IT Security News Daily Summary 2023-06-30

• Facebook Bans World Leader For Threats Of Violence

• External vs Internal Vulnerability Scans: Difference Explained

• EFF Urges Supreme Court to Make Clear That Government Officials Have First Amendment Obligations When They Use Their Social Media Accounts for Governmental Purposes

• Chip Giant TSMC Blames $70M LockBit Breach on IT Hardware Supplier

• Cops told: Er, no, you need a wiretap order if you want real-time Facebook snooping

• Third-party contractor software exploited in attack on HHS data

• Surfshark VPN Review (2023): Features, Pricing, and More

• Mobile Cyberattacks Soar, Especially Against Android Users

• Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Researchers

• Digital Rights Updates with EFFector 35.8

• Nokod Raises $8M Seed Round From Seasoned Cybersecurity Investors to Enhance Low-Code/No-Code App Security

• EU Makes Progress in Regulating User Data, Limiting Big Tech Control

• Gigamon’s Cloud Security Report Shares Insights on Undetected Breaches & Deep Observability

• TSMC partner breached by LockBit ransomware gang

• Making Diversity the ‘How’ and Not the ‘What’ of Cybersecurity Success

• Russian Hacktivist Platform ‘DDoSia’ Grows Exponentially

• African Nations Face Escalating Phishing & Compromised Password Cyberattacks

• Iran-Linked APT35 Targets Israeli Media With Upgraded Spear-Phishing Tools

• Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

• June 2023 Web Server Survey

• Hackers Hit Microsoft For Sudan Experts Says Its Russia

• Perception Point launches AI model to combat generative AI-based BEC attacks

• Perception Point Unveils AI Model to Thwart Generative AI-Based BEC Attacks

• IP Fabric Announces $25M Series B Funding to Accelerate Adoption of Network Assurance

• ThirdEye: New Infostealer is Targeting Open System Information

• The digital tools cities and states need to meet their environmental commitments

• Aqua Security Study Finds 1,400% Increase in Memory Attacks

• Switzerland’s Security Report: Impact of Russia–Ukraine Conflict

• Mockingjay Attack Evades EDR Tools with Code Injection Technique

• Researchers Use Power LED to Extract Encryption Keys in Groundbreaking Attack

• Heavy-Hitting 8Base Ransomware Attacking Industries in Various Sectors

• Critical Flaw Exposes ArcServe Backup to Remote Code Execution

• GuLoader Malware is Attacking Law Firms Using Weaponized PDF File

• How one city opened access to cross-department data

• 8Base Ransomware Group Emerges as Major Threat

• Crack the Code: How to Secure Your Dream Cybersecurity Career

• A Guide to Teaching Online Safety and Navigating Cyber Dangers

• Clickjacking: Definition and Attack Prevention

• Decrypter Released for the Notorious Akira Ransomware

• In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools

• security token

• Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks

• Attain Insight Security 4X 4.0 strengthens data protection for enterprises

• Philippines Police Rescues 2,700 Individuals from Cybercrime Syndicate

• States scramble for solutions to curb rising wrong-way crashes

• MOVEit Hackers Find Simpler Business Model Than Ransomware

• Critical Authentication Bypass Found In Arcserve Backup System

• Log4j Bug Exploited To Push Novel EarlyRat Malware

• American Technology Found In Chinese Spy Balloon Debris

• Your A−z Guide To Crypto Casinos (2023)

• Casino Industry Jobs You Never Knew Existed

• Cyber Spying Seems to be the Predominant Goal of North Korean Hackers

• Your IAM Framework is Insecure Unless it Protects from this Unknown Threat

• Why healthcare in the cloud must move to zero trust cybersecurity

• Citizens are helping government reach its ambitious scientific goals

• The best VPN services for iPhone and iPad in 2023

• Total Assure launches to provide SMBs with managed security services

• 3 Key Reasons SaaS Security is Essential for Secure AI Adoption

• JavaScript Registry npm at Risk

• Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware Vendor

• 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ Plugin

• 3 Ways to Build a More Skilled Cybersecurity Workforce

• Explore The Best Aussie Games: Unveiling Authentic Experiences And Local Talents

• CMA Begins Phase Two Probe Of Adobe’s Figma Acquisition

• Hackers Compromised the Russian Defense Satellite Communications Provider

• Cloud Workload Protection Platforms: An Essential Shield

• CISA Wants Exposed Government Devices Remediated in 14 Days

• Pepper and Embedded Insurance Partner on Cyber Insurance for Consumers, SMBs

• Nokod Security raises $8 million to enhance low-code/no-code app security

• Exploring the Need for Object-Oriented Programming

• Navy gets new cyber categories

• Can NIH help drive health data access?

• MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses

• How to Create a New Discord Account in 2 Minutes – A Comprehensive Guide

• 5 Patch Management Best Practices for Success in 2023

• 3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

• Google To Withdraw News In Canada After New Law

• Best VPN for streaming TV and movies in 2023

• The US Is Spying on the UN Secretary General

• Webinar: Veeam Backup for Microsoft 365

• Webinar: Unlocking Agility: Transform Entity Management into a Strategic Advantage

• Apple, Google, and MOVEit Just Patched Serious Security Flaws

• Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator

• Virgin Galactic Completes First Commercial Spaceflight

• LockBit Claims TSMC Hack, Demands $70m Ransom

• 6 Best Cybersecurity Certifications of 2023

• TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant

• Proton Launches Open Source Password Manager

• MITRE Announces Most Dangerous Software Weaknesses

• Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

• WhatsApp Upgrades Proxy Feature Against Internet Shutdowns

• Life long cyber security learning

• Protect Your Data With the MonoDefense Security Suite for $149.99

• GCHQ Reveals Details of State-Backed Breach

• 10 Expert Best Practices to Enhance Office 365 Protection From APT Attacks

• Amazon Issues Lawsuits Targeting Fake Review Brokers

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Silicon UK Pulse: Your Tech News Update: Episode 9

• Quirky QWERTY killed a password in Paris

• MITRE Releases Top 25 Most Dangerous Software Weaknesses

• How 5G Technology Accelerates Cybersecurity

• NHS data breach after ransomware attack on University of Manchester

• Brave New Privacy Feature to Limit Website Access to Local Resources

• MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?

• Patch me if you can: Cyberattack Series

• North Korea-linked Andariel APT used a new malware named EarlyRat last year

• miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug

• New infosec products of the week: June 30, 2023

• Employees worry less about cybersecurity best practices in the summer

• Businesses are ignoring third-party security risks

• Unlocking internet’s secrets via monitoring, data collection, and analysis

• Fujitsu admits it fluffed the fix for Japan’s flaky ID card scheme

• Fujitsu admits if fluffed the fix for Japan’s flaky ID card scheme

• Employee monitoring: is ‘bossware’ right for your company?

• Causely launches Causal AI for Kubernetes, raises $8.8M in seed funding

• Top contenders in Endpoint Security revealed: G2 Summer 2023 results

• Different Methods to Secure Your Microsoft Word Documents

• Crook who stole $23m+ in YouTube song royalties gets five years behind bars

• Gmail client-side encryption: A deep dive

• 2023-06-29 – 30 days of Formbook: Day 25, Thursday 2023-06-29 – “CS94”

• Pepper and Embedded Insurance Partner on Cyber Insurance For Consumers, SMBs

• Researchers demo geotargeted wildfire alerts sent to vehicles

• US agencies buy vast quantities of personal information on the open market

• IT Security News Daily Summary 2023-06-29

• 2023-06-28 – IcedID (Bokbot) activity

• Democrats, civic tech orgs back IRS plans to pilot e-filing service

• Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel

• Apple Objects to UK Bill That Would Break Encrypted Messaging

• IEC Standardization Leaders Convene in Amsterdam to Review Utility Interworking of Key Standards

• CISA Wants Exposed Government Devices Remediated In 14 Days

• 8Base Ransomware Attacks Show Spike in Activity

• VA secretary: Automation will help agency ‘make better, faster, more informed decisions’

• TXOne Networks’ Stellar Solution Safeguards Operational Stability for Organizations in Various Industries

