IT Security News Monthly Summary – December

• IT Security News Daily Summary 2021-11-30

• Building out Alaska’s broadband infrastructure

• Zscaler delivers strong Q1, sees revenue grow 62% year over year

• Five Features to Look Forward to in the 2022 MacBook Air

• walled garden

• Enterprise password security guidelines in a nutshell

• What’s the Difference Between SASE and SD-WAN?

• Malicious Google Play Apps Stole User Banking Info

• Play the Opera Please – Opera patches a flaw in their turbo servers

• potentially unwanted program (PUP)

• Finland Faces Blizzard of Flubot-Spreading Text Messages

• Lloyd’s Carves Out Cyber-Insurance Exclusions for State-Sponsored Attacks

• How Decryption of Network Traffic Can Improve Security

• Business School Dean Guilty of Data Conspiracy

• Attacker Sentenced in Multimillion-Dollar SIM Hijacking Scheme

• Where is the Biden Administration on Presidential Reform?

• The Business of Knowing: Private Market Data and Contemporary Intelligence

• Coinbase to Acquire Cryptography Firm Unbound Security

• Privacy Startup Soveren Raises $6.5 Million Seed Round

• Apple Updates Beats Fit Pro Firmware to Version 4B65

• Review: 2022 Lexus NX Brings an All-New Infotainment Experience With Wireless CarPlay and Built-In Apple Music

• Twitch Adds Support for FaceTime’s SharePlay Feature on iOS Devices

• It’s the flu season – FluBot, that is: Surge of info-stealing Android malware detected

• Multiple Vulnerabilities Spotted In Zoom Video Conferencing App

• Preparing for the Next Ransomware Generation

• Leaked Credentials Leads Are Candy for Dark Web Actors

• How to create a company password policy, with template

• Texas School District to Scan Children’s Devices

• New EwDoor Botnet is targeting AT&T customers

• SATCOM shift to Space Force stalled under CR

• Amazon unveils new security features for AWS Lake Formation

• Finland Faces Blizzard of FluBot-Spreading Text Messages

• Clearview AI to be Fined $22.6M for Breaching UK Data Protection Laws

• Apple Shares 2021 Apple Music Top Charts and Highlights

• 300,000 Android users impacted by malware apps on Play Store

• Biden taps former USAF buyer to lead DOD acquisition

• Panasonic’s Data Breach Leaves Open Questions

• Government-Industry Cooperation May Be the Most Potent Ransomware Antidote

• T-Reqs – A Tool For HTTP Request Smuggling (HRS) attacks

• New TrickBot Phishing Technique Checks Device Screen Resolution To Evade Detection

• Lawsuit By Former Google Staffers Cites ‘Don’t Be Evil’ Moto

• Why everyone should have this cheap security tool

• Become an ethical hacker for just $13 during this Cyber Week sale

• 2.1 Million People Affected by Breach at DNA Testing Company

• Windows Installer zero-day under active exploitation

• Apple Announces New Limited-Edition Beats Studio Buds

• Massive faceprint scraping company Clearview AI hauled over the coals

• Zoom Launches Auto-Update Feature For Windows And Mac Clients

• Hack ‘Sabbath’: Elusive new ransomware detected

• 20 Years of Red Hat Product Security: From inception to customer experience (Part 1)

• Livestream: D.C. Circuit Hears Donald Trump v. Bennie Thompson

• Introducing the January 6 Project

• Increase Security with Ephemeral Access Control [Webinar Sign-up]

• Hardware Security Firm Axiado Banks $25M Investment

• ‘Sabbath’ Ransomware Operators Target Critical Infrastructure

• New iPhone SE Reportedly on Track for Release in First Quarter of 2022

• Queensland Ransomware and Malware on Finland Smart Phones

• Defense Cybersecurity: The Easy Doors for Adversaries are Closed, so How are They Still Getting In?

• Amazon’s Alabama Warehouse To Vote Again On Trade Union

• Panasonic Disclosed a Security Breach that Hackers Gained Access to Servers

• Hackers could steal encrypted data now and crack it with quantum computers later, warn analysts

• Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers

• Ransomware vs. Cities: A Cyber War

• Critical Printing Shellz flaws impact 150 HP multifunction printer models

• MI6 Boss Calls For Greater Co-operation With Tech Sector

• Controversial face matchers Clearview set to be fined over $20m

• Accenture to Create 3000 Tech and Cyber Jobs in the UK

• Deals: Take Up to $80 Off Apple’s Smart Keyboard Folio and Magic Keyboard for iPad Pro

• Apple Supports World AIDS Day With Red Logo at Stores and Apple Pay Promotion

• Translucent AirPods and 29W Power Adapter Prototypes Surface in Photos

• Unpatched Microsoft Exchange Servers abused in new phishing campaign

• What Is a Hypervisor (VMM)?

• Source Code Security Firm Cycode Raises $56 Million

• Multiple States Join Investigation Into Facebook’s Allegedly Harmful Practices

• Finding Your Niche in Cybersecurity

• New Hub for Lean IT Security Teams

• U.S. Government issues directive to prioritize fixing exploited CVEs: How Red Hat Insights can help

• MI6 Must Adapt To New Technology To Survive, Says Spy Chief

• Zoom Owes Everyone $25 For Giving Their Data To Facebook

• Printing Shellz: Critical Bugs Impacting 150 HP Printer Models Patched

• IKEA Hit By Email Reply Chain Cyber Attack

• Yanluowang Ransomware Tied To Thieflock Threat Actor

• Clearview’s £17 Million Fine For Processing 10+ Billion Images Is Surprisingly Small And Lenient

• Most Inspiring Women in Cyber 2021: Areej Eliyan, IT Administrator at MOEHE Qatar

• Leaked footage shows British F-35B falling off HMS Queen Elizabeth and pilot’s death-defying ejection

• Who will win the metaverse battle?

• Fighting Supply Chain Threats Is Complicated

• How Do You Plan to Celebrate National Computer Security Day?

• Understanding the Adversary: How Ransomware Attacks Happen

• Cisco releases Shared Signals and Events reference document to solve “head on a swivel” problem

• Apple Celebrates Best Podcasts of 2021

• What You Can Do to Mitigate Cloud Misconfigurations

• Cycode raises $56M to scan apps for security vulnerabilities

• Yanluowang Ransomware Tied to Thieflock Threat Actor

• Lloyd’s of London suggests insurers should not cover ‘retaliatory cyber operations’ between nation states

• Wind Turbine Giant Vestas Confirms Ransomware Involved in Cyberattack

• WIRTE APT group targets the Middle East since at least 2019

• 150+ HP multifunction printers open to attack (CVE-2021-39237, CVE-2021-39238)

• Printing Shellz: Critical bugs impacting 150 HP printer models patched

• Chinese hackers could steal data now and crack it with quantum computers later, warns report

• Spy chief’s warning: Our foes are now ‘pouring money’ into quantum computing and AI

• Critical Wormable Security Flaw Found in Several HP Printer Models

• An Open Security Ecosystem with Shared Signals is the Future of Zero Trust

• How to Calculate Cyber Risk and Your Organization’s Financial Exposure

• A Safe and Secure Way to Decommission

• Meta Ordered To Sell Giphy By British Regulator

• North Korean Hackers Use New ‘Chinotto’ Malware to Target Windows, Android Devices

• Introducing VirusTotal Collections

• Clearview AI Faces £17m Fine For ‘Serious’ Data Protection Breaches

• Troll Free Future Study | Avast

• MI6 Spy Chief Says China, Russia, Iran Top UK Threat List

• UK and Israel Pledge Greater Cooperation in Cybersecurity

• Some 16-inch MacBook Pro Owners Report MagSafe 3 Charging Issues When Mac Is Closed

• Bye Jack. Twitter Co-Founder And CEO Jack Dorsey Steps down

• Come Meet Check Point Software at AWS re:Invent 2021

• Trustpage lands $5M to boost security transparency for SaaS vendors

• Cyber Essentials Set for Major Update in 2022

• Ransomware Group Rebrands Multiple Times to Evade Detection

• APT annual review 2021

• Zoom Monitoring with Tripwire Configuration Manager

• Police Set for Record Haul in Anti-Card Fraud Operation

• Malicious USB drives: Still a security problem

• Massive online crime crackdown leads to 1,000 arrests

• Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS

• Panasonic Suffers Data Breach After Hackers Hack Into Its Network

• Apple Announces Winners of Third Annual Apple Music Awards

• WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East

• Looking for adding new detection technologies in your security products?

