IT Security News Daily Summary 2023-09-06

• Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes

• How to prevent ransomware in 6 steps

• Facebook Oversight Board Says Posts About Abortion Are Not Death Threats

• Guy who ran Bitcoins4Less tells Feds he had less than zero laundering protections

• Cash-Strapped IronNet Faces Bankruptcy Options

• Understanding Google Analytics 4, Server-Side Tracking, and GDPR Compliance

• Okta: 4 customers compromised in social engineering attacks

• AtlasVPN Linux Zero-Day Disconnects Users, Reveals IP Addresses

• China Bans Government Officials From Using Apple iPhones – Report

• Vulnerability Summary for the Week of August 28, 2023

• MinIO Attack Showcases Fresh Corporate Cloud Attack Vector

• Google addressed an actively exploited zero-day in Android

• Intro To Honeypots

• Russian Cyber-Attacks and the Looming Threat of WW3

• Newport Wafer Fab To Cut Jobs, Blames Government Restrictions

• Unveiling Vulnerabilities via Generative AI

• How to stop Google from selling your browser history for ad targeting

• Best VPN for streaming in 2023: Unblock your favorite streaming services now

• The best travel VPNs of 2023: Expert tested and reviewed

• Russia’s ‘Fancy Bear’ APT Targets Ukrainian Energy Facility

• Ransomware gang claims credit for Sabre data breach

• Results of Major Technical Investigations for Storm-0558 Key Acquisition

• Cut through cybersecurity vendor hype with these 6 tips

• A zero-day in Atlas VPN Linux Client leaks users’ IP address

• EC Names Alphabet, Apple, Meta, Microsoft Among DMA Gatekeepers

• The best VPN deals for September 2023

• Webinar Tomorrow: Unpacking the Secure Supply Chain Consumption Framework (S2C2F)

• Investors Betting Big on Upwind for CNAPP Tech

• Google’s Souped-up Chrome Store Review Process Foiled by Data-Stealer

• Insight Managed Cloud Services streamline cloud management

• Staying ahead of threats: 5 cybercrime trends to watch

• Government Denies U-Turn On Encrypted Messaging Row

• What Businesses Need To Know To Comply With SEC’s New Cyber Disclosure Rules

• Android Zero Day Patched With September 2023 Security Updates

• SaphhireStealer: New Malware in Town, Possess More Capabilities

• Revolutionizing the Future: How AI is Transforming Healthcare, Cybersecurity, and Communications

• Keeping cybersecurity regulations top of mind for generative AI use

• Biden’s IoT Cybersecurity initiative

• New Agent Tesla Variant Uses Excel Exploit to Infect Windows PCs

• Russian APT28 Hacking Group Attacking Critical Power Infrastructure

• One-Click Deploying EMQX MQTT Broker on AWS Using Terraform

• Coffee Meets Bagel outage caused by cybercriminals deleting data and files

• Jim Cramer calls Palo Alto Networks’ CEO the Tom Brady of executives

• Considerations to be made when dealing with Ransomware Payments

• Password-Stealing Chrome Extension Demonstrates New Vulnerabilities

• Dozens of Unpatched Flaws Expose Security Cameras Made by Defunct Company Zavio

• Thousands of Popular Websites Leaking Secrets

• Old vulnerabilities are still a big problem

• Netskope acquires Kadiska for enhanced network and app performance monitoring

• D2iQ DKP 2.6 improves Kubernetes management capabilities

• CyberSaint launches Remediation Suite to optimize resource allocation and decision-making

• Taming Your Android: A Step-Step Guide to Restricting Background App Data

• Publisher’s Spotlight: IANS: Providing Expert Guidance to CISOs and their Teams

• TikTok Opens First European Data Centre Amid China Fears

• Hackers Steal Over $5,700 from ATMs Using Raspberry Pi

• Hackers Use Flipper Zero Device to Attack Nearby iPhones with Notification Pop-ups

• Why companies must use AI to think differently, and not simply to cut costs

• MITRE and CISA Release OT Attack Emulation Tool

• Machine learning operations can revolutionize cybersecurity

• Obsessed with privacy? Keep Tails on a USB drive and secure most any computer

• Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

• Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw

• Simple Guide: Enabling Virtualization on Windows 11

• Six ways to safeguard important digital assets

• China’s Temu App Pose a Security Threat to Online Shoppers

• Securing Your Legacy: Identities, Data, and Processes

• The most surveilled football stadiums around the world

• Cybercriminals target MS SQL servers to deliver ransomware

• TXOne Networks Edge V2 isolates security breaches

• The Best of Both Worlds Made Possible with A Hybrid SOC

• UK Ministry Of Defence Documents Leaked After Supplier Hack

• 25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy

• How China Demands Tech Firms Reveal Hackable Flaws in Their Products

• REVEALED: Lineup of IT pioneers and practitioners navigating the next realm of digital and AI

