IT Security News Daily Summary 2023-08-04

• Google’s new settings let you remove your private info from search results. Here’s how

• Friday Squid Blogging: 2023 Squid Oil Global Market Report

• A.I. is a trend that will stick with us for quite some time, says CloudFlare CEO Matthew Prince

• Salesforce Zero-Day Exploited to Phish Facebook Credentials

• Endor Labs Raises $70M to Reform Application Security and Eliminate Developer Productivity Tax

• Cloud Security Market Worth $62.9B by 2028

• Microsoft mitigates Power Platform Custom Code information disclosure vulnerability

• Alarm raised over Mozilla VPN: Wonky authorization check lets users cause havoc

• Infrastructure as Code: Exploring Terraform’s Dominance

• Hawaii’s Gemini North Observatory Suspended After Cyberattack

• Burger King Serves Up Sensitive Data, No Mayo

• The Senate’s AI Future Is Haunted by the Ghost of Privacy Past

• Pixel Binary Transparency: verifiable security for Pixel devices

• 2023-08-03 – Google ad –> TurboTax site –> DanaBot

• Europe’s AI Regulation Against AI Era

• 8 vulnerability management tools to consider in 2023

• Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

• Globally Used Points.com Loyalty System Hacked for Good

• Another major university is supporting generative AI use but with serious guardrails

• 9 common risk management failures and how to avoid them

• “Crocodile of Wall Street” and her husband plead guilty to giant-sized cryptocrimes

• The Impending Privacy Threat of Self-Driving Cars

• This leading cybersecurity stock’s selloff may be another buying opportunity

• Security Alert: Google AMP Used in Evasive Phishing Attacks

• Top 15 Data Security Posture Management (DSPM) platforms for 2023

• What your peers want to know before buying a DLP tool

• Hackers Deliver Magniber Ransomware Disguised as Windows Security Update Package

• A Cyberattack Has Disrupted Hospitals and Health Care in Five States

• Stealthy npm Malware Exposes Developer Data

• Israel cybersecurity agency says no breach after senior official self-infects home PC with malware

• CISA Announces 2024-2026 Strategic Plan

• VMConnect: Python PyPI Threat Imitates Popular Modules

• US House Panel Launches Probe Into China’s US Gov Email Hack

• New Malware can Allow Control of macOS Without Users Noticing

• How to protect mobile phone from malware attacks

• Sophisticated Phishing Exploits Zero-Day Salesforce Vulnerability

• What Is a One-Time Password (OTP)?

• In Other News: Cybersecurity Funding Rebounds, Cloud Threats, BeyondTrust Vulnerability

• Meet Window Snyder, the trailblazer who helped secure the internet and billions of devices

• Meet Cloud Girls 2023 Trailblazer Trisha Paine

• 8 Best Identity and Access Management (IAM) Solutions for 2023

• The Top 10 Countries Being Bombarded By Data Breaches

• Five Eyes Agencies Call Attention To Most Frequently Exploited Vulns

• Wannabe Rapper Guilty Of $4.5bn Bitcoin Laundering

• Threat Actors Abuse Cloudflare Tunnel For Persistence

• Hacktivism Is Back Because It Never Went Away

• Digital skills gap is challenging the cyber security of UK businesses

• Top 12 vulnerabilities routinely exploited in 2022

• Datadog Security Inbox brings various security insights together into one actionable list

• Why Cybersecurity Provision is Critical for Businesses, Large and Small

• Hidden Camera Invasion Alert: Holiday Rentals Discovered with a Disturbing Surge

• FBI Alerts: Hackers Exploit AI for Advanced Attacks

• Why cybersecurity vendors are selling tech stack consolidation with Zero Trust Edge

• Microsoft Criticized Over Handling of Critical Power Platform Vulnerability

• Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft

• Teach a Man to Phish and He’s Set for Life

• How to Talk So Your CISO Will Listen

• Health data of 1.7 million Oregon residents accessed by MOVEit hackers

• How To Deal With the Vagueness in New Cyber Regulations

• Malicious packages in the NPM designed for highly-targeted attacks

• Lawsuit By Tesla Owners Allege False Range Claims

• Google, Microsoft Take Refuge in Rust Language’s Better Security

• NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack

• Kinetic MDR protects business data from cyber threats

• Cobalt Iron Compass Migrator automates data migration from legacy backup environments

• New York Couple Plead Guilty to Bitcoin Laundering

• Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking

• Kenya Halts Worldcoin Data Collection, Citing Privacy

• Researchers Jailbreak Tesla Vehicles, Gain Control Over Paid Features

• Webinar – Making PAM Great Again: Solving the Top 5 Identity Team PAM Challenges

• Deepfence ThreatStryker offers runtime protection and inline threat neutralization

