IT Security News Daily Summary 2023-08-16

• Beyond Identity Launches Passkey Adoption Tool, The Passkey Journey

• Insurance Data Breach Victims File Class-Action Suit Against Law Firm

• 67% of Federal Government Agencies Are Confident in Meeting Zero Trust Executive Order Deadline

• Dig Security State of Cloud Data Security 2023 Report Finds Exposed Sensitive Data in More Than 30% of Cloud Assets

• Protecting Your Business from Email Compromise: Essential Security Measures

• The best travel VPNs of August 2023: Expert tested and reviewed

• Adopt embedded penetration testing to keep IoT devices secure

• How to use dynamic reverse engineering for embedded devices

• Continuous Security Testing Is The Key To Strengthening Your Cybersecurity

• FBI warns about scams that lure you in as a mobile beta-tester

• Study Finds 16 Percent Of All Crime Originated On Facebook-Owned Platforms Last Year

• Metrics to Enhance your Cybersecurity Skills Development Program

• “Auth” Demystified: Authentication vs Authorization

• Mirai Common Attack Methods Remain Consistent, Effective

• A massive phishing campaign using QR codes targets the energy sector

• Double Extortion Ransomware: The New Normal

• AI-Powered Fuzzing: Breaking the Bug Hunting Barrier

• Scammers Exploit Kids with Fake Fortnite and Roblox Offers

• Gartner: Generative AI Will Bring “Transformational Benefit” in the Next 2-5 Years

• Beware of New Hacking Attack Targeting LinkedIn Accounts Worldwide

• Securely Managing, Distributing, and Scaling Secrets Across Multiple Kubernetes Clusters

• New ‘ASTORS’ Bid 1Kosmos Now Available in NayaOne Marketplace

• Election Security: Lawmakers Will Introduce New Machines Against Defcon Hackers

• The Gulf’s Dizzying Tech Ambitions Present Risk & Opportunity

• Foxconn Begins iPhone 15 Production In India

• The best VPN services for iPhone and iPad in August 2023

• Clorox Operations Disrupted By Cyber-Attack

• Clorox Cleans Up IT Security Breach That Soaked Its Biz Ops

• Researchers Find Sensitive Personal Data In Over 30% Of Cloud Assets

• Ivanti Patches Critical Vuln In Avalanche Enterprise MDM Solution

• Bank Of Ireland ATM Glitch Hands Out Free Money

• Google Releases Security Key Implementation Resilient To Quantum Attacks

• Discord.io Acknowledges Data Breach: Hacker Exposes Information of 760K Users

• LinkedIn account hacks increased in the past couple of weeks

• Google Releases Security Key Implementation Resilient to Quantum Attacks

• Mass-Exploitation Campaign Targets Citrix NetScalers With Backdoors

• UK Launches £1 Billion FinTech Fund

• Blueprint for Seamless Software Deployment: Insights by a Tech Expert

• Scammers Exploit Hacked Websites For Phishing

• This $70 device can spoof an Apple device and trick you into sharing your password

• Beyond Identity unveils The Passkey Journey to aid enterprise passkey deployment decisions

• UK Watchdogs Target Cookie Pop-ups, Amid Website Design Clampdown

• How To Install Istio Using Helm Chart

• JWT Token Authentication Using the .NET Core 6 Web API

• Five Tips to Securing Your Organization Through Your People.

