IT Security News Daily Summary 2023-08-15

• What Is Edge Security? Overcoming Edge Computing Risks

• The Industry Discussion About Standards For Bluetooth-Enabled Physical Trackers is Finally Getting Started

• Top 4 information security strategy essentials CIOs need

• 4 Metrics to Enhance your Cybersecurity Skills Development Program

• Discord.io Temporarily Shuts Down Amid Breach Investigation

• A Short Guide to Essential Cybersecurity Learning Metrics

• AI Steals Passwords by Listening to Keystrokes With Scary Accuracy

• Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn

• Monti Ransomware gang launched a new Linux encryptor

• Microsoft Defender for Cloud Gets More Multicloud

• DEF CON Generative AI Hacking Challenge Explored Cutting Edge of Security Vulnerabilities

• Bolstering Africa’s Cybersecurity

• Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking

• The evolution of the workplace

• 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

• MongoDB Queryable Encryption enables organizations to meet data-privacy requirements

• Why is API security the next big thing in Cybersecurity?

• Mind the (Interpretation) gap: Another reason why threat modeling is important

• Authentication vs. Authorization: What’s the Difference?

• Discord.io Halts All Operations After Massive Data Breach

• Microsoft Cloud Security Woes Inspire DHS Security Review

• Scaling a Cybersecurity Team through Continuous Learning with OffSec

• YouTube To Remove False Cancer Treatment Claims

• ISO 31000 vs. COSO: Comparing risk management standards

• Global IoT Trust Survey Reveals Security Concerns

• Tesla internet connected cars to be banned in China for Data Security concerns

• New SectopRAT Steals Browser Passwords, 2FA Codes

• Web-based adware’s crafty games and how to sidestep them

• The best VPN trials: Try for free

• New QwixxRAT Trojan Spreads Through Messaging Apps

• QWIXXRAT: A Fresh Windows RAT Emerges in the Threat Landscape

• Avada Theme and Plugin Witnesses Critical Vulnerabilities

• How the fledgling INC ransomware gang struck one victim

• US lawmaker says FBI notified him of email breach linked to Microsoft cloud hack

• Empowering the Cybersecurity Workforce: OffSec and Climb Channel Solutions Join Forces

• Tech Giants Threaten UK Exit Over Privacy Bill Concerns

• New Cyber Threat: North Korean Hackers Exploit npm for Malicious Intent

• Five Reasons Why Network Security Is Paramount

• Tesla Launches Cheaper Model X, Model S EVs

• Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics

• An Apple Malware Flagging Tool Is Trivially Easy To Bypass

• DoubleDrive Attack Turns Microsoft OneDrive Into Ransomware

• Real Estate Markets Scramble Following Attack On MLS

• 1.5 Million Hit By Ransomware Attack At Canadian Dental Service

• More Hardcoded Credentials Than Ever, And Sloppy Coding Is To Blame

• DarkInvader Launches Channel Partner Recruitment Drive

• Carlsberg Group Selects Cato Networks for Massive Global SASE Deployment

• Phishing scams targeting small business on social media are a ‘gold mine’ for criminals

• Threat hunting 101: How to outthink attackers

• Verify You Are Human (So We Can Steal Your Credentials)

• How & Why Cybercriminals Fabricate Data Leaks

• Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign

• New Gigabud Android RAT Bypasses 2FA, Targets Financial Orgs

• CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership

• New survey shows Gen Z and Millennials AI jobs fear – as 61% say it will take much of their role

• Norfolk, Suffolk Police Confirm Data Breach

• ATM Fleet Monitoring Software Flaws Let Attackers Hack ATMs Remotely

• RVAsec 2023: Improving Ourselves, Our Security, and Our Community

• Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Report

• BT lands major network and cyber security deal with NATS

• Accelerating Start-Up Success: Unlocking the Potential of Minimum Viable Product Development Services