• 5 Easy Steps to Make Customer Reviews Your Most Potent Marketing Arsenal

• Turnkey cars: A one-stop solution for modern drivers

• Ensuring Accountability: The Importance of Audit Assurance Services

• CISA Advisory of Top 42 Frequently Exploited Flaws of 2022

• Attackers use dynamic code loading to bypass Google Play store’s malware detections

• Apple Shares Fall, Amid Weak iPhone Sales

• Cloud Security in Hybrid and Multi-Cloud

• Microsoft Warns of Growing Cyber-Threats to Sporting Events

• Malicious npm Packages Found Exfiltrating Sensitive Data from Developers

• August 2023 Patch Tuesday forecast: Software security improvements

• Datadog Intelligent Test Runner helps organizations allocate their cloud expenses

• Google makes removal of personal user info from Search easier

• Schools: Prime Targets for Hackers Amid Poor Cybersecurity and Ransom Payments

• Ransomware attacks cost manufacturing sector $46 billion in downtime since 2018, report claims

• Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed

• Economic uncertainty leaves over 1 mil UK SMEs at brink of collapse

• Microsoft Teams Users Targeted by Russian Threat Group

• Patch Against Exploit Kits. Understanding How Threat Actors Target Your Defenses

• Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities

• Credentials Account For Over Half of Cloud Compromises

• Crowdsourced AI += NICS Lab

• What is Business Email Compromise (BEC) Attacks? – Prevention Guide

• Legacy Flaws Dominate Top 12 Vulnerabilities List

• Essential Tips for Small Businesses: Choosing the Right Workers’ Comp Insurance

• HEAT Attacks Vs Apts – What Is the Difference?

• UK Government: Cyber-Attacks Could Kill or Maim Thousands

• 8 Best CrowdStrike Competitors & Alternatives in 2023 [Features, Pricing & Reviews]

• Locking Out Cybercriminals: Here’s How to Prevent Ransomware Attacks

• How a Residential Proxy Service Can Benefit Your Business

• Harnessing the Power of Cloud Computing: A Comprehensive Guide for Business Owners

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Silicon UK In Focus Podcast: Telemedicine

• Major Cybersecurity Agencies Collaborate to Unveil 2022’s Most Exploited Vulnerabilities

• CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022

• Silicon UK Pulse: Your Tech News Update: Episode 13

• Hacker Group of 1980s is Back with Secure Coding Framework for Developers

• Citrix servers hacked because of a vulnerability

• Key Concepts in Cloud Security for Beginners

• Mysterious Team Bangladesh Hackers Launched 750 DDoS Attacks and Hacked 78 Website

• The direct impact of cyberattacks on patient safety and care delivery

• New infosec products of the week: August 4, 2023

• Multi-modal data protection with AI’s help

• How to improve employee phishing awareness

• VPNs remain a risky gamble for remote access

• Break IT/OT Silos by Expanding SOC Responsibilities

• Red Hat Insights Compliance: Introducing new customization options for policies

• IaaS networking services revenue to hit $19.4 billion in 2023

• Couple admit they laundered $4B in stolen Bitcoins after Bitfinex super-heist

• Global ransomware attacks at an all-time high, shows latest 2023 State of Ransomware report

• Hey, are you REALLY ready to go on vacation? (No, you aren’t)

• How to protect your child’s identity

• FAQ: How does Malwarebytes ransomware rollback work?

• Film companies lose battle to unmask Reddit users

• CISA Calls Urgent Attention to UEFI Attack Surfaces

• Cyber Signals: Sporting events and venues draw cyberthreats at increasing rates

• Celebrating Ten Years of Encrypting the Web with Let’s Encrypt

• IT Security News Daily Summary 2023-08-03

• New AI Threats Emerge as FraudGPT Creator Unleashes DarkBERT and DarkBART

• Russia’s Cozy Bear is back and hitting Microsoft Teams to phish top targets

• SOC 2 (System and Organization Controls 2)

• Risk & Repeat: Microsoft takes heat over Storm-0588 attacks

• MoveIt Transfer attacks dominate July ransomware disclosures

• Qualys Announces First-Party Software Risk Management Solution

• Tromzo secures $8M to lead the charge in AI-powered application security posture management

• SolarWinds Next-Generation Build System Aligns with NIST SSDF

• Cybersecurity: How Can Companies Benefit From FBI and Homeland Security Collaboration?

• Could C2PA Cryptography be the Key to Fighting AI-Driven Misinformation?

• Center for Cyber Safety and Education Awards $174K in Cybersecurity Scholarships

• Vulcan Cyber Attack Path Graph Targets Cloud-Scale Risk Prioritization and Mitigation

• Mission Secure, Idaho National Laboratory Announce Partnership to Protect Critical Infrastructure

• Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

• Tromzo secures $8M to lead the charge in AI-powered cloud security solutions

• Risk appetite vs. risk tolerance: How are they different?

