IT Security News Daily Summary 2023-07-27

• Millions of People Affected in MOVEit Attack on US Gov’t Vendor

• Ryanair Hit With Lawsuit Over Use of Facial Recognition Technology

• Deloitte, Maximus, Chuck E. Cheese join 500+ orgs as MOVEit attack victims

• Can AI detectors save us from ChatGPT? I tried 5 online tools to find out

• The NSA Is Lobbying Congress to Save a Phone Surveillance ‘Loophole’

• How a Cyber Security Platform Addresses the 3 “S”

• US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’

• Vulnerabilities exposed Peloton treadmills to malware and DoS attacks

• Deloitte and Chuck E. Cheese join 500+ orgs as MOVEit victims

• Microsoft responsible for China’s U.S. government email hack, Senator Wyden says

• BlueHat October 2023 Call for Papers is Now Open!

• Benefits of hiring a Java web application development company

• 7 Best Cloud Security Posture Management (CSPM) Software for 2023

• Group-IB Co-Founder Sentenced to 14 Years in Russian Penal Colony

• Deja Vu: The FBI Proves Again it Can’t be Trusted with Section 702

• Think tank calls for monitoring of Chinese AI-enabled products

• Bipartisan Bill Seeks New US Tech Regulator

• Israeli-Trained Azerbaijan Cyber Students Mark Inaugural Graduation

• Laptops will need to support growing AI and security priorities, says Lenovo

• S3 Ep145: Bugs With Impressive Names!

• DepositFiles exposed config file, jeopardizing user security

• Maryland Supreme Court: Police Can’t Search Digital Data When Users Revoke Consent

• What Happens When an AI Company Falls Victim to a Software Supply Chain Vulnerability

• Ubuntu Linux Cloud Workloads Face Rampant Root Take Takeovers

• What Will CISA’s Secure Software Development Attestation Form Mean?

• The Ups and Downs of 0-days: A Year in Review of 0-days Exploited In-the-Wild in 2022

• What your peers want to know before buying a DLP tool

• The human element of Cybersecurity: Nurturing a cyber-aware culture to defend against social engineering attacks

• EU Investigates Microsoft Over Teams Bundling With Office

• Security Incident Impacts CardioComm’s Operations

• Group-IB CEO Ilya Sachkov sentenced to 14 years in a strict prison colony

• Critical Privilege Escalation Flaw Risks 900K+ MikroTik Routers

• Microsoft Message Queuing Service Flaw Allows DoS and RCE Attacks

• Multiple Security Issues Identified in Peloton Fitness Equipment

• Watch Now: Exposing Common Myths of OT Cybersecurity

• TSA Updates Pipeline Cybersecurity Requirements

• Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024

• European Threat Intelligence Firm QuoIntelligence Raises $5.5 Million in Seed Funding

• China’s Wuhan Earthquake Center Suffers Cyber-Attack

• High Severity Vulnerabilities Discovered in Ninja Forms Plugin

• Android will now warn about unknown Bluetooth trackers, like AirTag, traveling with you

• Seraphic extends enterprise browser security to collaboration apps

• Palo Alto Networks unveils CI/CD Security module to improve risk prevention

• US SEC makes it mandatory to report cyber attack within 4 days

• Samsung Extends Chip Production Cuts After $7 Billion Loss

• Iranian Stalkerware ‘Spyhide’ Steals Data from 60,000 Android Devices

• The best home security systems of 2023: Ring, Simplisafe, and more compared

• The best home automation systems of 2023

• “Mysterious Elephant” Emerges, Kaspersky Reports

• Wormhole digs out of its hole with new security measures to move on from $320M hack

• Microsoft must be held responsible for China’s U.S. government email hack, Senator Wyden demands

• Singapore Explores Generative AI Use Cases Through Sandbox Options

• Stolen Session Cookies Turns Into the Next Cyber Threat

• Exposed Secrets: Backdoor Vulnerabilities in Worldwide Radio Systems

• SolarWinds Platform 2023.3 Released – What’s New!

• SEC requires reporting cyberattacks within 4 days, but not everyone may like it.