• Testing Microservices: Performance Testing Challenges and Strategies

• Cybersecurity in Spain – Challenges and Solutions

• Meatbag mishaps more menacing than malware? CISOs think so

• Freecycle Data Breach: Urgent Password Update Required

• The Role of AI in Cybersecurity

• Addressing the Rising Threat of Web DDoS Tsunami Attacks in 2023

• Overcoming Open Source Vulnerabilities in the Software Supply Chain

• See Tickets says hackers accessed customers’ payment data — again

• Meet the AI, fintech, SaaS and security industry chairs at TC Disrupt 2023

• API security startup Pynt raises $6M

• Android Zero-Day Patched With September 2023 Security Updates

• Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility

• BugProve Discovers Critical Security Vulnerabilities in Zavio IP Cameras

• Fasoo collaborates with Egnyte to simplify data governance

• NTT launches Samurai XDR SaaS to strengthen detection and response capabilities across the network

• Heimdal®’s Semiannual Rundown of the Most Exploited Vulnerabilities of 2023

• Three CISOs Share How to Run an Effective SOC

• Cyber Security Today, Sept. 6, 2023 – Advice on cyber insurance

• AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure

• Chrome 116 Update Patches High-Severity Vulnerabilities

• Hacker Conversations: Alex Ionescu

• High-Severity Vulnerability Discovered in Popular CMS

• Russia-Backed APT28 Tried to Attack Ukrainian Critical Power Facility

• Generative AI’s Biggest Security Flaw Is Not Easy to Fix

• Cryptocurrency Startup Loses Encryption Key for Electronic Wallet

• accessiBe: Transforming the Web With An Ecosystem of Accessibility Solutions

• MITRE and CISA release Caldera for OT attack emulation

• University of Sydney Reports Data Breach

• Okta warns against attacks targeting IT service desk agents

• Elon Musk Blames ADL For Ad Revenue Slump, Threatens Lawsuit

• Caldera: A New Security Tool to Emulate Attacks in Critical Infrastructure

• 9 Alarming Vulnerabilities Uncovered in SEL’s Power Management Products

• Blame Culture: An Organisation’s Ticking Time Bomb

• Cloudera partners with AWS to help organizations accelerate their modernization to the cloud

• W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts

• School’s Back, Cyberattack: Navigating Cyberattacks in the Education Sector

• 5 Common Business Mistakes in Ransomware Prevention Planning

• What is ISO 27002:2022 Control 8.9? A Quick Look at the Essentials

• UK Boards Are Growing Less Concerned About Cyber-Risk

• Experts Uncover Underground Phishing “Empire” W3LL

• Fortifying Cybersecurity for Schools as New Academic Year Begins

• Hackers Using BlueShell Malware to Attack Windows, Linux, and Mac Systems

• Crypto Casino Stake.com Back Online After $40m Heist

• Ukraine’s CERT Thwarts APT28’s Cyberattack on Critical Energy Infrastructure

• ASUS routers are affected by three critical remote code execution flaws

• MITRE Caldera for OT now available as extension to open-source platform

• Why performing security testing on your products and systems is a good idea

• Cyber Threats Emerging from Text Message Spam and Smishing

• Top 5 Cybersecurity Concerns with 5G

• Are kids using ChatGPT for school projects?

• Critical security vulnerabilities in ASUS routers — update immediately

• Compliance budgets under strain as inflation and workload grow

• Cyber talent gap solutions you need to know

• Emerging threat: AI-powered social engineering

• Securing the smart cities of tomorrow: Cybersecurity challenges and solutions

• United Airlines Says the Outage That Held Up Departing Flights Was Not a Cybersecurity Issue

• Nascent Malware Attacking npm, PyPI, and RubyGems Developers

• CIS Benchmarks Communities: Where configurations meet consensus

• From unsuspecting click to data compromise

• Avoidable digital certificate issues fuel data breaches

• Diving Deeper Into Windows Event logs for Security Operation Center (SOC) – Guide

• North Korean hackers have allegedly stolen hundreds of millions in crypto to fund nuclear programs

• Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

• Malicious attackers can flood iPhone users with endless popups using a $170 tool

• Password-stealing Chrome extension smuggled on to Web Store

• Reddit faces content quality concerns after its Great Mod Purge

• 4 Okta customers hit by campaign that gave attackers super admin control

• What OpenAI Really Wants

• TikTok hires Britain’s NCC for auditing data security

• United Airlines says outage that held up departing flights was not a cybersecurity issue

• GraphQL Vulnerabilities and Common Attacks: What You Need to Know

• How Effective Data Governance Impacts The Success Of Digital Transformation

• New Chae$4 Malware Steals Login, Financial Data from Businesses

• Freecycle Confirms Data Breach Affecting Over 7 Million Users

• LockBit Leaks Documents Filched From UK Defense Contractor

• Researchers Discover Critical Vulnerability in PHPFusion CMS

• You patched yet? Years-old Microsoft security holes still hot targets for cyber-crooks

• IT Security News Daily Summary 2023-09-05

• Facebook Continues To Offer Poor Support For Hacked Users

• Publisher’s Spotlight: RegScale: Holistically Manage Your Compliance Program

• Hornetsecurity Releases 365 Total Protection Plan 4 for Microsoft 365

• Global Cloud Security Market to Reach $62.9B by 2028

• Tuya Smart and Amazon Web Services Collaborate to Establish an IoT Security Lab

• Google raises prices for Nest Aware subscriptions, but there is good news

• GhostSec Leaks Source Code of Alleged Iranian Surveillance Tool

• Digital Rights Updates with EFFector 35.11

• CISA Hires ‘Mudge’ to Work on Security-by-Design Principles

• Ransomware attacks on education sector spike in August

• Peiter ‘Mudge’ Zatko Lands Role as CISA Senior Technical Adviser

• Hacking device Flipper Zero can spam nearby iPhones with Bluetooth pop-ups

• Atlas VPN zero-day allows sites to discover users’ IP address

• Reflectiz offers remote solution to battle Magecart attacks

• Reading between the Lines – How the INFORM Consumers Act Impacts Online Retailers

• China To Launch $40 Billion State Chip Fund – Report

• Data Initiatives Force Closer Partnership Between CISOs, CDOs

• Hackers Target High-Privileged Okta Accounts via Help Desk

• One-Click Deploying EMQX MQTT Broker on Azure Using Terraform

• Russia Undertakes Disinformation Campaign Across Africa

• Big Tech has failed to police Russian disinformation, EC study concludes

• Holiday Season Cyber Alert: Reflectiz Declares War on Magecart

• X to Collect Biometric Data For Premium Users to Add Verification Layer

• Hackers stole $41M worth of crypto assets from crypto gambling firm Stake

• Electoral Commission Failed Basic Security Test Before Cyberattack

• Gcore Thwarts 500 Million PPS DDoS Attack on Gaming Company

• How Companies Can Cope With the Risks of Generative AI Tools

• UK Online Safety Bill Will Mandate Dangerous Age Verification for Much of the Web

• Montana’s New Genetic Privacy Law Caps Off Ten Years of Innovative State Privacy Protections

• The Rise of Chaes Malware: A Threat to Financial and Logistics Industries

• Introducing the next phase of 5G

• Future forward cyber

• Holiday Season Cyber Alert: Reflectiz Declares War on Magecart Attacks

• Freecycle data breach impacted 7 Million users

• Publisher’s Spotlight: Security Journey: Secure Coding Training

• Huawei Phone Teardown Reveals China Chip Advances

• Mend.io SAML Vulnerability Exposed

• The Strange Afterlife of Wagner’s Yevgeny Prigozhin

• Thales OneWelcome Identity Platform Recognized as Overall and Market Leader by KuppingerCole

• AI Development May Take a Toll on Tech Giant’s Environment Image

• TikTok hires British Security firm to banish data security concerns

• Creating a Custom Starter With Spring Boot 3

• MITRE and CISA Release Open Source Tool for OT Attack Emulation

• UK Electoral Commission Fails Cybersecurity Test Amid Data Breach

• Airlines Battle Surge in Loyalty Program Fraud

• Top 10 riskiest assets threatening global business

• LiveWire allows users to export their data, use it with AIs

• Hornetsecurity releases 365 Total Protection Plan 4 for Microsoft 365 to protect email communications