• Vaccine Passports And Privacy | Avast

• 4 Android banking trojans were spread via Google Play infecting 300.000+ devices

• Intel is Maintaining Legacy Technology for Security Research

• Winter is coming … with a blizzard of live and virtual SANS Institute events

• How to combat ransomware with visibility

• Implications of strengthening the cybersecurity of small business in America

• Podcast Episode: Who Should Control Online Speech?

• Queensland government energy generator hit by ransomware

• Most challenging security threats for CTOs

• CISA issues Mobile Security Checklist and plans for Secure Email Service

• Data leak on Panasonic Corporation servers

• Ecommerce retailers facing a 350% increase in fraudulent online orders

• Patching takes 2.5 times longer when endpoints are remote

• Secure cloud products and services with new CIS Benchmarks

• Panasonic admits intruders were inside its servers for months

• Rookies Needed – Experience Required

• Privileged account management challenges: comparing PIM, PUM and PAM

• Eftpos expands security kit bag with new AI anti-fraud capability

• National Computer Security Day: Tips for Securing Your Home Computers

• Tigera Calico Cloud offers security and observability for Amazon EKS clusters

• Immuta SaaS enables customers to control their own cloud environment

• Checking in with the Army and Navy principal cyber advisors

• CISA issues enterprise mobile security checklist

• 2021-11-29 – Emotet epoch 5 infection sent from email on Friday 2021-11-26

• Immersive Labs collaborates with British Army to improve the cyber abilities of their personnel

• How to Help Your Kids Combat Clickbait Scams

• More than 1,000 arrested in global crackdown on online fraud

• Panasonic confirms cyberattack and data breach

• GlobalPlatform offers a framework to protect applications and data against high-profile attacks

• Tom Krueger joins Qumu as CFO

• 9 out of 10 Healthcare Organizations Provide Telehealth Services, Yet Almost Half Face Patients’ Mistrust Toward Privacy

• Stellar Cyber Raises $38M Series B to Address Need to Provide 360-Degree Visibility Across Entire Attack Surface

• Armis Now Valued at $3.4B

• 3 Ways To Prepare For Cyber Attacks

• Social Engineering: Tis the Season for Tricky Hackers

• How SBOMs for cybersecurity reduce software vulnerabilities

• Google experts found 2 flaws in video conferencing software Zoom

• IT Security News Daily Summary 2021-11-29

• How Hiya taps AI to kill phone spam

• Amazon Web Services unveils enhanced cloud vulnerability management

• CISA mulls plan to safeguard federal civilian email

• Over 1,000 Individuals Arrested in Global Cybercrime-Fighting Operation

• Phishing Remains the Most Common Cause of Data Breaches, Survey Says

• Google Analyzes Methods Behind GCP Workload Attacks

• IKEA Email Systems Targeted in Cyberattack

• Apple Invites Some Developers to Try Swift Playgrounds 4 Ahead of Launch

• ‘Tis the Season for Scams

• What Are the Five Steps of Ethical Hacking?

• Live-fire cyber training slashes incident response time

• Panasonic confirmed that its network was illegally accessed by attackers

• What is the Dark Web? Everything You Need to Know

• TSA calls for public transportation info sharing center

• CBP expands biometric authentication to Maine border crossings

• Researchers Flag 300K Banking Trojan Infections from Google Play in 4 Months

• IKEA Hit by Email Reply-Chain Cyberattack

• Panasonic Hit in Data Breach

• A Hacking Spree Against Iran Spills Out Into the Real World

• Dream Job Alert: Media Relations Director for EFF

• plaintext

• White House asks agencies to delay consequences for vaccine mandate violations

• Cyber Monday: Original Apple TV 4K Drops to $99.99 for Amazon Prime Members

• Developers That Embrace Security Add Personal, Organizational Value

• McAfee Enterprise Defender Blog | Windows Zero-Day – CVE-2021-41379

• Elastic Security app enables affordable threat hunting

• Elastic Stack Security tutorial: How to create detection rules

• Data Breach at Panasonic

• ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

• Project Zero Flags High-Risk Zoom Security Flaw

• The intersection of privacy by design and privacy engineering

• The components and objectives of privacy engineering

• Our Patent Review System is Ten Years Old. It’s Time to Make It Stronger.

• Insights on ransomware attacks

• Attackers exploiting Windows Installer vulnerability despite patching

• North Korean Hackers Group Posed as Samsung Recruiters To Target Security Firms

• Clearlake Capital to Acquire Quest Software

• CISA Seeks Extra Email Protection

• How agencies can conquer generational technology skips

• Unpatched Windows Zero-Day Allows Privileged File Access

• 1,000 Arrests Made In Online Fraud Crackdown, Says Interpol

• Panasonic Confirms Data Breach After Hackers Access Internal Network

• What The SEC Requires From Businesses After A Data Breach

• Chinese Could Hack Data For Future Quantum Decryption, Report Warns

• How the Rise in Cyberattacks Is Changing Consumer Behavior

• Military service principal cyber advisors take root

• Marine Services Provider Swire Pacific Offshore Discloses Data Breach

• How Red Canary and Microsoft can help reduce your alert fatigue

• How To Secure Your Broadband?

• The other victims of FluBot: How cybercriminals exploit WordPress to distribute malware

• Over 300,000 Android users have downloaded these banking trojan malware apps, say security researchers

• Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers

• Technology Diplomacy Changes Are the Right Start

• Recent Additions to Entity List Part of Broader U.S. Effort Targeting Spyware

• TechTank: How to Build Back Better With Telehealth

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Frequency analysis on hundreds of billions of reports at Report URI: Top-K

• Vulnerability Summary for the Week of November 22, 2021

• Apple Introduces New MacBook Upgrade Program for Business Partners

• Rising volume of email fatigue opens doors for Cybercriminals

• IKEA servers hit by Qakbot Malware

• Remote access tools abused to spread malware and steal cryptocurrency

• The State Of Security In E-Commerce to Improve Online Transactions

• Nowhere to Hide: Detecting SILENT CHOLLIMA’s Custom Tooling

• Check Point CloudGuard Network Security streamlines operational efficiency with as-a-Service solution on AWS

• WFH security: How to protect your remote endpoints from vulnerabilities

• Panasonic Investigating Data Breach

• Paving the Road to Zero Trust With Adaptive Authentication

• Vulnerability Summary for the Week of November 22, 2021

• 4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021

• NanoLock Security and Waterfall Security Partner to Deliver OT Security for Industrial and Energy Applications

• Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server

• Best Cyber Monday Apple Accessory Deals Available Today

• Hackers all over the world are targeting Tasmania’s emergency services

• What is crypto gaming?

• EdbMails Review

• Threat Actors Used Tardigrade Malware In Attacks On Biomanufacturing Firms

• CronRAT Linux Malware Abuses A Non-Standard Date To Evade Detection

• Amazon brings automated secrets detection to CodeGuru

• 1,000 arrests made in online fraud crackdown, says Interpol

• CISA Releases Guidance on Securing Enterprise Mobile Devices

• Most Inspiring Women in Cyber 2021: Anna Collard, SVP Content Strategy & Evangelist at KnowBe4

• Wind turbine maker Vestas confirms recent security incident was ransomware

• Armis Raises $300 Million at $3.4 Billion Valuation

• Cyber Monday – enjoy the discounts safe !

