IT Security News Daily Summary 2023-08-31

• UN: Southeast Asia Gangs Are Trafficking Cybercrime Workers

• 3 out of 4 Cyberattacks in the Education Sector Are Associated With a Compromised On‑Premises User or Admin Account

• Insurance Costs Rise, Coverage Shrinks, But Policies Remain Essential

• Apple’s Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy

• Cybercriminals Team Up to Upgrade ‘SapphireStealer’ Malware

• Kremlin-backed Sandworm strikes Android devices with data-stealing Infamous Chisel

• UK Agrees to Support Kuwait’s Cybersecurity Center

• Publisher’s Spotlight: Normalyze: Data Security for Everything You Build and Run in The Cloud

• Cisco Patched Multiple NX-OS And FXOS Vulnerabilities

• Paramount Admits Data Breach – Report

• Hackers Launch MiTM Attack to Bypass VMware Tools SAML Authentication

• Apple iPhone 14 Pro Offered Up to the Hacking Masses

• Paramount, Forever 21 Data Breaches Set Stage for Follow-On Attacks

• Forever 21 data breach affects half a million people

• Deploying AI Code: Safety Goggles Needed

• Assessing Generative AI’s Impact on Cyber Risk

• How companies can get a grip on ‘business email compromise’

• Ransomware Gangs are Evolving: Cryptocurrency Flaws Could be Their Next Target

• FBI Leads Takedown Of Qakbot Malware Infecting 700,000 Computers

• 10 best antivirus software for businesses in 2023

• 5 ways CISOs can prepare for generative AI’s security challenges and opportunities

• Leveraging AT&T Cybersecurity Consulting for a robust Zero Trust Center of Excellence

• Hackers Exploit Adobe ColdFusion Vulnerabilities to Deploy Malware

• Do you need an anti-spy camera finder and bug detector? How they work

• LogicMonitor customers hit by hackers, because of default passwords

• Navigating privacy in a data-driven world with Microsoft Priva

• BYOD Security Gap: Survey Finds 49% of European Firms Unprotected

• Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication

• Plug these vulnerabilities in VMware, Cisco products

• New Russian Android malware targets Ukraine’s military devices: Report

• LockBit Ransomware targets a province in Quebec Canada

• Publisher’s Spotlight: Cycode: Secure Code to Cloud – Application Security Posture Management (ASPM) at Scale

• Max Schrems’ Noyb Files Privacy Complaint Against Fitbit

• CockroachDB TIL: Volume 13

• 4 Zoom alternatives with better video conferencing privacy policies

• New Research Exposes Airbnb as Breeding Ground For Cybercrime

• PagerDuty strengthens analytics capabilities and expands generative AI offerings

• AgentSmith HIDS – Host Based Intrusion Detection

• Elon Musk’s X To Offer Audio, Video Calling

• Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks

• Energy Department Offering $9M in Cybersecurity Competition for Small Electric Utilities

• Risk & Repeat: Digging into Microsoft security criticisms

• Cyberattackers Swarm OpenFire Cloud Servers With Takeover Barrage

• The Power of Threat Intelligence in Cyber Defense

• Barracuda Thought It Drove 0-Day Hackers From Customer Networks

• Claroty’s 2023 Global Healthcare Cybersecurity Study Exposes Widespread Vulnerabilities and Impact

• Google Cloud Introduces Duet AI To Revolutionize Cybersecurity Operations

• Alert fatigue: A 911 cyber call center that never sleeps

• SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations

• Malwarebytes lays off 100 employees ahead of business split

• Palo Alto Networks Empowers MSPs with Prisma SASE Enhancements

• FBI Dismantles QakBot Botnet In Largest-Ever Cybercrime Operation

• Rackspace has Spent $11 Million on Ransomware Cleanup So Far

• Emerging Phishing Campaigns Aim FTX Users After Kroll Data Breach

• Boosting Business Efficiency: OpenAI Launches ChatGPT for Enterprises

• Multiple Splunk Enterprise Flaws Let Attackers Execute Arbitrary Code

• Applications and SaaS Plugins: Data Exfiltrations

• A Brief History of ICS-Tailored Attacks

• IBM partners with Salesforce to drive productivity and growth with generative AI

