IT Security News Daily Summary 2023-09-01

• ReasonLabs Summer 2023 Trends Report Reveals Top Consumer Security Threats

• Lacework Expands Partnership With Google Cloud to Deliver Enterprise Flexibility in the Cloud

• AI for Good: Voxel AI Tech Increases Funding to $30M With Strategic Funding Round

• Inaugural Pwn2Own Automotive Contest Dangles $1M for Car Hackers

• More Okta customers trapped in Scattered Spider’s web

• Cyber Security Today, Week in Review for the week ending September 1, 2023

• MSSQL Databases Under Fire From FreeWorld Ransomware

• US Government Denies Blocking Sales of AI Chips to Middle East

• UK’s NCSC Warns Against Cybersecurity Attacks on AI

• Key Group Ransomware Foiled by New Decryptor

• Will the AI Arms Race Lead to the Pollution of the Internet?

• Forever 21 Systems Hacked: 500,000+ Users Affected

• NYC Subway Disables Trip-History Feature Over Tap-and-Go Privacy Concerns

• Popular ‘As-a-Service’ Operations Have Earned Cybercriminals over $64m

• When Will Robots Take Over Your Household Chores?

• OpenAI’s ChatGPT accused of GDPR breaches

• Preparing for the Future: Understanding Identity’s Role in Data Security

• Hackers infiltrate servers of Japanese Government Cybersecurity Agency

• Why is .US Being Used to Phish So Many of Us?

• Smishing Triad: China-Based Fraud Network Exposed

• Dive into the Deep Sea: A View of the Subsea Cable Ecosystem

• Threat Actors Targeting Microsoft SQL Servers to Deploy FreeWorld Ransomware

• Esteemed Cybersecurity PR Agency Turns 28

• OpenAI’s GPTBot Faces Media Backlash in France Over Data Collection Fears

• GhostSec: Hacktivist Breach Iranian Surveillance Software

• Flight Data Issues Trigger UK Air Traffic Control Failure

• Open-Source Malware SapphireStealer Expands

• New Study Reveals Airbnb as a Haven for Cybercrime

• How To Check Office Files for Macros Using Java

• If you like your Flipper Zero, then you’ll love this

• UNRAVELING EternalBlue: inside the WannaCry’s enabler

• The best security keys of 2023: Expert tested and reviewed

• Lidl recalls Paw Patrol snacks after website on packaging displayed porn

• Proposed SEC Cybersecurity Rule Will Put Unnecessary Strain on CISOs

• Researchers released a free decryptor for the Key Group ransomware

• A Conversation with OmniIndex’s James Stanbridge on Diversity, Equity and Inclusion in Tech Recruitment

• Sourcegraph’s Website Breached by Threat Actors

• Massive attack

• Sophisticated Cyber-Espionage Group Earth Estries Exposed

• Allowing cybercriminals to drive your car: 5 Tips for Keeping Your Electric Vehicle Secure

• Free Decryptor Available for ‘Key Group’ Ransomware

• In Other News: Hacking Encrypted Linux Computers, Android Fuzzing, Skype Leaking IPs

• From frustration to clarity: Embracing Progressive Disclosure in security design

• Tesla Faces Federal Probes Over Elon Musk Glass House – Report

• How the FBI took down the notorious Qakbot botnet

• North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks

• Cyber Security Today, Sept. 1, 2023 – Celebrate Women in Cyber Security

• US Denies Restricting AI Chip Sales To Middle East

• Hackers Exploit Openfire Vulnerability To Deploy Kinsing Malware

• Spyware Vendor Hacked

• TechRepublic Premium Editorial Calendar: Policies, Checklists, Hiring Kits and Research for Download

• Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer

• Industry Reactions to Qakbot Botnet Disruption: Feedback Friday

• Elon Musk Says X, Formerly Twitter, Will Have Voice and Video Calls, Updates Privacy Policy

• Malicious Generative AI Tools. Buzz, Threat, and Solution

• SapphireStealer: A New Open-Source Information Stealer Malware to Look Out For

• Firefox Browser Enhances Email Security with New Built-in Tools

• X To Collect Biometric Data, Employment, Education History

• Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military

• International Women in Cyber Security Day: Slow progress

• Adobe ColdFusion Critical Vulnerabilities Exploited Despite Patches

• New SuperBear Trojan Emerges in Targeted Phishing Attack on South Korean Activists

• How Ducktail capitalizes on compromised business, ad accounts

• DAST vs. SAST: Which Security Testing Method Will Keep You Safer?

