IT Security News Daily Summary 2023-07-24

• How to Easily Block IP Addresses From Accessing a Desktop or Server

• China Propaganda Spreads via US News Sites, Freelancers, Times Square

• Experts Warn About New “Malicious Tagging” Facebook Scam

• AMD Zenbleed chip bug leaks secrets fast and easy

• Coveware: Rate of victims paying ransom continues to plummet

• Are AI-Engineered Threats FUD or Reality?

• Orgs Face Record $4.5M Per Data Breach Incident

• Nubeva’s Ransomware Key Interception and Decryption Technology Validated in Third-Party Lab

• How To Merge And Use AI In Cybersecurity To Prevent Cyber Attacks

• Hardware-bound passkeys are still ultimate in security: Yubico VP

• Mandiant: JumpCloud breach led to supply chain attack

• Atlassian RCE Bugs Plague Confluence, Bamboo

• Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats

• New Microsoft identity and data security capabilities to accelerate CMMC compliance for the Defense Industrial Base

• Norway Probes Major Cyberattack on 12 Government Ministries

• Hacking police radios: 30-year-old crypto flaws in the spotlight

• KillNet’s Kremlin Connection Unclear as the Cybercrime Collective Grows

• Digital Rights Updates with EFFector 35.9

• Want to Alleviate CISO Burnout? Tear Down the Security Tower of Babel

• Singapore looks for generative AI use cases with sandbox options

• Artificial Intelligence Governance Professional Certification – AIGP

• Stories from the SOC: OneNote MalSpam – Detection & response

• Roblox Developers Conference Attendees’ Data Breached

• Tips To Keep Track of Code and Infrastructure Security Risks

• The top 10 technologies defining the future of cybersecurity

• Tampa General Hospital Data Breach Impacts 1.2 Million Patients

• North Korean Cyberspies Target GitHub Developers

• Spyhide stalkerware is spying on tens of thousands of phones

• Twitter Scraps Iconic Blue Bird, Officially Rebrands As ‘X’

• IBM FlashSystem 5045 aids access to storage cyber resilience

• Biden-Harris Administration Secures AI Commitments For Safety

• Has the MOVEit hack paid off for Cl0p?

• OneTrust raises $150 million to accelerate platform innovation

• Stolen Microsoft Key: The Impact Is Higher Than Expected

• A critical cybersecurity backup plan that too many companies are ignoring

• How to make sure the reputation of your products and company is good

• DdoS attack on 12 Norway government websites

• OneTrust Raises $150 Million at $4.5 Billion Valuation

• North Korean hackers targeting JumpCloud mistakenly exposed their IP addresses, researchers say

• Beyond Security: The Comprehensive Approach to Tackling Cyberattacks

• Movie Scam: Fraudsters Take Advantage of the Popularity of Barbie and Oppenheimer

• Storm-0558 Breach: Microsoft Breach Risks Millions of Azure AD Apps

• How to use Discord’s ‘Family Center’ to help protect your child

• Cyber-Attack Strikes Norwegian Government Ministries

• Is Your Peloton Attracting Security Threats?

• Hackers exploit Citrix zero-day to target US critical infrastructure

• A flaw in OpenSSH forwarded ssh-agent allows remote code execution

• DC Circuit FOSTA Ruling Lets a Bad Law Stay on the Books, But Offers Meaningful Protection for Some Sex Work Forums and Sex Workers Using Online Services

• Court Rejects Efforts to Identify Anoymous Webhost

• Automation Technologies That Improve Agricultural Returns

• 12 Norway Government Ministries were Targeted in a Cyberattack

• Is It Okay To Stop Running Your Tests After the First Failure?

• Over 20,000 Citrix Appliances Vulnerable to New Exploit

• Los Angeles SIM Swapper Pleads Guilty to Cybercrime Charges

• MOVEit Hack Could Earn Cybercriminals $100M as Number of Confirmed Victims Grows

• Cybersecurity Public-Private Partnership: Where Do We Go Next?

• Designing a Security Strategy for Defending Multicloud Architectures

• The Best Personal Safety Devices, Apps, and Wearables (2023)