• CronRAT targets Linux servers with e-commerce attacks

• What the SEC Requires From Businesses After a Data Breach

• NinjaOne expands data backup, security features to thwart ransomware

• Armis expands past IoT with $300M for ‘comprehensive’ asset security

• New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists

• Simplify Network Security with Cisco Secure Firewall-as-a-service (FWaaS) on AWS

• Cisco Security Heroes: The power of partnerships, employee education, and zero trust policies

• Black Hat Europe 2021 Network Operations Center: London called, We answered

• Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition

• Best Cyber Monday Deals for AirPods, Apple Pencil, iMac, More

• A week in security (Nov 22 – Nov 28)

• Recently Patched Apache HTTP Server Vulnerability Exploited in Attacks

• How to Prepare for CISSP Exam Day

• New RATDispenser JavaScript Loader Delivers Infostealers To Pilfer Passwords

• Ransomware Operators Threaten to Leak 1.5TB of Supernus Pharmaceuticals Data

• Israel Blamed for Crippling Attack on Iranian Gas Stations

• Reply-Chain Email Cyberattacks Hit Ikea’s Email Systems

• Cybersecurity graduates are doubling, but that’s still not going to fix the skills crisis

• 12 online fraudsters arrested in global operation against counterfeiters

• ScarCruft surveilling North Korean defectors and human rights activists

• Quick Hits

• FCW Insider: November 29, 2021

• Two Drug Dealers Get 18 Years Following EncroChat Bust

• Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency

• Apple Still Working on AirPower-Like Charger, Also Long-Range Wireless Charging and Reverse Charging

• The role of runtime protection in eCommerce security

• Rapid Money Laundering Response Helps Intercept $27m

• Israel cut cyber export list, excluding totalitarian regimes

• Android.Cynos.7.origin trojan infected +9 million Android devices

• Why Email Archiving Builds Cyber Resilience

• Overcoming the Limitations of VPN, NAC, and Firewalls with Zero Trust Access

• Trying to register your antivirus in Windows Security Center?

• WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019

• Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million

• Big salaries alone are not enough to hire good cybersecurity talent: What else can companies do?

• Behavioral biometrics: A promising tool for enhancing public safety

• Putting the “sec” in DevSecOps: An overall reduction of risk

• Mediatek vulnerability in Android phones fixed

• REvil ransomware spreading hackers found to be leading plush lives in Russia

• Addressing the cybersecurity skills gap with higher education

• Mid-market IT leadership top 2022 objective: Strengthening security

• Phishing attacks top 260,000 in Q3 2021

• Redirecting the Zero Trust Conversation to Build a More Robust Architecture

• Ghidra 101: Binary Patching

• Key benefits of iSIM technology for enabling secure connectivity

• The Bitglass Blog

• 20% off official (ISC)² CISSP online self-paced training

• 82% of IT leaders looking to cloud for critical mainframe applications to remain competitive

• ADEX unveils real-time traffic analysis to combat fraud and high-technology threats

• Telcos to get expanded scam-blocking powers through telecommunications law amendment

• Australia will force social networks to identify trolls, so they can be sued for defamation

• AWS re:Invent 2021 Guide: Checklist & Key Sessions

• French court indicted Nexa Technologies for complicity in acts of torture

• IT Security News Weekly Summary – Week 47

• IT Security News Daily Summary 2021-11-28

• Tech Expert Devises Test To See If Facebook Is Eavesdropping On Users

• Google warns crypto miners are using compromised cloud accounts

• Ongoing Phishing Attack Targets IKEA Employee Mailboxes To Spread Trojan

• Anatomy of a Linux Ransomware Attack>

• RATDispenser, a new stealthy JavaScript loader used to distribute RATs

• What Is a Watering Hole Attack?

• The Android 12 Privacy Settings You Should Update Now

• North Korea-linked Zinc group posed as Samsung recruiters to target security firms

• MediaTek Smartphone Chip Vulnerability Could Allow Spying On Android Smartphones

• Security Affairs newsletter Round 342

• 0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day

• Virtual Function Calls in Constructors and Destructors (C++)

• Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI

• Penetration testing

• Become a cybersecurity analyst for just $9

• Weekly Update 271

• Hypernet Labs hires Jon Venverloh as COO

• IT Security News Daily Summary 2021-11-27

• Cyber Monday Deals!! Certified Malware Analyst – Exploit Development, Expert Malware Analysis & Reverse Engineering – 5 in 1 Bundle

• Here’s the perfect gift for anyone with a PC, Mac, iPhone, or Android, and it doesn’t break the bank

• Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition

• 2021 ‘ASTORS’ Award Winners & 9/11 Special Guests Honored at ISC East

• Going green to make green – how plastic waste can power financial services

• The Pentagon Has Set Up a UFO Office

• The Pentagon Set Up a UFO Office

• Top Stories: Black Friday Deals, Apple Delays Digital IDs, Tim Cook Talks DIY Repairs, and More

• Week in security with Tony Anscombe

• HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

• Multiple Vulnerabilities Spotted In Hide My WP WordPress Plugin

• IKEA hit by a cyber attack that uses stolen internal reply-chain emails

• The 5 Most Common Cyber-Attacks on Mobile Devices In 2021

• Build or Buy your own antivirus product

• Get lifetime VPN security and privacy for just $20 during this Black Friday sale

• Italy’s Antitrust Regulator Fines Google and Apple for “Aggressive” Data Practices

• Learn in-demand ethical hacking skills in your own time for $11 during this Black Friday sale

• Google Warns Crypto Miners Are Hacking Cloud Accounts

• Credentials Exposed For Majority Of US Financial Firms

• Mr Goxx, The Cryptocurrency Trading Hamster, Dies

• This Stealthy Malware Hides Behind An Impossible Date

• How biometric payment cards can perfect the contactless payment experience

• Zwipe launches a two-factor authentication solution for data center access control

• Report: Applications and critical data vulnerable to attack

• F-Secure collaborates with CyberPeace Institute to help organizations targeted by cyberattacks

• Emerging tech in security and risk management to better protect the modern enterprise

• Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware

• IT Security News Daily Summary 2021-11-26

• Report: Zero-trust architecture is expected to increase cybersecurity efficacy by 144%

• Network Admission Control

• Know These Risks Before You Dive Into WebRTC

• AI Weekly: UN recommendations point to need for AI ethics guidelines

• Most Brazilian remote workers feel responsible for corporate data security

• The Chatter Podcast: Garrett Graff on ‘Dragonfire’ and the Stories We Still Tell about 9/11

• The Internet is Held Together With Spit & Baling Wire

• DisplayLink Manager Now Supports External Display Rotation on M1 Macs

• MacRumors Giveaway: Win a Luna Display Adapter That Turns an iPad or Mac Into a Second Screen

• Microsoft MSHTML flaw exploited in Gmail and Instagram phishing scam

• Cloud Security: Don’t wait until your next bill to find out about an attack!

• ‘Tis the season for cyberattacks: 3 tips for protecting your business

• ICO challenges adtech to step up privacy protection

• EU needs more cybersecurity graduates, says ENISA infosec agency – pointing at growing list of master’s degree courses

• Four technologies that will boost your customers’ Black Friday shopping sprees

• SME email security in 2022

• Clop Ransomware targets maritime firm Swire Pacific Offshore

• 2022 Cybersecurity Trends and Predictions

• Google Increases Concessions, Amid CMA Oversight Of Cookie Removal

• Threat actors target crypto and NFT communities with Babadeda crypter

• The Chatter Podcast: Garret Graff on ‘Dragonfire’ and the Stories We Still Tell about 9/11

• How to identify (and avoid) security threats while shopping online

• Huntington Hospital Former Employee Accesses Private Info of 13,000 Patients

• How to get a deal on cybersecurity software

• Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices

• FBI warns consumers about Black Friday and holiday shopping scams

• UK Government Introduces PTSI Bill to better secure IoT devices

• Most Inspiring Women in Cyber 2021: Bindu Sundaresan, Director at AT&T Security

• Google warns crypto miners are hacking cloud accounts

• Privacy Sandbox saga continues: UK watchdog extracts more commitments from Google over ad tech

• ‘AI Will Revolutionize Every Aspect of Connectivity,’ Argue Cyber Experts

• APT C-23 Hackers Using Android Spyware to Hack Middle East Android Users

• Proposed UK Law Bans Default Passwords

• The Privacy Sandbox saga continues: UK watchdog extracts more commitments from Google over advertising tech

• Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware

• Best Black Friday HomePod Mini Deals Available Today

• Best Black Friday iPad Deals Available Today

• Best Black Friday Apple Watch Deals Available Today

• Best Black Friday iPhone Deals Available Today

• Huge List of Black Friday Deals on iPhone and Mac Cases, Cables, Accessories and Software

• India Moves To Ban Private Cryptocurrencies

• This stealthy malware hides behind an impossible date

• Apple Resumes Product Sales in Turkey With Significant Price Hikes

• Best Black Friday AirPods Deals Available Today

• Best Black Friday iMac and MacBook Deals Available Today

• Government-favoured child safety app warned it could violate the UK’s Investigatory Powers Act with message-scanning tech

• How to Secure Your New Motor Vehicle

• Hacking Fingerprints With a $5 Setup To Bypass Biometric Authentication

• Google To Pay Millions To Ireland In Back Taxes

• 9 Million Android Phones Running Malware Apps That Downloaded from Huawei’s AppGallery

• IT threat evolution Q3 2021

• IT threat evolution in Q3 2021. PC statistics

• IT threat evolution in Q3 2021. Mobile statistics

• CronRAT, the New Linux RAT that Keeps a Low Profile

• Google: Half of compromised cloud instances have weak or no passwords

• Hackers are targeting this Microsoft Windows Installer flaw, say security researchers

• Human traffickers grounded in 29-country sweep of European airports and roads

• Apple News+ Offering Three-Month Free Trial for New Subscribers Through Cyber Monday

• Schools Urged to Sign-Up as CyberFirst Girls Competition Kicks Off

• Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable

• We Might Be Seeing Some New Scams This Black Friday

• Celebrating Coalition Against Stalkerware Achievements | Avast

• Apple Fined $11 Million in Italy for Employing ‘Aggressive Methods’ in Commercial Use of Private Data

• This stealthy malware delivers a ‘silent threat’ that wants to steal your passwords

• Pfizer Alleges Insider Stole #COVID19 Vaccine Docs

• Marine Services Giant Hit by Clop Ransomware

• Didi shares sink on a report that Chinese regulators have asked it to delist from U.S.

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• CronRAT: A New Linux Malware That’s Scheduled to Run on February 31st

• Apple’s Black Friday Promotion Now Underway in the U.S. and More Countries

• End of the road for Romanian criminals targeting cargo transports

• APT C-23 group targets Middle East with an enhanced Android spyware variant

• If you want to see off next year’s cyber-threats, the time to prepare is … now

• New infosec products of the week: November 26, 2021

• Your supply chain: How and why network security and infrastructure matter

• Two serious vulnerabilities detected on Windows 10 and Windows 11 Operating Systems

• Compromised cloud accounts leading to Cryptocurrency mining

• Best cities for cybersecurity professionals

• Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries

• Kuo: Apple AR Headset Coming in Late 2022 With Mac-Level Computing Power

• Key trends driving the workforce transformation in 2022

• Many users are sharing passwords with someone outside their household

• Automation investments are driving revenue, productivity and employment

• Softbank fall steepens after report that Chinese regulators have asked Didi to delist from U.S.

• Threat Hunting, IRL

• The triangle of holiday shopping: Scams, social media and supply chain woes

• Hexaware partners with DataRobot to accelerate AI initiatives for businesses

• Do not fear the market, asset manager says as he reveals his 10 best stock picks

• IT Security News Daily Summary 2021-11-25

• New Linux CronRAT hides in cron jobs to evade detection in Magecart attacks

• Orange CEO Resigns After Court Conviction

• McAfee Enterprise Defender Blog | CISA Alert: MS Exchange & Fortinet Vulnerabilities

• Microsoft Defender for Endpoint laid low. Not by malware, but by another buggy Windows patch

• Product Releases Should Not Be Scary

• Swire Pacific Offshore Operations hit by Cl0p ransomware gang

• Apple To Use Own iPhone 5G Modem Design In 2023 – Report

• It’s about the survival of the fittest – CISOs must be brave enough to throw away their security playbook, or suffer the consequences

• Improving security for mobile devices: CISA issues guides

• Google’s Threat Horizons report: Will the straightforward approach get results?

• Sophisticated Tardigrade malware launches attacks on vaccine manufacturing infrastructure

• Ransomware threat to elders and youngsters falling for Instagram Cyber Scams

• Government PSTI Bill To Protect Consumer Tech From Cyber Threats

• New Twists on Gift-Card Scams Flourish on Black Friday

• Guard Your Brand From Counterfeiting With Web Scraping

• The Changing Face Of The COO Role

• Facial Recognition Privacy Concerns: Real vs. Imagined

• Ransomware Set To Break Records This Black Friday 2021

• Several GoDaddy brands impacted in recent data breach

• Apple’s Black Friday Event Begins in Australia: Free Gift Card With Select Products

• Black Friday: AirPods 2 Available for $99.99 on Amazon ($29 off)

• Most Inspiring Women in Cyber 2021: Dr. Jacqui Taylor, CEO of FlyingBinary

• New law will issue bans, fines for using default passwords on smart devices

• Tesla Demands Video Access For Full Self Driving Testers

• Black Friday: AirPods 3 Hit Record Low Price of $149.99 ($29 Off)

• Online Shoppers at Risk of Losing Over $53 Million

• GoDaddy Data Breach Update: Six WordPress Hosting Service Resellers Impacted

• Apple In Spotlight Over Employee NDAs

• Essential Microsoft EDR Tools

• Black Friday shopping? FBI says beware of these holiday scams and phishing threats

• JavaScript Loader RATDispenser Infects Windows PCs with RATs

• This chip flaw could have let malicious apps eavesdrop on Android phone users

• S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

• Iranian threat actors exploit MS MSHTML bug to steal Google and Instagram credentials

• A Microsoft MSHTML Exploited By Hackers

• 30% of Android Smartphones Impacted by Mediatek Vulnerabilities

• Microsoft Silently Rolls Out “Super Duper Secure Mode” With Latest Edge Browser Versions

• US Adds More Chinese Firms To Trade Blacklist

• Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

• This New Stealthy JavaScript Loader Infecting Computers with Malware

• UK and German Police Take Down 21 Jihadist Websites

• FBI: 2021 Holiday Season Fraud Could Exceed $53m

• Ukrainian Cops Bust Mobile Device Hacking Group

• Beware card skimmers this Black Friday

• Apple Sues NSO Group for Pegasus Spyware – Intego Mac Podcast Episode 215

• Women In Post-Pandemic Tech Industry | Avast

• UK.gov emits draft IoT and smartphone security law for Parliamentary scrutiny

• If You’re Not Using Antivirus Software, You’re Not Paying Attention

• Coalition Against Stalkerware Celebrates Two Years of Work to Keep Technology Safe for All

• A Guide to Protecting Your Privacy Online | Avast

• Everything You Need To Know About Cookies | Avast

• Utah Imaging Associates data breach impacts 583,643 patients

• Five Cloud Telephony Security Vulnerabilities That Can Threaten Your Business

• Do you know what your supply chain is and if it is secure?

• Warning — Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild

• FBI warns of crooks targeting online shoppers during the holiday season

• Google advises passwords are good, spear phishing is bad, and free clouds get attacked

• Get 1,000 hours of cybersecurity training for $21 this Black Friday

• Samsung offers Mobile Security protection as below

• Britain introduces IOT Device Security Legislation

• How to Protect Your Business Data with Cyber security

• From fragmented encryption chaos to uniform data protection

• Linux Malware Agent Attack eCommerce Sites & Stealing Payment Data

• VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client

• How likely are mid-market organizations to experience a breach by the end of 2021?

• Which technologies will be the most important in 2022?

