IT Security News Daily Summary 2023-08-29

• PurFoods Mom’s Meals Reports Data Breach Exposing Social Security Numbers of Over 1.2 Million Consumers

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• Check Point Shares Analysis of Qakbot Malware Group

• Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized

• Meta Cripples China’s Massive ‘Spamouflage’ Influence Op

• MOVEit Was a SQL Injection Accident Waiting to Happen

• Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines

• Qakbot – the takedown and the remediation

• UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• Apple security boss faces iPads-for-gun-permits bribery charge… again

• Microsoft Teams attack exposes collab platform security gaps

• FBI-led Operation Duck Hunt shoots down Qakbot

• Authorities take down Qakbot infrastructure, issue commands to delete the malware

• When kids fly the nest, secure your digital nest eggs

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• VMware Patches Major Security Flaws in Network Monitoring Product

• ISPs Should Not Police Online Speech—No Matter How Awful It Is.

• The Other Russian War – What Can We Do?

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• Quantum threats loom in Gartner’s 2023 Hype Cycle for data security

• DEF CON Generative AI Hacking Challenge Explored Cutting Edge of Security Vulnerabilities

• Cisco VPNs under attack via Akira, LockBit ransomware

• IT audit (information technology audit)

• The Most Devastating Data Breaches of the Decade

• Microsoft: Chinese APT Flax Typhoon uses legit tools for cyber espionage

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• U.S. Hacks QakBot, Quietly Removes Botnet Infections

• Somalia Orders ISPs to Block Telegram and TikTok

• South African Department of Defence Denies Stolen Data Claims

• Qakbot botnet disrupted, malware removed from 700,000+ victim computers

• Bridging AI and Ethics: Comprehensive Solutions in Healthcare Implementation

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• Rackspace Faces Massive Cleanup Costs After Ransomware Attack

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• Google Applies Generative AI Tools to Cloud Security

• OpenAI Turns to Security to Sell ChatGPT Enterprise

• New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia

• Mom’s Meals issues “Notice of Data Event”: What to know and what to do

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• FBI operation tricked thousands of computers infected by Qakbot into uninstalling the malware

• In an Attack on WebDetective’s Servers, Hackers Deleted Victim Data

• Check Point Software: XDR Leader in Frost Radar™ 2023 Report

• Addressing Cybersecurity’s Talent Shortage & Its Impact on CISOs

• Android Goes All-in on Fuzzing

• Is Cybersecurity as a Service (CSaaS) the answer: Move faster | Do more

• New MMRat Android Trojan Uses Fake App Stores for Bank Fraud

• Role of C# in Building Dynamic and Secure Web Applications

• Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits

• Okta for Global 2000 gives CEOs flexibility to centralize or decentralize their business strategy

• Tanium Vulnerability Risk and Compliance for ServiceNow accelerates security investigations

• Descope unveils third-party connectors for no-code app journey personalization

• Mom’s Meals Warns of Major Data Breach Affecting Over 1.2 Million Individuals

• Worldcoin: Ldcoin’s Token Value Falls by More Than 50% as Privacy Concerns Grow

• critical infrastructure

• LockBit 3.0 Ransomware Variants Surge Post Builder Leak

• More UK Cops’ Names And Photos Exposed In Supplier Breach

• Meta Fights Sprawling Chinese Spamouflage Operation

• Cybersecurity Experts Say The West Has Failed To Learn Lessons From Ukraine

• Google Tests Watermark To Identify AI Images

• US Spy Satellite Agency Isn’t So Silent About New Silent Barker Mission

• Criminals hack radio commands to stop Poland Trains

• How to turn on Private DNS Mode on Android (and why you should)

• New Ransomware Campaign Targets Citrix NetScaler Flaw

• Nordic Users Targeted by National Danish Police Phishing Attack

• How to Manage XDR Alerts with Heimdal

• What’s new in Gartner’s Hype Cycle for data security in 2023

• Kroll’s Crypto Breach Highlights SIM-Swapping Risk

• DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates

• Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom

• Mom’s Meals says data breach affects 1.2 million customers

• Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months

• Police Federation: Metropolitan IT System Breach Could Have Serious Consequences

• Chinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day Attack

• UN Warns Hundreds of Thousands in Southeast Asia Roped Into Online Scams

• Did Microsoft Just Upend the Enterprise Browser Market?

