IT Security News Daily Summary 2023-07-31

• Experts discovered a previously undocumented initial access vector used by P2PInfect worm

• Understanding Data Protection: Best Practices for Keeping Your Information Safe

• MIT CSAIL unveils PhotoGuard, an AI defense against unauthorized image manipulation

• Reducing Generative AI Hallucinations and Trusting Your Data: Interview With Cognite CPO Moe Tanabian

• China’s Volt Typhoon APT Burrows Deeper into US Critical Infrastructure

• Protecting Intellectual Property When It Needs to Be Shared

• The White House Acknowledges the Pressure on Section 702, But Much More Reform is Needed

• Police Arrest Suspect in Crypto Millionaire’s Murder

• White House: Losing Section 702 spy powers would be among ‘worst intelligence failures of our time’

• Air-Gapped ICS Systems Targeted by Sophisticated Malware

• SEC demands four-day disclosure limit for cybersecurity breaches

• July 2023 Web Server Survey

• CISA details backdoor malware used in Barracuda ESG attacks

• Essential Types of Metrics to Boost Support for Your Cybersecurity Learning Program – Part 2

• Hikvision, Nvidia named in contract for ‘Uyghur detection’

• Reddit Taps Fredrick ‘Flee’ Lee for CISO Job

• Apple Lists APIs That Developers Can Only Use for Good Reason

• SpyNote Android Spyware Strikes Financial Institutions

• Abyss Locker Ransomware Looks to Drown VMware’s ESXi Servers

• Call of Duty Self-Spreading Worm Takes Aim at Player Lobbies

• Fleek Network Releases New Whitepaper for Decentralized Edge Platform

• APT31 Implants Target Industrial Organizations

• Israeli Oil Refinery Giant BAZAN Hit by Fresh Wave of Cyber Attacks

• 5 Essential Tips For Data Security On The Cloud

• Worldcoin Crypto Project Already Under Radar in Europe

• Kenya’s eCitizen Service Faces Downtime: Analyzing the Cyber-Attack

• Critical Cybercrime Hub’s Hacked Data Emerges for Sale on Underground Markets

• The Power of Automation in DevOps: Streamlining Software Development and Delivery

• Lenovo’s latest heavy on flash, security for enterprise storage

• Biden Announces National Cyber Workforce and Education Strategy

• RAM dump: Understanding its ­­­importance and the process

• Singapore government sees rise in security incidents amid increased data sharing

• UK Military Embraces Security by Design

• Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

• Oracle unveils Cloud Native SCCA Landing Zone framework for the U.S. Department of Defense

• Dell introduces new offerings to accelerate secure generative AI initiatives

• How to make sure the reputation of your products and company is good

• U.S. Senator Blasts Microsoft for Chinese Hack Seeks Federal Action

• Ongoing STARK#MULE Attack Campaign Discovered

• Call of Duty worm malware used to hack players exploits years-old bug

• Was Pro-Russian Group Behind Kenya Cyber-Attack?

• Instead Of Warrants, The NSA Would Like To Keep Buying Your Data

• Unpatched Apache Tomcat Servers Spread Mirai Botnet Malware

• Second Ivanti EPMM Zero-Day Vulnerability Exploited In Targeted Attacks

• What Is an Exploit? Definition, Types, and Prevention Measures

• BAZAN Group, Israel’s Largest Oil Refinery, Had Its Website Hit by a DDoS Attack

• How to Migrate from a compromised Hosted Microsoft Exchange Service to Microsoft 365?

• New Android Malware Uses Optical Character Recognition to Steal Login Credentials

• Key Developer Concepts and Tools in Software Supply Chain Security

• How to Structure a Platform Team – An Illustrative Model

• Israeli Oil Refinery Taken Offline by Pro-Iranian Attackers

• Spend to save: The CFO’s guide to cybersecurity investment

• Best Practices for Enterprise Private 5G Security

• New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

• Threat intelligence startup Cyble lands $24M investment

• Efficiency Unleashed: The Benefits of Intranet Software Solutions

• Experts link AVRecon bot to the malware proxy service SocksEscort

• Pentagon Looks Into ‘Critical Compromise’ of Air Force and FBI Contacts

• Summer Documentary Watch Party: 8 Sizzling Cybersecurity Tales

• Webinar: Riding the vCISO Wave: How to Provide vCISO Services

• Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

• Multiple Chinese Hacker Outfits are Targeting Organisations Worldwide

• FakeTrade Android Malware Attack Steals Crypto Wallet Data

• Data Encryption Policy

• Locky Ransomware 101: Everything You Need to Know

• What Is an Exploit? Definition, Types and Prevention Measures

• Hikvision and Nvidia named in contract for Uyghur detection

• Peloton Treadmill Vulnerabilities Risk Users Data

• SEC Mandates Cyber Attack Disclosure Within Four Days: A Major Shift in Cybersecurity Transparency