• From Samsung to the Pentagon – Recent Stories Remind Us About the Importance of Sensitive Data Guardrails

• From Passwords to Passkeys – A Passing of the Torch

• New Indian Data Protection Framework: Data Usage and Ground Rules

• IBM MOVEit Hack Exposes Data of 4 Million US Citizens

• Preserving Consumer Trust Through Data Privacy

• Monti Ransomware’s Linux Variant Attacks the Financial & Healthcare Industries

• Cost of a data breach 2023: Healthcare industry impacts

• Top 12 risk management skills and why you need them

• Zero Trust Edge — Forrester Names Palo Alto Networks a Leader

• LinkedIn users targeted in account hijacking campaign

• Stellar Cyber and OCI partner to offer expanded cybersecurity capabilities

• Cleaning Products Giant Clorox Takes Systems Offline Following Cyberattack

• Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution

• Boards Don’t Want Security Promises — They Want Action

• Vietnam’s VinFast Car Maker Overtakes GM, Ford After IPO

• Iran and the Rise of Cyber-Enabled Influence Operations

• Applying Data Ontology Concepts to Protect Data

• Bitdefender enhances security for iOS devices with Scam Alert

• SentinelOne Singularity App for Netskope secures remote work from endpoint to cloud

• LinkedIn hack: You need to check your LinkedIn account

• Mandiant Releases Scanner to Identify Compromised NetScaler ADC, Gateway

• QR Code Phishing Campaign Targets Top US Energy Company

• English Police Forces Admit to Data Handling Blunder Affecting Over 1,000 People

• Elon Musk’s X (Twitter) Delays Content Links To Rivals, Critics

• Cyber Security Today, August 16, 2023 – Discord.io database of 760,000 up for sale, LinkedIn under attack and more MOVEit victims

• Chrome 116 Patches 26 Vulnerabilities

• GitHub Paid Out $1.5 Million in Bug Bounties in 2022

• Google Introduces First Quantum Resilient FIDO2 Security Key

• Guide: How Google Workspace-based Organizations can leverage Chrome to improve Security

• Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks

• What’s the State of Credential theft in 2023?

• (Re)check your patched NetScaler ADC and Gateway appliances for signs of compromise

• What’s New in Selenium 4.11.0?

• Getting Started with Cross-Browser Testing on Real Devices

• Research Insight: IT Professionals Reconsidering Career Trajectories Amid Increased Work Pressures

• New study by AMD finds nearly half of organisations are not ready for AI

• Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations

• Cybersecurity Breach Hits Clorox, Several Systems Taken Offline

• Intel Purchase Of Tower Semiconductor Terminated, China Blamed

• A Third of UK University Students Targeted By Fraud

• Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)

• Gigabud RAT Attacking Android Users to Steal Banking Credentials

• Data Classification Policy

• Get Norton 360 Standard on 2 Devices Plus Identity Theft Protection for $24.99

• A Third of UK Uni Students Targeted By Fraud

• Major LinkedIn Account Takeover Campaign Underway

• Q2 Privacy Update: AI Takes Center Stage, plus Six New US State Laws

• The CISO Report – The Culture Club

• Digital Safety Advice is Not Getting Through to Women

• Two unauthenticated stack buffer overflows found in Ivanti Avalanche EMM

• China accuses U.S. intelligence agencies as source behind Wuhan cybersecurity attack

• Why performing security testing on your products and systems is a good idea

• Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign

• How the Microsoft Incident Response team helps customers remediate threats

• How social media scams are draining bank accounts of victims

• Exploring the Essence of Confidential Computing

• How CISOs break down complex security challenges

• Why the “voluntary AI commitments” extracted by the White House are nowhere near enough

• Get the AT&T Cybersecurity Insights Report: Focus on US SLED

• Mac systems turned into proxy exit nodes by AdLoad

• Thales Luna HSMs Secure Digital Transactions of a Prominent Bangladeshi Bank

• Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability

• Cybertech Africa 2023 marks the first gathering for innovation and networking in the region

• Passwordless is more than a buzzword among cybersecurity pros

• SEC cybersecurity rules shape the future of incident management

• Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating

• Hackers could now steal passwords over Zoom by listening to keystrokes using AI

• DARPA Taps Hackers to Fortify Critical Software Against Cyber Threats

• 5 Strategies for Strengthening MQTT Infrastructure Security

• Ford says it’s safe to drive its cars with a WiFi vulnerability

• PCMag ranks Malwarebytes #1 cybersecurity vendor

• Credentials for cybercrime forums found on roughly 120K computers infected with info stealers