• The Reality of Cyberinsurance in 2023

• Report Reveals Growing Disparity in Cyber Insurance Landscape

• The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements

• SAP and Google Cloud join forces to provide customers with generative AI capabilities

• Fortinet enhances its SASE solution to help organizations prevent data leaks

• LogRhythm and Cimcor collaborate to enhance cyberattack protection for organizations

• Quid Pro Quo Attacks: Cyber Threat to Watch Out For

• Barracuda email gateways in US, Canadian government departments hit: Report

• Mom’s Meals Breached: Over 1.2 Million Consumers Data Exposed

• Here’s What Your Breach Response Plan Might Be Missing

• Can a private internet co-exist with the internet we know?

• Cyberattacks Targeting Government Agencies on the Rise

• Meta Fights Sprawling Chinese ‘Spamouflage’ Operation

• Black Hat USA 2023 NOC: Network Assurance

• Google debuts Duet AI to tackle new cybersecurity challenges in the cloud

• Personal, Health Information of 1.2 Million Stolen in PurFoods Ransomware Attack

• The Weird, Big-Money World of Cybercrime Writing Contests

• Swissbit introduces D1200 data center SSD

• Ransomware group exploits Citrix NetScaler systems for initial access

• Ciphertex strengthens data security with SecureNAS CX-160KSSD-X

• Meta says it has disrupted a massive disinformation campaign linked to Chinese law enforcement

• Security Team Huddle: Using the Full NIST Cybersecurity Framework for the Win

• Survey Provides Takeaways for Security Pros to Operationalize their Remediation Life Cycle

• Google is bringing generative AI to its security tooling

• More UK cops’ names and photos exposed in supplier breach

• Identity Theft from 1965 Uncovered through Face Recognition

• Easy-to-exploit Skype vulnerability reveals users’ IP address

• Cisco partners with Nutanix to accelerate hybrid multicloud deployments

• Intel Says Upcoming Data Centre Chip More Than Doubles Efficiency

• Judge Looks To Decertify Google Play Class-Action Lawsuit

• Microsoft Power Platform API Threatened Due To Reply URL Flaw

• How To Hide Browsing History – Complete Guide

• Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platforms

• Citrix NetScaler Alert: Ransomware Hackers Exploiting Critical Vulnerability

• FIN8-linked actor targets Citrix NetScaler systems

• Start-Up Xpeng Buys Didi Global’s Electric Car Unit

• BYD Reports 200 Percent EV Profit Jump Amidst Tesla Price War

• Four in Five Cyber-Attacks Powered by Just Three Malware Loaders

• Which Is Better For File Security: Cloud Or NAS Backup?

• How to Implement an XDR Software?

• Two Men Arrested Following Poland’s Railway System Signals Hack

• OpenAI Launches ChatGPT For Large Businesses

• EV Start-Up VinFast Becomes Third Most Valuable Automaker

• Silicon UK In Focus Podcast: Your Virtual Strategy

• WHICH IS BETTER FOR FILE SECURITY: CLOUD OR NAS BACKUP?

• Need to improve the detection capabilities in your security products?

• Hong Kong-Licensed Crypto Exchange Accepts Retail Investors

• Microsoft Edge Privilege Escalation Flaw – Update Now!

• Japan’s JPCERT warns of new ‘MalDoc in PDF’ attack technique

• Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

• How Do Microsoft Azure and Amazon AWS Differ From One Another?

• Rackspace spends $10m in ransomware cleanup costs

• 11 search engines for cybersecurity research you can use right now

• Is the cybersecurity community’s obsession with compliance counter-productive?

