IT Security News Monthly Summary – August

• IT Security News Weekly Summary – Week 30

• IT Security News Daily Summary 2022-07-31

• Businesses Will Suffer Cyber-Attacks; But Do They Know the Real Cost?

• aiXDR Brief

• Novel Phishing Campaign Employs Countdown Timer to Pressurize Victims

• (ISC)² and Others Commit to Closing the Cybersecurity Workforce Gap While at the White House

• Facebook Ads Push Android Adware, Installed 7M Times on Google Play Store

• Air Defense and the Limits of Drone Technology

• 17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware

• EDR Blindness, pt II

• Data Spyware Delivered via Telegram & Discord Bots

• Week in review: Attackers abandoning malicious macros, average data breach cost soars

• Apple Just Patched 37 iPhone Security Bugs

• Security Affairs newsletter Round 376 by Pierluigi Paganini

• North Korea-linked SharpTongue spies on email accounts with a malicious browser extension

• Penetration testing

• (ISC)² Pledges 1 Million Certified in Cybersecurity

• Weekly Update 306

• Loft partners with Docker to help users manage virtual Kubernetes clusters

• Alleged ShinyHunters Hacker Group Member Arrested

• Verimatrix names Asaf Ashkenazi as CEO

• Alan Masarek joins Avaya as President and CEO

• IT Security News Daily Summary 2022-07-30

• Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report

• Darktrace Launches ‘PREVENT’ to Proactively Protect Organizations

• Stop Putting Your Accounts At Risk, and Start Using a Password Manager

• US Government Alerts Americans of Rising SMS Phishing Attacks

• CISA orders to patch an actively exploited flaw in Confluence servers

• How To Select Your Pentest Vendor: Guide

• Skyhigh Security’s Kimberly Winfield named to CRN’s 2022 Rising Female Stars of IT List

• New Whistic VP Jake Bernardes says transparency is the key for businesses to strengthen cybersecurity

• CISSP Recognized as Top Cybersecurity Certification

• The Bitglass Blog

• 911 (911.re) Proxy Service Shuts Down After Confirming Security Breach

• Discord Users Targeted by Malicious Npm Packages

• Zero-day Exploitable Bug in Atlassian Confluence

• Securing Container Base Images Using Kyverno Policies

• Is this website Safe : How to Check Website Safety to Avoid Cyber Threats Online

• Kenyan Government Orders Facebook To Tackle Hate Speech Problem Immediately

• You Pay More When Companies Get Hacked

• Tim Hortons offer free coffee and donut to settle data privacy invasion claims

• Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers

• Build or Buy your own antivirus product

• North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts

• Conversant Group Names Jason Anderson VP of Technology

• Fastly Partners with HUMAN Security to Protect Customers from Bot Attacks and Fraud

• How Long Does it Take to Train Entry-Level Cybersecurity Team Members?

• CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks

• Codenotary Auditable Change Management enables organizations to manage licensing fees

• Mirantis launches Lens Pro to enhance developers’ Kubernetes productivity

• Staying safe online: How to browse the web securely

• Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe

• This is what to expect when a managed service provider gets popped

• Fastly collaborates with HUMAN to protect customers against fraud and account abuse

• LofyLife: Malicious npm Packages Used in Siphoning Off Discord Tokens, Card Data

• IT Security News Daily Summary 2022-07-29

• Biden picks next Space Force chief

• AWS Focuses on Identity Access Management at re:Inforce

• Where to see UFOs

• Microsoft Connects USB Worm Attacks to ‘EvilCorp’ Ransomware Gang

• Attackers Have ‘Favorite’ Vulnerabilities to Exploit

• Power struggles in Data Center Alley

• 911 Proxy Service Implodes After Disclosing Breach

• Feds put $10m bounty on Putin pal accused of bankrolling US election troll farm

• Congress Warns of US Court Records System Breach

• Ransomware Bill Passes House

• Blockchain, Web3 and the potential for government transformation

• Ransomware hackers will still target smaller critical infrastructure, CISA director warns

• Coveware: Median ransom payments dropped 51% in Q2

• Security Teams Overwhelmed With Bugs, Bitten by Patch Prioritization

• Why Bug-Bounty Programs Are Failing Everyone

• Lawmakers question DOJ’s National Security Division on cybersecurity, surveillance

• Malicious Macro-Enabled Docs Delivered via Container Files to Bypass Microsoft Protections

• How Much Is Your Data Actually Worth?

• Airports, Bridges, and Beltways

• GPO unveils key priorities for 5-year modernization plan

• Decentralized IPFS networks forming the ‘hotbed of phishing’

• Decision Makers Held Back from Delivering on IT Security Strategy

• CISA Adds One Known Exploited Vulnerability to Catalog

• Extending Endpoint Security with Zero Trust

• AI could help Congress schedule and find unexpected consensus, expert says

• Why is my internet so slow? 11 ways to speed up your connection

• How does proper SSH key management protect your network?

• Amazon Adds Malware Detection to GuardDuty TDR Service

• CISA Adds One Known Exploited Vulnerability to Catalog

• The ransomware landscape changes as fewer victims decide to pay

• To settle with the DoJ, Uber must confess to a cover-up. And it did.

• Asaf Ashkenazi Named CEO of Verimatrix

• Latest Cyberthreats and Advisories – July 29, 2022

• Latest Cyberthreats and Advisories – July 21, 2022

• Deploying a Modern Card Program: Part Three

• DOJ confirms cyber attack on US Court system

• SBOMs: What they are and why organizations need them

• Criminals using compromised social media accounts to “post indecent images of children” says UK cybercrime organization

• Prevent email phishing attacks this summer with 3 defensive measures

• N Korean APT Uses Browser Extension to Steal Emails From Foreign Policy, Nuclear Targets

• Governments Ramp Up Demands for User Info, Twitter Warns

• How to celebrate SysAdmin Day!

• Big Questions Remain Around Massive Shanghai Police Data Breach

• Google delays Chrome third party cookie sunsetting…again

• US Congress Passes $52 Billion Chips Act

• Malicious Npm Packages Tapped Again to Target Discord Users

• FCC Warns of Rising Robotext Scams

• Malicious npm Packages Scarf Up Discord Tokens, Credit Card Info

• Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware

• Microsoft Zero-Days Sold and then Used

• How Young Is Too Young to Be a Police Officer?

• Spyware Group ‘Knotweed’ Employs Windows and Adobe Bugs to Target Firms Worldwide

• Microsoft: Hackers Exploring New Attack Techniques

• ‘Quantum flute’ gets light particles to move in strange ways

• 30 Minutes to a More Secure Network, on Campus and Off

• Amazon Posts Second Straight Loss After Rivian Stake Writedown

• Attackers Targeting MS-SQL Servers to Steal Bandwidth for Proxy Services

• Cloud Security Audit Tools: A Glance, Why It’s Important, Top Tools and Techniques

• Cyber insurance is on the rise, and organizational security postures must follow suit

• 3 Tips for Creating a Security Culture

• Microsoft experts linked the Raspberry Robin malware to Evil Corp operation

• US Court System Suffered Incredibly Significant Attack – Sealed Files At Risk

• BreachForums Booms On The Back Of Billion Record Chinese Data Leak

• Ransomware Hit The American Dental Association

• JPMorgan, UBS Among Trio Accused Of Shoddy ID Theft Protection

• Threat Actors Pivot Around Microsoft’s Macro-Blocking In Office

• The 6 best home automation systems of 2022

• Major Cybersecurity Breach of US Court System Comes to Light

• OneTouchPoint Discloses Data Breach Impacting Over 30 Healthcare Firms

• This phishing attack uses a countdown clock to panic you into handing over passwords

• Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

• Attackers are slowly abandoning malicious macros

• Latest Cyberthreats and Advisories – July 29, 2022

• Apple Shrugs Off Economic Gloom, But Profit Slips

• Why CISA wants to release a new version of its Zero Trust Maturity Model

• Microsoft has blocked hackers’ favourite trick. So now they are looking for a new route of attack

• How to make switching between your work PC and personal laptop much easier

• GitHub Improves npm Account Security as Incidents Rise

• Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network

• Dahua IP Camera Vulnerability Could Let Attackers Take Full Control Over Devices

• Exploitation is underway for a critical flaw in Atlassian Confluence Server and Data Center

• Google Delays Phasing Out Ad Cookies on Chrome Until 2024

• It’s past time to figure out cross-cloud security

• Euro Police Bust €3m Internet Fraud Gang

• Ransomware looms large over the cyber insurance industry

• What Is Smishing?