• Kaspersky Password Manager Adds 2FA One-Time Password Storage and New Browser Support

• 3 Major Email Security Standards Falling Down on the Job

• edX and Drake State Technical and Community College Launch Free Training Program

• Toward Quantum Resilient Security Keys

• Clorox cleans up IT security breach that soaked its biz ops

• LockBit Ransomware Gang in Decline, May Be Compromised, Report

• Patch Now: OpenNMS Bug Steals Data, Triggers Denial of Service

• OX Security Receives Strategic Investment From IBM Ventures

• IT Security News Daily Summary 2023-08-15

• What Is Edge Security? Overcoming Edge Computing Risks

• The Industry Discussion About Standards For Bluetooth-Enabled Physical Trackers is Finally Getting Started

• Top 4 information security strategy essentials CIOs need

• 4 Metrics to Enhance your Cybersecurity Skills Development Program

• Discord.io Temporarily Shuts Down Amid Breach Investigation

• A Short Guide to Essential Cybersecurity Learning Metrics

• AI Steals Passwords by Listening to Keystrokes With Scary Accuracy

• Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn

• Monti Ransomware gang launched a new Linux encryptor

• Microsoft Defender for Cloud Gets More Multicloud

• DEF CON Generative AI Hacking Challenge Explored Cutting Edge of Security Vulnerabilities

• Bolstering Africa’s Cybersecurity

• Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking

• The evolution of the workplace

• 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

• MongoDB Queryable Encryption enables organizations to meet data-privacy requirements

• Why is API security the next big thing in Cybersecurity?

• Mind the (Interpretation) gap: Another reason why threat modeling is important

• Authentication vs. Authorization: What’s the Difference?

• Discord.io Halts All Operations After Massive Data Breach

• Microsoft Cloud Security Woes Inspire DHS Security Review

• Scaling a Cybersecurity Team through Continuous Learning with OffSec

• YouTube To Remove False Cancer Treatment Claims

• ISO 31000 vs. COSO: Comparing risk management standards

• Global IoT Trust Survey Reveals Security Concerns

• Tesla internet connected cars to be banned in China for Data Security concerns

• New SectopRAT Steals Browser Passwords, 2FA Codes

• Web-based adware’s crafty games and how to sidestep them

• The best VPN trials: Try for free

• New QwixxRAT Trojan Spreads Through Messaging Apps

• QWIXXRAT: A Fresh Windows RAT Emerges in the Threat Landscape

• Avada Theme and Plugin Witnesses Critical Vulnerabilities

• How the fledgling INC ransomware gang struck one victim

• US lawmaker says FBI notified him of email breach linked to Microsoft cloud hack

• Empowering the Cybersecurity Workforce: OffSec and Climb Channel Solutions Join Forces

• Tech Giants Threaten UK Exit Over Privacy Bill Concerns

• New Cyber Threat: North Korean Hackers Exploit npm for Malicious Intent

• Five Reasons Why Network Security Is Paramount

• Tesla Launches Cheaper Model X, Model S EVs

• Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics

• An Apple Malware Flagging Tool Is Trivially Easy To Bypass

• DoubleDrive Attack Turns Microsoft OneDrive Into Ransomware

• Real Estate Markets Scramble Following Attack On MLS

• 1.5 Million Hit By Ransomware Attack At Canadian Dental Service

• More Hardcoded Credentials Than Ever, And Sloppy Coding Is To Blame

• DarkInvader Launches Channel Partner Recruitment Drive

• Carlsberg Group Selects Cato Networks for Massive Global SASE Deployment

• Phishing scams targeting small business on social media are a ‘gold mine’ for criminals

• Threat hunting 101: How to outthink attackers

• Verify You Are Human (So We Can Steal Your Credentials)

