IT Security News Monthly Summary – February

• IT Security News Daily Summary 2023-01-31

• House lawmakers want VA’s $20 billion-plus electronic health record program to improve or else

• NASA SEWP director echoes concerns over looming deadlines for software providers

• Risk & Repeat: The FBI’s Hive ransomware takedown

• The FCC Broadband Maps: Meet the New Maps, Same as the Old Maps

• Energy Department wants national labs to drive regional innovation

• Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code

• ‘Ghost buses’ haunt transit agencies and frustrate riders

• Tribal broadband grants needs better metrics

• Microsoft upgrades Defender to lock down Linux gear for its own good

• Singapore can now order social media sites to block access, as ‘online safety’ law kicks in

• Microsoft upgrades Defender to lock down Linux devices for their own good

• Measuring for management

• What cybersecurity consolidation means for enterprises

• Phishers Trick Microsoft Into Granting Them ‘Verified’ Cloud Partner Status

• EFF Files Amicus Briefs in Two Important Geofence Search Warrant Cases

• Setting the Record Straight: EFF Statement in Support of FCC Nominee Gigi Sohn

• ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store

• Poser Hackers Impersonate LockBit in SMB Cyberattacks

• Experts released VMware vRealize Log RCE exploit for CVE-2022-31706

• John the Ripper: Password Cracking Tutorial and Review

• Vulnerability Summary for the Week of January 23, 2023

• What Makes ReactJS Good for Logistics Applications in 2023?

• Will Cybersecurity Remain Recession-Proof in 2023?

• Two Steps Forward, One Step Back on Vaccine Privacy in New York

• Zero trust security: A cheat sheet (free PDF)

• Horizon3.ai releases POC exploit for VMware vulnerabilities

• GitHub Says Hackers Cloned Code-Signing Certificates In Breached Repository

• Threats to VoIP Security Are Rising

• The 12 Biggest Android App Development Trends in 2023

• CIOs hold greater organizational leadership status

• GitHub Confirms Signing Certificates Stolen in Cyber-Attack, Revokes Them

• Crystal Group Joins the vPAC Alliance as Charter Member

• USPS signs data management contract worth up to $70M with Veritas Technologies

• Sentra Raises $30 Million for DSPM Technology

• OffSec Yearly Recap 2022

• U.S. Stops Granting Export Licenses For China’s Huawei

• KeePass Disputes Report Of Flaw That Could Exfiltrate A Database

• Chromebook SH1MMER Exploit Promises Admin Jailbreak

• Bill Targets Suicide Hotline Vulnerabilities After Cyberattack On Intrado

• South Korea Makes Crypto Crackdown A National Justice Priority

• DOD instructs acquisition teams to prioritize small business engagement over best-in-class contracts

• DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000

• CISA Releases One Industrial Control Systems Advisory

• ManageEngine Study Finds United States Enterprises Hit by Short-staffed Security Operations Centers

• Advanced IT Concepts (AITC) Names New Chief of Cyber and Technology Programs

• Menlo Security Cloud Security Platform Receives FedRAMP® Authorization

• Stories from the SOC – RapperBot, Mirai Botnet – C2, CDIR Drop over SSH

• Russia Killnet launches DDoS attack on Netherlands and the United States

• Tech Nation To Shut Down After Government Pulls Grant

• The Data Leakage Nightmare in AI

• New Survey Reveals 40% of Companies Experienced a Data Leak in the Past Year

• NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America

• CISA Releases One Industrial Control Systems Advisory

• Hackers Stole GitHub Desktop and Atom Code-Signing Certificates

• Amid FTX’s burning wreckage, Japan outpost promises asset withdrawals in February

• Qwant or DuckDuckGo: Which Search Engine is More Private?

• Password Changes are Required for LastPass Customers

• US Justice Department Requests Tesla Self-Driving Documents

• DevSecOps Benefits and Challenges

• Microsoft’s Verified Publisher Status Abused in Email Theft Campaign

• Cyber Insights 2023: Artificial Intelligence

• Cyber Insights 2023: Cyberinsurance

• Cyber Insights 2023: Attack Surface Management

• Financial Services Targeted in 28% of UK Cyber-Attacks Last Year

• Sentra Raises $30 Million Series A Financing to Meet Growing Demand for Data Security in the Cloud

• Aura and Nonprofit Cyversity Partner to Support a More Inclusive Cyber Workforce

• GitHub to revoke stolen code signing certificates for GitHub Desktop and Atom

• Conti Source Code & Everything API Employed by Mimic Ransomware

• US Hospitals DDoS Attack, Websites Taken Down By Russian Hackers

• Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts

• TSA U.S. ‘No Fly List’ Gets Leaked On Hacking Forum

• 10 Ways Digitalisation is Improving the UK Immigration Process

• FBI Takes Down the Infamous Ransomware Gang’s Website

• China Start-Up ‘Delivers Quantum Computer’

• CEO, CIO or CFO: Who Should Your CISO Report To?

• Critical QNAP Vulnerability Leads to Code Injection

• How the Atomized Network Changed Enterprise Protection

• Guardz Emerges From Stealth Mode With $10 Million in Funding

• Are Your Employees Thinking Critically About Their Online Behaviors?

• Understanding Business Email Compromise to better protect against it

• 10 Surprises of Remote Work from Security Engineers

• Cybersecurity Industry News Review – 31 January 2023

• Spotify Beats Estimates, But Losses Soar

• The U.N. Cybercrime Convention Should Not Become a Tool for Political Control or the Watering Down of Human Rights

• The Lessons of the Electoral Count Reform Act: Next Steps in Reform

• Why Attackers Target the Financial Services Industry

• The Future of Online Shopping – What to Expect

• Phishing attacks are getting scarily sophisticated. Here’s what to watch out for

• Pro-Palestine hackers threaten Israeli chemical companies

• Perception Point Announces New Record Year, Protecting Over 2,000 Organizations, Doubling Annual Recurring Revenue, and Expanding Portfolio into Web Security

• What Is Dynamic Host Configuration Protocol (DHCP)?

• 10 Million JD Sports Customers Had Their Data Exposed in a Data Breach

• Why Cybersecurity Business Needs a Real-Time Collaboration Tool

• You Don’t Know Where Your Secrets Are

• Facebook & Instagram Flaw Let Anyone Bypass Two-factor Authentication

• SAST: How Code Analysis Tools Look for Security Flaws

• New year, new storage challenge

• GitHub Revokes Code Signing Certificates Following Cyberattack

• Saviynt Raises $205M; Founder Rejoins as CEO

• OpenVEX Spec Adds Clarity to Supply Chain Vulnerability Warnings

• Critical QNAP NAS vulnerability fixed, update your device ASAP! (CVE-2022-27596)

• GitHub code-signing certificates stolen (but will be revoked this week)

• You Really Need to Update Firefox and Android Right Now

• Porsche Stops NFT Launch While Phishing Sites Fills The Space

• Gartner Sees Further Smartphone, PC Sales Slide In 2023

• Oversight Chairman Comer: ‘We’re two years behind in oversight’

• Cyber Insurance Companies Require Enhanced Security from Clients

• Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years

• New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector

• 1-15 January 2023 Cyber Attacks Timeline

• Samsung Chip Business Posts Profit Plunge

• C++ creator Bjarne Stroustrup defends its safety

• 11 Questions to Ask When Choosing an Application Security Vendor

• Saviynt raises $205M and affirms that IAM must be cloud-friendly

• Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process

• Killnet Attackers DDoS US and Dutch Hospitals

• US ‘Stops Providing’ Huawei Export Licences

• Two US Doctors Convicted of $30m Medicare Fraud

• $27,000 Awarded By Meta As Bounty For 2FA Bypass Vulnerability

• QNAP: Patch Critical Remote Code Injection Bug

• 4 Ways Artificial Intelligence Is Making Virtual Casinos Safer for Users

• Bitwarden to increase its server-side iterations to 600,000; here’s how to set it manually

• Pro-Russia group Killnet targets US healthcare with DDoS attacks

• Budget constraints force cybersecurity teams to do more with less

• Is President Biden’s National Cybersecurity Strategy a good idea?