• Types Of Service Desks & Their Benefits

• Hackers Using Beta-Testing Apps to Target Victims: FBI Alert

• UK Police Data Breach Exposes Victim Information

• How to backup Microsoft 365 using third-party backup tools

• Ensure data security at the edge

• AI a Top Risk and the Preferred Solution to Financial Crime

• Foxconn Touts ‘Billions’ Of Dollars Investment In India

• You’re not seeing double – yet another UK copshop is confessing to a data leak

• Binance Seeks Protection From US Financial Regulator

• SecureWorks Laying Off 15% of Employees

• 1.5 Million Impacted by Ransomware Attack at Canadian Dental Service

• How X Is Suing Its Way Out of Accountability

• 2023 Business Email Compromise Statistics

• The Use of Natural Language Processing for Identifying and Mitigating Threats

• Gigabud RAT Android Banking Malware Targets Institutions Across Countries

• Tech CEO admits role in tricking Qualcomm into $150M takeover

• Silicon UK In Focus Podcast: AI and MedTech

• Amazon Hardware Boss To Step Down

• PSNI: Leaked Data Will be Used to Target Police Officers

• Over 100,000 Users of Hacking Forums Infected With Malware

• Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

• FBI: Mobile Beta-Testing Apps Are Major Security Risk

• Hacking ATMs by exploiting flaws in ScrutisWeb ATM fleet software

• Discord.io data breach: 760K users affected

• Silicon UK In Focus Podcast: Securing the Virtual

• North Korean Hackers Suspected in New Wave of Malicious npm Packages

• Over 12,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

• Catching the Catphish: Join the Expert Webinar on Combating Credential Phishing

• Manipulated Caiman – 39,901,389 breached accounts

• Need to improve the detection capabilities in your security products?

• QwixxRAT, a new Windows RAT appears in the threat landscape

• Florida Man, associates, indicted for conspiracy to steal data, software

• Maintaining the Optimal Blend for Digital Success

• Tesla reassures Chinese users on data security amid spying concerns

• Hackers Use Weaponized PDFs and Chat Apps for C2 to Evade Detection

• Balancing telecom security, law enforcement, and customer trust

• Ransomware: To pay or not to pay

• Ransomware spreading gangs start Customer Service

• What Is Global Privacy Control (GPC), and how can it help you protect your data?

• How threats to mid-sized businesses impact us all

• Jobzone – 29,708 breached accounts

• Photos: Cybertech Africa 2023

• 6 free artificial intelligence TED Talks you can watch right now

• Report: “Apple Watch X” will redesign the popular wearable for the first time

• An Apple malware-flagging tool is “trivially” easy to bypass

• Sam Bankman-Fried is going to jail

• Chinese spies who read State Dept. email also hacked GOP congressman

• Australian Signals Directorate caught up in KPMG consulting scandal

• How to Build a Simple Application Powered by ChatGPT

• Chinese media teases imminent exposé of seismic US spying scheme

• A week in security (August 7 – August 13)

• A new type of “freedom,” or, tracking children with AirTags, with Heather Kelly: Lock and Code S04E17

• “Grab hold and give it a wiggle” – ATM card skimming is still a thing

• Sextortion suspects on trial after teen victim dies from a self-inflicted gunshot wound

• Discord.io Admits Data Breach: Info of 760K Users Sold Online

• What Is a Service Mesh and Why Is It Needed for Kubernetes?

• At Black Hat, Splunk, AWS, IBM Security and Others Launch Open Source Cybersecurity Framework

• JWT Token Authentication Using the .Net Core 6 Web API

• Beware cool-looking beta crypto-apps. They may be money-stealing fakes

• Ford SYNC 3 infotainment vulnerable to drive-by Wi-Fi hijacking

• IT Security News Daily Summary 2023-08-14

• Phishing Operators Make Ready Use of Abandoned Websites for Bait

• Women in CyberSecurity (WiCyS) Hosting Fifth Annual Virtual Career Fair

• OffSec’s Capture the Flag Tournament (CTF)