• 4 Most Dangerous and Destructive Ransomware Groups of 2023

• Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads

• The Good, the Bad and the Ugly of Generative AI

• SkyKick Cloud Management Platform upgrades enhance data protection capabilities

• Island appoints Steve Tchejeyan as President

• N2WS Backup and Recovery enhancements strengthen AWS workload protection

• Notorious Lazarus Hacking Outfit Linked to a $60 Million Alphapo Crypto Theft

• Explaining risk maturity models and how they work

• Why Today’s CISOs Must Embrace Change

• New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads

• GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users

• Hackers are infecting Call of Duty players with a self-spreading malware

• Two New Vulnerabilities Could Affect 40% Of Ubuntu Cloud Workloads

• Axis Door Controller Vulnerability Exposes Facilities to Threats

• Infostealer Incidents More Than Doubled In Q1 2023

• The UFO Hearing Got Pretty Interesting

• Russia Throws Group-IB Founder In The Clink For Treason

• Top 7 ecommerce cybersecurity threats and tips to avoid them

• PDF Malware Distribution Has Increased by 500%, as Reported by VirusTotal

• How credential stuffing works (and how to stop it)

• Decentralized Identity Puts People In Control Of Their Data

• Cyberattack Investigation Shuts Down Ambulance Patient Records System

• Insights from the cybersecurity trenches: Security is essential as a defensive strategy, but it’s also good for business

• Settling for the bare minimum is jeopardising your business’ cyber safety

• AXIS A1001 Network Door Controller Flaw Exposes Secure Facilities

• Axis Door Controller Vulnerability Exposes Facilities to Physical, Cyber Threats

• CardioComm Takes Systems Offline Following Cyberattack

• Egnyte’s AI-powered solutions empower users to classify and protect sensitive data

• AXIS A1001 System Flaws Expose Secure Facilities to Unauthorized Access

• US government contractor says MOVEit hackers accessed health data of ‘at least’ 8 million individuals

• The Future of Web Development: Predictions and Possibilities

• Up to 11 Million People Hit by MOVEit Hack at Government Services Firm Maximus

• OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI

• The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left

• Takeaways From Perception Point’s “H1 2023 Report: Cybersecurity Trends & Insights”

• Protect AI raises $35 million to help organizations build safer AI

• Harnessing Technology For Research In Essay Writing

• The Next Evolution of Devsecops For The Defense Department

• Cyberattack Impacts Two Ambulance Services

• Fooling an AI Article Writer

• Over 40% of Ubuntu Users Vulnerable to Privilege Escalation Flaw

• Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason

• Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

• Ivanti Mobile Management Software Zero-Day Under Active Attack

• Fake Games Deliver Redline, Realst Malware On Windows and Mac

• Facebook Parent Meta Profits From Advertising Increase

• Companies Required by SEC to Disclose Cybersecurity Incidents in 4 Days

• APT trends report Q2 2023

• Is a Chat GP Coming?

• Tripwire Enterprise: Reimagining a Winning Product

• NCSC Publishes New Guidance on Shadow IT

• Dear all, What are some common subject lines in phishing emails?

• Gathering dust and data: How robotic vacuums can spy on you.

• Supply Chain Attack Hits NHS Ambulance Trusts

• SEC Wants Cyber-Incident Disclosure Within Four Days

• Do you know what your supply chain is and if it is secure?

• Rust Infostealer Malware Attacks macOS Sonoma Ahead of Public Release

• New SEC Rules Require U.S. Companies to Reveal Cyber Attacks Within 4 Days

• Thales partners with Hint AG to provide managed security services for the Swiss healthcare sector

• Two flaws in Linux Ubuntu affect 40% of Ubuntu users

• How to migrate your Bitwarden vaults from US to EU storage

• Hacker-Attacking Developers Using Weaponized MS Visual Studio

• Are we getting close to the mass adoption of digital IDs?

• Data Security firm Imperva to be acquired by Thales for $3.5 billion

• Key factors for effective security automation

• Why are computer security guidelines so confusing?

• A step-by-step guide for patching software vulnerabilities

• Cryptojacking soars as cyberattacks increase, diversify

• UAC: Live response collection script for incident response

• CISOs gear up to combat the rising threat of B2B fraud

• User Awareness Training: A Critical Component to Collaboration Tool Security

• Companies Must Have Corporate Cybersecurity Experts, SEC Says

• Thoughts on Tool Features

• Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation

• Ransomware groups claim responsibility for double-attack on Yamaha

• 60,000 Androids have stalkerware-type app Spyhide installed

• Crooks pwned your servers? You’ve got four days to tell us, SEC tells public companies