• What makes a good ASM solution stand out

• ProxyNation: The dark nexus between proxy apps and malware

• IT leaders alarmed by generative AI’s SaaS security implications

• 4 Popular Cybersecurity Myths vs. Facts

• How to Protect Your CI/CD Pipeline

• Book Review: Effective Threat Investigation for SOC Analysts

• 5 Effective Web Design Strategies to Increase Your ROI

• A week in security (August 21 – August 27)

• 2.6 million DuoLingo users have scraped data released

• Google strengthens its Workplace suite protection

• Antivirus Software: The Best Deals, Coupons and Discounts

• Poland Arrests 2 Suspected Hackers for Train Disruption

• OpenAI Debuts ChatGPT Enterprise, Touting Better Privacy for Business

• Apple, Long a Critic of Right to Repair, Comes Out in Support of California Bill

• Health, payment info for 1.2M people feared stolen from Purfoods in IT attack

• IT Security News Daily Summary 2023-08-28

• OpenAI Debuts ChatGPT Enterprise, touting better privacy for business

• BreachLock Intelligence Report Reveals Critical Insights From Thousands of Penetration Tests

• Honeywell to Acquire SCADAfence, Strengthening Its Cybersecurity Software Portfolio

• Motherboard Mishaps Undermine Trust, Security

• Attackers can discover IP address by sending a link over the Skype mobile app

• Cybercriminals Harness Leaked LockBit Builder in Wave of New Attacks

• Imperva Clinches 2023 SC Media Trust Award for Best Database Security Solution: A Back-to-Back Victory

• Navigating the Challenges of Selective Data Extraction and Migration in Company Acquisitions

• 10 Keys To Securing Software Release and Delivery

• 8 Best Identity and Access Management (IAM) Solutions for 2023

• Vulnerability Summary for the Week of August 21, 2023

• Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

• Cyber Centre again warns Canadian firms not to ignore cybercrime

• Researchers published PoC exploit code for Juniper SRX firewall flaws

• AI-Powered SOC Automation: A New Era in Security Operations

• ISACA

• Financial Firms Breached in MOVEit Cyberattacks Now Face Lawsuits

• Publisher’s Spotlight: ZeroFox: Protecting You Beyond Your Perimeter

• API Breaches Are Rising: To Secure the Future, We Need to Learn from the Past

• Reducing the Productivity Tax in Open Source Software Security – A Deep Dive with Varun Badhwar of Endor Labs

• Met Police Investigates Alleged Data Breach of Officer Information

• What is Software Asset Management? And why you should care

• Shadow APIs and Zombie APIs are Common in Every Organizations’ Growing API Attack Surface

• School District Sues Facebook For Allegedly Harming Children’s Mental Health

• London Police Warned to Stay Vigilant Amid Major Data Breach

• 3 ransomware detection techniques to catch an attack

• Should companies make ransomware payments?

• Enterprise dark web monitoring: Why it’s worth the investment

• Honeywell’s acquisition of cybersecurity provider sets sights on manufacturing sector’s deep IoT vulnerabilities

• Acquisition Chatter Swirls Around SentinelOne, BlackBerry

• 5 Ways to Prepare for Google’s 90-Day TLS Certificate Expiration

• Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege

• Biden’s IoT Cybersecurity initiative

• San Antonio’s Top Five Cybersecurity Companies To Know

• Malware loader lowdown: The big 3 responsible for 80% of attacks so far this year

• How can Small Businesses Protect Themselves From Cyber Threats?