• Ford SYNC 3 infotainment systems vulnerable to drive-by Wi-Fi hijacking

• 5 Tips for Securing Data When Using a Personal Mac for Work

• Colorado Health Agency Says 4 Million Impacted by MOVEit Hack

• 5 digital forensics tools experts use in 2023

• Diligere, Equity-Invest Are New Firms of U.K. Con Man

• Weekly Vulnerability Recap – August 14, 2023 – Old or New, Vulnerabilities Need Management

• Vulnerability Summary for the Week of August 7, 2023

• What’s New in the NIST Cybersecurity Framework 2.0

• How FraudGPT presages the future of weaponized AI

• Hacktivists attack Japanese government over Fukushima wastewater release

• Cumbrian Police accidentally publish all officers’ details online

• Fake Chrome Browser Update Installs NetSupport Manager RAT

• Russian-African Security Gathering Exposes Kremlin’s Reduced Influence

• Intel Patched Newly Reported Downfall Attack Affecting Its CPUs

• Multiple Codesys PLC Vulnerabilities Could Risk Numerous Power Plants

• New Statc Stealer Emerges As Potent Windows Malware

• The 6 Pillars of Effective Cloud Security

• How to send password-protected emails in Gmail

• Massive EvilProxy Phishing Attack Campaign Bypasses 2FA, Targets Top-Level Executives

• Ongoing Xurum attacks target Magento 2 e-stores

• Talking Heimdal XDR with Nabil Nistar, Head of Product Marketing

• macOS Ventura Background Task Flaws Can Be Exploited for Malware

• Check Point Wins Gold Stevie International Business Award

• SecureWorks layoffs affect 15% staff

• PayPal Names New CEO Amid Crypto Push

• Facebook Criticized For Misinformation Policy On Threads

• Health Data of 4M Stolen in Cl0p MOVEit Breach of Colorado Department

• Researcher says they were behind iPhone popups at Def Con

• Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach

• Jordan’s King Should Reject the Country’s Draft Cybercrime Law

• Building Cybersecurity into the supply chain is essential as threats mount

• How to Automatically Detect Multiple Cybersecurity Threats from an Input Text String in Java

• Interpol Shuts Down Phishing Service ’16shops’

• Following Pushback, Zoom Says It Won’t Use Customer Data to Train AI Models

• QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord

• Hacktivists Attack Japanese Government Over Fukushima Wastewater Release

• Federal Board Investigating Microsoft Email Hacks By Chinese Group

• Illinois Just Made It Possible To Sue People For Doxxing Attacks

• Iagona ScrutisWeb Vulnerabilities Could Expose ATMs To Remote Hacking

• Verimatrix Introduces New Website Security Integration

• Scotiatrust US customers sideswiped by MOVEit hack

• LastPass improves passwordless logins with FIDO2 authenticator support for desktops

• Apple Watch X To Track Blood Pressure – Report

• Defend Against Phishing with Multi-Factor Authentication

• Security Concerns Surrounding Microsoft OneDrive for Businesses

• MasterClass: Online Learning Platform Accused of Violating Customer Privacy by Sharing Info to Meta

• How to make sure the reputation of your products and company is good

• Amazon offers $20m to bolster cybersecurity of K-12 schools

• Investing in Ethereum Blockchain-based JasmyCoin: Guide

• How to find out if an AirTag is tracking you

• US Cyber Safety Board to Review Cloud Attacks

• Email – The System Running Since 71’

• Alberta Dental Services Security Breach Exposes 1.47M Records

• Here’s Why You Need to Read Privacy Policy Before Giving Consent

• Stellar Cyber and Oracle Cloud Partner for Enhanced Cybersecurity

• Crimeware server used by NetWalker ransomware seized and shut down

• Several Flaws Found in CyberPower and Dataprobe Products

• IDC launches Future of X Scorecards for optimizing tech’s impact on business

• Ensuring Trust in Military Network Automation: Addressing Layer 8 Issues for Improved Operations and Security

• Embedding Privacy-First Behaviors for Future Generations

• A Comprehensive Guide to Securing ESXi Hosts: Safeguarding Virtual Infrastructure