• New MMRAT Android Malware Runs Sneaky Campaigns

• BadBazaar Malware Attacking Android Users via Weaponized Telegram & Signal Apps

• Over $1 Million Offered at New Pwn2Own Automotive Hacking Contest

• Sourcegraph Discloses Data Breach Following Access Token Leak

• Pathways into Cyber: Transitioning from Healthcare to the Cybersecurity Frontier

• Revisiting 16shop Phishing Kit, Trend-Interpol Partnership

• New Targeted Smishing Campaign Attacking the US Citizens to Steal Payment Data

• How to create a password-protected PDF with LibreOffice

• Classiscam Scam-as-a-Service Raked $64.5 Million During the COVID-19 Pandemic

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Ransomware-as-a-Service (RaaS) – The Rising Threat to Cybersecurity

• Anonymous Sudan launched Cyber Attack on X formerly Twitter

• How to obtain cyber resilience in low security budgets

• Silicon UK Pulse: Your Tech News Update: Episode 16

• Fake Signal and Telegram apps – Week in security with Tony Anscombe

• Understand the fine print of your cyber insurance policies

• Cybercriminals use research contests to create new attack methods

• New infosec products of the week: September 1, 2023

• Battling malware in the industrial supply chain

• Mobile threat defense or bust

• Exploring the traits of effective chief audit executives

• Enterprise security challenges for CNI organizations: Overview of security challenges

• Improving containerization security with Red Hat OpenShift

• IT & OT security: How to Bridge the Gap

• Qakbot botnet infrastructure suffers major takedown

• Prompt injection could be the SQL injection of the future, warns NCSC

• Cigna Health Data Leak: 17 Billion Records Exposed

• Fashion retailer Forever 21 data breach impacted +500,000 individuals

• Good news for Key Group ransomware victims: Free decryptor out now

• Types of ransomware and a timeline of attack examples

• Introducing SafeUTM: The Free Version of NGFW

• Cygna Labs Corp. Announces Expansion of its DNS Firewall Service

• National Cybersecurity Alliance Receives 200K Grant From Craig Newmark Philanthropies for HBCU Cybersecurity Program

• Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

• Publisher’s Spotlight: Arctic Wolf: Security Operations Cloud and Concierge Delivery Model

• IT Security News Monthly Summary – September

• IT Security News Daily Summary 2023-08-31

• UN: Southeast Asia Gangs Are Trafficking Cybercrime Workers

• 3 out of 4 Cyberattacks in the Education Sector Are Associated With a Compromised On‑Premises User or Admin Account

• Insurance Costs Rise, Coverage Shrinks, But Policies Remain Essential

• Apple’s Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy

• Cybercriminals Team Up to Upgrade ‘SapphireStealer’ Malware

• Kremlin-backed Sandworm strikes Android devices with data-stealing Infamous Chisel

• UK Agrees to Support Kuwait’s Cybersecurity Center

• Publisher’s Spotlight: Normalyze: Data Security for Everything You Build and Run in The Cloud

• Cisco Patched Multiple NX-OS And FXOS Vulnerabilities

• Paramount Admits Data Breach – Report

• Hackers Launch MiTM Attack to Bypass VMware Tools SAML Authentication

• Apple iPhone 14 Pro Offered Up to the Hacking Masses

• Paramount, Forever 21 Data Breaches Set Stage for Follow-On Attacks

• Forever 21 data breach affects half a million people

• Deploying AI Code: Safety Goggles Needed

• Assessing Generative AI’s Impact on Cyber Risk

• How companies can get a grip on ‘business email compromise’

• Ransomware Gangs are Evolving: Cryptocurrency Flaws Could be Their Next Target

• FBI Leads Takedown Of Qakbot Malware Infecting 700,000 Computers

• 10 best antivirus software for businesses in 2023

• 5 ways CISOs can prepare for generative AI’s security challenges and opportunities

• Leveraging AT&T Cybersecurity Consulting for a robust Zero Trust Center of Excellence

• Hackers Exploit Adobe ColdFusion Vulnerabilities to Deploy Malware

• Do you need an anti-spy camera finder and bug detector? How they work

• LogicMonitor customers hit by hackers, because of default passwords

• Navigating privacy in a data-driven world with Microsoft Priva

• BYOD Security Gap: Survey Finds 49% of European Firms Unprotected

• Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication

• Plug these vulnerabilities in VMware, Cisco products

• New Russian Android malware targets Ukraine’s military devices: Report

• LockBit Ransomware targets a province in Quebec Canada

• Publisher’s Spotlight: Cycode: Secure Code to Cloud – Application Security Posture Management (ASPM) at Scale

• Max Schrems’ Noyb Files Privacy Complaint Against Fitbit

• CockroachDB TIL: Volume 13

• 4 Zoom alternatives with better video conferencing privacy policies

• New Research Exposes Airbnb as Breeding Ground For Cybercrime

• PagerDuty strengthens analytics capabilities and expands generative AI offerings

• AgentSmith HIDS – Host Based Intrusion Detection

• Elon Musk’s X To Offer Audio, Video Calling

• Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks

• Energy Department Offering $9M in Cybersecurity Competition for Small Electric Utilities