• Group-IB Founder Ilya Sachkov Jailed for 14 Years in Russia

• BreachForums – 212,156 breached accounts

• Empowering Future Minds: The Indispensable Role of Coding for Kids

• SE Labs Unveils Latest Comparative Analysis of Endpoint Detection and Response Products

• Rezilion Uncovers High-Risk Vulnerabilities Missing From CISA KEV Catalog

• Coro Acquires Network Security Startup Privatise

• IT Security News Daily Summary 2023-07-26

• SEC Adopts New Rule on Cybersecurity Incident Disclosure Requirements

• Massive macOS Campaign Targets Crypto Wallets, Data

• ‘Nitrogen’ Ransomware Effort Lures IT Pros via Google, Bing Ads

• Russia throws founder of infosec biz Group-IB in the clink for treason

• From Vulnerability to Vigilance: How Mobile App Evolution Influenced Security Mindsets

• ETSI Dismisses Claims of ‘Backdoor’ Vulnerabilities in TETRA Standard

• The U.K. Government Is Very Close To Eroding Encryption Worldwide

• Following WormGPT, FraudGPT Emerges for AI-Driven Cyber Crime

• Two ambulance services in UK lost access to patient records after a cyber attack on software provider

• Flipper Zero Launched “Apps Hub” As A Third-Party App Store

• SEC adopts new cybersecurity incident disclosure rules for companies

• International Rights Groups to Thierry Breton: You Need to Make Clear That Under the DSA States Can’t Shut Down the Internet as Punishment for Hateful Content on Platforms

• 6 Best Practices To Protect Your Company From Data Loss

• Lazarus Hackers Target Microsoft IIS Servers to Propagate Malware

• Listed US Firms Must Disclose Cyber Breaches In Four Days

• Security hygiene and posture management: A work in progress

• Russia Sends Cybersecurity CEO to Jail for 14 Years

• Ex-NSA Official Harry Coker Tapped for National Cyber Director Job

• Future careers: how to make it in biometrics

• How to improve employee phishing awareness

• Unveiling the secrets: Exploring whitespace steganography for secure communication

• Repeatable VEC Attacks Target Critical Infrastructure

• Virgin Media O2 To Axe 2,000 UK Jobs

• Apple Mulls Price Rise For iPhone Pro – Report

• VMware Patches Vulnerability Exposing Admin Credentials

• Peloton Bugs Expose Enterprise Networks to IoT Attacks

• Source: CrowdStrike is close to acquiring Bionic.AI for between $200M and $300M

• Terrestrial Trunked Radio System Vulnerable to Leakage and Message Injection

• BlackCat Attackers Target Italian Asset Manager Azimut

• Google Cloud’s Security Strategy: Emphasizing ‘Secure by Design’ and ‘Secure by Default’

• Travel HACK: Why you Should not Share Photos of Your Boarding Pass Online

• Security Breach: Clearweb Sites Attacked by MOVEit, Data Exposed

• VirusTotal Malware Trends Report: Emerging Formats and Delivery Techniques

• Group-IB Founder Sentenced in Russia to 14 Years for Treason

• Experts Warn About Privacy Issues With Facebook-Owned Threads App

• Source: Crowdstrike is close to acquiring Bionic.AI for between $200M and $300M

• SeeMetrics Security Performance Boards empowers CISOs to validate security programs

• EndaceProbe Cloud detects threats and network performance issues

• SentinelOne introduces cloud data security products

• Cyber Attack news headlines trending on Google

• OWASP ModSecurity Core Rule 3.3.5 Released – What’s New!

• Dark Web Markets Offer New FraudGPT AI Tool

• Cyclops Emerges From Stealth With Security Search Platform Powered by Generative AI

• Alphabet CFO Steps Aside, As Q2 Profit Beats Expectations

• QRadar SIEM reduces incident investigation time by 90%

• 4 Essential Elements for a Comprehensive Cloud Security Stack

• Dozens of Organizations Targeted by Akira Ransomware

• Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks

• FraudGPT, a new malicious generative AI tool appears in the threat landscape

• Australian Home Affairs Leaks Sensitive Information Of Cybersecurity Survey Respondents

• Clear Skye IGA 5.0 optimizes identity security and business processes on ServiceNow

• DataGrail unveils Managed Services offering for data privacy

• MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)