• Center for Internet Security, CREST Join Forces to Secure Organizations Globally

• It’s 2023 and memory overwrite bugs are not just a thing, they’re still number one

• Study for high-paying cybersecurity jobs with this $40 CompTIA bundle

• The best travel VPNs of 2023: Expert tested and reviewed

• Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023

• Cued by breach postmortems, fintech refines zero trust

• OTORIO Rolls Out Advanced Attack Graph Analysis for OT Security

• Cybellum Unveils New Brand, Amplifying Commitment to Team-Centric Product Security

• Employer Demand for Technology Workers Across Europe Remains on Firm Footing

• WatchGuard Threat Lab Report Reveals New Browser-Based Social Engineering Trends

• Mend.io Launches Inaugural Open Source Reliability Leaderboard

• Invary Raises $1.85M in Pre-Seed Funding to Close Critical Gap in Zero Trust Security

• Don’t fear AI, but prepare for its wider use

• Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

• Palo Alto Networks PA Series Review: NGFW Features & Cost

• AI-Enabled Voice Cloning Anchors Deepfaked Kidnapping

• The phone monitoring app LetMeSpy disclosed a data breach

• S3 Ep141: What was Steve Jobs’s first job?

• Apple Objects To Spy Clause In UK Online Safety Bill

• Cyware Snags $30M for Threat Intel Infrastructure Tech

• How Secure Communication Can Enhance Your Organization’s Cyber Defence

• The 2023 State of Ransomware: A Resurgence Is Brewing

• How to use Android’s lockdown mode (and why)

• Now Apple takes a bite out of encryption-bypassing ‘spy clause’ in UK internet law

• Chinese balloon that US shot down was ‘crammed’ with American hardware

• IT Security Policy: Importance, Best Practices, & Top Benefits

• US Patent Office Hacked, Trademark Apps Accessed

• Cybersecurity Is the Healthcare Your Organization Needs

• From MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber Weapon

• CryptosLabs Scam Ring Preys on French-Speaking Investors, Amasses €480 Million

• Securing Healthcare Data Warehouses: Best Practices for Data Security and Privacy

• Salesforce Invests $4 Billion In UK Amid AI Push

• NSA and CISA Release Guidelines to Secure CI/CD Environments

• The Power of a 5-Minute Phone Switch Off Against Hacking

• Things CISOs Need to Know About Identity and Access Management

• Stories from the SOC: Fighting back against credential harvesting with ProofPoint

• Law enforcement’s battle against Cryptocurrency crime

• Hybrid Car Explosion Kills Two People

• The newest threat CISOs are facing that nobody is talking about

• What happened to the Idaho Health Data Exchange, and can other states learn from it?

• IP Fabric Raises $25 Million in Series B Funding

• Rapid7: Japan Threat Landscape Takes on Global Significance

• MIT Publishes Framework to Evaluate Cybersecurity Methods

• Previously undetected ThirdEye malware appears in the threat landscape

• Perception Point introduces AI model to detect and prevent BEC attacks

• WISeKey upgrades its WISeID digital identity and privacy platform

• Paracetamol maker Granules India hit by ransomware attack

• Charming Kitten’s PowerStar Malware Evolves with Advanced Techniques

• US Considers AI Chip Export Restrictions For China

• Charming Kitten APT Group Uses Innovative Spear-phishing Methods

• Human oversight key to keeping AI honest

• 3 Tips to Increase Hybrid and Multicloud Security

• Former Group-IB manager has been arrested in Kazahstan

• Redacting Documents with a Black Sharpie Doesn’t Work

• Here’s Why Multiple Top Firms are Banning ChatGPT

• Standardization of Access Management Using IDP Federation

• LockBit Dominates Ransomware World, New Report Finds

• Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes

• Keepit launches backup and recovery service for Microsoft Azure DevOps

• ThirdEye – A new Infostealer Malware Steal BIOS & Hardware Data

• Is Open-Source Security a Ticking Cyber Time Bomb?