• Examining New DawDropper Banking Dropper and DaaS on the Dark Web

• Banking as a Service: The Real Reasons Why It’s So Popular

• eIDAS 2.0 Developments | Avast

• RaaS Groups Forced to Change Tack as Payments Decline

• Ransomware Group Demand £500,000 From Bedfordshire School

• Malware-laced npm packages used to target Discord users

• Hacktivist group Anonymous has ’embarrassed’ Russian companies and government agencies

• Malicious Npm Packages Designed to Steal Discord Tokens

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Is someone stalking you with an Apple AirTag?

• Silicon UK In Focus Podcast: How to Keep Your People

• BreachForums booms on the back of billion-record Chinese data leak

• Hive Ransomware group demands £500000 from School in England

• Displeased employees leading to 75% of Cyber Attacks

• Spanish Police Arrest 2 Nuclear Power Workers for Cyberattacking the Radiation Alert System

• Businesses confess: We pass cyberattack costs onto customers

• Why there is no quick fix for cyber attacks

• New infosec products of the week: July 29, 2022

• Most Important Android Application Penetration Testing Checklist

• Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation

• Comment: One In Three Organisations See Malicious Insiders As Ransomware Route

• WordFly Ransomware Attack, Experts Insight

• Threat Actors Respond To Microsoft Blocking Macros with New Email Tactics

• New HiddenAds malware affects 1M+ users and hides on the Google Play Store

• CarePayment Achieves HITRUST Risk-based, 2-year Certification to Manage Risk, Improve Security Posture, and Meet Compliance Requirements

• TD SYNNEX Launches Channel Leading Independent Software Vendor Experience

• APAC Security Leaders Come Together at SECURE Singapore

• DataTribe Announces Fourth Annual Cybersecurity Start-Up Challenge

• Latest Cyberthreats and Advisories – July 15, 2022

• US court system suffered ‘incredibly significant attack’ – sealed files at risk

• Arcserve SaaS Backup protects evolving data environments

• Using real customer data in testing environments creates unnecessary risk

• Researchers create key tech for quantum cryptography commercialization

• New HiddenAds malware that runs automatically and hides on Google Play, 1M+ users affected

• Hacktivist group Anonymous is exposing weaknesses in Russia’s cyber technology

• Battlefy – 83,610 breached accounts

• XONA names Roneeta Lal Head of Channel Sales

• Strata Identity hires Granville Schmidt as Principal Architect

• Honeywell appoints Vimal Kapur as President and COO

• Daon collaborates with Ping Identity to provide customers with biometric-based MFA

• Fortress Information Security and NetRise form a partnership to extend XIoT offering

• Telegram and Discord Bots Delivering Infostealing Malware

• CrimsonRat, AvosLocker & MaliBot

• Transport Layer Security (TLS): Issues & Protocol

• How edge computing is accelerating innovation across hardware, software and service provider domains

• How local governments are handling a threat they can’t even see

• JPMorgan, UBS among trio accused of shoddy ID theft protection

• IT Security News Daily Summary 2022-07-28

• Lawmakers call for DHS inspector general to ‘step aside’ from Secret Service probe

• AI can be a first line of defense in fielding 988 calls

• Election info must be more accessible to disabled, survey says

• Akamai blocked the largest DDoS attack ever on its European customers

• Lawmakers float FITARA changes as scores get dragged down by missing data

• 3 Steps to Build Hybrid Workplace Connection thru Virtual Experiences

• Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants

• Abortion Information Is Coming Down Across Social Media. What Is Happening and What Next.

• Microsoft: Austrian company DSIRF selling Subzero malware

• Breach Exposes Users of Microleaves Proxy Service

• Hack Post-Quantum Cryptography Now So That Bad Actors Don’t Do It Later

• Suspected radiation alert saboteurs cuffed by cops after sensors disabled

• Google Gmail Rolls Out New Interface For All Users

• Top republican to ‘seriously consider pulling the plug’ on VA’s new EHR system

• GAO offers options for improving U.S. semiconductor supply

• What does the demise of bitcode mean for the future of application security?

• Patch Now: Atlassian Confluence Bug Under Active Exploit

• LibreOffice fixed 3 flaws, including a code execution issue

• How Organizations Manage to Understand Millions of Unstructured Data Files at Scale

• Unscrambling Cybersecurity Acronyms: The ABCs of Endpoint Security

• Threat actors use new attack techniques after Microsoft blocked macros by default

• Federal Preemption of State Privacy Law Hurts Everyone

• US State Department Offers $10 Million for Information on North Korean Hackers

• Multiple Security Flaws Found In Nuki Smart Locks

• Why cities and towns see a huge economic opportunity in the semiconductor bill

• Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

• Spanish Police Arrest Alleged Radioactive Monitoring Hackers

• Anatomy of a Cloud-Service Security Update

• 5 Benefits of a Cloud Firewall

• A Navy cyber effort is fixing thousands of holes—and building tech talent

• Google delays removal of third-party cookies in Chrome through 2024

• AWS adds anti-malware and PII visibility to storage

• S3 Ep93: Office security, breach costs, and leisurely patches [Audio + Text]

• What the White House’s Cybersecurity Workforce Plan Should Look Like

• Radioactivity monitoring and warning system hacked, disabled by attackers

• CIOReview Names Cobalt Iron Among 10 Most Promising IBM Solution Providers 2022

• Movement Bank Seeks New Technologies to Support the Underserved through CSI’s NuPoint® Core Platform

• Southwest Healthcare System Signs New Three-Year Managed Cybersecurity RPP Contract With CynergisTek Worth Over $600,000

• How I Prepared for the CISSP Exam

• Deploying a Modern Bank Card Program: Part One

• EU Officials Phones Hacked By NSO’s Pegasus Spyware – Report

• What Is the Impact of AI on Cybersecurity? 3 Interesting Use Cases

• $10 million reward offered for information on foreign government-linked malicious hackers

• House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing

• Crackdown on BEC Schemes: 100 Arrested in Europe, Man Charged in US

• Cybersecurity Growth Investment Flat, M&A Activity Strong for 2022

• Ransomware Group Demands £500,000 From School

• Citibank, Bank of America, Capital One, and others Targeted by ‘Robin Banks’ PhaaS

• Industrial systems: What it takes to secure and staff them

• Akamai blocks worlds largest DDoS attacks in Europe

• Enough’s enough: 7 signs to put down your phone and walk away

• The SMB Guide to Cyber Resilience | Avast

• Why enterprises face challenges in protecting machine identities

• US Expands Cybersecurity Partnership With Ukraine

• Facebook May Allow COVID Misinformation Back On Its Platforms

• MAR-10386789-1.v1 – Log4Shell

• Samba Releases Security Updates

• CISA Releases Log4Shell-Related MAR

• Why enterprises face challenges protecting machine identities

• Trump has endorsed a plan to purge the civil service of ‘rogue bureaucrats’