• Weaknesses in Cisco ASA SSL VPNs Exploited Through Brute-Force Attacks

• Apple Preparing iPhone 14 Pro Phones for 2024 Security Research Device Program

• Adversaries Ride RocketMQ Bug to DreamBus Bot Resurgence

• North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository

• Microsoft To Unbundle Teams To Satisfy EU Antitrust Concerns

• Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence

• Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

• Facebook Accounts Targeted by Vietnamese Threat Groups

• Chinese Group Spreads Android Spyware via Trojan Signal, Telegram Apps

• 3 out of 4 cyberattacks in the education sector are associated with a compromised on premises user or admin account

• Cisco VPNs with no MFA enabled hit by ransomware groups

• The Best FPS Games on Android In 2023: Popular by Demand

• Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack

• Harnessing Security by Adopting Zero Trust Architecture

• Numbers Don’t Lie: Exposing the Harsh Truths of Cyberattacks in New Report

• Paramount Global disclosed a data breach

• Google DeepMind Trials Watermarks For AI Images

• MalDoc in PDF Attack: Hackers Hiding Malicious Word Files within PDFs

• Lawsuit Accuses University of Minnesota of Not Doing Enough to Prevent Data Breach

• GRU Blamed for Infamous Chisel Malware Targeting Ukraine’s Military Phones

• Own Your Own Government Surveillance Van

• Google Fixes Serious Security Flaws in Chrome and Android

• Axio and Cyentia Institute join forces to boost data-driven cyber risk quantification for enterprises

• Notorious QakBot Malware Dismantled: $8.6M Seized and 700K Computers Freed

• Heimdal’s MXDR Adapt, an Innovative Adaptive Control for Enhanced Threat Detection and Response

• Zero-Day Alert! Critical Flaw in Citrix ADC and Gateway Exploited in the Wild (Updated)

• Paramount Media Hacked: Attackers Obtain Access to User Personal Information

• Earth Estries’ Espionage Campaign Targets Governments and Tech Titans Across Continents

• Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

• Apple offers security researchers specialized iPhones to tinker with

• Unlocking Digital Resources: A Guide for Modern Healthcare Practitioners

• Dangling DNS Used to Hijack Subdomains of Major Organizations

• 500k Impacted by Data Breach at Fashion Retailer Forever 21

• Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Counter-Offensive

• How to add a custom problematic site block list in Opera

• Protect Your Email With This Top-Rated Tool — Just $40 for Labor Day

• National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

• Working with a Reliable Partner for Cybersecurity Success

• Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code

• Abusing Windows Container Isolation Framework to avoid detection by security products

• Do you know what your supply chain is and if it is secure?

• The bright side of data privacy compliance: 5 value-driven opportunities for retailers

• Phished Data via CERT Poland – 67,943 breached accounts

• Dismantling Qakbot Botnet – FBI’s Largest Cyber Operation Ever

• Court asks DPC to reinvestigate massive Google Data Breach

• Pampling – 383,468 breached accounts

• What does optimal software security analysis look like?

• The power of passive OS fingerprinting for accurate IoT device identification

• ChatGPT on the chopping block as organizations reevaluate AI usage

• The secret habits of top-performing CISOs

• PlayCyberGames – 3,681,753 breached accounts

• How to Fix a Water-Damaged Phone in 7 Steps

• Google Cloud Next keynote places spotlight on firm’s GenAI efforts

• Social Security Numbers leaked in ransomware attack on Ohio History Connection

• 3 reasons why your endpoint security is not enough

• How “EDR Extra Strength” simplifies traditional EDR complexity

• FBI-Led Global Effort Takes Down Massive Qakbot Botnet

• Barracuda gateway attacks: How Chinese snoops keep a grip on victims’ networks

• Cybercriminals Already Using AI in Email Attacks, New Report Confirms

• Crooks Using Stealers and Stolen Cookies to Hack Airbnb Accounts

• Microsoft ain’t happy with Russia-led UN cybercrime treaty

• Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps

• IT Security News Daily Summary 2023-08-30

• biometric authentication

• How to verify encryption in Google Messages

• APT Attacks From ‘Earth Estries’ Hit Gov’t, Tech With Custom Malware

• FBI, Justice Department dismantle Qakbot malware

• Facebook Rejects Censorship Decision From Its Own Oversight Board

• Chinese GREF APT distributes spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores

• New York Times Spoofed to Hide Russian Disinformation Campaign

• Publisher’s Spotlight: CrowdSec: Real-time & Crowdsourced Protection

• A Deep Dive into OffSec Cyber Range

• Microsoft angry over Russian-led UN cybercrime treaty

• Beware: Government’s Alert on Smishing Scam Threat

• Qakbot Botnet Disrupted, Infected 700,000 Computers Globally

• How to Go Passwordless with NordPass Passkeys

• Unmasking Trickbot, One of the World’s Top Cybercrime Gangs

• Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security

• With Beijing’s green light, mobility unicorns Zeekr and WeRide inch closer to US IPOs

• Why Web3 Penetration Testing is Vital for Protecting Decentralized Systems

• Google Chrome Security Update: High-Severity Vulnerability Patched

• Software Engineering in the Age of Climate Change: A Testing Perspective

• Apple Planning Major iPad Pro Upgrade – Report

• 4 Strategies to Safeguard the Finance Industry Against Deepfake Onslaught

• Harnessing the Power of Cyber Ranges: A Deep Dive into OffSec Cyber Range

• Podcast Episode Rerelease: Securing the Vote

• Navigating economic uncertainty with managed security services

• AT&T Cybersecurity wins SC Media Award for Best Threat Intelligence

• Top Challenges Threat Hunting Teams Face in 2023 and How to Overcome Them

• DarkGate Loader Delivered Through Stolen Email Threads to Lure Victims

• CrowdStrike CTO: ‘Rookie mistakes’ are hurting cloud security

• Flaw Exposes WP Migration Plugin to Hacks

• Performance-Enhanced Android MMRat Scurries onto Devices Via Fake App Stores

• Duet AI invades Google Workspace, takes notes, attends meetings, crafts email for $30/month

• Unveiling Network and Security Architectures: SD-WAN, SASE, SSE, and Zero Trust

• Enhancing Higher Education Security: The Role of Security Service Edge

• Foxconn Founder Bids To Become Taiwan’s President

• Email Authentication Protocols: SPF, DKIM, and DMARC – A Detailed Guide

• Chinese APT Group GREF Use BadBazaar in Android Espionage

• MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature

• Threat actors started exploiting Juniper flaws shortly after PoC release

• Barracuda Email Hack leaks government emails in America

• Meta Shuts Down Huge Chinese Disinformation Campaign

• Apple To Unveil iPhone 15 At Wonderlust Event

• iOS 16 Cheat Sheet: Complete Guide for 2023

• Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs

• ‘Earth Estries’ Cyberespionage Group Targets Government, Tech Sectors

• Chinese Hackers Target US, Other Govts With Barracuda Flaw

• Apple Security Boss Faces iPads For Gun Permits Bribery Charge Again

• University Cuts Itself Off From Internet After Mystery Security Snafu

• Recent Juniper Flaws Chained In Attacks Following PoC Exploit Publication

• BGP Flaw Can Be Exploited For Prolonged Internet Outages

• British Officials Say AI Chatbots Could Carry Cyber Risks

• Tenable unveils web application and API scanning capabilities for Nessus Expert

• Exabeam and Google Cloud join forces to modernize security operations

• ComplyCube Field Redaction removes sensitive fields from documents

• 47,000 London Metropolitan Police Personnel Impacted by Data Breach

• Ransomware Vendetta: Rhysida Group Strikes Prospect Medical, Warns of Auctioning Stolen Data

• Duolingo Data Breach: Hackers Posts Scrapped Data on Hacking Forum

• Should Senior IT Professionals Be Accountable for Professional Decisions?