• Free Airline Miles, Hotel Points, and User Data Put at Risk by Flaws in Points Platform

• Old-school hacktivism is back because it never went away

• Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub

• Datadog launches AI helper Bits and new model monitoring solution

• S3 Ep146: Tell us about that breach! (If you want to.)

• China To Limit Time Kids Use Smartphones

• Operation Narsil INTERPOL Busts Decade-Old Child Abuse Network

• TPG Acquires Forcepoint Government & CI (G2CI) Business for $2.45B

• Insider Threat Protection And Modern DLP

• Arc Browser Review (2023): Pricing, Features, Alternatives and More

• Companies Should Implement ROI-Driven Cybersecurity Budgets, Expert Says

• Hacktivist Group ‘Mysterious Team Bangladesh’ Goes on DDoS Rampage

• Microsoft Bug Bounty Program Year in Review: $13.8M in Rewards

• Cisco announces general availability of XDR platform

• World Cup Glory Looms, and So Do Cyber Threats, Microsoft Warns

• Cult of the Dead Cow Hacktivists Give Life to ‘Privacy-First’ App Framework

• Openreach Saves £10m, Extends FTTP Rollout Via ‘Subtended Headends’

• Data breaches grow nearly three times, with US accounts most compromised

• 670 ICS Vulnerabilities Disclosed by CISA in First Half of 2023: Analysis

• Jericho Security Raises $3 Million for Awareness Training Powered by Generative AI

• How to Prevent Cross-Site Scripting (XSS) Attacks

• Exclusive: CISA Sounds the Alarm on UEFI Security

• As Artificial Intelligence Accelerates, Cybercrime Innovates

• Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners

• Data Leak from Far-Right Forum Poast Reveals Daycare Owner with Nazi Avatar

• What Is Global Privacy Control (GPC), and how can it help you protect your data?

• Protecting energy infrastructure from cyberattacks

• Researchers Leverage ChatGPT to Expose Notorious macOS Malware

• Hacktivist Collective “Mysterious Team Bangladesh” Revealed

• Security Concerns Escalate as Unsafe VPNs Pose Major Threat to Businesses

• Hackers using Flipper Zero to Cyber Attack Power Grids

• Ebooks are cheap, but you might pay in other ways

• Jericho Security uses AI to fight AI in new frontier of cybersecurity

• Cisco Talos Discusses Flaws in SOHO Routers Post-VPNFilter

• Russia’s ‘Midnight Blizzard’ Hackers Launch Flurry of Microsoft Teams Attacks

• Report: Possible Chinese Malware in US Systems a ‘Ticking Time Bomb’

• ‘Room-Temperature Superconductor Claim Triggers Investigation

• CISA Guide to Network and System Administrators to Harden Cisco Firewalls

• Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks

• Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack

• New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3

• RFP Template for Browser Security

• Top 3 CISO concerns for 2023

• Qualys unveils first-party software risk management solution

• Contrast Security helps organizations identify susceptible data flows to their LLMs

• Empowering the User: An Interview with Guy Guzner on SAVVY’s User-Centric Security Solution

• HackerOne Lays off 12% of Its Employees as a One-Time Event

• DevSecOps: Enhancing Security With Vulnerability Scanning of Images and Source Code in CI/CD

• Decommissioned Medical Infusion Pumps Expose Wi-Fi Configuration Data

• These Are the Top Five Cloud Security Risks, Qualys Says

• Dozens of RCE Vulnerabilities Impact Milesight Industrial Router

• Germany Admits Investigating Worldcoin’s Eye-Scanning Orb

• AI Experts Unearth Infinite ways to Bypass Bard and ChatGPT’s Safety Measures

• Virtual Data Rooms: The Key to Successful IPO Preparation and Investor Relations

• Microsoft Identifies Russia-Based Hackers For Teams Phishing Attacks

• All CISOs should know this about cloud network security

• Facebook Caves And Will Now Seek User Consent Before Collecting Data

• Piles of Unpatched IoT, OT Devices Attract ICS Cyberattacks

• Dasera Mesa Verde protects sensitive information across diverse data environments

• CISO Global enhances Argo platform to improve real-time security decision making

• Unprecedented Data Breach: Millions Impacted by Personal Information Theft via Website Error

• Was the digital transformation worth it, security-wise?