• MAR-10386789-1.v1 – Log4Shell

• Samba Releases Security Updates

• CISA Releases Log4Shell-Related MAR

• Automated dynamic application security testing with RapiDAST and cross-team collaboration

• TikTok owner ByteDance pushed a pro-China agenda to Americans, say former employees

• FTC Lawsuit To Block Meta Acquisition Of VR Developer Within

• Proof of Stake Alternatives Every Developer Should Know Of

• NIST Supply Chain Security Guidelines: 10 Key Takeaways

• How Tor Is Fighting—and Beating—Russian Censorship

• Google Delays Blocking 3rd-Party Cookies in Chrome Browser Until 2024

• ENISA provides data related to major telecom security incidents in 2021

• Inside The Energy Department’s 10-Year Plan To Reshape Cybersecurity In The Sector

• Microsoft Exposes Tactics Of European Mercenary Spyware Broker

• FileWave Fixes Bugs That Left 1,000+ Orgs Open To Ransomware

• US Puts $10 Million Bounty On North Korean Cyber Crews

• “Orwellian in the extreme” food store installs facial recognition cameras to stop crime, faces backlash

• Alphabet Misses Earnings Forecast, But Pleases With Strong Ad Performance

• Attackers Use Malicious IIS Extensions to Deploy Covert Backdoors into Exchange Servers

• API Security Weekly: Issue 172

• Exploitation of Recent Confluence Vulnerability Underway

• Securing Smart Cities from the Ground Up

• The Chatter Podcast: Spotting Fake News with Cindy Otis

• What is Cyber-Essential Patch Compliance?

• Here’s How BlackMatter Ransomware is Linked With LockBit 3.0

• Protect your business from cybercrime with this dark web monitoring service

• What Women Should Know Before Joining the Cybersecurity Industry

• July 2022 Web Server Survey

• FITARA 14 sees just one overall A and stagnant grades

• Microsoft: Hackers are Using Malicious IIS Extensions to Backdoor Exchange Servers

• 1,000s of Phishing Attacks Blast Off From InterPlanetary File System

• Top MSSP CEOs Share 7 Must-Do Tips for Higher MSSP Revenue and Margin

• Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits

• Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default

• Kubernetes security: Shift-left strategies and simplifying management

• Microsoft: Attackers Increasingly Using IIS Extensions as Server Backdoors

• France Closes ‘Cookies’ Case Against Facebook

• Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks

• After Dobbs, Democrats and Republicans Switch Places on Speech Policy

• LofyLife: malicious npm packages steal Discord tokens and bank card data

• Numerous Security Vulnerabilities Found In Enabot Ebo Air Smart Robot

• A Comprehensive Guide to Navigating The Cybersecurity Jungle

• How to Combat the Biggest Security Risks Posed by Machine Identities

• European firm DSIRF behind the attacks with Subzero surveillance malware

• New UFEI Rootkit

• Meta Posts First Ever Revenue Decline, Amid Intense Pressures

• IriusRisk simplifies security for developers with new infrastructure-as-code capability

• NCSC Startup Program Seeking Candidates to Help Protect Critical Infrastructure

• Google brings Street View back to India following 2016 ban

• Rivian Confirms It Will Cut 6 Percent Of Staff

• Hackers Change Tactics for New Post-Macro Era

• APT trends report Q2 2022

• Is Your Car the Next Security Risk? – Intego Mac Podcast Episode 250

• Malware on IBM Power Systems: What You Need to Know

• How attackers are adapting to a post-macro world

• Microsoft Threat Intelligence Center Links Threat Group to Austrian Spyware Vendor DSRIF

• Cybersecurity is becoming a top priority among critical infrastructure operators

• Social Media Accounts Hijacked to Post Indecent Images

• 22 million US health records breached thus far in 2022

• A Comprehensive Guide to Hybrid Cloud for Businesses

• 5 ways to effortlessly spot and eliminate hidden threats in your network

• Candiru: Attack targeting journalists in the Middle East

• European Police Arrest 100 Suspects in BEC Crackdown

• U.S. Offers $10 Million Reward for Information on North Korean Hackers

• LibreOffice Releases Software Update to Patch 3 New Vulnerabilities

• Spain police arrested two men accused of cyber attacks on radioactivity alert network (RAR)

• Do you know what your supply chain is and if it is secure?

• FIN7 now enters ransomware as a service business

• Twitter user data sold for $30k on dark selling forum

• Cash App fraud: 10 common scams to watch out for

• 84% of organizations experienced an identity-related breach in the past 18 months

• Only 25% of organizations consider their biggest threat to be from inside the business

• The future of attack surface management (ASM)

• 2022-07-27 – IcedID (Bokbot) activity: two infection runs

• 2022 Governance, Risk, and Control Conference Provides a Customized Learning Experience

• SCVX Corp. Announces Redemption of Class A Ordinary Shares

• Hiring Managers Lead on Entry-Level Cybersecurity Job Descriptions

• Day in the life of a digital citizen after eIDAS2

• Everything to know about SaaS data security

• NetDiligence Breach Plan Connect updates provide senior managers with cyber incident response plan

• Rapid7 adds layered context capabilities to its InsightCloudSec platform

• Uptycs releases new CDR functionality to help organizations detect malicious behaviors

• Teleport 10 enables single sign-on to any infrastructure resource without passwords or usernames

• 1 in 3 employees don’t understand why cybersecurity is important

• Everything You Need to Know About Monkeypox

• 0-days sold by Austrian firm used to hack Windows users, Microsoft says

• The High-Stakes Race to Engineer New Psychedelic Drugs

• Newly found Lightning Framework offers a plethora of Linux hacking capabilities

• Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us

• CircleCI launches support for GitLab SaaS developers

• Model9 integrates with Pure Storage to help mainframe enterprises manage their data

• Socure collaborates with Middesk to accelerate onboarding processes for businesses

• SafeGuard Cyber integrates with Okta and Azure AD to automate identity-based responses for enterprises

• Digital Key Release 3 v1.1: Store, authenticate, securely share vehicle digital keys

• When Human Security Meets PerimeterX

• How to Evaluate Progress in the Justice Department’s Jan. 6 Investigation

• Critical Samba bug could let anyone become Domain Admin – patch now!

• Overcoming the Fail-to-Challenge Vulnerability With a Friendly Face

• OneTouchPoint, Inc. Provides Notice of Data Privacy Event

• HackerRank appoints Monica Ohara as CMO

• Robert Conrad joins Silicon Labs Board of Directors

• Deep Instinct hires Carl Froggett as CIO

• Mirantis acquires amazee.io to improve software delivery hub for modern applications

• FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft

• Google once again delays phasing out third-party cookies

• Imperva Reaches New Heights as it Opens PoPs in Cape Town and Rio

• We’re likely only seeing ‘the tip of the iceberg’ of Pegasus spyware use against the US

• IT Security News Daily Summary 2022-07-27

• With $11.5M In Funding, Naoris Protocol Will Use Blockchain & Decentralization To Plug Web3 Security Gaps

• Bill aims to create one disaster recovery assistance application

• Preventing wildfires could start with data from controlled burns

• Nuki Smart Lock Vulnerabilities Allow Hackers to Open Doors

• Victim of Private Spyware Warns It Can be Used Against US

• CISOs: Embrace a common business language to report on cybersecurity

• AWS re:Inforce details how to fortify enterprise security culture and tools

• Attackers increasingly abusing IIS extensions to establish covert backdoors

• Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware

• US puts $10 million bounty on North Korean cyber-crews

• Twitter Hacker Seeks $30,000 For Stolen Data On 5.4 Million Users

• City tests smart, low-cost traffic cameras

• Apple network traffic takes mysterious detour through Russia

• Alert! Check if you have these Android Malware Apps Installed With 10M+ Downloads

• Zero-Trust Architecture Is Incomplete Without Digital Signatures

• Major Challenges in Cybersecurity and How Seceon helping to Overcome those.