• The newest threat CISOs are facing and nobody is talking about

• New MIT Framework Evaluates Side-Channel Attack Mitigations

• Nokod Snags $8M to Secure Low Code/No-Code Custom Apps

• DOE CIO Talks to SecurityWeek About Cybersecurity, Digital Transformation

• Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution

• UAE, Israel Ink Pivotal Joint Cyber-Threat Intelligence Agreement

• Newbie Akira Ransomware Builds Momentum With Linux Shift

• When It Comes to Secure Coding, ChatGPT Is Quintessentially Human

• Immuta simplifies data security and monitoring in Snowflake with platform updates

• Skyhigh Security enables organizations to adopt AI applications in a secure manner

• Daon introduces AI.X technology to combat deepfake threats

• Cybersecurity Faces Challenges as DDoS Attacks Surge

• How To Improve GraphQL API Security

• Causely launches Causal AI for Kubernetes, Raises $8.8M in seed funding

• We like to think we are best at digital, but maybe not

• Evaluating cybersecurity methods

• Surveillance on the Dark Side: A Technical Flaw Allows Hackers to Take Over Cameras

• New PindOS JavaScript Dropper Deploys Bumblebee, IcedID Malware

• The Evolution and Coexistence of Web 2.0 and Web 3.0

• CISA, NSA Share Guidance on Securing CI/CD Environments

• White House Outlines Cybersecurity Budget Priorities for Fiscal 2025

• PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)

• Twilio partners with Frame AI to uplevel contact center experiences with AI

• How automation is evolving SecOps—and the real cost of cybercrime

• OpenAI To Open First Overseas Office In UK

• VPN and RDP Exploitation the Most Common Attack Technique

• The Digital Marketing Landscape: Trends, Tools, and Tactics to Watch in 2023

• Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users’ Personal Data

• North Korean Hacker Group Andariel Strikes with New EarlyRat Malware

• The Right Way to Enhance CTI with AI (Hint: It’s the Data)

• Google Closes Down Augmented Reality Glasses

• TDD and the Impact on Security

• Dark Power Ransomware on the Ascent – A Technical Insight into 2023’s Latest Ransomware Strain

• 8Base Ransomware Emerges from the Shadows

• Hiring Kit: IT Audit Director

• How to View Your SSH Keys in Linux, macOS and Windows

• CipherTrust Data Security Platform as-a-Service Helps Control and Secure Your Critical Data

• Over 130 Organizations, Millions of Individuals Believed to Be Impacted by MOVEit Hack

• Japan in the Crosshairs of Many State-Sponsored Threat Actors New Report Finds

• US Prosecutors Line Up Charges in $2.5bn Healthcare Fraud Cases

• Case Study: Global bank with >$1 trillion in assets under management

• PCI DSS 4.0 Requirements – Restrict Physical Access and Log and Monitor All Access

• What is the FFIEC Cybersecurity Assessment Tool?

• Manifest Confusion Threat Undermines Trust in Entire Npm Registry

• Critical Security Flaw in Social Login Plugin for WordPress Exposes Users’ Accounts

• Experts published PoC exploits for Arcserve UDP authentication bypass issue

• Do you know what your supply chain is and if it is secure?

• Human vs Machine Identity Risk Management

• Honeywell Server Compromised by MOVEit Hackers

• Pornhub Accused of Illegal Data Collection

• Apple joins the opposition to encryption-bypassing ‘spy clause’ in UK internet law

• Akira Ransomware Expanded its Toolkit to Attack Linux Machines

• Venn Software Snags $29M to Build MDM for Laptops Technology

• Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data

• 8Base Ransomware targets only companies neglecting privacy of employees and customers

• Micropatches: What they are and how they work

• Popular generative AI projects pose serious security threat

• Threat Hunt: KillNet’s DDoS HEAD Flood Attacks – cc.py

• Global rise in DDoS attacks threatens digital infrastructure

• Guide: Attack Surface Management (ASM)

• Businesses count the cost of network downtime

• Network security guy in extradition tug of war between US and Russia

• What’s the state of Zero Trust security?

• Surveillance camera insecurities argument comes to one inevitable conclusion: Always update

• Why blocking ads is good for your digital health

• Criminal secure messaging system takedown: 6500+ arrests and €900 million+ seized

• Interview Questions

Generated on 2023-06-30 23:55:30.186182