• Huawei’s AppGallery riddled with malware-infected games

• Nearly 600,000 open cybersecurity-related jobs were listed over 12 months

• Tencent must get approval from Chinese regulators before publishing new apps and updates

• Teleion, a Minority-Owned Business, Awarded Best Place to Work in Washington State for Second Year

• (ISC)² Chapter Creates Space for Entry-Level Members and Professional Connections

• Defense contractors are highly susceptible to ransomware attacks

• Companies ditching VPNs for zero trust architectures to secure hybrid workplaces

• Report: Cybersecurity recruitment, training misses the mark

• Avoiding the shopping blues: How to shop online safely this holiday season

• US bans Chinese firms – including one linked to HPE’s China JV – for feeding tech to Beijing’s military

• Okera for Snowflake provides data privacy and security policies for Snowflake customers

• Waterfall Security Solutions partners with HTSS to protect a European power generation customer

• FBI warns of possible holiday hacking risks

• Scammers impersonate Instagram users in crypto scheme

• Microland collaborates with Securonix to deliver managed SOC solutions for organizations

• Crypto.com achieves SOC 2 certification to strengthen its security and privacy standards

• IT Security News Daily Summary 2021-11-24

• Cloud security shifting to ‘dev’ not ‘ops,’ Snyk says

• How Threat Actors Get Into OT Systems

• Medical response app for mass casualty incidents

• My email has been hacked! What should I do next?

• GitHub will require 2FA for some NPM registry users

• Scientists test GPS-free navigation

• DARPA seeks ‘top chef’ for 3D printed food

• How Threat Actors Get into OT Systems

• VMware addresses File Read and SSRF flaws in vCenter Server

• Shazam Updated With Ability to Find More Songs by Listening Longer

• MacRumors Giveaway: Win a ‘Jetpack’ Magnetic Power Bank for iPhone 13 From Ampere

• Apple has a new work-from-home policy, but it’s still not what employees want

• Canadian Teen Arrested in Crypto Theft Worth $36.5 Million

• Google says it’s improving fingerprint scanner performance with a Pixel 6 update

• Iranian Hackers Are Going After US Critical Infrastructure

• From students to masters: HITB+CyberWeek 2021 showcases next generation of cyber security talent in the UAE

• YouTube Live Crypto Scams Made Nearly $9m in October

• Joke Hitman Website Catches Plotting Michigander

• Marylander Found Guilty of Skiptracing

• Connolly introduces bill to ‘rebuild’ OPM

• US government securities watchdog spoofed by investment scammers – don’t fall for it!

• In Appreciation: Dark Reading’s Tim Wilson

• Apple Customers in Turkey Being Turned Away at Retail Stores as Halt on Product Sales Continues

• Tolkien Estate Blocks ‘JRR Token’ Cryptocurrency

• black hat hacker

• Biden to nominate Shalanda Young as OMB director

• CISA Releases Capacity Enhancement Guides to Enhance Mobile Device Cybersecurity for Consumers and Organizations

• ENISA: ADVANCING SOFTWARE SECURITY IN THE EU

• 9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery

• VMware Releases Security Updates

• CISA Releases Capacity Enhancement Guides to Enhance Mobile Device Cybersecurity for Consumers and Organizations

• Tim Cook Discusses Apple’s New Do-It-Yourself Repair Program and More

• Apple Shares ‘Saving Simon’ Holidays Ad Shot on iPhone 13 Pro

• Twitter Investigating Bug Causing Unexpected Logouts on iOS 15

• About 10 million Android devices found infected with Cynos malware

• Proposed Bill Would Require Public Disclosure of Ransomware Payments

• “Free Steam games” videos promise much, deliver malware

• VMware Releases Security Updates

• Apple, Amazon Fined $225m By Italian Watchdog Over Beat Headphones

• DBS Bank blames ‘access control servers’ for two-day service disruption

• GoDaddy Breach Widens to Include Reseller Subsidiaries

• UK Cyber Firm Faces Investors Over Stock Turmoil

• UK Introduces New Cybersecurity Legislation for IoT Devices

• China Trying To Export Its Great Firewall And Governance Model

• Best Early Black Friday Deals on Apple Watch, AirPods Pro, MacBook Pro, More

• The Dawn of True IoT Security

• (ISC)² Cybersecurity Entry-Level Certification Exam Topics Announced

• How your business can benefit from Cybersecurity automation

• What is DevOps and DevSecOps?

• How to avoid Video Conferencing Security Risks

• Congratulations to Our 2021 Partners of the Year

• Ignite 2021 – It’s a Wrap!

• When people become data records, ‘low-resolution’ citizens struggle

• Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Maker

• Apple needs to un-Mac-ify security and privacy in Safari

• IoT Security Company Shield-IoT Raises $7.4 Million

• VMware Patches File Read, SSRF Vulnerabilities in vCenter Server

• A vulnerable honeypot exposed online can be compromised in 24 hours

• Veeam Ransomware Protection with Red Hat Enterprise Linux as the Immutable Repository

• ‘Printjack’ Printer Attacks Pose a Serious Threat, Researchers Warn

• Elon Musk Realises $1bn, After Another Tesla Share Sale

• When Will Security Frameworks Catch Up With the New Cybersecurity Normal?

• Apple Sues NSO Group

• Why Do Governments Reveal Cyber Intrusions?

• A New Microsoft Windows Installer Zero-day Is Exploited

• Max Schrems hits Irish Data Protection Commissioner with corruption complaint

• Security Expert On Apple Suing NSO Group

• Most Inspiring Women in Cyber 2021: Regina Bluman, Security Analyst at Algolia

• Beware of holiday hackers: FBI warns against holiday cyberattacks

• Windows Installer vulnerability becomes actively exploited zero-day

• Hundreds Of Google Staff Protest Vaccine Mandate

• Attackers Actively Target Windows Installer Zero-Day

• Hospital Ransomware Attacks Go Beyond Health Care Data

• Shift Left Security: The Magic Elixir for Securing Cloud-Native Apps

• 3 Key Questions for CISOs on the Wave of Historic Industrial Cybersecurity Legislation

• Two Nigerians Sentenced to Prison in U.S. for Role in BEC Scams

• How Has Covid-19 Impacted Our Online Behaviour And Security?

• Managing Dead Letter Messages: Three Best Practices to Effectively Capture, Investigate and Redrive Failed Messages

• Consumers of Brand-name Companies Targeted in Phishing Attacks, FBI Alerts

• How to prevent sideloading attacks in Windows and Office 365

• Managing Dead Letter Messages: Three Best Practices to Effectively Capture, Investigate and Redrive Failed Messages

• What is facial recognition?

• Malicious JavaScript Loader is a Multi-RAT Dispenser

• Most US Healthcare Apps Susceptible to Cyber-Attack

• CISA Issues Holiday Ransomware Message

• CISA, FBI Warn of Potential Critical Infrastructure Attacks on Holidays

• GoDaddy Says Several Brands Hit by Recent WordPress Hosting Breach

• Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally

• Meta Delays Plans To Rollout End-to-end Encryption

• How to prevent sideloading attacks in Windows and Office 365

• Samsung To Build $17bn Chip Factory In Texas, Amid Global Shortage

• Beware!! BrazKing Android Malware Upgraded & Attack Banks

• What is facial recognition?

• Hit by ransomware? Make sure you don’t make this first obvious mistake

• Researcher Awarded $10,000 for Google Cloud Platform Vulnerability

• CISA, FBI Warn of Potential Critical Infrastructure Attacks on Holidays

• Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally

• Mozilla Ending Support for Firefox Lockwise Password Manager in December

• Malicious Actors Were Able to Compromise Exposed Services in 24 Hours

• Data Stealing Malware Impacts More Than 9M Android Devices

• Samsung To Build $17bn Chip Factory In Texas, Amid Global Shortage

• Beware!! BrazKing Android Malware Upgraded & Attack Banks

• Hit by ransomware? Make sure you don’t make this first obvious mistake

• CIS Control 12: Network Infrastructure Management

• Researcher Awarded $10,000 for Google Cloud Platform Vulnerability

• After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

• Malicious Actors Were Able to Compromise Exposed Services in 24 Hours

• Data Stealing Malware Impacts More Than 9M Android Devices

• Password usage analysis of brute force attacks on honeypot servers

• Seeing the Future: How to Use Predictive Analytics in Your Business

• Password usage analysis of brute force attacks on honeypot servers

• Check Point Research discover vulnerabilities in smartphones chips embedded in 37% of smartphones around the world

• CIS Control 12: Network Infrastructure Management

• Standing Up to Cyber-Bullies Earns Man Award Nomination

• Multiple Bugs Enable Eavesdropping on 37% of Android Phones

• Germany, the UK and Europol target violent jihadist websites

• How is Europol keeping online spaces safe?

