IT Security News Daily Summary 2023-09-09

• North Korean Threat Actors Stole $41 Million in Online Casino Heist

• US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog

• The complete guide to ransomware

• Mac Users Under Attack: Malvertising Campaign Distributing Atomic Stealer Malware

• Protect Your Keys: Lessons from the Azure Key Breach

• W3LL Store: Unmasking a Covert Phishing Operation Targeting 8,000+ Microsoft 365 Accounts

• Check Point to Acquire Cyber Startup Atmosec to Boost Its SaaS Security Offering

• Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

• North Korean Hackers Steal Crypto to Fund ‘Nuclear Weapon Program’

• The Rise of AI-Powered Narcissism: Exploring the Impact of Digital Clones on Our Psychology

• Privacy Class Action Targets OpenAI and Microsoft

• Mozilla: Your New Car Is a Data Privacy Nightmare

• North Korean Hackers Use 0-Day Exploits to Attack Security Researchers

• Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play

• Will you give X your biometric data? – Week in security with Tony Anscombe

• Build or Buy your own antivirus product

• Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks

• U.K. and U.S. Sanction 11 Russia-based TrickBot Cybercrime Gang Members

• Notepad++ 8.5.7 fixes 4 security issues

• The UK Government Knows How Extreme The Online Safety Bill Is

• Microsoft, Apple versus China, spyware actors

• EFF Urges Appeals Court to Re-hear Case over Trump’s X Account

• Hidden Biases in Cybersecurity Reviews – And How to Use Them

• 3 Ways to Expand the Cyber Talent Pool From Splash Pad to Watering Hole

• TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms

• IT Security News Daily Summary 2023-09-08

• JWT Token Revocation: Centralized Control vs. Distributed Kafka Handling

• Microsoft reveals how hackers stole its email signing key… kind of

• Cyber Security Today, Week in Review for Friday, September 8, 2023

• Dell and CTO Roese dive into AI, edge, security at MTCC event

• North Korea-linked threat actors target cybersecurity experts with a zero-day

• Identity and Access Management Best Practices

• What Is API Security? Definition, Fundamentals, & Tips

• California’s Middle Mile Network Must Bridge the Digital Divide, Not Reinforce It

• Australian Data Breach Costs are Rising — What Can IT Leaders Do?

• 16 top ERM software vendors to consider in 2023

• Risk prediction models: How they work and their benefits

• Critical Security Bug Opens Cisco BroadWorks to Complete Takeover

• New Flaw In Apple Devices Led To Spyware Infection, Researchers Say

• Cisco: Booming identity market driven by leadership awareness

• ‘Evil Telegram’ Spyware Campaign Infects 60K+ Mobile Users

• Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

• Axon’s Ethics Board Resigned Over Taser-Armed Drones. Then the Company Bought a Military Drone Maker

• Top US Spies Meet With Privacy Experts Over Surveillance ‘Crown Jewel’

• Apple Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones

• U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members

• China Unleashes AI-Powered Image Generation For Influence Operations

• Polish Senate says use of government spyware is illegal in the country

• 6 stages of the ransomware lifecycle

• Trickbot, Conti Sanctions Affect Top Cybercrime Brass

• Kenya Initiates Public Sector Digital Skills Training, No Mention of Cybersecurity

• Biometrics in law enforcement

• The SEC demands more transparency about Cybersecurity incidents in public companies

• Cyber-criminals Exploit GPUs in Graphic Design Software

• UK Military Data Breach via Outdated Windows 7 System

• Dallas Ransomware Attack: Hackers Steal 800K City Files

• Tesla data breach lawsuit and Johnson and Johnson data breach details

• Google TAG Exposes North Korean Campaign Targeting Researchers

• How to Protect Your Personal Financial Information from Data Brokers

• UK’s Nuclear Submarine Base Faces Unprecedented Threats: Russia Implicated in Shocking Incidents

• Apple And ARM Sign Long-Term Chip Deal

• Cisco BroadWorks Is Affected by a Critical-Severity Vulnerability

• In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach

• New Phishing Campaign Launched via Google Looker Studio

• Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

• Emerging threats: Adapting cyber defense to the changing landscape

• PallyCon DRM License Cipher protects users against software-level DRM vulnerabilities