• LogRhythm vs Splunk (2023): SIEM tool comparison

• How to Create an Effective GRC Program: 3 Phases

• Researchers jailbreak a Tesla to get free in-car feature upgrades

• Endor Labs, which helps companies secure their open source packages, raises $70M

• The Technology Behind Fair Gambling: Ensuring Transparency and Integrity

• Penetration Testing: A Comprehensive Guide

• A Penetration Testing Buyer’s Guide for IT Security Teams

• Russia-backed hackers used Microsoft Teams to breach government agencies

• Orange and Palo Alto Networks Deliver Cloud-Native Managed SASE

• Cult Of The Dead Cow Is Trying To Release A New Encryption Protocol

• Microsoft Says Russian Govt Hackers Behind Teams Phishing Attacks

• Salesforce Email Service Zero-Day Exploited In Phishing Campaign

• MS Comes Under Criticism For Grossly Irresponsible Security

• These Are The Top Five Cloud Security Risks, Qualys Says

• Endor Labs raises $70 million to expand into other areas of code and pipeline security

• Russian APT phished government employees via Microsoft Teams

• Onyxia’s CPM platform enables CISOs to optimize their security programs

• Lineaje BOMbots remediate security issues using generative AI

• Beware of Fake FlipperZero Sites That Promise Free Device Offer

• Cyber-Attacks Targeting Government Agencies Increase 40%

• Midnight Blizzard conducts targeted social engineering over Microsoft Teams

• Menlo Leverages Advanced Technology to Combat Surging Browser Threats

• OWASP Top 10 for LLM (Large Language Model) applications is out!

• X Sued By AFP, Twitter Sues Hate Watchdog

• Social Media Marketing with Residential Proxies: Things You Must Know

• Torq Socrates delivers automated contextual alert triaging, incident investigation, and response

• Russian Midnight Blizzard Hackers Hit MS Teams in Precision Attack

• The Role of Continuous Testing in Delivering Quality Digital Experiences

• How Malicious Android Apps Slip Into Disguise

• Humans Unable to Reliably Detect Deepfake Speech

• Fake Android App Enables Hackers to Steal Signal and WhatsApp User Data

• Hackers Abuse AWS SSM Agent to Perform Various Malicious Activities

• Cybersecurity M&A Roundup: 42 Deals Announced in July 2023

• Deloitte and Palo Alto Networks help clients increase operational efficiency with new SSDL offering

• Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

• “Mysterious Team Bangladesh” Targeting India with DDoS Attacks and Data Breaches

• Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events

• Cloud Key Management Solution for Azure, Azure Stack and M365

• Ransomware on manufacturing industry caused $46bn in losses

• Managed Security Service Providers (MSSPs) on the Rise. A Vendor’s View on Current Landscape & Future Trends

• June 2023 Cyber Attacks Statistics

• US Starts Probe Of Alleged China Hack Of Federal Emails

• Salesforce Email Service Zero-Day Exploited in Phishing Campaign

• Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update

• Uncover Your Cybersecurity Blind Spots

• What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot

• Silicon Insights: The State of MarTech: Part 2 Podcast

• Silicon Insights: The State of MarTech: Part 1 Podcast

• Cocaine Smugglers that Posed as PC Sellers Jailed

• Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug

• Brit healthcare body rapped for WhatsApp chat sharing patient data

• Is secure-by-default an achievable reality?

• Hundreds of Citrix Endpoints Compromised With Webshells

• Cool, Aesthetic, Good & Unique Twitter Username – Stand Out in Style

• Ivanti Patches Yet Another Critical Flaw

• Russian APT29 conducts phishing attacks through Microsoft Teams

• Software Supply Chain Startup Endor Labs Scores Massive $70M Series A Round

• Manufacturing Sector Reeling From Financial Costs of Ransomware

• 7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store

• How to Login to GoDaddy Account – 3 Popular Methods

• Prepare for plenty more pain from Ivanti’s MDM flaws, warn cyber agencies

• Do you know what your supply chain is and if it is secure?

• Hackers targeting air-gapped devices in Eastern Europe with new malware

• Ongoing Attacks: Over 600+ Citrix Servers Compromised to Install Web Shells

• Endor Labs raises $70M to ease application security, streamline developer productivity

• Microsoft Exposes Russian Hackers’ Sneaky Phishing Tactics via Microsoft Teams Chats

• 7 Container Security Best Practices For Better Apps

• Google’s AI Red Team: Advancing cybersecurity on the AI frontier

• Cisco Introduces Automated Ransomware Recovery Solution for Enhanced Cybersecurity

• White House Announced the National Cybersecurity Strategy Implementation Plan

• Researchers Discover Bypass for Recently Patched Critical Ivanti EPMM Vulnerability

• SCARF cipher sets new standards in protecting sensitive data

• How local governments can combat cybercrime

• Assess multi-cloud security with the open-source CNAPPgoat project

• Ransomware business model-What is it and how to break it?

• Organizations want stronger AI regulation amid growing concerns

• CISOs Leading Cyber Risk Engagement with C-Suite & Board

• Performance and security clash yet again in “Collide+Power” attack

• MagicDuel – 138,443 breached accounts

• Ivanti patches second zero-day vulnerability being used in attacks

• Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability

• CISOs Need Backing to Take Charge of Security

Generated on 2023-08-04 23:55:30.976521