• After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

• How a malicious Android app could covertly turn the DSP in your MediaTek-powered phone into an eavesdropping bug

• Apple Sues NSO To ‘Curb Abuse Of State-Sponsored Spyware’

• footprinting

• Check Point Research discover vulnerabilities in smartphones chips embedded in 37% of smartphones around the world

• How a malicious Android app could covertly turn the DSP in your MediaTek-powered phone into an eavesdropping bug

• Standing Up to Cyber-Bullies Earns Man Award Nomination

• Multiple Bugs Enable Eavesdropping on 37% of Android Phones

• Industrial Cybersecurity Firm Applied Risk Acquired by DNV

• Apple Sues “State-Sponsored” Spyware Firm NSO Group

• Apple sues NSO Group for abusing state-sponsored Pegasus spyware

• Industrial Cybersecurity Firm Applied Risk Acquired by DNV

• Cross-border access to electronic evidence: update and impact of the pandemic on data requests

• Energy efficiency funds fraudsters deactivated in Italy

• Europol, Germany and the UK target violent jihadist websites

• From Chess Board to the Silver Screen | Avast

• APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Users

• Build your own Android security product

• 7 Scams Targeting Holiday Spenders In 2021 | Avast

• Over 9 Million Android Phones Running Malware Apps from Huawei’s AppGallery

• Webinar and eBook: The Dark Side of EDR. Are You Prepared?

• Expert discloses details of flaws in Oracle VirtualBox

• 7 Scams Targeting Holiday Spenders In 2021 | Avast

• Over 9 Million Android Phones Running Malware Apps from Huawei’s AppGallery

• Webinar and eBook: The Dark Side of EDR. Are You Prepared?

• Expert discloses details of flaws in Oracle VirtualBox

• WA Auditor-General drags local governments over horrendous cyber risk management

• Yes, ransomware is your number one security nightmare. But here’s how to sleep easy

• Ransomware attacks surge, but victims are recovering quickly

• Securing open-source code supply chains may help prevent the next big cyberattack

• Cyber Attack on Bureau Veritas

• Court case against NSO Group Pegasus Malware by Apple Inc

• Facebook to Delete the Faceprints of Over 1 billion People

• CISOs missing major holidays due to work demands

• Ransomware attacks surge, still victims are recovering quickly

• Cyber Attack on Bureau Veritas

• Court case against NSO Group Pegasus Malware by Apple Inc

• CISOs missing major holidays due to work demands

• Apple Sues Israel’s NSO Group for Spying on iPhone Users With Pegasus Spyware

• 10 trends likely to shape the IT industry, its workforce and its business models in 2022

• Products used by children are not nearly as privacy-protecting as they should be

• Mozilla ends support for Firefox Lockwise password management app, strands iOS users

• Tips for Having a Cyber Safe Holiday Season

• TSMC to Begin Producing Apple-Designed 5G Modems for iPhones in 2023

• Apple Outlines How It Will Notify Users Who Have Been Targeted by State-Sponsored Spyware Attacks

• How are organizations protecting their critical IT assets?

• Code42’s exfiltration detector alerts when Salesforce data moves to an untrusted device

• Siren 12 delivers global search and visual graph creation capabilities for investigators

• Boxcryptor protects business data in Microsoft Teams with end-to-end encryption features

• YugabyteDB 2.11 meets developer demand for comprehensive PostgreSQL compatibility

• China trying to export its Great Firewall and governance model

• Deeper Connect Pico prevents malicious tracking and restores safety online

• FBI, CISA urge organizations to be on guard for attacks during holidays

• Exclusive Networks partners with Infinipoint to extend zero trust security to device identity

• Baffle Data Privacy Cloud supports privacy preserving analytics on Amazon Redshift

• Emily Murphy joins GMU

• SecOps’ need for traffic data drives NetSecOps collaboration

• Cyber Defense Labs promotes Jason Lobell to CTO

• ‘Tis the season for protecting your devices with Webroot antivirus

• Why an emerging cloud security trend offers ‘good news’ to businesses

• Baffle’s Data Privacy Cloud Protects Data for Amazon Redshift Customers

• ‘Tis the season for protecting your devices with Webroot antivirus

• Interested in Becoming a Student Contributor?

• Water Wars: Japan Makes Major Defense Spending Pledges While China Increases Incursions in the South China Sea

• IT Security News Daily Summary 2021-11-23

• Pandemic lessons: Building partnerships, managing networks and steering outcomes

• Researcher drops instant admin Windows zero-day bug

• Apple files lawsuit against spyware vendor NSO Group

• Apple Sues NSO Group for Spyware Use

• New Android Spyware Variants Linked to Middle Eastern APT

• Malware are already attempting to exploit new Windows Installer zero-day

• UN Human Rights Committee Criticizes Germany’s NetzDG for Letting Social Media Platforms Police Online Speech

• Stolen Robinhood customer data has a new seller

• Pandemic lessons: Building partnerships, managing networks and steering outcomes

• Apple files lawsuit against spyware vendor NSO Group

• Apple Sues NSO Group for Spyware Use

• Malware are already attempting to exploit new Windows Installer zero-day

• UN Human Rights Committee Criticizes Germany’s NetzDG for Letting Social Media Platforms Police Online Speech

• Stolen Robinhood customer data has a new seller

• Glendale builds schedule optimizer for its police department

• TIO wants telcos to have 24-hour fraud hotline

• Telstra’s biggest cyber worry is businesses with basic single vendor environments

• Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcast

• LAPD – A New Method To Detect Spy Cameras Via Smartphone

• cookie poisoning

• How to identify social media misinformation and protect your business

• The McDonald’s Ice Cream Machine Hacking Saga Has a New Twist

• Android.Cynos.7.origin trojan infected +9 million Android devices

• This Houston tech company wants to build renewable energy-run bitcoin mines across Texas

• Apple sues ‘amoral 21st century mercenaries’ NSO for infecting iPhones with Pegasus spyware

• The McDonald’s Ice Cream Machine Hacking Saga Has a New Twist

• Black Friday: ‘Applaudables’ Bundle Offers 12 Mac Apps for $75

• Zero-day proof-of-concept exploit lands for Windows make-me-admin vulnerability

• White House rolls out DEIA strategy

• Apple sues NSO Group over Pegasus spyware

• Apple Slaps Lawsuit on NSO Group Over Pegasus iOS Exploitation

• WiFi software management firm exposed millions of users’ data

• Experts warn of RCE flaw in Imunify360 security platform

• WiFi software management firm exposed millions of users’ data

• Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees

• Holiday Scams Drive SMS Phishing Attacks

• Experts warn of RCE flaw in Imunify360 security platform

• Apple Temporarily Halts Sales in Turkey After Currency Crash

• Stay safe online this holiday shopping season with tips from Microsoft

• Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees

• PoC Exploit Published for Latest Microsoft Exchange Zero-Day

• Apple Says iOS 15 Feature That Will Let You Add Your Driver’s License to Your iPhone Delayed Until Early 2022

• Apple Aims to Cut Down on Spyware With Lawsuit Against NSO Group

• Millions of GoDaddy customer data compromised in breach

• Millions of GoDaddy customer data compromised in breach

• PoC Exploit Published for Latest Microsoft Exchange Zero-Day

• Drupal Release Patches for CKEditor XSS Bugs

• 2021-11-22 – Contact Forms campaign –> BazarLoader –> Cobalt Strike

• Report URI is now using CSP nonces in an enforced policy

• Preventing a Cyber Pandemic in Healthcare

• How to talk about cybersecurity risks, colloquially

• Tips for DFIR Analysts, pt. V

• Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug

• CISA’s Collaborative Mission of Public Private Partnerships

• Federal Security Leaders Have Spoken: Threat Intelligence Is Critical

• Black Friday: AirPods Pro With MagSafe Drop to $159 on Amazon

• MVP Health Care secures member portal access with Microsoft Azure Active Directory B2C