• Ransomware Actor Linked to Attacks Against Citrix NetScaler System

• Google Urges Gmail Users Set Up 2FA for Enhanced Security

• China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users

• Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication

• When Apps Go Rogue

• Korea Blockchain Week 2023: Presenting Web3’s Leading Voices

• Hackers Exploiting Juniper RCE Flaw Following PoC Release

• Cost of a data breach 2023: Financial industry impacts

• In Airbnb, Cybercriminals Find a Comfortable Home for Fraud

• Netskope Proactive DEM enables organizations to anticipate potential problems

• Stealthy Android Malware Attacking Mobile Users Via Fake App Stores

• Why are we seeing such a huge demand for AI at the moment?

• BGP Flaw Can Be Exploited for Prolonged Internet Outages

• GitHub Enterprise Server Gets New Security Capabilities

• Malicious npm Packages Aim to Target Developers for Source Code Theft

• How to Prevent ChatGPT From Stealing Your Content & Traffic

• NCSC issues warning over chatbot cyber risks

• VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)

• MixMode enhances Generative AI Platform to improve threat detection

• The removal of Qakbot from infected computers is just the first step

• Cyber Security Today, August 30, 2023 – More ransomware and MOVEit attack numbers, and an attack on a Rust repository

• No More Band-Aids: It’s Time for IT and OT Security Convergence

• NCSC Warns Over AI Chatbot Cyber Risks

• FBI-Led Operation Duck Hunt Shuts Down QakBot Malware

• Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits

• QVANTUM Expands into the US Market, Empowering Precise Workforce Planning with Customized Cost Solutions

• Fianu Labs Emerges From Stealth With $2 Million in Seed Funding

• High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome

• DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

• How Quantum Computing Will Impact Cybersecurity

• Critical RCE flaw impacts VMware Aria Operations Networks

• Meter collaborates with Cloudflare to launch DNS Security

• Met Police Contractor Hack Places Officer Data At Risk

• OpenAI Promises Enterprise-Grade Security with ChatGPT for Business

• Enhancing Cybersecurity: How XDR Software Empowers CISOs

• DreamBus Malware Exploits Unpatched RocketMQ Servers

• Earth Estries Targets Government, Tech for Cyberespionage

• NCSC Issues Cyber Warning Over AI Chatbots

• IT threat evolution in Q2 2023

• IT threat evolution in Q2 2023. Mobile statistics

• IT threat evolution in Q2 2023. Non-mobile statistics

• Google launches tool to identify AI-generated images

• GhostSec Claim Breaching Iranian Govt Surveillance Software Tool

• Block Unwanted Calls With AI for Just $50 Until Labor Day Sale Ends 11:59 PM PST 9/4

• With Beijing’s greenlight, mobility unicorns Zeekr and WeRide inch closer to US IPOs

• An evolved LockBit variant emerges

• What is Static Network Address Translation?

• Understanding Firewalls – Types, Configuration, and Best Practices for Effective Network Security

• Updated NCSC Report Highlights Key Threats for the UK Legal Sector

• FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

• Threat Actors Abuse Google Groups to Send Fake order Notifications

• Why performing security testing on your products and systems is a good idea

• Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks

• Hackers Can Exploit Skype Vulnerability to Find User IP Address

• Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege

• The Latest in Cybersecurity Incidents making to Google Headlines

• Decoding the Naming Conventions of Ransomware Malware

• How to protect your personal data when using ChatGPT and generative AI

• FBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 Million

• How Thales and Red Hat Secure Kubernetes Data in a 5G World

• Is the new OWASP API Top 10 helpful to defenders?

• Volatility Workbench: Empowering memory forensics investigations

• Velociraptor: Open-source digital forensics and incident response

• A closer look at the RFI on open-source software security

• Toyota Japan back on the road after probably-not-cyber attack halted production

• Rising cyber incidents challenge healthcare organizations

• Qakbot Botnet Disrupted in Operation ‘Duck Hunt’

• Meta reckons China’s troll farms could learn proper OpSec from Russia’s fake news crews

• Meal delivery service PurFoods announces major data breach

• Cisco VPNs without MFA are under attack by ransomware operator

• “An influx of Elons,” a hospital visit, and magic men: Becky Holmes shares more romance scams: Lock and Code S04E18

• FBI confirms Barracuda patch is not effective for exploited ESG appliances

Generated on 2023-08-31 23:55:17.380604