• Trends To Ensure Cybersecurity In 2022

• Chinese Hackers Deploy Malware in Firmware Images of Certain Motherboards

• SSH2 vs. SSH1 and why SSH versions still matter

• data breach

• TSP officials say they’re nearing ‘normalcy’ after a troublesome recordkeeper transition

• Cyber insurance price hike hits local governments hard

• Heat.gov offers real-time data, resources to combat extreme heat

• US Offers $10M Double-Reward for North Korea Cyberattacker Info

• Average Data Breach Costs Soar to $4.4M in 2022

• Time Between Vulnerability Disclosures To Exploits Is Shrinking

• Messaging Apps Tapped As Platform For Cybercriminal Activity

• Woman Tells Congress What It’s Liked To Be Hacked By NSO’s Pegasus

• Discovery Of New UEFI Rootkit Exposes An Ugly Truth: The Attacks Are Invisible To Us

• Quantum cryptography: Hacking is futile

• A key role for quantum entanglement

• Messaging Apps Tapped as Platform for Cybercriminal Activity

• AWS ups security for Elastic Block Store, Kubernetes service

• How to quickly deploy the Odoo ERP solution with Docker

• Mailing List Provider WordFly Scrambling to Recover Following Ransomware Attack

• HUMAN Security and PerimeterX Merge on Mission to Combat Bots

• Microsoft Catches Austrian Company Exploiting Windows, Adobe Zero-Days

• Cyber-Criminal Offers 5.4m Twitter Users’ Data

• Is Your Home or Small Business Built on Secure Foundations? Think Again…

• Knotweed Euro cyber mercenaries attacking private sector, says Microsoft

• Ducktail Spear-Phishing Campaign Targets Facebook Business Accounts Via LinkedIn

• Digital PIN – The Next Step in Digital First Banking

• AT&T Cybersecurity Insights Report: A Focus on Manufacturing

• DevSecOps monitor and decommission

• AwareGO Platform Reveals Even Seasoned Security Experts are Vulnerable to Common Security Risks

• CosmicStrand malware targets old Asus and Gigabyte motherboards

• Chip Revenues To Decline 2.5 Percent In 2023, Warns Gartner

• Top 7 data loss prevention tools for 2022

• First Cohort Graduates from PSM Cyber Stars Program at Liverpool FC

• HR Emails Dupe Employees The Most – KnowBe4 research reveals

• What roles do humans play in cyber breaches

• The lifecycle of a software vulnerability

• Microsoft to turn on ransomware protection on Windows 11 and 10 OS by default

• Samsung keeps its Galaxy devices safe from Pegasus Spying software

• Your Linux Firewall Cant Stop These 3 Attacks!

• Senators Introduce Quantum Encryption Preparedness Law

• These 28+ Android Apps with 10 Million Downloads from the Play Store Contain Malware

• Russia Fines Google $34m, After Last Week’s $358m Penalty

• Cybersecurity mesh adds decentralized security and swarm AI for remote-first enterprises

• GenCyber: NSA sets up summer camps to teach kids to hack

• Time from vulnerability disclosures to exploits is shrinking

• What the Titanic Can Teach Us About Fraud?

• IBM Security: Cost of Data Breach Hitting All-Time Highs

• Criminals Use Malware as Messaging Bots to Steal Data

• DUCKTAIL operation targets Facebook’s Business and Ad accounts

• Heimdal™ Threat Hunting Journal July 2022 Edition

• Arts Organizations’ Email Lists Compromised by Ransomware Attack

• New quantum hardware could allow computers to process information more naturally

• Infostealer malware targets Facebook business accounts to capture sensitive data

• Advocating for Passion, Kindness and Women in STEM

• Heimdal™ Threat Hunting Journal July 2022 Edition

• Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

• Microsoft Q4 Profits From Cloud Growth, But Misses Forecasts

• No More Ransom Helped More Than 1.5 Million People Decrypt Their Devices

• The Great BizApp Hack: Cyber-Risks in Your Everyday Business Applications

• Heimdal™ Threat Hunting Journal July 2022 Edition

• IIS extensions are on the rise as backdoors to servers

• LibreOffice security update fixes macro execution bypass and potential password leaking

• Biden administration unveils website to help combat extreme heat conditions

• Microsoft warns of stealthy backdoors used to target Exchange Servers

• These ransomware hackers gave up when they hit multi-factor authentication

• Race against time: Hackers start hunting for victims just 15 minutes after a bug is disclosed

• AWS Announces Enhancements to Cloud Security, Privacy, Compliance

• Dozens of ‘Luca Stealer’ Malware Samples Emerge After Source Code Made Public

• US Offers $10 Million for Information on North Korean Hackers

• 8 Hot Summer Fiction Reads for Cybersecurity Pros

• Constitutional Citizenship in the U.S. Territories

• Anti-Censorship Legislation: A Flawed Attempt to Address a Legitimate Problem

• Heimdal™ Threat Hunting Journal July 2022 Edition

• Running a Sustainable Business in 2022

• Anti-vaxxer dating site exposes user data

• Azure Gateway Load Balancer is now available—and Check Point supports it today!

• Digital Hands and SentinelOne join forces to automate the SOC

• Teleport introduces passwordless authentication to access management

• In post-Roe US, experts share how to keep your data private

• Securing Open-Source Software

• Online Dating Made Better – Enter Smart Technology

• PrestaShop warns of vulnerability: Update your stores now!

• API security firm Impart Security promises solutions, not more alarms, for overwhelmed security staff

• Microsoft warns of stealthy backdoors used to target Exchange Servers, email

• Why you really need multi-factor authentication: These ransomware hackers gave up when they saw it

• Twitter Data Breach From Former Gartner Cybersecurity Analyst

• LockBit Ransomware Gang Claims It Ransacked Italy’s Tax Agency

• A ‘Top Tier’ Hacking Gang Is Likely To Be Behind Entrust Ransomware Attack

• Simplifying the fight against ransomware: An expert explains

• Don’t Call the New Federal Gun Law a Gun Law

• Taking the Risk-Based Approach to Vulnerability Patching

• New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts

• More than a VPN: Announcing Cisco Secure Client (formerly AnyConnect)

• The strange similarities between Lockbit 3.0 and Blackmatter ransomware

• Major Security Vulnerability In Prestashop Platform

• Weak data protection helped China attack US Federal Reserve, report says

• Amazon UK To Raise Cost Of Prime Service

• T-Mobile agrees to pay customers $350 million in settlement over data breach

• Build SBOMs with Microsoft’s internal tool

• Data breach costs record $4.3M with firms passing buck to customers

• Organizations need to change their strategy to reduce cyber risk

• OneWeb Confirms Merger With Eutelsat

• US Doubles Reward for Info on North Korean Hackers

• Cost of Data Breach Reaches $4.35m on Average Globally

• Lockbit Ransomware Gang Have Claimed Responsibility For Recent Public Attacks

• Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access

• NFT Hacking Group Attacks On The Rise, Report Finds

• No More Ransom Has Helped Over 1.5m Victims

• Serious OAuth vulnerability In Grafana Could Allow Account Takeover

• Data Breach Costs Reach New Record High

• The global average cost of a data breach reaches an all-time high of $4.35 million

• Black Hat USA 2022: Schedule for Las Vegas hybrid event

• Cyber Security Management System (CSMS) for the Automotive Industry

• IBM puts NIST’s quantum-resistant crypto to work in Z16 mainframe

• What’s New in the 2022 Cost of a Data Breach Report

• Cybercrime goods and services are cheap and plentiful

• How SMBs are evolving their cybersecurity operations practices

• Organizations are struggling with SaaS security. Why?

• Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure

• Vietnamese attacker circumvents Facebook security with ‘DUCKTAIL’ malware

• Average cost of data breach surpasses $4 million for many organizations

• North Korean APT37 Hackers Attack EU Countries with Konni RAT Malware

• 2022-07-26 – Files for an ISC diary (IcedID with DarkVNC and Cobalt Strike)

• IBM’s Cost of a Data Breach Report finds invisible ‘cyber tax’

• Is any organisation risk and data breach free?

• Aruba announces AIOps solutions to simplify network operations for IT teams

• AlertMedia Analyst Access offers direct interaction with threat intelligence experts during critical events

• Runecast adds CNAPP capabilities to secure workloads across three cloud service providers

• NetApp Spot Security identifies and assesses cloud security posture risks

• Find out why developers love Pentest as a Service (PtaaS)

• 2022-07-25 – IcedID (Bokbot) infection with Cobalt Strike

• Wawa Agrees to Payment, Security Changes for ’19 Data Breach

• Mild monthly security update from Firefox – but update anyway

• A Retrospective on the 2015 Ashley Madison Breach

• General Sir Chris Deverell joins Conceal Board of Advisors

• Resecurity acquires Cybit Sec to expand its threat intelligence capabilities in the Middle East

• Infobip partners with Microsoft to enhance digital communications

• GoTrust Idem Key uses FIDO standards to access EU eIDAS digital services

• Stairwell collaborates with Cyderes to expand visibility into malicious activity for customers

• Paytm – 3,395,101 breached accounts

• Charter told to pay $7.3b in damages after cable installer murders grandmother

• Rods and Cones, and EDR “blindness”

• Craig Newmark Gives UC Berkeley $2 Million for University Cybersecurity Clinics

• Crypto exchange Kraken reportedly hunted by the Feds for alleged sanctions busting

• AWS issues MFA call to action at re:Inforce 2022

• Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media

• Securing Cloud is Everyone’s Responsibility

• Trend Micro Joins AWS Marketplace Vendor Insights

• IT Security News Daily Summary 2022-07-26

• Pass the CHIPS Act

• Vulnerability Summary for the Week of July 18, 2022

• Culture shock: Ransomware gang sacks arts orgs’ email lists

• (ISC)² and Others Commit to Closing the Cybersecurity Workforce Gap While at the White House

• Digital hub finds new careers, available benefits for jobseekers

• European Lawmaker Targeted With Cytrox Predator Surveillance Spyware

• Economic Downturn Raises Risk of Insiders Going Rogue

• Microsoft Tops Brands Phishers Prefer

• LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top

• Vulnerability Summary for the Week of July 18, 2022

• Ducktail Malware Exploits LinkedIn to Hack Facebook Business Accounts

• Small business contract awards hit record $154B

• Discord, Telegram Services Hijacked to Launch Array of Cyberattacks

• AI Can Help Fintechs Fight Fraud-as-a-Service

• Why emergency calls sometimes can’t get through

• New Malware Threat Hacks Facebook Business Accounts

• Amazon Web Services’ cybersecurity chief Steve Schmidt lays out his outlook for the rest of 2022

• Critical Vulnerabilities Exposed Nuki Smart Locks to a Plethora of Attack Options

• U.S. increased rewards for info on North Korea-linked threat actors to $10 million

• PrestaShop Sites Hit by Severe Security Flaw

• Uber Admits Covering up Data Breach Involving 57M Users

• Understanding NIST’s post-quantum encryption standardization and next steps for CISOs

• Novel Malware Hijacks Facebook Business Accounts

• Flying Blind in Security Operations

• API Security Weekly: Issue 171

• How rural communities can receive the digital infrastructure support they need

• Serious Privilege Escalation Vulnerability Found In Zyxel Firewall

• Malicious IIS extensions quietly open persistent backdoors into servers

• Check Point Attains Infrastructure Distinction in AWS Security Competency

• Cross-pollination among neuroscience, psychology and AI research yields a foundational understanding of thinking

• Hackers use more sophisticated scams to drive costly data breaches, analysis finds

• What Is the Log4j Vulnerability and Why It’s NOT an Easy Fix

• Luca Stealer malware spreads rapidly after code handily appears on GitHub

• Phishers Targeted Financial Services Most During H1 2022

• Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts

• How Risk-Based Vulnerability Management Has Made Security Easier

• 4 Steps Financial Industry Can Take to Cope With Their Growing Attack Surface

• Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

• With ransomware, the road to recovery starts well before you’re attacked

• Cyber-attacks on Port of Los Angeles Doubled Since Pandemic

• Observe.AI Adds Enterprise-Grade Security Certifications for Protecting Customer Data in Contact Centers

• SentinelOne for AWS Elastic Disaster Recovery Protects Organizations from Ransomware

• Imperva Extends its Data Security Fabric to Include Enterprise Data Lakes Built on AWS

• Kasada Named Amazon CloudFront Ready Partner

• Allbound Inc. Raises $43 Million from Invictus Growth Partners

• What identity threat detection and response (ITDR) means in a zero-trust world

• Guide to the latest Black Hat 2022 Conference news

• Poor Training and Communications Hindering Cybersecurity Efforts

• Threat actors leverages DLL-SideLoading to spread Qakbot malware

• How one Microsoft product manager acts as champion for identity security

• LockBit Ransomware Gang Targets Italian Tax Agency

• No More Ransom helping ransomware victims

• Cybersecurity Needs to Work Even When Employees Aren’t on Board

• Microsoft clamps down on RDP brute-force attacks in Windows 11

• SonicWall urges customers to patch critical SQL injection bug ASAP

• Windows 11: Account Lockout Policy Set Against Brute Force Attacks

• Beware!! Hackers Distribute Amadey Malware Pushed via Software Cracks & Keygen Sites

• The federal government plans to ‘step up our work’ on monkeypox after WHO declaration

• Uber Settles 2016 Hacking Case With DoJ

• T-Mobile To Pay $500 Million For One Of The Largest Data Breaches In US History

• Imperva Earns Three Cyber Defense Global InfoSec Awards for 2022

• CrowdStrike enhances container visibility and threat hunting capabilities

• Exfiltration Can Be Stopped With Data-in-Use Encryption, Company Says

• Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection

• Orchestrating deployment of @myexploit2600’s hacklab with Ansible and Vagrant [REDUX]

• State election officials struggle with paper shortages, harassment, insider threats

• I need a new iPhone. Is last year’s model good enough? [Ask ZDNet]

• Moving Toward Blanket Immunity: Israeli Supreme Court Blocks Gaza Tort Cases

• Limits in the Seas No. 150 and the U.S.’s Misinterpretation of ‘Historic Rights’

• FileWave MDM Vulnerabilities Leave 1000+ Organizations Exposed to Remote Cyberattacks

• Cyber security training to fit your summer plans

• Ransomware less popular this year, but malware up: SonicWall cyber threat report

• The Beautiful Lies of Machine Learning in Security

• VA’s new master record aims to be a ‘single source of truth’ for veteran data

• Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands

• New Ducktail Infostealer Targets Facebook Business Accounts via LinkedIn

• Data Security Firm Sotero Raises $8 Million in Seed Funding

• AWS re:Inforce: BigID looks to reduce risk and automate policies for AWS cloud

• guardDog.ai Automated Cyber Threat Response Sponsors 2022 ‘ASTORS’

• IoT Botnets Fuels DDoS Attacks – Are You Prepared?