• Please don’t buy this! 3 gift card scams to watch out for this Black Friday

• Pentagon Seeks Cloud Contract Bids From AWS, Microsoft, Google, Oracle

• First thoughts on the new President’s Management Agenda

• UK Ministry Of Justice Secures HVAC Systems After Register Tipoff

• Code Execution Bug Patched In Imunify360 Linux Server Security Suite

• FBI And CISA Issue Holiday Ransomware, Cyberattack Warning

• Suspect Arrested In Ransom Your Employer Scheme

• Ransom Your Employer Email Scam Suspect Arrested

• November 2021 Web Server Survey

• iPhone 13 Holding Value Much Better Than Any Other iPhone After Launch

• Immense ransomware cyber threat during Thanksgiving and Black Friday weekends

• GoDaddy Confirms Data Breach Of 1.2 Million Customers

• How To Perform External Black-box Penetration Testing in Organization with “ZERO” Information

• DOD names cloud contenders for JEDI replacement

• Top cyber lawmaker previews 2022 legislation goals

• Dump Chrome as your default browser on Android

• Serious Vulnerability Found in Imunify360 Web Server Security Product

• Start managing with these Microsoft Graph API features

• Facebook And Instagram Encryption Delayed Until 2023

• Expert disclosed an exploit for a new Windows zero-day local privilege elevation issue

• Meta Delays Encryption On Facebook, Instagram Until 2023

• API Security Issue: 159

• Federal government is still in the dark on ransomware

• Over half of millennials are responsible for executing their parents’ wills, but hardly any have access to their parents’ online passwords

• DBS Bank offers few details about hours-long service disruption

• GoDaddy discloses breach of 1.2M customer account details

• HomeKit Accessories Worth Checking Out

• The U.K. as a Responsible Cyber Power: Brilliant Branding or Empty Bluster?

• 1.2 Million GoDaddy Customers Impacted by a Data Breach

• Windows 10 chills out, gives sysadmins a break

• New Golang-based Linux Malware Targets Ecommerce Platforms

• How to Monitor Your Child’s Phone

• Hackers Selling 7 Million Robinhood User Email Addresses

• Low Code/No Code App Security Firm Zenity Emerges From Stealth

• Check your patches – public exploit now out for critical Exchange bug

• How Sun Tzu’s Wisdom Can Rewrite the Rules of Cybersecurity

• Most Inspiring Women in Cyber 2021: Aileen Ryan, Senior Director Portfolio Strategy at Siemens EDA

• Palantir CEO says companies working with U.S. adversaries should justify their position

• Vonage Sold To Ericsson For $6.2 Billion

• If you’re serious about privacy, it’s time to use DuckDuckGo as your default Android browser

• US government warns of increased ransomware threats during Thanksgiving

• Biomanufacturing Facilities Warned of Attacks Involving Sophisticated Malware

• IoT Security: Are Personal Devices Dragging Your Work Network Down?

• Mean Time to Repair (MTTR) Explained

• Zenity raises $5M for low-code/no-code security

• Ransomware warning: Hackers see holidays and weekends as a great time to attack

• Pixel 6 vs. iPhone 12: Which phone is really more secure?

• Vestas Cyberattack Makes The Company Shut Down Its IT Systems

• How the British health service is using AI to make healthcare fairer

• Apple Targets 2025 For Fully Autonomous Car – Report

• Common Cloud Misconfigurations Exploited in Minutes, Report

• Schwarz Group Acquires XM Cyber for $700 Million

• What Avengers Movies Can Teach Us About Cybersecurity

• Pixelmator Pro 2.3 Adds Smart Subject Selection and Background Removal Features, Plus New Select and Mask Tools

• Small businesses urged to protect their customers from card skimming

• Cybersecurity for a Remote Workforce: 3 Strategies for the Year Ahead

• The Best Way to Start Your Cloud Security Career

• Utah Imaging Data Breach – Expert Comments

• GoDaddy Data Breach Impacts Over A Million Users, Experts Reactions

• How The Zelle Fraud Scam Steals Your Bank Credentials

• NCSC Issues Black Friday Warning To Tetailers

• Security warning: Ransomware attackers are working on the holidays, even if you aren’t

• Cyber Insurance Firm Resilience Raises $80 Million

• 81% of UK Retailers Leaving Customers at Risk of Email Fraud Ahead of #BlackFriday

• Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBox

• New HomePod Mini Colors Now Available to Order in Australia, New Zealand, India, and Some European Countries [Updated]

• Apple Fined $150M+ By Italian Watchdog for Anti-Competitive Cooperation With Amazon

• Meta Defers Facebook Messenger, Instagram Default E2E Encryption Until 2023

• Threats to ICS and industrial enterprises in 2022

• Expert On News That WhatsApp Change Privacy Policy After Record Fine

• Telecoms Security Bill – What’s Missing?

• Thousands of Small and Medium-sized Businesses Had Their Online Stores Hacked

• Over a Fifth of UK Cyber Workers Experience Discrimination

• Mac and iOS Keychain Tutorial: How Apple’s iCloud Keychain Works

• El Salvador To Build ‘Bitcoin City’, Powered By Geothermal

• FCW Insider: November 23, 2021

• Quick Hits

• Ethical Hacking, book review: A hands-on guide for would-be security professionals

• More Ransomware Attacks Up to September Than Whole of 2020

• Over 4000 UK Retailers Compromised by Magecart Attacks

• The Importance of IT Security in Your Merger Acquisition

• More Stealthier Version of BrazKing Android Malware Spotted in the Wild

• GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed

• Application Whitelisting Concepts: Definition, Types, Implementation and Best Practices

• Watch Out for Ransomware Attacks During Holidays, FBI and CISA Warn

• UK Ministry of Justice secures HVAC systems ‘protected’ by passwordless Wi-Fi after Register tipoff

• Mac and iOS Keychain Tutorial: How Apple’s iCloud Keychain Works

• El Salvador To Build ‘Bitcoin City’, Powered By Geothermal

• FCW Insider: November 23, 2021

• Ethical Hacking, book review: A hands-on guide for would-be security professionals

• More Ransomware Attacks Up to September Than Whole of 2020

• The Importance of IT Security in Your Merger Acquisition

• Application Whitelisting Concepts: Definition, Types, Implementation and Best Practices

• UK Ministry of Justice secures HVAC systems ‘protected’ by passwordless Wi-Fi after Register tipoff

• Can’t remember ordering that package? Don’t click on unfamiliar links sent via text

• Cyberthreats to financial organizations in 2022

• Suspect arrested in ‘ransom your employer’ criminal scheme

• Looking for adding new detection technologies in your security products?

• Code execution bug patched in Imunify360 Linux server security suite

• GoDaddy Data Breach Exposes Over 1 Million WordPress Customers’ Data

• How to find hidden spy cameras with a smartphone

• Infosec bods: After more than a year, Sky gets round to squashing hijacking bug in 6m home broadband routers

• US govt warns critical infrastructure of ransomware attacks during holidays

• Why cybersecurity training needs a post-pandemic overhaul

• Podcast Episode: The Revolution Will Be Open Source

• How do I select an automotive IoT security solution?

• Guarding against DCSync attacks

• AI to help Saudi Arabia build an eight sided Oxagon Sea Ports

• GoDaddy data breach could lead to Phishing Attacks

• Unpatched Windows vulnerability allows attackers to gain admin rights

• Pentagon Partners With GreyNoise to Investigate Internet Scans

• Does your company employ a CISO? Many are operating without security leadership

• Fraud fighters aren’t prepared for the multi-billion dollar threat of global insurance fraud

• Holidays don’t mean much to ransomware attackers

• Stories from the SOC – Powershell, Proxyshell, Conti TTPs OH MY!