• How to prevent and prepare for a cyber catastrophe

• How to create a ransomware incident response plan

• Top 3 ransomware attack vectors and how to avoid them

• Security Researchers Publish Gigabud Banking Malware Analysis

• Millions of Americans’ health data stolen after MOVEit hackers targeted IBM

• How To Build A Company-Wide Data-Driven Culture

• FTX’s Sam Bankman-Fried Sent To Jail Over Witness Tampering

• 5 Ways CISA Can Help Cyber-Poor Small Businesses & Local Governments

• Action1 platform update bridges the gap between vulnerability discovery and remediation

• Almost all VPNs are vulnerable to traffic-leaking TunnelCrack attacks

• RSA Conference 2023: DevSecOps and the Future of Security

• US Shuts Down Bulletproof Hosting Service LolekHosted, Charges Its Polish Operator

• Power Management Product Flaws Can Expose Data Centers to Damaging Attacks, Spying

• A Huge Scam Targeting Kids With Roblox and Fortnite ‘Offers’ Has Been Hiding in Plain Sight

• Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

• Fake Tripadvisor Emails to Distribute Knight Ransomware

• Data center flaws spurred disruptions, espionage and malware attacks

• Amazon To Penalise Staff Excessively Working From Home

• Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks

• Identity Threat Detection and Response: Rips in Your Identity Fabric

• Major vulnerabilities discovered in data center solutions

• Macs are getting compromised to act as proxy exit nodes

• Cumbrian cops accidentally publish all of its officers’ details online

• South African Power Supplier Hit by DroxiDat Malware

• Enterprise spending on cybersecurity has changed, and vendors must adapt

• Cyber Security Today, August 14, 2023 — A huge insurance company hack, presentations at the Black Hat conference, and more

• Ford Cars WiFi Vulnerability Let Attackers Execute Remote Code

• Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking

• Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles

• New Financial Malware ‘JanelaRAT’ Targets Latin American Users

• Zuckerberg Says Elon Musk ‘Not Serious’ About Cage Fight

• The Five Stages of Vulnerability Management

• Security Immutability: The Importance of Change

• Phishing with hacked sites

• Media Disposal Policy

• Microsoft: Critical CODESYS Flaws Could Shut Down Power Plants

• Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

• Quest Software Update

• San Francisco Grants Self-Driving Taxi Permits For Waymo, Cruise

• Authorities Take Down Lolek Bulletproof Hosting Provider

• The Benefits of Digitalization in the Citizenship by Investment Industry

• Paying The Way: A Comprehensive Guide To Merchant Accounts And Payment Processing

• Monti Ransomware Unleashes a New Encryptor for Linux

• Xiaomi Mi Phones Flags Telegram as Malicious App

• What Is Privileged Access Management (PAM)?

• Software developers, how secure is your software?

• Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

• 3 Mobile or Client-Side Security Myths Debunked

• How to Choose a Managed Detection and Response (MDR) Solution

• How to make your instant messages ‘unhackable’

• Beware of Fake Chrome Browser Updates that Install Malware

• Movies2Watch: Stream Safely and Legally – Explore the Best Alternatives

• Types of Cyber Attacks Every Online User Should Be Aware Of

• Hactivitsts attack Japanese government over Fukushima wastewater release

• India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy First

• How manufacturers can navigate cybersecurity regulations amid NIST 2.0

• Deception technology and breach anticipation strategies

• APTs use of lesser-known TTPs are no less of a headache

• Now electric charging stations are vulnerable to hackers after public USB charging points

• Navigating generative AI risks and regulatory challenges

• Product showcase: Free email security test by ImmuniWeb Community Edition

• Building a secure future without traditional passwords

• US government to investigate China’s Microsoft email breach

• Don’t Expect Quick Fixes in ‘Red-Teaming’ of AI Models. Security Was an Afterthought

• Bugs in transportation app Moovit gave hackers free rides

Generated on 2023-08-15 23:55:12.737143