• DigiCert releases new unified approach to trust management

• 3 ways to stop cybersecurity concerns from hindering utility infrastructure modernization efforts

• Need to improve the detection capabilities in your security products?

• Sentra raises $30M to streamline data securely across the public cloud

• Prilex modification now targeting contactless credit card transactions

• CyberSecurity Tools: 21 Research Tools For Threat Intelligence

• BlackCat Ransomware targets Indian Military weapons maker and Yandex Data Breach

• The Hidden Threat: 1Password Password Manager Phishing Ads on Google

• Amid FTX’s burning wreckage, Japanese outpost promises asset withdrawals in February

• Russian Millionaire on Trial in Hack, Insider Trade Scheme

• Fiserv Looks to Support New Payment Flows with Major Payment Institution License from Monetary Authority of Singapore

• Coalition Launches Coalition Insurance Company

• TD SYNNEX Announces Closing of Secondary Public Offering of Common Stock and Concurrent Share Repurchase

• South Korea makes crypto crackdown a national justice priority

• QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates

• GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom

• ShardSecure partners with Entrust to address data security challenges

• Perimeter 81 collaborates with AVANT to expand access to SASE solutions

• KELA launches cyber intelligence platform to empower proactive digital crime prevention

• Cyber Security Managed Services 101

• Planet Ice – 240,488 breached accounts

• Soft Skills: Writing

• What’s Next for Data Security in 2023

• How to implement MVP and its key benefits

• House bill would scrap VA’s $20 billion-plus electronic health record program

• A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how: Lock and Code S04E03

• Update your LearnPress plugins now!

• Riot Games refuses to pay ransom to avoid League of Legends leak

• Analyzing and remediating a malware infested T95 TV box from Amazon

• Republicans announce new congressional cyber subcommittee leadership

• i-PRO New Multi-Sensor Lineup, PTZ Cameras & New Analytics at ISC West

• QNAP addresses a critical flaw impacting its NAS devices

• U.S. No Fly List Leaked on Hacker Forum

• Open Source Security Index Lists Top Projects

• Russia’s Sandworm APT Launches Swarm of Wiper Attacks in Ukraine

• Chromebook SH1MMER exploit promises admin jailbreak

• IT Security News Daily Summary 2023-01-30

• Cybercrime Ecosystem Spawns Lucrative Underground Gig Economy

• The wages of sin aren’t that great if you’re a developer choosing the dark side

• Ransomware victims stand up to attackers

• Facebook Accused Of Secretly Draining Users’ Cell Phone Batteries

• SentinelOne and KPMG Announce Alliance To Accelerate Cyber Investigations and Response

• JD Sports discloses a data breach impacting 10 million customers

• 10M JD Sports Customers’ Info Exposed in Data Breach

• How AI helps one city spot damaged rooftops

• crypto wallet (cryptocurrency wallet)

• Serious Security: The Samba logon bug caused by outdated crypto

• IT and Security Professionals Spend an Average of 4,300 Hours Annually Achieving or Maintaining Compliance

• Make Developers the Driver of Software Security Excellence

• The Threat from Within: 71% of Business Leaders Surveyed Think Next Cybersecurity Breach Will Come from the Inside

• British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers

• How $6 Can Buy Hacked Social Media & Streaming Accounts From the Dark Web, Whizcase Study Reveals

• Stupid Patent of the Month: Digital Verification Systems Patents E-Signatures

• Gootloader malware updated with PowerShell, sneaky JavaScript

• Royal Mail “cyber incident” is an ongoing cyberattack CEO admits to MPs

• Facebook Bug Allows 2FA Bypass Via Instagram

• ISC Issues Security Updates to Address New BIND DNS Software Bugs

• Long Con Impersonates Financial Advisers to Target Victims

• Mounting cybersecurity pressure is creating headaches in railway boardrooms

• A glut of wiper malware hits Ukrainian targets

• California Law Says Electronic Search Data Must Be Posted Online. So Where Is It?

• Top Authentication Trends to Watch Out for in 2023

• zero-day (computer)

• The 5 best VPN trials of 2023

• JD Sports Confirms Breach Affected 10 Million Customers

• Fake Texts From the Boss, Bogus Job Postings and Frankenstein Shoppers — Oh My!

• Facebook Parent Seeks To Block £3bn UK Lawsuit

• Convincing, Malicious Google Ads Look to Lift Password Manager Logins

• Are Jan. 6 Defendants Getting a Fair Shake from DC Juries? Comparing Jury and Bench Trial Outcomes

• TikTok Chief Chew To Testify Before US Congress

• Critical Realtek Vulnerability Impacting IoT Devices Worldwide

• Get nine ethical hacking courses for just $30

• Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware

• The Journal, Artificial Intelligence in the Life Sciences, Highlights the Contributions of Women in Artificial Intelligence in the Life Sciences

• Moola Market Manipulation

• How to make sure the reputation of your products and company is good

• Sontiq’s BreachIQ Recognized as ‘Transformative’ With CyberSecured Fraud Protection Award

• Perimeter 81 Partners with AVANT to Expand Access to Award-Winning SASE Solutions

• University of Phoenix Recognized With 2022 Academia Circle of Excellence Award by EC-Council, World’s Largest Cybersecurity Certification Body

• Why enterprises trust hardware-based security over quantum computing

• Clever Hacker Finds The Perfect Way To Creatively Vandalize London’s Knightrider Court

• TikTok CEO To Testify Before U.S. Congress Over Security Concerns

• JD Sports Says 10 Million Customers Hit By Cyber Attack

• Russian Hackers DDoS Germany For Aiding Ukraine

• Most Criminal Cryptocurrency Is Funneled Through Just 5 Exchanges

• A Six-Step Guide to Preventing Cyber Security Breaches

• 9 Ways smart devices can compromise your privacy

• Data Breach at Britain JD Sports leaks 10 million customers

• Blacklisted China Chip Giant YMTC Cuts ‘Hundreds’ Of Staff

• Schools don’t pay, but ransomware attacks still increasing

• Devs on Dark Web Forums Paid Up to $20,000 For Illicit Activities

• Researcher received a $27,000 bounty for 2FA bypass bug in Facebook and Instagram

• JD Sports admits data breach

• Threat Intelligence Platform: A Tool to Mitigate Upcoming Cyber Threats

• Evolution of Gootkit Malware Using Obfuscations

• Serious 2FA Bypass Vulnerability Affected Facebook And Instagram

• The Hidden Threat: Bitwarden Password Manager Targeted by Phishing Scams

• No, AI is Not Magic!

• Japan, Netherlands ‘Join US China Chip Sanctions’

• JD Sports Cyber-Attack Affects Data Of 10 Million Customers

• NIST debuts long-anticipated AI risk management framework

• Unphishable mobile MFA through hardware keys

• Russia-Linked APT29 Uses New Malware in Embassy Attacks

• Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data

• 5 ethical hacker certifications to consider

• Splitgate Tips & Tricks to Win More & Unlock Skins FAST!

• JD Sports admits intruder accessed 10 million customers’ data

• Hackers Exploiting Unpatched Exchange Servers in The Wild

• How the Silk Road Affair Changed Law Enforcement

• As public cloud use increases, security gaps widen

• Spotlight on 2023 DevSecOps Trends

• Recovering from Attacks: Getting Back to Normal

• What is Word Unscrambler In Gaming?