• Cisco and AWS: Securing your resilience in a hybrid cloud world

• Apple’s Lockdown Mode

• Targeted campaign uses infostealer to hijack Facebook Business accounts

• 1Password password manager: How it works with apps

• Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers

• ‘Cancer Girl’ scam has stolen more than half a million dollars

• CrowdStrike introduces a new cloud threat hunting service

• AWS re:Inforce: BigID unveils intelligent access for AWS cloud

• ESG Cyber Resiliency Research Server Cut

• CrowdStrike launches cloud threat hunting service

• Uber Admits Covering Up 2016 Data Breach That Exposed 57M Users’ Data

• Passwordless Authentication Does Not Equate To Biometrics In The Workplace

• Top 5 Web Application Security Practices That Can Save You from Attacks In 2022

• Check Point Research: Weekly Cyber Attacks increased by 32% Year-Over-Year; 1 out of 40 organizations impacted by Ransomware

• Ransomware: 1.5 million people have got their files back without paying the gangs. Here’s how

• Tech media giants pledge to maintain online safety in NZ pact

• 6 Ways Technology is Improving the Way Vacuum Cleaners Work

• Chinese UEFI Rootkit Found on Gigabyte and Asus Motherboards

• Data Stolen in Breach at Security Company Entrust

• Inadequate password and authentication requirements found in popular business web apps

• Tesla Shows Giant ‘Giga Press’ In Action

• Canada To Examine Network Resiliency In Rogers-Shaw Merger

• 7 biggest Kubernetes security mistakes

• 75% of IT security professionals say they don’t get the support they need

• Global Malware Volumes Increase for First Time in Three Years

• Teenager Jailed for Snapchat Blackmail Cybercrimes

• T-Mobile-US Agree To Pay $350m Settlement Over 2021 Cyberattack

• Instagram introduces parental controls for UK users

• Chess-Playing Robot Breaks Boy’s Finger

• SEC Subpoenas Tesla Over ‘Funding Secured’ Settlement

• The UK’s National Crime Agency Seized Millions of Pounds Worth of Cryptocurrency Last year

• Lockbit Ramps Up Attacks on Public Sector

• Eutelsat In Talks To Acquire OneWeb

• Stealthy CosmicStrand Rootkit Infects PC Firmware

• SmokeLoader Infecting Targeted Systems with Amadey Info-Stealing Malware

• Report shows a third of employees don’t understand importance of cybersecurity

• T-Mobile to Pay $350m Settlement in Breach Case

• Looking for adding new detection technologies in your security products?

• Elon Musk Denies Reported Affair With Wife Of Sergey Brin

• Most Important Network Penetration Testing Tools for Hackers & Security Professionals

• New Magecart campaigns target online ordering sites

• LockBit ransomware gang claims it ransacked Italy’s tax agency

• 3 Actions Enterprises Must Take After Suffering a Data Breach

• Zero Day attacks target online stores using PrestaShop

• Infosec pros want more industry cooperation and support for open standards

• Product showcase: The Cynomi Virtual CISO (vCISO) platform

• Benefits of modern PAM: Efficiency, security, compliance

• Major shifts and the growing risk of identity fraud

• The infosec investment landscape: Which tech gets the most bucks?

• Spain flight delayed because of hacking of Apple’s AirDrop

• Cyber Attack news headlines trending on Google

• Hackers Exploit PrestaShop Zero-Day to Steal Payment Data from Online Stores

• 5 Common blind spots that make you vulnerable to supply chain attacks

• The State of Data Security in 2022: The CISOs Perspective

• AU10TIX expands its INSTINCT platform to stop deepfakes and swarm attacks

• Runecast announces new capabilities to simplify Kubernetes security and speed up operations

• Approaches to Get You Started with Your Digital Transformation Journey

• OpenFHE Brings New Encryption Tools to Developers

• Intel partners with MediaTek to manufacture new chips for a range of smart edge devices

• CosmicStrand, a new sophisticated UEFI firmware rootkit linked to China

• Checkmarx releases MSSP program to improve application security for organizations

• David Wagner joins Everbridge as CEO

• Sotero raises $8 million to help customers secure all data assets

• QBot Malware Exploiting Windows Calculator to Compromise Devices

• GSA appoints climate adviser

• Node.js prototype pollution is bad for your app environment

• IT Security News Daily Summary 2022-07-25

• PrestaShop Confirms Zero Day Attacks Hitting eCommerce Servers

• The awkward state of the remote vs. in-person work debate

• T-Mobile US to cough up $550m after info stolen on 77m customers

• Rare ‘CosmicStrand’ UEFI Rootkit Swings into Cybercrime Orbit

• Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs

• Twitter launches probe after miscreants claims to have swiped 5.4m users’ details

• NIST Updates Healthcare Security Guidance

• UK Cybersecurity Leaders Want Facebook To Scan For Child Abuse Imagery On Users’ Phones

• Top 5 Security Trends this Summer: RSA Conference & Black Hat 2022

• Counties get no-cost endpoint detection and response services

• How to require strong passwords on your shared Windows PC

• Indian Insurance Portal Policybazaar Suffers Breach

• T-Mobile Pitches $4-Per-Customer Settlement for Data Leak Impacting 80M People

• T-Mobile Decides To Settle $350 Million For Massive 2021 Data Breach

• Why Layer 8 Is Great

• NIST revises cybersecurity guidelines specifically for HIPAA

• NCSC Tests Cyber Advisor Program

• Flaws in FileWave MDM could have allowed hacking +1000 organizzations

• Welcome To the Datagovops Revolution

• Preventing Ransomware Attacks on Industrial Networks

• Flaws in FileWave MDM could have allowed to hack +1000 organizzations

• How Security Resignations Affect Developers’ Workloads

• Cyber-mercenaries for hire represent shifting criminal business model

• T-Mobile to cough up $500 million over 2021 data breach

• Qakbot Is Back With a New Trick: DLL Sideloading

• Microsoft Adds Default Protection Against RDP Brute-Force Attacks in Windows 11

• Global Forensic Technology Market Report 2022-2027: Increasing Number of Innovations in the Forensic Science Field & Increase in the Funding for Forensic Research – ResearchAndMarkets.com

• Booz Allen Hamilton Partners with Acalvio to Provide Advanced Cyber Deception Capabilities

• IoT Connectivity – Understanding the role of SIM and eSIM in IoT

• The future of email threat detection

• Lock down your Neopets account: Data breach being investigated

• Surveillance is pervasive: Yes, you are being watched, even if no one is looking for you

• Discover 5 lessons Microsoft has learned about compliance management

• PSPCL’s Scam Alert: Scammers Attempting to Extort Money

• New York Launches $30 Million Shared Services Program to Enhance Cyber Defense

• India seeks hackers help to protect UIDAI Aadhaar Data of Citizens

• Federated learning uses the data right on our devices

• Microsoft Again Reverses Course, Will Block Macros By Default

• DoJ Approves Google’s Acquisition Of Mandiant

• DIY Collective Embeds Abortion Pill Onto Business Cards, Distributes Them At Hacker Conferences

• Hardcoded Password In Confluence Has Been Leaked On Twitter

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Practical Guide to Using End-to-end Encryption (E2EE) on Linux

• Protecting IoT Devices from Within – Why IoT Devices Need A Different Security Approach?