• Security professionals unaware of NCSC Cyber Essentials framework – Lookout

• Why Inadequate Investment in Cybersecurity is a False Economy

• The Power of AI In Today’s Rapidly Evolving Financial Crime Landscape

• How to enable two-factor authentication on your Opera account

• Strengthening security in a multi-SaaS cloud environment

• Automatically Finding Prompt Injection Attacks

• Apple Strengthens App Store API Regulations To Curb User Fingerprinting

• New SEC Rules Require U.S. Companies To Reveal Cyber Attacks Within 4 Days

• Apple iOS, Google Android Patch Zero-Days in July Security Updates

• Salt Security Appoints Ori Bach as Executive Vice President of Product

• New persistent backdoor used in attacks on Barracuda ESG appliances

• Web browsing is the primary entry vector for ransomware infections

• Ministry of Defence Investigates Emails Sent To Russian Ally

• Tech Investors Flee China As Political Tensions Worsen

• Musk Says X Users Reach ‘New High’

• US Lawmakers Call For Stricter AI Chip Export Controls

• EU Launches Probe Into Spanish Ride-Hailing Restrictions

• CISA Analyzes Malware Used in Barracuda ESG Attacks

• Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

• Global Lawyers Unveil Cyber Best Practices for Execs

• Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT

• AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service

• DNS Security in Healthcare: The Gem in Your Cybersecurity Arsenal

• Think Tank: Insurers Not Fuelling Ransomware Market

• Three flaws in Ninja Forms plugin for WordPress impact 900K sites

• Ivanti Warns Of Another EPMM Zero-Day Flaw Under Attack

• Server Inventory Checklist

• How the best CISOs leverage people and technology to become superstars

• What would sustainable security even look like?

• CISA: New Submarine Backdoor Used in Barracuda Campaign

• Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

• NIS-2: EU Directive Takes a Massive Step towards Increased Security

• Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489

• Software developers, how secure is your software?

• Cyber-Attacks Disrupt Kenyan Government Systems

• Silicon UK In Focus Podcast: The State of MedTech

• Healthcare Innovation: A Safe and Secure Approach

• Captcha security to end for Google and Apple users

• Curbing Mobile Malware with Zero Trust: Enhancing Mobile Security

• AI reduces data breach lifecycles and costs

• The race against time in ransomware attacks

• Open-source security challenges and complexities

• Relying on CVSS alone is risky for vulnerability management

• Data privacy vault: Securing sensitive data while navigating regulatory demands

• US senator victim-blames Microsoft for Chinese hack

• Instead of obtaining a warrant, the NSA would like to keep buying your data

• Officials bust illegal lab containing 20 infectious agents, hundreds of lab mice

• Devs aren’t allowed to let Apple’s Vision Pro dev kits out of their sight

• Most of the 100 million people who signed up for Threads stopped using it

• Thailand warns of escalating cybercrime

• IT Security News Weekly Summary – Week 30

• IT Security News Daily Summary 2023-07-30

• Unleashing FreedomGPT on Windows

• How CISOs can engage the C-suite and Board to manage and address cyber risk

• In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues

• Google’s Earthquake Alert System Failed to Notify Residents of Turkish Earthquake

• Here’s How to Safeguard Your Credit Card Info

• Tech Meets Healthcare: GoodRx’s Rewarding ‘Medicine Cabinet’ Promotes Medication Adherence

• Police Van Equipped with AI Can Detect if Drivers are Using Mobile Phones

• New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild

• Security Affairs newsletter Round 430 by Pierluigi Paganini – International edition

• Hackers Infect Call of Duty Players with Self-Spreading Malware

• Week in review: Ivanti zero-day exploited, MikroTik vulnerability could compromise 900,000 routers

• Cyber Security Management System (CSMS) for the Automotive Industry

• Building a Network Security Strategy: Complete Checklist To Protect Your Network

Generated on 2023-07-31 23:55:23.813842