• Schools Are A Rising Target For Ransomware Attacks

• The EU Can, and Should, Designate the IRGC as a Terrorist Group

• How to Save Thousands of Afghan Allies

• Acronis seals cyber protection partnership with Fulham FC

• Critical OpenEMR vulnerabilities may allow attackers to access patients’ health records

• Microsoft warning: Protect this critical piece of your tech infrastructure

• Council Of Europe Warns Over Data Protection Rights

• Breaking: JD Sports Data Breach Following Cyberattack

• Mimic Attacks: Ransomware Hijacking Windows ‘Everything’ Search Tool

• LearnPress Plugin Vulnerabilities Risk Numerous WordPress Sites

• Multiple Vulnerabilities In Yellowfin BI Could Allow RCE Attacks

• SMEs Are Now the Top Targets for Cybercriminals

• The Untold Story of a Crippling Ransomware Attack

• Identity Reveal: Threat Actor Behind Golden Chicken Malware Service Exposed

• SwiftSlicer New Data-Wiping Malware Attacks Windows Operating Systems

• New Mimic Ransomware Uses Windows Search Engine to Find and Encrypt Files

• We are the weakest link

• An Introduction to Data Mesh

• Black swans events are shaping the cybersecurity present and future

• CISO Interview Series: Brian Haugli

• Network Security Threats and Defenses: A 2023 Guide

• The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment

• Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability

• Titan Stealer: A New Golang-Based Information Stealer Malware Emerges

• Sandworm APT group hit Ukrainian news agency with five data wipers

• Apple’s 2023 Mac mini is a Mini Mac Studio

• Redaction: how to properly hide sensitive text on a PDF document

• Charities Criticise Move To Shut Down AmazonSmile

• Congressional Democrats propose an 8.7% pay raise for feds in 2024

• Fake Money Apps Garner Millions of Android Downloads

• Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices

• 20 Million Downloads In Shady Rewards Apps Via Google Play

• New Yorker Gets Four Years for $9m COVID Fraud Scheme

• Realtek Vulnerability Under Attack: 134 Million Attempts in 2 Months to Hack IoT Devices

• Come to the dark side: hunting IT professionals on the dark web

• Five Data Wipers Attack Ukrainian News Agency

• Software developers, how secure is your software?

• New Research Uncovers Threat Actor Behind Infamous Golden Chickens Malware-as-a-Service

• UNC2565 threat actors continue to improve the GOOTLOADER malware

• Arkose Labs unveils SMS Toll Fraud online ROI calculator

• Insider attacks becoming more frequent, more difficult to detect

• ICS vulnerabilities: Insights from advisories, how CVEs are reported

• Mounting pressure is creating a ticking time bomb for railway cybersecurity

• How organizations can keep themselves secure whilst cutting IT spending

• Details about TikTok Project Texas of United States

• Versa Networks Hosting Versatility 2023 Annual User Conference Next Month

• SecureAuth Closes 2022 with Exciting Momentum as Customer Adoption Soars for Passwordless Continuous Authentication

• Government Issues High-risk Warning for iPhone Users

• Gee, tanks: Russian hackers DDoS Germany for aiding Ukraine

• IT Security News Weekly Summary – Week 04

• IT Security News Daily Summary 2023-01-29

• Doctor Paid $60k in Bitcoin to Hire Dark Web Hitmen

• Facebook Scams, Account Takeovers Are On The Rise

• Alleged member of ShinyHunters group extradited to the US, could face 116 years in jail

• Pro-Russia group Killnet targets Germany due to its support to Ukraine

• Russia in the Caucasus and Central Asia After the Invasion of Ukraine

• Riot Games Hit by Data Breach

• Netflix To Clamp Down On Password Sharing By Q1 Of 2023

• ISG to Publish Reports on Power and Utilities Industry

• Julie Cullivan Joins Astra Board of Directors

• Latest Cyberthreats and Advisories – January 20, 2023

• How to Secure Your CI/CD Pipeline

• Watch out! Experts plans to release VMware vRealize Log RCE exploit next week

• Security Affairs newsletter Round 404 by Pierluigi Paganini

• DOJ Reveals: FBI Hacked Hive Ransomware Gang

• Aurora Infostealer Malware Uses Shapeshifting Techniques

• Using Legitimate Remote Management Systems, Hackers Infiltrate Federal Agencies

• Critical CryptoAPI Spoofing Flaw in Windows PoC Exploit Released

• Week in review: ChatGPT cybersecurity, critical RCE vulnerabilities found in git, Riot Games breached

• Cyber Security Management System (CSMS) for the Automotive Industry

• Gootkit Malware Continues to Evolve with New Components and Obfuscations

• Why we should care about the theft of $1

• Yandex Source Code Online Leaked, Company Denies Hack

• Mirantis acquires Shipa to extend management capabilities beyond containers to applications

• Hive! Hive! Hive! Ransomware site submerged by FBI

• Copycat Criminals mimicking Lockbit gang in northern Europe

• IT Security News Daily Summary 2023-01-28

• Sandworm APT targets Ukraine with new SwiftSlicer wiper

• Extradited Alleged ShinyHunters Hacker Pleads Not Guilty in US Court

• Managing Cybersecurity for Critical National Infrastructure

• Take Steps to Protect Your Enterprise Against the Risks

• No experience, No Problem – (ISC)² Recruits 140,000 Individuals Interested in a Cybersecurity Career

• Real Talk with CCSPs An interview with Vanessa Leite, CCSP, CISSP

• Latest Cyberthreats and Advisories – January 6, 2023

• eSentire: Golden Chickens Malware’s Attacker Uncovered

• This New Python RAT Malware Targets Windows in Attacks

• Telephony fraud and risk mitigation: Understanding this ever-changing threat

• A Catastrophic Mutating Event Will Strike the World in 2 Years, Claims WEF

• Bitwarden Password Manager users are being targeted by phishing ads on Google

• Top 5 stories of the week: Ransomware takes a hit, Intel struggles, CIOs get their own special issue, and more

• A Link to News Site Meduza Can (Technically) Land You in Russian Prison

• ISC fixed high-severity flaws in DNS software suite BIND

• Recent legal developments bode well for security researchers, but challenges remain

• 9 API security tools on the frontlines of cybersecurity

• Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge

• Microsoft Urges Customers to Secure On-Premises Exchange Servers

• North Korean Hackers Target Crypto Users with Phony Job Offers

• Mon Dieu! Suspected French ShinyHunters gang member in the dock

• Build or Buy your own antivirus product

• ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

• Enterprises Don’t Know What to Buy for Responsible AI

• Weekly Update 332

• Enterprises Need to Do More to Assure Consumers About Privacy

• Ukraine Hit with New Golang-based ‘SwiftSlicer’ Wiper Malware in Latest Cyber Attack

• BrandPost: 3 Best Practices for Building Security Resilience

• The CSO guide to top security conferences

• FBI takes down Hive ransomware group in an undercover operation

• Hackers abuse legitimate remote monitoring and management tools in attacks

• BrandPost: Understanding Device and Infrastructure Attacks: Exploring the Microsoft Digital Defense Report 2022

• FBI Hacks Back Hive Ransomware Gang’s Infrastructure – Website Seized

• IronNet Announces Receipt of Continued Listing Standard Notice from NYSE

• Cyberattacks Cost Small Businesses, While Prevention Attracts Customers

• IT/OT convergence and Cybersecurity best practices

• How to Earn Your (ISC)² Certification

• Working with AWS to secure your data against attack

• SwiftSlicer: New destructive wiper malware strikes Ukraine

• Are you in control of your personal data? – Week in security with Tony Anscombe

• Microsoft to enterprises: Patch your Exchange servers

• Compliance Auditing for Data Security Posture Management

• Data Privacy: How the Growing Field of Regulations Impacts Businesses

• OneSpan acquires ProvenDB to address customers’ secure vaulting needs

• Uncle Sam slaps $10m bounty on Hive while Russia ban-hammers FBI, CIA

• What happened in privacy in 2022

• Patch management is crucial to protect Exchange servers, Microsoft warns

• GAO: DOD needs better guidance, resources for contested information environment training

• Friday Squid Blogging: Squid-Inspired Hydrogel

• IT Security News Daily Summary 2023-01-27

• Microsoft Investigates Outage With Teams, Outlook

• Australian man given two-year jail sentence for $69K phishing scams

• Why Most Companies Still Don’t Know What’s on Their Network

• Chip giant ASML sees 2023 sales surge; says China revenue to be steady despite U.S. restrictions

• Cybersecurity professionals upskill in Brazil and Mexico

• Hackers Use RMM Software to Breach Federal Agencies

• Quantum physicists make major nanoscopic advance

• Wireshark 4.0.3 Released – What’s New!

• VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities

• LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised

• Go to security school, GoTo – theft of encryption keys shows you need it

• Tackling Cyber Threats with Automation & AI in 2023 and Beyond

• Apple releases Ventura 13.2, iOS 16.3, surprise iOS 12.5.7; neglects still-sold Apple Watch Series 3

• Hackers Using Sliver Framework as an Alternative to Cobalt Strike & Metasploit

• Kevin Mitnick Hacked California Law in 1983

• FBI catches up with infosec and crypto communities, blames Lazarus Group for $100 million heist

• Leaders anticipate cyber-catastrophe in 2023, report World Economic Forum, Accenture

• The Pentagon’s innovation shop wants more influence in 2023

• FBI takes down Hive ransomware group

• EDR tools for Windows Server compared

• On Data Privacy Day, Organizations Fail Data Privacy Expectations

• Updates, Compilation

• What is Stakeholder-Specific Vulnerability Categorization?

• A Brief Overview of the Spring Cloud Framework

• GoTo admits: Customer cloud backups stolen together with decryption key

• Skyhawk Security Launches Multicloud Runtime Threat Detection and Response Platform

• ISC Releases Security Advisories for Multiple Versions of BIND 9

• Logfile management is no fun. Now it’s a nightmare thanks to critical-rated VMware flaws

• January 2023 Web Server Survey

• How to use Microsoft KQL for SIEM insight

• Hive ransomware servers shut down at last, says FBI

• ISC Releases Security Advisories for Multiple Versions of BIND 9

• Bitwarden Password Vaults Subject Of Google Ads Phishing

• Energy Dept. makes plans to take its HR system to the cloud

• Philosophers have studied ‘counterfactuals’ for decades. Will they help us unlock the mysteries of AI?

• Michigan embraces ‘Clean Slate’ program without applications

• Critical RCE Lexmark Printer Bug Has Public Exploit

• Speaking Engagements

• FBI smokes ransomware Hive after secretly buzzing around gang’s network for months

• Multiple Vulnerabilities Found In Healthcare Software OpenEMR

• Mark43 continues to put security and reliability first, achieving premier StateRAMP “In Process” Service Provider designation

• Cyware Cyber Fusion Center (CFC) Platform Achieves FedRAMP Ready Designation

• Latest Cyberthreats and Advisories – January 27, 2023

• PlugX Malware Sneaks Onto Windows PCs Through USB Devices

• Survey: CIOs feel elevated, consider themselves ‘changemakers’

• How Florida is looking to build the ‘nation’s first AI university’

• How are you marking data privacy day?

• Gartner report shows zero trust isn’t a silver bullet

• 10 steps every business can take to avoid a cybersecurity breach

• Black Basta Deploys PlugX Malware in USB Devices With New Technique

• Google: Influence Operator Dragonbridge Floods Social Media in Sprawling Cyber Campaign

• Identifying and securing your business’s dark data assets in the cloud

• AT&T Cybersecurity awarded the Palo Alto Networks 2022 Partner of the Year Award

• Are WE the firewall?

• Improve your AWS security posture, Step 3: Encrypt AWS data in transit and at rest

• A new initiative seeks to help small cities access infrastructure funding

• How Noob Website Hackers Can Become Persistent Threats

• Lessons learned from 2022

• Critical Vulnerability Impacts Over 120 Lexmark Printers

• New ‘Pig Butchering’ Scam in West Africa Impersonates US Financial Advisors

• Hacker accused of having stolen personal data of all Austrians and more

• Assessing Impacts of AI on Human Rights: It’s Not Solely About Privacy and Nondiscrimination

• How Can a ‘Digital Emblem’ Help Protect Medical Facilities Against Cyber Operations?

• Russia starts cyber attacks on the West with Germany for supporting Ukraine

• Yandex Denies Hack – Source Code Leaked on Popular Hacking Forum

• U.S. Targets Google’s Online Ad Business in Latest Lawsuit

• Source Code & Private Data Stolen From GoTo

• Why Zero Trust Works When Everything Else Doesn’t

• Here’s how IT budgets should fill cybersecurity moats in 2023

• 3 Ways ChatGPT Will Change Infosec in 2023

• Google Slays Thousands Of Fake News Vids Posted By Dragonbridge

• Russian Hackers Launch Attack On Germany In Leopard Retaliation

• 2 Federal Agencies Hacked With Remote Monitoring

• US Hacks Back Against Hive Ransomware Crew

• Threat Detection and Response (TDR) – An Overview

• 40 Windows CMD Commands that Will Make You Feel Like a Real Hacker

• Apple releases macOS Ventura 13.2, iOS 16.3, and more

• Industry Reactions to Hive Ransomware Takedown: Feedback Friday

• BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws

• Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service

• Latest Cyberthreats and Advisories – January 27, 2023

• Zero Trust Cybersecurity Protocols Slow Companies to “Mask Up”

• The Nominees for the 2023 Cybersecurity Defender of the Year Award in EMEA

• NIST A.I. Risk Management Framework Announcement

• What Is Spyware, What It Does, and How to Block It?

• What Is Kerberos Authentication?

• The top 20 most notable Mac malware threats of 2022

• How to protect your Apple ID account with Security Keys on iPhone, iPad, or Mac

• Brazil’s Telecom Operators Made Strides and Had Shortcomings in Internet Lab’s New Report on User Privacy Practices

• LATEST CYBERTHREATS AND ADVISORIES – JANUARY 27, 2023

• Data Privacy Day: Understanding the Risks of Social Media

• Iranian APT Leaks Data From Saudi Arabia Government Under New Persona

• Microsoft Urges Customers to Patch Exchange Servers

• What Are Some Good Word Games You Can Play Online

• Cyberwarfare Threat Looming Large on Firms Worldwide

• 20 Top Apple Malware Threats in 2022

• The 31 Flavors of Data Lineage and Why Vanilla Doesn’t Cut It

• Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

• A Guide to Phishing Attacks

• Aurora Infostealer Malware Deploys Shapeshifting Tactics

• 5 Golden Rules of Threat Hunting

• ADS-B Exchange, the Flight Tracker That Powered @ElonJet, Sold to Jetnet

• British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries

• 3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox

• How to Choose Between Access Control Models? RBAC vs. ABAC vs. PBAC

• FBI Closes Down Hive Ransomware Gang: What Does This Mean for the Security Landscape?

• Security Flaws Disclosed in Samsung’s Galaxy Store App for Android

• Data Privacy Day: Securing your data with a password manager

• Security is Key to Business Transformation, Say IT Chiefs

• $10M Reward By U.S. For Hive Ransomware Links To Foreign Government

• US Seizes Servers Of Prolific Ransomware Gang Hive

• Global Action “Dismantles” Hive Ransomware Group

• Twitter Partners Ad Verification Firms To Appease Advertisers

• Hackers Abuse Legitimate Remote Monitoring Tools to Steal Banking Data

• US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware

• Microsoft: Update On-Premises Exchange Server Now

• NASA And DARPA To Develop Nuclear Rocket Engines For Mars

• AI in cybersecurity: The good, the bad, and the ugly

• CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack

• Savvy cybersecurity pros benefit from host of free resources to step up fight against hackers and cyber threats

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

• 3 business application security risks businesses need to prepare for in 2023

• New infosec products of the week: January 27, 2023

• UK Cyber Security Centre’s scary new story: One phish, two phish, Russia phish, Iran phish

• Cyber Attack news headlines trending on Google

• BING will not get enhanced with Microsoft AI investment of $10 billion

• 50% of organizations exceed their budgeted spend on cloud storage

• Open source skills continue to be in high demand

• RealDefense Acquires SUPERAntiSpyware From Support.com

• Senhasegura Wins 2022 CyberSecured Award for Best Privileged Access Management (PAM) Solution

• Verimatrix Secure Delivery Platform Marks Its First Year with Billions of Video Viewership Licenses Served

• CFM and NXTsoft Announce Strategic Combination

• Predictions 2023, Part 1: What will the new year bring for the InfoSec Community?