• Smoke Loader Uses New Whiffy Recon Malware To Triangulate Device Locations

• Understanding the E-Commerce Marketplaces in Europe

• Navigating London’s Free Electric Car Charging Points

• Lockbit 3.0 Builder Leaked: Anyone Can Blend Ransomware

• Hackers Embed Weaponized Word File into a PDF to Evade Detection

• Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

• NightOwl App is Targeting Older Macs to Siphon User Data

• How to make sure the reputation of your products and company is good

• Cyber Attack blame to UK Airspace Chaos

• Authentication Outage Underscores Why ‘Fail Safe’ Is Key

• Global Privacy Agencies Urge Social Media to Protect User Data from Scraping

• Scarab Ransomware Toolkit: Unveiling the Ingenious Weaponry

• Cryptocurrency Giants FTX, BlockFi, and Genesis Hit by Kroll Hack

• Reply URL Flaw Allowed Unauthorized MS Power Platform API Access

• Advanced analytics can help detect insider threats rapidly

• Signs of Malware Attack Targeting Rust Developers Found on Crates.io

• 10 Million Likely Impacted by Data Breach at French Unemployment Agency

• LockBit Code Leak Sparks Wave Of RaaS Attacks

• Malware Attack Targeting Rust Developers Found On Crates.io

• Best Practices To Prevent Organizational Data Theft From Employees

• Legal Liability for Insecure Software Might Work, but It’s Dangerous

• Kroll SIM-Swapping Attack Causes Data Breach at 3 Top Crypto Firms

• Rhysida ransomware group claims the hack of Prospect Medical

• Virtual Closet Assistant: How Technology Can Guide Your Outfit Decisions

• The Investing Club’s top 10 things to watch in the stock market Monday

• Hackers Exploited WinRAR Zero-Day To Target Traders

• Jupiter X Core Plugin Flaws Threatened 172K Websites With Account Hijacking

• Leaseweb Hosting Provider Admits Security Breach Following Downtime

• Two Men Arrested Following Poland Railway Hacking

• 3 Malware Loaders Detected in 80% of Attacks: Security Firm

• Kroll SIM-swap attack: FTX, BlockFi and Genesis clients’ info exposed

• August 2023 Web Server Survey

• Cyberattacks Targeting E-commerce Applications

• UK Air Traffic Control System Collapses, Causing Travel Chaos

• Ohio History Organization Says Personal Information Stolen in Ransomware Attack

• Leaseweb Reports Cloud Disruptions Due to Cyberattack

• Updated Kmsdx botnet targets IoT devices

• Remotely Stopping Polish Trains

• Three Persistent Data Security Challenges Organizations Need To Address Now

• PoC for no-auth RCE on Juniper firewalls released

• Innovative Tools For Online Casino Operators: Boosting Efficiency And User Enjoyment

• Cyber Security Today, August 28, 2023 – SIM card swap led to a Kroll data breach, supplier hack led to a London police data theft, and more

• French Unemployment Agency Announces a Data Breach

• Rise in UK IT degree applicants driven by AI advances

• Ericsson Expects $1bn In IP Revenue After Huawei Deal

• Instacart Reports Revenue Surge Ahead Of IPO

• Hackers Disruptred Poland’s Railway System Signals

• Chinese Chip Equipment Maker Sees Profits Surge

• India ‘Considering’ Tesla Tax Deal To Open Domestic EV Market

• Chinese Tech Firms ‘Shut Down’ Livestream Features Amidst Crackdown

• ECB Official Says Banks Must Be Protected In Digital Euro Launch

• US Treasury Publishes Proposed Crypto Tax Rules

• What is The Network and Information Security 2 Directive (NIS2)?

• How Improved Visibility Helps Achieve Compliance

• 3 Cryptocurrency Firms Suffer Data Breach After Kroll SIM Swapping Attack

• E-learning Across Generations: How Different Age Groups Embrace Online Education?

• Massive MOVEit campaign already impacted at least 1,000 organizations and 60 million individuals

• Software developers, how secure is your software?

• Cisco Nexus 3000 and 9000 Series Switches Flaw Let Attackers Trigger DoS Attack

• Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Research

• Better SaaS Security Goes Beyond Procurement

• Data Breach of London Metropolitan Police turns serious

• Best Practices to safeguard Data Across Hybrid Cloud Environments

• KmsdBot Malware Gets an Upgrade: Now Targets IoT Devices with Enhanced Capabilities

• Experts demand clarity as they struggle with cloud security prioritization

• What true diversity in the cybersecurity industry looks like

• Adapting authentication to a cloud-centric landscape

• Uncovering a privacy-preserving approach to machine learning

• Whiffy malware stinks after tracking location via Wi-FI

• Microsoft publishes mitigation instructions for Downfall vulnerability in Windows

• Customizing LLMs for domain-specific tasks

• The Billion Dollar Problem: Securing Business Communication in the Financial Sector

• The Industrial Control Systems and The Internet of Things

• Taiwanese infosec researchers challenge Microsoft’s China espionage finding

• Poland’s authorities investigate a hacking attack on country’s railways

Generated on 2023-08-29 23:55:19.980824