• Talon Extension enhances security and control over browser activity

• Kubernetes and the Software Supply Chain

• Decoy Dog: New Breed of Malware Posing Serious Threats to Enterprise Networks

• Dozens Of Organizations Targeted By Akira Ransomware

• Crypto Bills To Face Congressional Committee Vote

• New AI Phishing Tool FraudGPT Tied To Same Group Behind WormGPT

• FraudGPT: A New Dark Side AI Tool For Cyber Criminals

• Thales Agrees to Buy App Security Vendor Imperva in $3.6B Deal

• Threat Intelligence Is Growing — Here’s How SOCs Can Keep Up

• Congress Is About To Stream UFO Hearings On YouTube At 10AM EST

• Cyclops raises $6.4M in seed funding to launch AI-powered cybersecurity search platform

• Protect AI raises $35M to expand its AI and machine learning security platform

• Code Execution Vulnerability Impacts 900k MikroTik Devices

• Russian Cybersecurity Firm Founder Jailed for 14 Years

• Webinar Today: Exposing Common Myths of OT Cybersecurity

• CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services

• Protect AI raises $35M to build a suite of AI-defending tools

• Darktrace HEAL provides security teams with abilities to simulate real-world cyber incidents

• BreachRx Cyber RegScout helps legal and compliance professionals eliminate manual processe

• Rise of Bossware: Balancing Workplace Surveillance and Employee Privacy

• Trustmi lands $17M to scale its payments fraud prevention tech

• CISA adds Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

• Norwegian Government`s System Breached over Ivanti EPMM Zero-Day

• Microsoft Signals Heavy AI Spending, Amid Healthy FY23 Results

• Dynatrace expands Davis AI engine to boost productivity across teams

• Critical MikroTik RouterOS Flaw Exposes 900,000 Systems to Cyber Attacks

• CISO Conversations: Field CISOs From VMware Carbon Black and NetSPI

• Twitter Scammers Stole $1,000 From My Friend—So I Hunted Them Down

• Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users

• The Alarming Rise of Infostealers: How to Detect this Silent Threat

• Backdoor in TETRA Police Radios

• Ransomware Attacks Skyrocket in Q2 2023

• Norway government ministries hit by cyber attack

• New AI Tool ‘FraudGPT’ Emerges, Tailored for Sophisticated Attacks

• Over 500K MikroTik RouterOS systems potentially exposed to hacking due to critical flaw

• Meta, Microsoft Own Trademarks For New Twitter Name

• Checklist: Securing Digital Information

• Learn How to Protect Your Business With Ultimate Security for $80

• Education Sector Has Highest Ransomware Victim Count

• Yamaha Confirms Cyber Attack on Its Canadian Division

• New Vulnerability Puts 926,000 MikroTik Routers at Risk! Users Urged to Patch

• Ambulance patient records system hauled offline for cyber-attack probe

• Dear all! What are some common subject lines in phishing emails?

• Enhanced Data Analysis with Synthetic Datasets

• Understanding Machine Learning Attacks, Techniques, and Defenses

• Over 900,000 MikroTik Routers Exposed to Critical Bug

• Industry Coalition Calls For Enhanced Network Resilience

• Transforming Your Phone into an Intercom: Harnessing Alexa’s Power for Seamless Communication

• Rust-based Realst Infostealer Targeting Apple macOS Users’ Cryptocurrency Wallets

• Why performing security testing on your products and systems is a good idea

• Sneaky Python package security fixes help no one – except miscreants

• Cyber Attack on Norway govt websites identified to Ivanti Security vulnerability

• What is an SSL stripping attack

• DarkSide Ransomware: Definition and Prevention Tips

• Ivanti plugs critical bug – but not before it was used against Norwegian government

• Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking

• Overcoming the cybersecurity talent shortage with upskilling initiatives

• Enterprises should layer-up security to avoid legal repercussions

• Companies encounter months-long delays in filling critical security positions

• Zero trust rated as highly effective by businesses worldwide

• Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database

• Mitigating generative A.I. risks: ‘Fight innovation with innovation,’ says identity security firm

• 2023-07-25 – IcedID (Bokbot) from wave of malspam on 2023-07-24

• Zenbleed: How the quest for CPU performance could put your passwords at risk

• i-PRO: How to Advance Cybersecurity with Secure Element & FIPS

• Tampa General Hospital half thwarts ransomware attack, but still loses patient data

• How to set up computer security for your parents

• Update now! Apple fixes several serious vulnerabilities

• Palo Alto Networks Secures Black Hat from Itself

Generated on 2023-07-27 23:55:31.328153