• A Complete Guide to Cloud-Native Application Security

• Secure Your Configurations with Tripwire’s Configuration Manager

• Cisco Flaw Affects Firewalls

• IoT security market to reach $52.3 billion by 2026

• SentinelOne to Participate in Upcoming Investor Conferences

• Hypori, Secure Mobility SaaS Leader, Wins Platinum for Best-in-Class Solution for Government in 2021 AST Homeland Security Award

• The Importance of Security Control Baselines

• Holiday “to-do list” for cybersecurity professionals working in eCommerce

• eBook: Using NIST guidelines for secure passwords

• Avast Online Security & Privacy optimizes privacy settings across popular websites and services

• Red Hat OpenShift Data Science enables companies to solve critical business challenges

• New HomePod Mini Colors Now Available in Australia and New Zealand

• API Security Issue 156

• API Security Issue 157

• What to do if you receive a data breach notice

• Indian bank smacks down allegation it exposed 180 million customers’ accounts

• OAIC finds big four banks are handling consumer data with good privacy practices

• Manifest V3: Open Web Politics in Sheep’s Clothing

• GoDaddy admits to password breach: check your Managed WordPress site!

• Alkira partners with Exclusive Networks to expand its cloud market share

• BitSight collaborates with Marsh McLennan to help clients reduce the risk of cyber exposure

• Schwarz Group acquires XM Cyber to protect their networks from cyberattacks

• Police Aerial Surveillance Endangers Our Ability to Protest

• GoDaddy hacked – Hackers access data of 1.2 million customers

• Data from millions of Brazilians exposed in Wi-Fi management software firm leak

• MITRE Expands Security Testing to Services, Deception Tools & More

• GoDaddy Breach Exposes SSL Keys of Managed WordPress Hosting Customers

• Indonesian Court Allows Internet Blocking During Unrest, Tightening Law Enforcement Control Over Users’ Communications and Data

• AirTag Competitor Tile Getting Acquired by Location Sharing App Life360

• New rule puts $15 minimum wage for federal contractors in place next year

• Pod security for 5G cloud infrastructure

• IT Security News Daily Summary 2021-11-22

• Securing the Application Lifecycle with Scale and Speed: Achieving Holistic Workload Security with CrowdStrike and Nutanix

• How to install and use InVID, a plugin to debunk fake news and verify videos and images

• Bug Bounties Surge as Firms Compete for Talent

• CISA Urges Critical Infrastructure to Be Alert for Holiday Threats

• iMessage Reactions Will No Longer Annoy Android Users Thanks to Emoji Change

• snooping

• GoDaddy’s Latest Breach Affects 1.2M Customers

• Cryptocurrency exchange BTC-Alpha confirms ransomware attack

• Arrest in ‘Ransom Your Employer’ Email Scheme

• There’s No Windows for Arm Macs Yet Because Microsoft Has Secret Exclusivity Deal With Qualcomm

• Best Black Friday Deals Available Now on Apple Watch, AirPods Pro, MacBook Pro, More

• FBI Issued Flash Alert For FatPipe Zero-Day Bug Under Attack

• California Pizza Kitchen Admits Data Breach Exposing SSNs Of Its Employees

• Rethinking perimeter defense and expanding visibility can deter modern day adversaries

• GoDaddy security breach impacts more than 1 million WordPress users

• New GoDaddy data breach impacted 1.2 million customers

• SSL keys, sFTP passwords and more exposed after someone broke into GoDaddy Managed WordPress using ‘compromised password’

• How to Integrate an App Into Shopify

• Feds still unsure of ransomware’s reach

• Online Merchants: Prevent Fraudsters from Becoming Holiday Grinches

• 10 Stocking Stuffers for Security Geeks

• Apple Black Friday: AirPods Pro With MagSafe Drop to All-Time Low of $159 ($90 Off)

• Severe Code Execution Vulnerabilities Affect OpenVPN-Based Applications

• Holiday Shopping Season Dangers | Retailers At Risk Of Ransomware

• White House says 90% of feds are vaccinated

• Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover

• Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws

• Leaders agree that cybersecurity is a business risk, but are they acting on that belief?

• Top 5 password hygiene tips and best practices

• Apple’s Parts Store for Do-It-Yourself Repairs Will Be Operated By a Third Party

• Spotify Users Growing Impatient and Canceling Subscriptions Over Lack of Native HomePod Support

• Black Friday Spotlight: Best Buy Offering Beats Studio Buds at All-Time Low Price of $99.99 ($50 Off)

• Countering the Ransomware Threat: A Whole-of-Government Effort

• Cyber insurance firm Resilience raises $80M to aid battle against ransomware

• Sacramento tests AI-powered cameras for school buses

• DOD taps cloud contenders for JEDI replacement

• Philips Working on Patches for Vulnerabilities Found in Medical Products

• Security researchers play peek-a-boo with Conti ransomware server

• Teen Accused of Stealing Bitcoin Worth $36.5M

• Apple to Provide DIY Repair Manuals on Support Website, Says Parts Store Will Be Operated By a Third Party

• How to investigate service provider trust chains in the cloud

• Vulnerability In Sky Routers Risked Over 6 Million Customers

• Multiple Vulnerabilities In Zoom Apps Risk Meetings’ Security

• How Nvidia aims to demystify zero trust security

• Over a million WordPress sites breached

• GoDaddy Breach Exposes 1.2 Million Managed WordPress Customer Accounts

• U.S. Agencies Share More Details on ADSelfService Plus Vulnerability Exploitation

• Lead Microsoft Engineer Kevin Sheldrake Brings Sysmon to Linux>

• A Journey in Organizational Resilience: Insider Threats

• Mozilla has released a new platform for privacy-focused email communications

• GoDaddy Announces Data Breach

• Devious ‘Tardigrade’ Malware Hits Biomanufacturing Facilities

• How to defend your website against card skimmers

• Ecommerce platforms (cough, Magento) need patching before Black Friday, warns UK’s National Cyber Security Centre

• How AI Security Solutions Helps to Protect organizations from Cyber Risks

• Locked Out Of God Mode, Runners Are Hacking Their Treadmills

• GoDaddy Security Breach Exposes WordPress Users’ Data

• NCSC Alerts Over 4,000 Retailers With Hackers Card Skimming Using Magento Flaw

• Multilingual Cybersecurity Awareness Training adapted for your needs

• DMARC and the prevention of World Health Organization phishing scams

• Vestas Wind Systems suspected Ransomware Attack

• Taking Back Control of the Internet | Avast

• IoT anomaly detection startup Shield-IoT lands $7.4M

• Wind Turbine Giant Vestas Fending Off Cyberattack

• Making the case for MDR: An ally in an unfriendly landscape

• Samsung Narrowing Gap With Apple Watch as Apple’s Shipments Fall

• New Apple Store Opening Soon in Berlin With Special Wallpaper Available for iPhone, iPad, and Mac

• FCW Insider: November 22, 2021

• Delivering on the Promise of 5G Requires New Security Standards

• Researchers Hack Conti Ransomware Infrastructure

• Be Aware! Fake TSA PreCheck Websites Swindle American Passengers with Bogus Renewals

• Hackers Attack MS Exchange Servers Using ProxyShell & ProxyLogon Exploits to Distribute Malware

• Global Technology Provider Looks to MVISION Unified Cloud Edge

• What is ThreatCloud and how does it work

• Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends

• Facebook Delays Plans to Use End-to-End Encryption As Default for Messenger and Instagram Messages Until at Least 2023

• Deals: AirPods 3 Drop to Record Low of $154.99 ($24 off)

• France Doubles Down on Countering Foreign Interference Ahead of Key Elections

• RedCurl Makes a Comeback: They Also Have Updated Hacking Tools

• US Securities and Exchange Commission Is Warning Investors

• BrazKing Android Malware Evolves Into A Potent Banking Trojan

• Researcher Earns $10K Bounty For A Google Cloud Project SSRF Flaw

• Iran’s Top Tier Airline Mahan Air Hit by Cyberattack

• Cybersecurity M&A Roundup for Third Week of November 2021

• Online Payment Fraud Surges by 208% Ahead of Black Friday

• Why the ‘Basement Hacker’ Stereotype Is Wrong — and Dangerous

• Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends

• Utah Imaging Associates data breach impacts 583,643 patients

• “Crypto” Means “Cryptography,” not “Cryptocurrency”

• Most Inspiring Women in Cyber 2021: Gail Kent, Director of Messenger Policy at Facebook

Generated on 2021-12-01 00:01:58.530307