• 12 ways to improve your website security

• AI and Cybersecurity: Some observational implications of the intersection between the two

• Ermetic extends its CNAPP with cloud workload protection capabilities

• Cloud Range for Critical Infrastructure improves operational efficiency of security teams

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Why your data is more valuable than you may realize

• Google slays thousands of fake news vids posted by pro-China group Dragonbridge

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Tech layoffs aren’t hitting this digital job market where over 700,000 workers are needed

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• 10 Best Identity and Access Management (IAM) Solutions

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Hive Ransomware Gang Disrupted; Servers and Dark Web Site Seized

• Prove Identity hires Amanda Fennell as CISO and CIO

• Iron Bow acquires GuardSight to enhance its cybersecurity solutions

• “2.6 million DuoLingo account entries” up for sale

• 3 ways Malwarebytes helps you browse securely and privately online

• WhatsApp hijackers take over your account while you sleep

• CISA releases advice on how to safeguard K–12 organizations

• 5 facts about Vice Society, the ransomware group wreaking havoc on the education sector

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Gartner: Zero Trust Will Not Mitigate Over Half of Attacks

• Chinese spy sentenced to 8 years in federal prison

• IT Security News Daily Summary 2023-01-26

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Ofcom Opens Probe Into BT Customer Contracts

• Refurbished versus Remanufactured: What’s the Difference and Why Does it Matter?

• One-third of orgs don’t take cyberwarfare seriously despite the Russia-Ukraine war

• Dutch suspect locked up for alleged personal data megathefts

• SaaS RootKit Exploits Hidden Rules in Microsoft 365

• A Child’s Garden of Cybersecurity

• Riot Games Latest Video-Game Maker to Suffer Breach

• What the FBI’s Hive takedown means for the ransomware economy

• Australia, Singapore firms amongst most likely to halt digital transformation due to cyberwarfare risks

• Privacy Regulators Accuse Home Depot Of Sharing User Data With Facebook Without Consent

• UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• New Python Malware Targeting Windows Devices

• Job scams: How they persuade and how to protect yourself

• 5 Long-term Benefits of Adopting Zero Trust Architecture

• Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

• Cyberattacks Target Websites of German Airports, Admin

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Cryptocurrencies: How have they influenced cybercrime?

• When may a robot kill? New DOD policy tries to clarify

• GAO pegs unemployment insurance fraud tally at more than $60 billion

• Threat Groups Distributing Malware via Google Ads

• Dutchman Detained for Dealing Details of Tens of Millions of People

• Federal Agencies Infested by Cyberattackers via Legit Remote Management Systems

• Facebook Introduces New Features for End-to-End Encrypted Messenger App

• Podcast Episode: Don’t Be Afraid to Poke the Tigers

• Cisco Listed as a Representative Vendor in Gartner® Market Guide for Single-Vendor SASE

• Stitching together health data and GIS for better decision-making

• Hive Ransomware Gang Loses Its Honeycomb, Thanks to DoJ

• An unfaithful employee leaked Yandex source code repositories

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Foster still has his eye on digital identity bill in the new Congress

• DOJ takes down ransomware group with a ’21st century cyber stakeout’

• Apple patches are out – old iPhones get an old zero-day fix at last!

• Companies Struggle With Zero Trust as Attackers Adapt to Get Around It

• German Government, Airports, Banks Hit With Killnet DDoS Attacks

• JCDC Announces 2023 Planning Agenda

• SSID Meaning: What Is an SSID and How Can You Find Yours?

• 2023-01-23 – Google ad –> Fake AnyDesk page –> possible TA505 activity

• New Hampshire could play ‘leading role’ in promoting blockchain, report says

• FBI hacked into Hive ransomware gang, disrupted operations

• JCDC Announces 2023 Planning Agenda

• How to find a job in the one tech market that is not seeing layoffs

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• 3 security gadgets I never leave home without

• Hive Ransomware Operation Shut Down by Law Enforcement

• 7 Insights From a Ransomware Negotiator

• CISA Releases Eight Industrial Control Systems Advisories

• Notes on the Jan. 6 Committee’s Notes

• Congratulations to the Top MSRC 2022 Q4 Security Researchers!

• Ahead of Data Privacy Day, Here are Best Password Practices to Safeguard Yourself

• Blank Image Attack: Blank Images Used to Evade Anti-Malware Checks

• Hackers used legit remote monitoring software to hack agency networks

• Data index helps officials allocate opioid settlement funds

• Singapore to tag unregistered SMS senders as ‘likely scam’

• US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’

• Iranian Group Cobalt Sapling Targets Saudi Arabia With New Persona

• CISA Releases Eight Industrial Control Systems Advisories

• Hive Ransomware Tor leak site apparently seized by law enforcement

• 2023 identity security trends and solutions from Microsoft

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Third-Party App Stores Could Be a Red Flag for iOS Security

• S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

• CISA Has Added One Known Exploited Vulnerability to Catalog

• Authorities shut down HIVE ransomware infrastructure, provide decryption tools

• Easy Smart Contract Debugging With Truffle’s Console.log

• The CIO agenda in 2023: Driving growth and transformation

• How CIOs can drive identity-based security awareness

• Making security invisible with adaptive access management

• Ransomware trends, statistics and facts in 2023

• Zacks Investment Research Confirms Breach Affecting 820,000 Customers

• Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges

• CISA Has Added One Known Exploited Vulnerability to Catalog

• Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort

• Remote Workers Face Growing Threats from Phishing Attacks

• Introducing kernel sanitizers on Microsoft platforms

• Prove Identity Appoints Amanda Fennell as New CISO

• Eclypsium Launches Below the Surface: The Supply Chain Security Podcast Series

• Zimperium Appoints Sammie Walker as Chief Marketing Officer to Accelerate Growth

• LATEST CYBERTHREATS AND ADVISORIES – JANUARY 13, 2023

• Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report

• Center for Cyber Safety and Education Opens 2023 Cybersecurity Scholarship Applications

• New Study Examines Application Connectivity Security in the Cloud

• Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation

• Project Texas: The Details of TikTok’s Plan to Remain Operational in the United States

• Constructing a New Middle East: In Pursuit of an American-Led Regional Security Architecture

• Critical Manufacturing Organizations Face Significant Risk of Cyber Attacks

• A $100 Million Theft Has Been Attributed to the Lazarus Group by the FBI

• Predicting which hackers will become persistent threats

• Ingram Micro Announces Inaugural Global Cloud and Innovation Summit: May 15-17 in Las Vegas

• (ISC)² New Jersey Chapter Hosts International Event with 500 Attendees

• Improve your AWS security posture, Step 2: Avoid direct internet access to AWS resources

• Hive Ransomware gang website seized by FBI and Europol

• Using Artificial Intelligence to Retain Tax Compliance – The Benefits

• Dozens of US schools, universities move to ban TikTok

• ShinyHunters suspect extradited to United States from Morocco, could face 116 years in jail if convicted

• Mapping Threat Intelligence to the NIST Compliance Framework Part 2

• 820k Impacted by Data Breach at Zacks Investment Research

• Tenable Launches $25 Million Early-Stage Venture Fund

• CISA Warns Against Malicious Use of Legitimate RMM Software

• NIST Risk Management Framework Aims to Improve Trustworthiness of Artificial Intelligence

• Cybellum Releases Enhanced SBOM Management and Compliance Oversight for Manufacturers with New Release of its Product Security Platform