• Risk & Repeat: Digging into Microsoft security criticisms

• Cyberattackers Swarm OpenFire Cloud Servers With Takeover Barrage

• The Power of Threat Intelligence in Cyber Defense

• Barracuda Thought It Drove 0-Day Hackers From Customer Networks

• Claroty’s 2023 Global Healthcare Cybersecurity Study Exposes Widespread Vulnerabilities and Impact

• Google Cloud Introduces Duet AI To Revolutionize Cybersecurity Operations

• Alert fatigue: A 911 cyber call center that never sleeps

• SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations

• Malwarebytes lays off 100 employees ahead of business split

• Palo Alto Networks Empowers MSPs with Prisma SASE Enhancements

• FBI Dismantles QakBot Botnet In Largest-Ever Cybercrime Operation

• Rackspace has Spent $11 Million on Ransomware Cleanup So Far

• Emerging Phishing Campaigns Aim FTX Users After Kroll Data Breach

• Boosting Business Efficiency: OpenAI Launches ChatGPT for Enterprises

• Multiple Splunk Enterprise Flaws Let Attackers Execute Arbitrary Code

• Applications and SaaS Plugins: Data Exfiltrations

• A Brief History of ICS-Tailored Attacks

• IBM partners with Salesforce to drive productivity and growth with generative AI

• Weaknesses in Cisco ASA SSL VPNs Exploited Through Brute-Force Attacks

• Apple Preparing iPhone 14 Pro Phones for 2024 Security Research Device Program

• Adversaries Ride RocketMQ Bug to DreamBus Bot Resurgence

• North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository

• Microsoft To Unbundle Teams To Satisfy EU Antitrust Concerns

• Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence

• Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

• Facebook Accounts Targeted by Vietnamese Threat Groups

• Chinese Group Spreads Android Spyware via Trojan Signal, Telegram Apps

• 3 out of 4 cyberattacks in the education sector are associated with a compromised on premises user or admin account

• Cisco VPNs with no MFA enabled hit by ransomware groups

• The Best FPS Games on Android In 2023: Popular by Demand

• Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack

• Harnessing Security by Adopting Zero Trust Architecture

• Numbers Don’t Lie: Exposing the Harsh Truths of Cyberattacks in New Report

• Paramount Global disclosed a data breach

• Google DeepMind Trials Watermarks For AI Images

• MalDoc in PDF Attack: Hackers Hiding Malicious Word Files within PDFs

• Lawsuit Accuses University of Minnesota of Not Doing Enough to Prevent Data Breach

• GRU Blamed for Infamous Chisel Malware Targeting Ukraine’s Military Phones

• Own Your Own Government Surveillance Van

• Google Fixes Serious Security Flaws in Chrome and Android

• Axio and Cyentia Institute join forces to boost data-driven cyber risk quantification for enterprises

• Notorious QakBot Malware Dismantled: $8.6M Seized and 700K Computers Freed

• Heimdal’s MXDR Adapt, an Innovative Adaptive Control for Enhanced Threat Detection and Response

• Zero-Day Alert! Critical Flaw in Citrix ADC and Gateway Exploited in the Wild (Updated)

• Paramount Media Hacked: Attackers Obtain Access to User Personal Information

• Earth Estries’ Espionage Campaign Targets Governments and Tech Titans Across Continents

• Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

• Apple offers security researchers specialized iPhones to tinker with

• Unlocking Digital Resources: A Guide for Modern Healthcare Practitioners

• Dangling DNS Used to Hijack Subdomains of Major Organizations

• 500k Impacted by Data Breach at Fashion Retailer Forever 21

• Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Counter-Offensive

• How to add a custom problematic site block list in Opera

• Protect Your Email With This Top-Rated Tool — Just $40 for Labor Day

• National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

• Working with a Reliable Partner for Cybersecurity Success

• Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code

• Abusing Windows Container Isolation Framework to avoid detection by security products

• Do you know what your supply chain is and if it is secure?

• The bright side of data privacy compliance: 5 value-driven opportunities for retailers

• Phished Data via CERT Poland – 67,943 breached accounts

• Dismantling Qakbot Botnet – FBI’s Largest Cyber Operation Ever

• Court asks DPC to reinvestigate massive Google Data Breach

• Pampling – 383,468 breached accounts

• What does optimal software security analysis look like?

• The power of passive OS fingerprinting for accurate IoT device identification

• ChatGPT on the chopping block as organizations reevaluate AI usage

• The secret habits of top-performing CISOs

• PlayCyberGames – 3,681,753 breached accounts

• How to Fix a Water-Damaged Phone in 7 Steps

• Google Cloud Next keynote places spotlight on firm’s GenAI efforts

• Social Security Numbers leaked in ransomware attack on Ohio History Connection

• 3 reasons why your endpoint security is not enough

• How “EDR Extra Strength” simplifies traditional EDR complexity

Generated on 2023-09-01 23:55:19.747773