• Warning: RocketMQ Vulnerability Actively Exploited by Threat Actors

• Automakers can Exploit Your Private Data However They Want

• Russian Man Handed Nine-Year Sentence for Hacking Scheme

• 3 Strategies to Defend Against Resurging Infostealers

• Polish senate says use of government spyware is illegal in the country

• Outsourcing Translation Services in the Digital Age: Leveraging Technology

• Safe delivery

• Cybersecurity Mergers Flatline – Here’s Why That Won’t Last

• Getting to Know: Grant Asplund

• From AI-driven Defense to Dark Web Threat Intelligence

• Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

• Cyber Security Today, Friday Sept. 8, 2023 – Are boards and CISOs communicating, the latest ransomware data and more

• Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap

• Mastering Anything Through Technology: The Role of Videos & Blogs in Skill Acquisition

• Tech-Driven Fitness: How Modern Technology is Revolutionizing Workouts

• Tech Unveiled: Surprising Innovations You Probably Didn’t Know About (2023)

• Apple races to patch the latest zero-day iPhone exploit

• Citizen Lab Identifies NSO Spyware On Apple Devices

• LLMs and Tool Use

• Keeper Introduces Major Password Manager Update for iOS

• Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)

• Tech Talk: How Digital Tools Enhance Word Exploration and Comprehension

• Surfing the Blogosphere: Unleash the Power of the Internet for Fresh Insights

• Bridewell announces CHECK penetration testing accreditation from NCSC

• Strider Technologies Names Royal Navy and UK Ministry of Defence Veteran, Admiral Sir Tim Fraser, as an Advisor

• Alphabet Tentatively Settles US Google Play Store Antitrust Probe – Report

• Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts

• North Korean Hackers Actively Attacking Security Researchers

• Tripwire Patch Priority Index for August 2023

• US Aeronautical Organization Hacked via Zoho, Fortinet Vulnerabilities

• US, UK Sanction More Members of Trickbot Russian Cybercrime Group

• Grow Revenue, Cross Sell, and Reduce Churn with Sentinel Pulse

• Evil Telegram doppelganger attacks Chinese users

• Tech-Enhanced Exploration: Navigating the Netherlands with Apps and More

• CISA Adds Critical RocketMQ Bug to Must-Patch List

• Regulator to Investigate Fertility App Security Concerns

• North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers

• Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)

• North Korean hackers target security researchers with zero-day exploit

• Dymocks – 836,120 breached accounts

• CISA Adds Critical RocketMQ Bug to Must-Patch List

• Dymocks – 836,120 breached accounts

• Apple Patches Two Zero-Days Exploited in Pegasus Attacks

• Apple Discloses 2 Zero-Day Flaws Exploited to Hack iPhones & Mac

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Silicon UK Pulse: Your Tech News Update: Episode 17

• SSO Implementation Flaw In Cisco Broadworks Let Attackers Forge Credentials

• Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

• Concerns Over Cyber Attacks Growing Among UK Schools

• How to Achieve Maximum Security in Virtualized Data Centers

• Global Ticketing Giant Hacked: Attackers Accessed Customers’ Payment Data

• Multiple ArubaOS vulnerabilities Let Attackers Execute Arbitrary Code

• Microsoft, recently busted by Beijing, thinks it’s across China’s ever-changing cyber-offensive

• CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities

• Internal discussions of a large ransomware-as-a-service Group Exposed

• New infosec products of the week: September 8, 2023

• September 2023 Patch Tuesday forecast: Important Federal government news

• Introduction To Cybersecurity

• Okta: Cyber Attackers Target IT Help Desks to Compromise Super Admin and Disable MFA

• New quantum random number generator could revolutionize encryption

• Unimplemented controls could derail your ESG compliance efforts

• 75% of education sector attacks linked to compromised accounts

• Best practices for implementing a proper backup strategy

• Navigating economic uncertainty with managed security services

• Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones

• Software Supply Chain Strategies to Parry Dependency Confusion Attacks

• Temu is collecting user data including text messages and bank info, claims Grizzly Research

• Russian infosec boss gets nine years for $100M insider-trading caper using stolen data

• Temu is collecting user data including text messages and bank info, claims Grizzly Research

• A history of ransomware: How did it get this far?

• FreeWorld ransomware attacks MSSQL—get your databases off the internet

• How Microsoft’s highly secure environment was breached

• Cybersecurity Mergers Flatline. Here’s Why That Won’t Last.

• Musk stiffed Twitter vendors and dared them to sue—dozens did just that

• North Korea-backed hackers target security researchers with 0-day

Generated on 2023-09-09 23:55:23.976932