• How & Why Cybercriminals Fabricate Data Leaks

• Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign

• New Gigabud Android RAT Bypasses 2FA, Targets Financial Orgs

• CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership

• New survey shows Gen Z and Millennials AI jobs fear – as 61% say it will take much of their role

• Norfolk, Suffolk Police Confirm Data Breach

• ATM Fleet Monitoring Software Flaws Let Attackers Hack ATMs Remotely

• RVAsec 2023: Improving Ourselves, Our Security, and Our Community

• Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Report

• BT lands major network and cyber security deal with NATS

• Accelerating Start-Up Success: Unlocking the Potential of Minimum Viable Product Development Services

• Types Of Service Desks & Their Benefits

• Hackers Using Beta-Testing Apps to Target Victims: FBI Alert

• UK Police Data Breach Exposes Victim Information

• How to backup Microsoft 365 using third-party backup tools

• Ensure data security at the edge

• AI a Top Risk and the Preferred Solution to Financial Crime

• Foxconn Touts ‘Billions’ Of Dollars Investment In India

• You’re not seeing double – yet another UK copshop is confessing to a data leak

• Binance Seeks Protection From US Financial Regulator

• SecureWorks Laying Off 15% of Employees

• 1.5 Million Impacted by Ransomware Attack at Canadian Dental Service

• How X Is Suing Its Way Out of Accountability

• 2023 Business Email Compromise Statistics

• The Use of Natural Language Processing for Identifying and Mitigating Threats

• Gigabud RAT Android Banking Malware Targets Institutions Across Countries

• Tech CEO admits role in tricking Qualcomm into $150M takeover

• Silicon UK In Focus Podcast: AI and MedTech

• Amazon Hardware Boss To Step Down

• PSNI: Leaked Data Will be Used to Target Police Officers

• Over 100,000 Users of Hacking Forums Infected With Malware

• Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

• FBI: Mobile Beta-Testing Apps Are Major Security Risk

• Hacking ATMs by exploiting flaws in ScrutisWeb ATM fleet software

• Discord.io data breach: 760K users affected

• Silicon UK In Focus Podcast: Securing the Virtual

• North Korean Hackers Suspected in New Wave of Malicious npm Packages

• Over 12,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

• Catching the Catphish: Join the Expert Webinar on Combating Credential Phishing

• Manipulated Caiman – 39,901,389 breached accounts

• Need to improve the detection capabilities in your security products?

• QwixxRAT, a new Windows RAT appears in the threat landscape

• Florida Man, associates, indicted for conspiracy to steal data, software

• Maintaining the Optimal Blend for Digital Success

• Tesla reassures Chinese users on data security amid spying concerns

• Hackers Use Weaponized PDFs and Chat Apps for C2 to Evade Detection

• Balancing telecom security, law enforcement, and customer trust

• Ransomware: To pay or not to pay

• Ransomware spreading gangs start Customer Service

• What Is Global Privacy Control (GPC), and how can it help you protect your data?

• How threats to mid-sized businesses impact us all

• Jobzone – 29,708 breached accounts

• Photos: Cybertech Africa 2023

• 6 free artificial intelligence TED Talks you can watch right now

• Report: “Apple Watch X” will redesign the popular wearable for the first time

• An Apple malware-flagging tool is “trivially” easy to bypass

• Sam Bankman-Fried is going to jail

• Chinese spies who read State Dept. email also hacked GOP congressman

• Australian Signals Directorate caught up in KPMG consulting scandal

• How to Build a Simple Application Powered by ChatGPT

• Chinese media teases imminent exposé of seismic US spying scheme

• A week in security (August 7 – August 13)

• A new type of “freedom,” or, tracking children with AirTags, with Heather Kelly: Lock and Code S04E17

• “Grab hold and give it a wiggle” – ATM card skimming is still a thing

Generated on 2023-08-16 23:55:16.162851