• Aqua Launches Out-of-the-Box Runtime Security with Advanced Protection against the Most Sophisticated Threats

• Malware spent months hoovering up credit card details from 300 US restaurants

• DoJ approves Google’s acquisition of Mandiant

• Ensure a Secure LAN Edge for All Devices

• Uber Settles With Federal Investigators Over 2016 Data Breach Coverup

• Senators Introduce Bipartisan Quantum Computing Cybersecurity Bill

• Experts Uncover New ‘CosmicStrand’ UEFI Firmware Rootkit Used by Chinese Hackers

• Enhancing RHEL Security: Understanding SHA-1 deprecation on RHEL 9

• Aqua Runtime Protection detects sophisticated attacks in real time

• NIST revises cybersecurity guidelines specifically for health data

• FortiAP Access Points Provide Secure, Painless Connectivity for Remote Workers

• Open-Source Security: How Digital Infrastructure Is Built on a House of Cards

• Data Brokers, Elder Fraud, and Justice Department Investigations

• Four Main Reasons Shoppers Abandon eCommerce Carts

• Amadey Bot Makes Roaring Comeback with Aid from SmokeLoader Malware

• LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities

• Getting Ahead of Supply Chain Attacks

• How DevOps and CIS Security Controls Fit Together

• Updated TSA Pipeline Cybersecurity Requirements Offer More Flexibility

• 1,000 Organizations Exposed to Remote Attacks by FileWave MDM Vulnerabilities

• Cisco Salutes the League of Cybersecurity Heroes

• Stage Manager Offers a New Way to Work with Windows in macOS Ventura and iPadOS 16

• U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack

• Lockbit 3.0 and the ransomware business model

• Flaws in Enabot Ebo Air Home Security Robot Allowed Attackers to Spy on Users

• Twitter Database Of 5.4 Million Users For Sale – Expert Comments

• Microsoft Teams Settings Leave Govt Officials Open To Cyberattacks

• US Offers $15m Reward For HSE Hackers

• Google Chrome Zero-day Vulnerability Discovered By Avast

• Insurer Policybazaar Admits Customer Data Was Exposed By ‘Unauthorized Access’

• Lightning Framework, modular Linux malware

• Types Of Data Security Compliance And Why They’re Important

• The Technology Behind Online Casinos

• Update Google Chrome now! New version includes 11 important security patches

• After a hardcoded password leak, Atlassian expects Confluence app exploitation

• Critical SonicWall Vulnerability Allows SQL Injection – Patch Now!

• What Are Ransomware Attacks? An In-Depth Guide

• Infosec not your job but your responsibility? How to be smarter than the average bear

• Why Physical Security Maintenance Should Never Be an Afterthought

• Atlassian Expects Confluence App Exploitation After Hardcoded Password Leak

• Russia Is Quietly Ramping Up Its Internet Censorship Machine

• Interstate Travel Post-Roe Isn’t as Secure as You May Think

• Magecart Hacks Food Ordering Systems to Steal Payment Data from Over 300 Restaurants

• Lockbit ransomware gang claims to have breached the Italian Revenue Agency

• McAfee expands collaboration with Visa to protect people and businesses from threats

• How Has Technology Affected Online Gaming?

• Realizing your software has a vulnerability is bad. Realizing you’ve shipped it to thousands of customers…

• China Tightens Ride-Hailing Regulations After Record Didi Fine

• Google Banned By Russia-Backed Separatists In Eastern Ukraine

• Volkswagen Chief Herbert Diess To Step Down

• Amazon Buys Health Care Provider One Medical For $3.9bn

• Your biggest cyber-crime threat has almost nothing to do with technology

• NFT: A new‑fangled trend or also a new‑found treasure?

• Ukrainian Radio Stations Hacked to Spread Rumours About President’s Health

• Hacker Selling Twitter Account Data of Millions of Users

• AV-Comparatives’ Approved Business Product award: Avast Business takes home the prize

• UK Seizes Nearly $27m in Crypto-Assets

• CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

• Neopets Confirm Data Breach

• Medical Device Maker to Pay $13m in False Claims Case

• Racoon Stealer is Back — How to Protect Your Organization

• Organizations struggle to manage devices and stay ahead of vulnerabilities

• Multiple Zero-Day Bugs Spotted In Vehicle GPS Tracker

• Cyber-Attacks on Port of LA Double

• Software developers, how secure is your software ?

• The State of Tech Recruitment

• Twitter Reports Loss As ‘Uncertainty’ Weighs On Business

• Snapchat Parent Shares Slump On Advertising Fears

• Why firms need to harness identity management before it spirals into an identity crisis

• How to Secure DNS

• Drupal developers fixed a code execution flaw in the popular CMS

• Amadey malware spreads via software cracks laced with SmokeLoader

• Security Giant Entrust Hacked – Attackers Stole Data From Internal Systems

• China can Cyber Attack 2022 Conservative Party Leadership Election UK

• T Mobile agrees to pay $500 million to settle 2021 Data Breach lawsuit

• Roaming Mantis Financial Hackers Targeting Android and iPhone Users in France

• Trust in fintech security has been wavering

• Monitoring the impact of security solutions on user experiences is critical

• Building trust into every aspect of an organization

• Minimizing risk: Key cybersecurity-related M&A considerations

• New Study Reveals a Majority of SMBs Lack 24/7 Security Operations to Detect and Respond to Threats

• If Trump Is reelected, his aides are planning to purge the civil service

• Cybersecurity in city government, taken to new heights: An Interview with Shane McDaniel

• Black Hat USA 2022: What you need to know

• T-Mobile Settles to Pay $350M to Customers in Data Breach

• Your biggest cyber crime threat has almost nothing to do with technology

• IT Security News Weekly Summary – Week 29

• IT Security News Daily Summary 2022-07-24

• Most Important Security Tools For Security Researchers & Malware Analyst

• Hacker Offers 5.4 million Twitter Account Details for $30,000

• (ISC)² Pledges 1 Million Certified in Cybersecurity

• Microsoft Hit by Huge Service Outage

• T-Mobile Agrees to Pay $350M to Users in Data Breach Settlement

• Secure Your Web Apps With an API Gateway

• History Repeats Itself

• The United States Learned From Iraq and Afghanistan. Russia Didn’t.

• SonicWall: Patch Critical SQL Injection Flaw Immediately

• Is APT28 behind the STIFF#BIZON attacks attributed to North Korea-linked APT37?