• 3.7 Million Customers Data Of Hilton Hotels Put Up For Sale

• Explaining Vulnerability Scanning: Definition, Types, Best Practices

• SOCs Face Stern Test in 2023 as Hackers Target Governments and the Media

• ChatGPT’s Effective Corporate Usage Might Eliminate Systemic Challenges

• Supply Chain Attacks Induced More Data Breaches than Malware

• Mandiant’s CAPA + GoReSym to reinforce VT’s capabilities

• Canonical security subscriptions for Ubuntu Linux now available

• The Best Personal Safety Devices, Apps, and Alarms (2023)

• Researchers Uncover Connection b/w Moses Staff and Emerging Abraham’s Ax Hacktivists Group

• Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA

• Months After NSA Disclosed Microsoft Cert Bug, Datacenters Remain Unpatched

• RSA’s Demise From Quantum Attacks Is Very Much Exaggerated

• Notice On Hive Ransomware Site Claims Seizure By FBI, Europol

• What Happens When Crypto Derivatives Crash

• #MIWIC2022: Carole Embling, Metro Bank

• NCSC Warns State-Linked Hackers In Russia, Iran Are Targetting UK

• Defensive Driving: The Need for EV Cybersecurity Roadmaps

• How misinformed citizens put government personnel in harm’s way

• White House wants input on crypto tech R&D agenda

• Organizations Must Brace for Privacy Impacts This Year

• Ubuntu Pro: Comprehensive subscription for open-source software security

• Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

• US FAA Grounds Contractors Involved In Computer Outage

• Blameless Culture or How to Turn Mistakes into Assets

• Ubuntu Pro security subscriptions for Linux now available

• Hive Ransomware Operation Apparently Shut Down by Law Enforcement

• Is Once-Yearly Pen Testing Enough for Your Organization?

• What Is an SEO Poisoning Attack and How Does It Affect Network Security?

• Smartphone Shipments Plunge In Largest Ever Decline

• NSA and CISA alert: This phishing scam could give hackers control of your PC

• How to Prevent Home Network Hackers? Here’s all you Need to Know

• New Mimic Ransomware Abuses Everything APIs for its Encryption Process

• IBM And SAP To Cut Thousands Of Jobs

• Dozens of Cybersecurity Companies Announced Layoffs in Past Year

• Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool

• UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies

• US Government Agencies Warn of Malicious Use of Remote Management Software

• Ticketmaster: Taylor Swift ticket sales disrupted by bot-driven attack

• What Is Policy-as-Code? An Introduction to Open Policy Agent

• Securing IoT with Microsoft Defender for IoT sensors

• On Alec Baldwin’s Shooting

• Attackers use portable executables of remote management software to great effect

• Data Mesh vs. Data Fabric: A Tale of Two New Data Paradigms

• NCSC: Iranian and Russian Groups Targeting Government, Activists and Journalists With Spearphishing

• CISA: Federal Agencies Hacked Using Certain RMM Software

• The Year in Mac Malware 2022 – Intego Mac Podcast Episode 276

• Dark Web Posts Advertising Counterfeit Cash Surge 90%

• Killnet Russian Hacking Group Launches DDoS Attacks on German Websites

• U.S. Sues Google for Dominance Over Digital Advertising Technologies

• Near-Record Year for US Data Breaches in 2022

• Lupovis eliminates false positive security alerts for security analysts and MSSPs

• Lazarus Group Is Responsible for $100 Million Cryptocurrency Theft

• How Hackers Used Legitimate Software to Breach U.S. Federal Agencies

• Exploring The Role Of Technology In Modern Online Gambling

• Meta To Reinstate Donald Trump Facebook, Instagram Accounts

• Lloyds Bank Warns of 80% Surge in Advance Fee Scams

• 820K Zacks Investment Research Clients Impacted By Data Breach

• Tesla To Invest $3.6 Billion In Nevada Expansion

• Malicious USB devices: What are the risks?

• Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

• Bloke allegedly stole, sold private info belonging to ‘tens of millions’ globally

• Do you know what your supply chain is and if it is secure?

• PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration

• How businesses can bolster their cybersecurity defenses with open source

• US Federal agencies fall prey to Phishing Scam via Remote Management Software

• Malwarebytes Mobile Security for Business protects organizations’ mobile devices

• ThreatConnect Platform 7.0 enables organizations to modernize security operations

• Halo Security unveils KEV feature to improve attack surface visibility

• ChatGPT is a bigger threat to cybersecurity than most realize

• U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software

• Impact Podcast with John Shegerian Features Daring’s Ross Mackay

• Uprite Services Ranked on Channel Futures 2022 MSP 501—Tech Industry’s Most Prestigious List of Managed Service Providers Worldwide

• The Cyber AB Announces New Members to its Board of Directors

• Agency Spotter Announces Expansion Into IT & Development Services

• ISACA Awards Celebration to Recognize Outstanding Digital Trust Professionals for Impactful Contributions

• PK Secure Email helps users discover sensitive information in email communication

• Lupovis Prowl reduces time wasted investigating false positives

• SpyCloud Compass identifies infected devices accessing critical workforce apps

• Perimeter 81’s malware protection defends users from internet-borne threats

• Supply chain attacks caused more data compromises than malware

• Cypherbridge Enhances Security and Interoperability for IoT Devices with Support for New PX5 RTOS

• Cyberattacks Spark Demand for Industrial Security Solutions

• Help Shape the CGRC Exam – Formerly Known As CAP

• InQuest Appoints Andre Ludwig as Chief Product Officer

• CISSP-ISSAPs – We Need Your Input

• Cybersecurity Posture & Insurance Outlook with Advisen

• Mastodon vs. Twitter: Know the differences

• Mobile App APIs Are Crucial to Businesses – But Are Under-Protected

• Infrastructure-as-Code Security: a Critical Responsibility

• Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched

• Snyk Gets Nod of Approval With ServiceNow Strategic Investment

• Crypto.com achieves ISO 27017 and ISO 27018 security and privacy certifications

• LogicGate appoints Nicholas Kathmann as CISO

• Barry Mainz joins Forescout as CEO

• Strata Identity raises $26 million to boost sales and marketing

• Grand Theft Auto 5 exploit allows cheaters to tamper with your data

• Consumer privacy and social media

• Video game playing FISH live streams credit card ‘theft’

• How to force Portainer to use HTTPS and upload your SSL certificates for heightened security

• GSA opens workplace innovation lab, a coworking space for federal employees

• Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts

• Data Privacy Day: Privado Flags Data Privacy Challenges In 2023 As It Hails Industry Stars

• KORE Delivers IoT SAFE Solution for Massive IoT Use Cases with AWS

• EFF Tells Supreme Court: User Speech Must Be Protected

• IT Security News Daily Summary 2023-01-25

• Zacks Investment Research data breach impacted hundreds of thousands of customers

• New Wave of Cyberattacks Targeting MS Exchange Servers

• GAO calls on Energy Department to bolster competition for management contracts

• Microsoft closes another door to attackers by blocking Excel XLL files from the internet

• ChatGPT could boost phishing scams

• Healthcare Remains Top Target in 2022 ITRC Breach Report

• Google Pushes Privacy to the Limit in Updated Terms of Service

• Zacks Investment Research Hack Exposes Data for 820K Customers

• Davos Debrief: Critical Shortage of Cybersecurity Talent Requires Action on Several Fronts, CompTIA Executive Says

• Despite Slowing Economy, Demand for Cybersecurity Workers Remains Strong

• I’m still bitter about Slammer

• SAFHER cloud-based platform for regulating food and agriculture comes closer to fruition

• It takes a team to secure operational technology

• Researchers Pioneer PoC Exploit for NSA-Reported Bug in Windows CryptoAPI

• Handling Automatic ID Generation in PostgreSQL With Node.js and Sequelize

• iPhone Security: Do iPhones Need Antivirus?

