV

• Understanding AI risks and how to secure using Zero Trust

• Cisco AsyncOS Software Flaw Let Remote Hackers Launch XSS Attack

• Economic volatility drives businesses to MSPs

• SupremeBot and Mario cross the finish line together

• 81% concerned about ChatGPT security and safety risks, Malwarebytes survey shows

• Software company accused of illegally profiling millions of mobile phone users

• Company finds lost SSD—and confidential data—for sale on eBay

• Understanding ransomware reinfection: An MDR case study

Generated on 2023-06-29 23:55:25.345235