• How to Safely Lend Someone Else Your Phone

• Security Affairs newsletter Round 375 by Pierluigi Paganini

• Week in review: The future of Metasploit, detecting lateral movement, new issue of (IN)SECURE Magazine

• A database containing data of 5.4 million Twitter accounts available for sale

• Penetration testing

• Cloud Computing Penetration Testing Checklist & Important Considerations

• Siemens Energy Takes Next Step to Protect Critical Infrastructure

• MPC: The Digital Commerce Event to Host Atlanta Conference Aug. 22 to 24

• CISSP Recognized as Top Cybersecurity Certification

• Securing Your Cloud with Zero Trust and Least Privilege

• CommScope partners with Microsoft to help transform industrial manufacturing

• Axonius announces integration with AWS to help customers strengthen their security posture

• IT Security News Daily Summary 2022-07-23

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks

• Are We Shifting Left Enough

• Threats Against Critical Infrastructure Are Looming, Agencies Must Safely Modernize OT Systems

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• ESXi , Linux, and Windows Systems at Risk From New Luna Ransomware

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Hacked Ukrainian Radio Stations Propagates Misinformation Regarding President Zelensky’s Health

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Acrisure Acquires Leading MSPs to Expand Cyber Services Offering

• Jenne Cloud Services Brokerage Partners with Playvox and Expands Market Reach

• #ISC2Congress: Politics, Cybersecurity & Global Issues – Ian Bremmer to Speak as (ISC)² Keynote

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Spyware Maker Candiru Associated to Chrome Zero-day Targeting Journalists

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Here are the top phone security threats in 2022 and how to avoid them

• Experts Raise Concerns About Facebook Gathering Data From Mental Health Care Apps

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• The January 6 Secret Service Text Scandal Turns Criminal

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Turning Open Reporting Into Detections

• Google Chrome 0-Day Vulnerability Exploited in The Wild To Deploy Spyware

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Digital Marketing Strategies To Improve Your Furniture Store Sales

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Build or Buy your own antivirus product

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• What Is Malvertising and How Do You Avoid It?

• What is ATM Skimming?

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• SonicWall fixed critical SQLi in Analytics and GMS products

• How Long Does it Take to Train Entry-Level Cybersecurity Team Members?

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Verimatrix and Harmonic Partner to Enable Streaming Content Protection at SaaS Speed

• Sourcepass Adds Two More Companies to Its Expanding Portfolio of Solutions

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Dynatrace enhances its analytics capabilities for modern multicloud environments

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Office macro security: on-again-off-again feature now BACK ON AGAIN!

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Siemens Energy joins AWS Partner Network to provide customers with industrial cybersecurity solutions

• T-Mobile collaborates with Apple to simplify IT management for small businesses

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• My Big Coin founder is – you guessed it – a $6m crypto-fraudster

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Understanding Proposed SEC Rules Through an ESG Lens

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Americans Deserve More Than The Current American Data Privacy Protection Act

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• ICYMI: Neopets & the Gaming Problem; SolarWinds Hackers Are Back; Google Ads Abused

• Microsoft closes off two avenues of attack: Office macros, RDP brute-forcing

• IT Security News Daily Summary 2022-07-22

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• TSA revises cyber rules for pipelines

• Surveillance is pervasive: Yes, you are being watched, even if no one is looking for you

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Don’t dive head first into that crypto pool, FBI warns

• SonicWall Warns of Critical GMS SQL Injection Vulnerability

• SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• ‘Digital human’ teaches how to walk to protect your knees

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Critical Bugs Threaten to Crack Atlassian Confluence Workspaces Wide Open

• RememBear password manager is shutting down in July 2023

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• insider threat

• Strict China Tech Controls ‘To Continue’ After Record Didi Fine

• Neopets Suffers Second Data Breach as 69 Million Accounts are Stolen

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• How to gain an unfair advantage over cyberattackers: “Mission control” cybersecurity

• Scalahosting deal: Get an extra 10% off website and VPS hosting

• Account lockout policy in Windows 11 is enabled by default to block block brute force attacks

• Neopets Suffers Second Data Breach as 69 million Accounts are Stolen

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Top 10 enterprise data security best practices

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• macOS malware: myth vs. reality – Week in security with Tony Anscombe

• Malware-as-a-Service Creating New Cybercrime Ecosystem

• Google Chrome Zero-Day Weaponized to Spy on Journalists

• ICJ Asserts Jurisdiction in Myanmar Genocide Case

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• As companies calculate cyber risk, the right data makes a big difference

• Edge Management and Orchestration Firm Zededa Raises $26 Million

• New Default Account Lockout Policy in Windows 11 Blocks Brute Force Attacks

• Intezer Documents Powerful ‘Lightning Framework’ Linux Malware

• Chrome Flaw Exploited by Israeli Spyware Firm Also Impacts Edge, Safari

• Police Are Still Abusing Investigative Exemptions to Shield Surveillance Tech, While Others Move Towards Transparency

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• VA touts improvements but warns of challenges for digital GI Bill platform

• Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments

• Microsoft Adds Default Account Lockout Policy in Windows 11 to Block RDP Brute-Force Attacks

• CyberArk Named a Leader in 2022 Gartner Magic Quadrant for Privileged Access Management

• Booz Allen Authorized by the Cyber AB as a Third-Party Assessment Organization

• Latest Cyberthreats and Advisories – July 21, 2022

• LinkedIn Remains Number One Brand to be Faked in Phishing Attempts

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• From in-crowds to power couples, network science uncovers the hidden structure of community dynamics

• Thales Expands Cybersecurity Portfolio With OneWelcome Acquisition

• Phishing Bonanza: Social Engineering Savvy Skyrockets as Malicious Actors Cash In

• US Spots Another 20 Malware Strains Targeting Ukraine

• Jan. 6 Committee Lays Out How Trump Let Capitol Riot Rage For Three Hours While He Watched Fox

• Elon Musk’s Tesla Sells Most Of Its Bitcoin Holdings

• Didi Slapped With $1.1B Fine For Breaching China Data Security Laws

• Check Out These New Details on the Costa Rica Government Attack by Conti Ransomware

• Cyber Attack on Ukraine Radio station spreads misinformation about Zelensky’s death

• Israeli Spyware Vendor Uses Chrome 0day to Target Journalists

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138

• Cisco Releases Security Updates for Multiple Products

• Apple Releases Security Updates for Multiple Products

• Chinese Group Botnet Illegally Mine Crypto

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Confidential computing: A quarantine for the digital age

• State explores drone skyway

• Google Brings Back Android App Permissions Section to the Play Store

• Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138

• Cisco Releases Security Updates for Multiple Products

• Apple Releases Security Updates for Multiple Products

• Flood the Zone With Cheap Drones

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• The M140i project post – Part 16

• The Complete Guide to Lead Generation For Design Agencies

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• The biggest cyber-crime threat is also the one that nobody wants to talk about

• I hate Windows 11. How can I make it work more like Windows 10? [Ask ZDNet]

• Symmetric vs. asymmetric encryption: What’s the difference?

• Hacked Ukrainian Radio Stations Broadcast Fake News About President Zelensky’s Health

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• What Firewalls Can — and Can’t — Accomplish

• Cybersecurity, the ECPA, Carpenter, and Government Transparency

• Check Out these New Details on the Costa Rica Government Attack by Conti Ransomware

• Latest Cyberthreats and Advisories – July 21, 2022

• Microsoft Closing Down Job Openings – Report

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• CISA chief calls for continuous global collaborations to combat cyberthreats

• UK Blocks China Licensing Sensor Tech From Manchester University

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Microsoft Resumes Blocking Office VBA Macros by Default After ‘Temporary Pause’

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Windows 11 is getting a new security setting to block ransomware attacks

• Google Chrome security update fixes ‘high risk’ flaws

• Microsoft Resumes Rollout of Macro Blocking Feature

• Code Execution and Other Vulnerabilities Patched in Drupal

• New Cross-Platform ‘Luna’ Ransomware Only Offered to Russian Affiliates

• A Unique Cybersecurity Career Path: From Journalism to Cisco

• Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

• Meta Revamps Facebook Content Feed

• Hackers Attack Windows, Linux & ESXi Systems Using Rust-Based Malware

Generated on 2022-08-01 00:02:38.115347