• Contractor error led to Baltimore schools ransomware attack

• Experian Glitch Exposing Credit Files Lasted 47 Days

• GoTo Encrypted Backups Stolen in LastPass Breach

• Fani Willis to Judge McBurney: Give Us Time, Please

• Google Chrome 109 update addresses six security vulnerabilities

• Choosing the Best Cloud Provider for Hosting DevOps Tools

• How one state cut its vehicle titling time down to a few days

• Survey: Cybersecurity budgets aren’t matching cybersecurity challenges

• How cyber deception technology strengthens enterprise security

• Protecting Against Malicious Use of Remote Monitoring and Management Software

• CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software

• How to Prevent Cross-Site Scripting (XSS) Attacks

• Protecting Against Malicious Use of Remote Monitoring and Management Software

• CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software

• North Korea-linked TA444 group turns to credential harvesting activity

• Kronos Malware Reemerges with Increased Functionality

• Malicious Prompt Engineering With ChatGPT

• North Korean Group TA444 Shows ‘Startup’ Culture, Tries Numerous Infection Methods

• North Korea’s Top APT Swindled $1B From Crypto Investors in 2022

• Log4j Vulnerabilities Are Here to Stay — Are You Prepared?

• VMware Releases Security Updates for VMware vRealize Log Insight

• GoTo’s LastPass Breach: Encrypted Customer Data Taken

• How to use Security Keys to protect your Apple ID on your iPhone

• Multicloud Security Challenges Will Persist in 2023

• VMware Releases Security Updates for VMware vRealize Log Insight

• Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages

• Top FinTech API Security Challenges

• Plan for federal AI research and development resource emphasizes diversity in innovation

• Security Update for Chrome 109 Patches 6 Vulnerabilities

• Centralized services as a hedge against shadow IT’s escalation

• Yahoo Overtakes DHL As Most Impersonated Brand in Q4 2022

• Microsoft Security reaches another milestone—Comprehensive, customer-centric solutions drive results

• OSC Edge Earns Recurring Spot on Washington Technology’s 2022 Fast 50 List and Rewards Employees with Additional Bonus

• Cloud Range Launches the First OT/ICS Cyber Range for Live-Fire Training to Reduce Risk from Cyber Attacks on Critical Infrastructure

• Public Safety Threat Alliance Joins CISA’s Joint Cyber Defense Collaborative to Enhance Cybersecurity Posture of United States and Strategic International Partners

• NETSCOUT Appoints Shannon Nash and Marlene Pelage to Board of Directors

• SpyCloud Compass Reduces Ransomware Risk with Post-Infection Remediation

• The risks of 5G security

• Learn cutting-edge ethical hacking techniques for just $39.99

• Cybersecurity Budgets Increase for Retail & Hospitality Industry

• BD Publishes 2022 Cybersecurity Annual Report

• ThreatConnect Extends Threat Intelligence Platform to Enable Threat Intelligence Operations (TI Ops)

• Apple launches educational video resources to iPhone users on Data Privacy Day

• 2023 Predictions: Emerging Tech & Global Conflict Bring New Cyber Threats

• The Role of Data Governance in Data Strategy: Part II

• Federated learning key to securing AI

• CISA releases guide to help safeguard K-12 schools from cyber threats

• North Korean APT Expands Its Attack Repertoire

• Risk & Repeat: Another T-Mobile data breach disclosed

• Ticketmaster Claims Bot Attack Disrupted Taylor Swift Tour Sales

• BlackBerry’s Inaugural Quarterly Threat Intelligence Report Reveals Threat Actors Launch One Malicious Threat Every Minute

• Quantum Computers No Threat To Encryption Just Yet

• GoTo Warns Customers Of Crypto Key And Backup Heist

• DragonSpark Threat Actor Leverages Open Source RAT

• Hackers Demand $10M From Riot Games To Stop Leak Of League Of Legends Source Code

• Recharge Industries Makes Surprise Bid For Britishvolt – Report

• Revolutionizing Supply Chain Management With AI: Improving Demand Predictions and Optimizing Operations

• What Is the Main Vector of Ransomware Attacks?

• Twitter Ad Spending Fell Over 70 Percent In December – Report

• 2023 Software Testing Trends: A Look Ahead at the Industry’s Future

• Who Will Be the Next National Cyber Director?

• Infosys Uses Cortex XSIAM to Revolutionize Your SOC

• Strata Raises $26 Million for Multi-Cloud Identity Management Platform

• New Open Source OT Security Tool Helps Address Impact of Upcoming Microsoft Patch

• CISA Provides Resources for Securing K-12 Education System

• Can’t Fill Open Positions? Rewrite Your Minimum Requirements

• Threat actors launch one malicious attack every minute

• Apple’s Wireless Charging Push: Doing More Harm Than Good

• Attacking The Supply Chain: Developer

• Chat Cybersecurity: AI Promises a Lot, but Can It Deliver?

• Finland in 2023: Beyond Military Nonalignment and a Revanchist Putin

• Big Data and the Law of War

• How to Choose Bitcoin Casino

• A Swiss Hacker Uncovered Confidential FBI Terrorism Screening Center File

• Linux Malware Records a New High in 2022

• PayPal Users Should Check Their Accounts

• UK Watchdog Opens Investigation Of $61bn Broadcom-VMware Buy

• Announcing the new Security Headers API, New Features and Upgrades!

• Microsoft Azure Logic Apps Service

• Best Practices to Succeed at Continuous AWS Security Monitoring

• Strata raises $26M to unify IAM across the cloud

• Forward Networks Raises $50 Million in Series D Funding

• South Dakota’s Noem Says Cell Phone Number Hacked

• The Salt Security API Protection Platform is Now Available on Google Cloud Marketplace

• No experience, No Problem – (ISC)² Recruits 140,000 Individuals Interested in a Cybersecurity Career

• The Definitive Browser Security Checklist

• Riot Games Says Source Code Stolen in Ransomware Attack

• Password Dependency: How to Break the Cycle

• Endpoint Protection Capability Guide

• Entire US “No Fly List” Exposed Online Via Unsecured Server

• Steps To Planning and Implementation Of Endpoint Protection

• Riot Games breached: How did it happen?

• US DoJ Sues Google Over Online Ad Domination

• Apple just patched this ‘actively exploited’ flaw in older iPhones and iPads

• Memory safe programming languages are on the rise. Here’s how developers should respond

• Data Privacy Legislation: What You Should Be Looking for in 2023

• US Cyber Command Operations During the 2022 Midterm Elections

• Strengthening the human element

• The Future of Cloud Engineering Evolves

• North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks

• Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)

• Riot Games Receives a $10 Million Ransom Demand

• Google Sued for Monopolizing the Online Ad Market

• DDoS Attacks in 2022 Exceeded All Records, Says Russia’s Largest ISP

• The benefits of video conferencing with iMind

• DragonSpark threat actor avoids detection using Golang source code Interpretation

• French rugby club Stade Français leaks source code

• Registry Vulnerability Scanning: Early Prevention for Max Efficiency

• Regulator Stress Test Highlights Cyber Insurance Concerns

• Ukraine deepens NATO cyber partnership

• North Korean cryptocurrency hackers expand target list

• LastPass Owner GoTo Confirms Hackers Stole Customers’ Backups

• Micorosft Down – Xbox, Azure, MS365 and MS Teams Down

• Your 10-Minute Guide to PKI and How Internet Encryption Works

• 2023 MacBook Pro review: A refined second generation

• Fearing ChatGPT, Google enlists founders Brin and Page in AI fight

• China Is the World’s Biggest Face Recognition Dealer

• How to Choose a Software Solution for Your Hospitality Business

• The Intersection of Artificial Intelligence and Environmental, Social, and Governance Concerns

• Financial Firms In The European Union Are Facing Strict Rules Around Cloud Based Services

• New Cheats May Emerge After Riot Games Hack

• GoTo Admits Hackers Stole Customers’ Backups & Encryption Keys

• No-fly list with details of over 1 million people leaked by hacker

• Just Half of Firms Have Sufficient Cybersecurity Budget

• Microsoft Investigates Outage With Teams, Outlook

• Australian man given two-year jail sentence for $69K phishing scams

• Chip giant ASML sees 2023 sales surge; says China revenue to be steady despite U.S. restrictions

• Cybersecurity professionals upskill in Brazil and Mexico

• Why performing security testing on your products and systems is a good idea

• Go to security school, GoTo – theft of encryption keys shows you need it

• VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities

• LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised

• Wireshark 4.0.3 Released – What’s New!