• D2iQ DKP AI Navigator simplifies Kubernetes management

• US companies commit to safe, transparent AI development

• Warcraft Fans Trick AI with Glorbo Hoax

• GitHub Issues Alert on Lazarus Group’s Social Engineering Attack on Developers

• DangerousPassword Campaign Targets Desktops With Python, Node.js Malware

• Flipper Zero gets an app store

• How to Protect Patients and Their Privacy in Your SaaS Apps

• Google Messages Getting Cross-Platform End-to-End Encryption with MLS Protocol

• Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

• WebBoss.io CMS Concerns: A Tale Of Neglect And Unresponsiveness

• Los Angeles SIM Swapper Pleads Guilty To Cybercrime Charges

• MOVEit Hack Could Earn Cybercriminals $100 Million

• Researchers Find Backdoor In Encrypted Police And Military Radios

• Critical Zyxel Firewall Injection Flaw Exploited to Conduct DDoS Attacks

• The New Summer Vacation Necessity: Cyber Hygiene

• Industrial Organizations in Eastern Europe Targeted by Chinese Cyberspies

• Perimeter81 Vulnerability Disclosed After Botched Disclosure Process

• Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo

• Average cost of a data breach reaches $4.45 million in 2023

• From Lullabies to Apps: Tracing the Impact of Technology on Infant Care Over the Past 30 Years

• Actionable Threat Intel (IV) – YARA beyond files: extending rules to network IoCs

• Novel Open Source Supply Chain Attacks Target Banking Sector

• New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

• Cisco Disclosed Vulnerabilities In SPA500 Series IP Phones – Won’t Fix

• Adobe Patched Critical ColdFusion Zero-Day Flaw Under Attack

• WhatsApp Quietly Mitigates Remote Account Deactivation Threat Hours After The Report

• Amazon Builds $120m Florida Facility For Internet Satellites

• The Silicon UK In Focus Podcast is 100!

• TETRA Radio Code Encryption Has a Flaw: A Backdoor

• Experts warn of OSS supply chain attacks against the banking sector

• Toyota Looks To Use Lunar Water To Power Manned Moon Vehicle

• CMA Publishes Microsoft Arguments As It Denies Bowing To Pressure

• A new hope for software security

• Booz Allen Pays $377m to Settle Government Fraud Case

• How-To: NIS2 EU Directive

• Micron Chief ‘Meets With Chinese Government’ Amidst Sanctions

• What is SWIFT? 8 Things You Need to Know

• DSPM and CSPM: What are the Differences?

• Thousands of Citrix Servers Exposed to Zero-Day Bug

• Gamers Trick AI-Generated News Site Into Posting Fake Article

• Start-Up Eve To Build ‘Flying Taxis’ In Brazil

• ASML Boosts Revenue Outlook On China Demand

• Clop Could Make $100m from MOVEit Campaign

• Banking Sector Targeted in Open-Source Software Supply Chain Attacks

• Apple could opt to stop iMessage and FaceTime services due to the government’s surveillance demands

• Software developers, how secure is your software?

• Hacked Microsoft Keys Let Attackers Access a Wide Range of Azure Applications

• How to Put the Sec in DevSecOps

• What C-Suite Leaders Need to Know About XDR

• North Korean Hacker Group Breached US IT Firm JumpCloud

• Bridging the cybersecurity skills gap through cyber range training

• Ransomware news trending on Google

• Topics to study for job in Artificial Intelligence

• What’s new in the 2023 Cost of a Data Breach report

• Part 1: Historic To 2022 – The APT And Logical Threats

• The Email Threat Landscape, Q1 2023: Key Takeaways

• Consumers demand more from businesses when it comes to security

• Shaping the future of digital identity

• Strengthening the weakest links in the digital supply chain

• Google half-patches Cloud Build permissions exploit, the rest is on you

• IBM Report: Average Cost of a Data Breach Rises to $4.45 Million

• Failing to embrace AI is the real ‘threat’ to the US in the global AI race: Investor

• E-commerce Cybersecurity: How to Protect Customer Data and Online Transactions

• IT Security News Weekly Summary – Week 29

• IT Security News Daily Summary 2023-07-23

• VirusTotal issues apology for recent sensitive data leak

• The Next Step

• API Security Checklist: A Must Read Guide 2023

• Web Development Revolution: Chrome’s Cookie-Free Tools

• North Korea-Backed Hackers Breach US Tech Company to Target Crypto Firms

• Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

• Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519

• Nigel Farage Controversy Results in Hundreds of NatWest Private Data Requests

• CVE-2023-3519: NetScaler (Citrix) RCE Blocked By Imperva

• Aligning Risk Appetite, Tolerance, and Thresholds with Business Planning: A Comprehensive Guide to Enterprise Risk Management

• Week in review: VirusTotal data leak, Citrix NetScaler zero-day exploitation

• Symantec DLP Product Review

• Cyber Security Management System (CSMS) for the Automotive Industry

• How To Handle Dependencies Between Pull-Requests

• Adobe ColdFusion vulnerabilities mitigated by Imperva

• Get the AT&T Cybersecurity InsightsTM Report: Focus on Healthcare

• Roblox – 52,458 breached accounts

Generated on 2023-07-24 23:55:17.602417