• LockBit leaks sensitive data from maximum security fence manufacturer

• Kingston Digital introduces XS1000 External SSD

• How to Identify and Overcome Blockchain Fatigue

• Tech Giants Grapple Russian Propaganda: EU’s Call to Action

• Musk stirs controversy with move by X to collect biometrics

• Apple, Microsoft Push To Keep iMessage, Bing Off EU Gatekeeper List

• Use Angry IP Scanner to audit the network

• New BLISTER Malware Update Fuelling Stealthy Network Infiltration

• The Nuanced Landscape of Insider Threats: A Conversation with Federico Charosky of Quorum Cyber

• Okta Says US Customers Targeted In Sophisticated Attacks

• 9 Vulnerabilities Patched In SEL Power System Management Products

• TikTok Opens Dublin Data Centre To Ease China Spying Fears

• Parcel Delivery Smishing Campaign Targets iPhone Users

• Freecycle gives users the gift of a data breach notice

• Freecycle Data Breach Impacts 7 Million Users

• Okta Says US Customers Targeted in Sophisticated Attacks

• Norfolk Southern Says a Software Defect — Not a Hacker — Forced It to Park Its Trains This Week

• 7 Million Users Possibly Impacted by Freecycle Data Breach

• 9 Vulnerabilities Patched in SEL Power System Management Products

• As LotL Attacks Evolve, So Must Defenses

• 8×8 Omni Shield protects users from fraudulent SMS activity

• LiveWire allows users to export their data and use it with the AIs

• 5 Ways Heimdal® Protects You From DNS Attacks

• Zero-day attacks are on the rise. Can patches keep up?

• Chipmaker NXP confirms data breach involving customers’ information

• Tech-Savvy Solutions: Streamlining Long-Term Disability Claims

• Vietnamese Cybercriminals Exploit Malvertising to Target Facebook Business Accounts

• Your Armor Against Identity Theft: Exploring Diverse Protection Service Options

• EE, Vodafone, O2 Users Suffer Calling Routing Issue

• Researchers Warn of Cyber Weapons Used by Lazarus Group’s Andariel Cluster

• Key Cybersecurity Tools That Can Mitigate the Cost of a Breach

• Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface

• New Python Variant of Chaes Malware Targets Banking and Logistics Industries

• Zero Trust Security: Pioneering Solutions on a ‘Never Trust, Always Verify’ Principle to Overcome Modern Cyberspace Security Challenges!

• FutureBank and IDVerse Partner to Fight Cybercrime

• 16-31 July 2023 Cyber Attacks Timeline

• World’s Largest Cryptocurrency Casino Stake Hacked for $41 Million

• Northern Ireland top cop quits in wake of data breach and disciplinary controversy

• Hacker Group Disguised as Marketing Company to Attack Enterprise Targets

• Meta disrupted two influence campaigns from China and Russia

• The importance of CISOs is not recognised by senior leadership

• International Cyber Expo Commits to Highlighting Importance of Wellbeing in Cybersecurity

• Ransomware Attack on Fencing Systems Maker Zaun Impacts UK Military Data

• Cybersecurity M&A Roundup: 40 Deals Announced in August 2023

• Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs

• ThetaRay nabs $57M for AI tools to fight money laundering

• India warns of malware attacks targeting its Android users

• Heimdal Announces Expansion into the Indian Market

• Amazon Loses One Medical CEO After Acquisition

• Analyzing a Facebook Profile Stealer Written in Node.js

• More Schools Hit By Cyber-Attacks Before Term Begins

• Achieving Superior Security with Continuous Compliance

• 2023 Cost of a Data Breach: Key Takeaways

• UK National Cyber Security Centre Gets a New CTO

• Securing Linux Policy

• Freecycle Breach May Have Hit Millions of Users

• Multiple IBM Sterling Secure Proxy Vulnerabilities Allow Remote Code Execution

• Why Is MDR Better Than EDR: Enhancing Cybersecurity in the Modern World

• Need to improve the detection capabilities in your security products?

• A massive DDoS attack took down the site of the German financial agency BaFin

• BitBrowser Hackers Launder 70.6% of Stolen Funds

• Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia

• Avoid storing this data on mobile to curb privacy and security concerns

• Why end-to-end encryption matters

• The misconceptions preventing wider adoption of digital signatures

• Connected cars and cybercrime: A primer

• Reaper: Open-source reconnaissance and attack proxy workflow automation

• 6 free resources for getting started in cybersecurity

• A week in security (August 28 – September 3)

• Supply chain related security risks, and how to protect against them

Generated on 2023-09-06 23:55:26.142982