• Breaking Down the NASCIO Top 10 for 2023

• Google advertisements turning into malware spreading platforms

• What makes small and medium-sized businesses vulnerable to BEC attacks

• Chinese researchers: RSA is breakable. Others: Do not panic!

• Most consumers would share anonymized personal data to improve AI products

• How to tackle the cybersecurity skills shortage in the EU

• BrandShield Recognized by Frost & Sullivan as a Leader in Digital Risk Protection Services

• Hackers Using Sliver Framework as an Alternative to Cobalt Strike & Metasploit

• F5 Reports 2% Revenue Growth in its First Quarter of Fiscal Year 2023

• New Tech Port Center + Arena Renamed Boeing Center at Tech Port

• ERI Brings Carbon Neutral, SOC 2 Compliant Circular Economy Innovations to California Businesses

• Dependency Mapping for DevSecOps

• Datto introduces networking solutions for MSP and SMB markets

• Venafi TLS Protect for Kubernetes simplifies machine identity management

• 5 valuable skills your children can learn by playing video games

• Logfile management is no fun. Now it’s a nightmare thanks to critical-rated VMware flaws

• A Brief Overview of the Spring Cloud Framework

• GoTo admits: Customer cloud backups stolen together with decryption key

• What is Stakeholder-Specific Vulnerability Categorization?

• Skyhawk Security Launches Multicloud Runtime Threat Detection and Response Platform

• Key takeaways from Malwarebytes 2023 State of Mobile Cybersecurity

• Riot Games compromised, new releases and patches halted

• What privacy can get you

• VASTFLUX ad fraud massively affected millions of iOS devices, dismantled

• Own an older iPhone? Check you’re on the latest version to avoid this bug

• Facebook Announces It Will Centralize More Privacy Settings Across Its Apps

• View from Davos: The Changing Economics of Cybercrime

• VMware warns of critical code execution bugs in vRealize Log Insight

• Lawmakers want GAO to assess risk of government contractors working for China

• IT Security News Daily Summary 2023-01-24

• Project Hygiene

• Mr. Over, the Engineer [Comic]

• Distributed Stateful Edge Platforms

• Public Cloud-to-Cloud Repatriation Trend

• Spring Cloud: How To Deal With Microservice Configuration (Part 1)

• Cyber grants: Some governments may be ‘totally left out’

• Smart street pilots aim to curb parking violations

• Penetration Testing vs. Vulnerability Testing: An Important Difference

• Ticketmaster Blames Bots in Taylor Swift ‘Eras’ Tour Debacle

• Pakistan hit by nationwide power outage, is it the result of a cyber attack?

• Learning to Lie: AI Tools Adept at Creating Disinformation

• Cyber grants could leave some governments ‘totally left out’

• Apple emits emergency patch for older iPhones after snoops pounce on WebKit hole

• Recent rise in SEO poisoning attacks compromise brand reputations

• How hackers stole the personal data of 37 million T-Mobile customers

• VMware Plugs Critical Code Execution Flaws

• Apple issues emergency patch for outdated iPhones after criminals pounce on WebKit

• USAID seeks contractor input on new STEM fellowship program

• States look to speed fiber installation across railroad tracks

• Chat Cybersecurity: AI Promises a Lot, But Can It Deliver?

• Forescout Appoints Technology Veteran Barry Mainz as CEO

• Vulnerability Summary for the Week of January 16, 2023

• Cybercriminals Use VSCode Extensions as New Attack Vector

• Fenix24 Releases White Paper Proposing New Cyber Incident Response Paradigm

• The Next Stage in Security Expert’s Trial Set for January 31

• Fujitsu: Quantum computers no threat to encryption just yet

• How password management tools are helping enterprises prevent intrusions

• What’s in a word? FCC’s proposed data breach rule redefines key terms

• Administrator of RSOCKS Proxy Botnet Pleads Guilty

• Sophisticated SMS Phishing scam Dupes Zendesk Staff

• What is XDR, MXDR, DRs & SBOM ? – Cybersecurity Acronyms 2023

• Customer data, encryption key stolen in GoTo breach

• GSA wants nominations for its new FedRAMP committee

• #DataPrivacyWeek: ICO Offers Data Protection Advice to SMBs

• TSA No-Fly List Snafu Highlights Risk of Keeping Sensitive Data in Dev Environments

• ‘DragonSpark’ Malware: East Asian Cyberattackers Create an OSS Frankenstein

• The 2022-2023 Cloud Awards Announces Its Finalists

• Keeper Security Shares Password Best Practices Ahead of Data Privacy Day

• Armis State of Cyberwarfare and Trends Report: 2022-2023 Highlights Global IT and Security Professionals’ Sentiment on Cyberwarfare

• Apple Releases Security Updates for Multiple Products 

• Five Secrets to Crafting an Unforgettable Business Name

• 10 cybersecurity predictions for tech leaders in 2023

• GoTo Says Hackers Stole Encrypted Backups, MFA Settings

• passkey

• DragonSpark Hackers Evade Detection With SparkRAT and Golang

• Apple Releases Security Updates for Multiple Products 

• Conning Survey: U.S. Insurers Expected to Increase Investment Risk Tolerance Amid Concerns of Higher Volatility and Inflation

• Sysdig Grows New Customers by 120%, Appoints New Chief Marketing Officer

• Everyone Wants to Build a Cyber Range: Should You?

• Companies slow to “mask up” with zero trust cybersecurity protocols

• Get lifetime access to this feature-rich VPN for just $60

• backdoor (computing)

• Microsoft to Block Excel Add-ins to Stop Office Exploits

• Fulton County Hearing Live-Blog

• Global State Of Cyberwarfare Study

• Apple Patches Exploited iOS Vulnerability in Old iPhones

• FBI Confirms Lazarus Group Was Behind $100m Harmony Hack

• LAUSD Computers are Breached via Cybercriminals

• After a Vendor Hack, FanDuels Warns of a Data Breach

• SentinelOne Announces Executive Appointments and Promotions Amidst Rapid Growth

• Halo Security Platform Now Offers Visibility to the Vulnerabilities That Matter Most

• Venafi Introduces TLS Protect for Kubernetes to Simplify Cloud Native Machine Identity Management

• FireTail Names Timo Rüppell as Vice President of Product

• Working with AWS to secure your data against attack

• #DataPrivacyWeek: Consumers Already Concerned About AI’s Impact on Data Privacy

• 13 Best Intrusion Detection and Prevention Systems (IDPS) for 2023

• CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats

• CISA Releases Two Industrial Control Systems Advisories

• GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

• Raspberry Pi Hacking Like It’s 1995

• FBI: North Korean Hackers Behind $100M Horizon Bridge Theft

• Microsoft To Invest Billions In Chatbot Maker OpenAI

• Ransomware Victims Are Refusing To Pay

• Russia’s Largest ISP Reports Highest DDoS Attacks in 2022

• How Does Increased User Privacy Alter Mobile Advertisement Set-up?

• China spies on the UK populace with microchips

• Sweden To Upgrade Nvidia-Powered Berzelius Supercomputer

• What is the Android Files Safe folder and how do you use it?

• FBI Confirms North Korean Hackers Behind $100 Million Horizon Bridge Heist

• Attacks Targeting Realtek SDK Vulnerability Ramping Up

• Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

• Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

• CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats

• CISA Releases Two Industrial Control Systems Advisories

• GoTo now says customers’ backups have also been stolen

• Microsoft Seals Multi-Billion Dollar Deal With OpenAI

• What is Security Keys for Apple ID and why does it matter?

• Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

• FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist

Generated on 2023-02-01 00:02:11.108408