IT Security News Monthly Summary – January

• IT Security News Daily Summary 2021-12-31

• Friday Squid Blogging: Deep-Dwelling Squid

• The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

• Types of Tools To Use for Application Security

• Error prompted LastPass to send false breach alerts to users

• The Chatter Podcast: Power and Corruption with Brian Klaas

• In 2021, the Police Took a Page Out of the NSA’s Playbook: 2021 in Review

• 2021 Year in Review: EFF Graphics

• Gloucester City Council hit by a possible Ransomware Cyber Attack

• APT Groups Register Domain Used for C&C Long Before The Attack To Prevent Detection

• Apple AirTags Are Being Used to Track People and Cars

• What to Expect From Apple in 2022: iPhone 14, New iMac, AR/VR Headset, and More

• Copycat and fad hackers will be the bane of supply chain security in 2022

• The biggest data breaches, hacks of 2021

• Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

• MacRumors Giveaway: Win an Apple-Themed T-Shirt or Hat From Throwboy

• Huawei Admits 2021 Revenues Down Nearly 30 Percent

• A New Year Will Bring New Targets: What to Look for in 2022

• Researchers Demonstrate Malware Attacks On Hidden (OP) SSD Area

• Tesla Recalls Half A Million Cars Over Safety Issues

• US Airline Trade Group Calls For 5G Deployment Delay

• Get a lifetime of protection for your files and sensitive data for only $90

• How to implant a malware in hidden area of SSDs with Flex Capacity feature

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Weekly Update 276

• Redline malware stealing saved passwords from browsers

• Details of a failed Clop Ransomware attack on City of Toronto Canada

• Supply chains, ransomware, zero trust and other security predictions for 2022

• Exploring the current state of cybersecurity resilience

• McMenamins Confirms Employee Data Compromised in Ransomware Attack, Offers ID Protection & Credit Monitoring Services

• 5 holiday Cybersecurity tips retailers need this year

• Improving Edge Computing Security in 2022

• The pandemic is changing technology solutions for the future of work

• 2021 in Review, Part 3: 5 Things Security Professionals Were Discussing this Year

• 22 cybersecurity statistics to know for 2022

• IT Security News Daily Summary 2021-12-30

• Ohio launches platform to match foster children with families

• Confusing data breach in Rhode Island leads to AG investigation

• Flaws in DataVault encryption software impact multiple storage devices

• MSP vs MSSP: What’s The Difference?

• Rhode Island AG opens investigation into transit authority data breach after ACLU letter

• T-Mobile confirms SIM swapping attacks led to breach

• Elon Musk Denies His Satellites Are Hogging Space

• Expert: Facial Recognition Technology Is One Of The Greatest Threats To Online Privacy

• Apple’s AirPods Team Wants ‘More Bandwidth’ Than Bluetooth Provides

• The legacy of the Cyberspace Solarium Commission

• Review: FINIS Smart Goggle Tracks Your Swim Workouts and Integrates With Apple Health

• The Top 6 Apple Rumors From All of 2021

• NYC tests blockchain for file storage

• What the Rise in Cyber-Recon Means for Your Security Strategy

• New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

• Tumblr Bans 450 Words To Remain on App Store

• T-Mobile’s latest data breach exposed users to SIM swapping attacks

• What is IP sniffing?

• ciphertext feedback (CFB)

• How to install the Pritunl VPN server on AlmaLinux

• Getting Started With Threat-Informed Security Programs

• Shining a Light on Black Box Technology Used to Send People to Jail: 2021 Year in Review

• Every State Has a Chance to Deliver a “Fiber for All” Broadband Future: 2021 in Review

• SaaS security automation could learn to heal itself

• Deals: Apple’s 64GB Wi-Fi iPad Returns to Lowest Price of $299 on Amazon ($30 Off)

• Telegram Updated With Message Reactions and Several Other Features

• ECI Taps Matthew McNulty as Chief Revenue Officer

• Has the pandemic increased the burnout rate in the Cybersecurity profession?

• HP iLO devices loaded with data wiping malware

• LastPass Master Passwords Seemingly Hacked Through Credential Stuffing

• Multiple Riskware Apps Flood Samsung’s “Galaxy Store” App Store

• Apache Releases Log4j 2.17.1 Fixing Another Code Execution Flaw

• APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools

• Instagram copyright infringment scams – don’t get sucked in!

• Zero Trust and Access: Protecting the Keys to the Kingdom

• What to Expect in 2022: Microservices Will Bring Macro Threats

• In the Fight Against Cybercrime, Takedowns Are Only Temporary

• Intelligent Adversary Engagement: Deceiving the Attacker

• Auditing firm CertiK declares crypto smart wallet SaitaMask ‘issue free and hacker resistant’

• What the FY 2022 NDAA Does, and Does Not Do, to Military Justice

• Aged Domains: the Silent Danger to Cybersecurity

• Apple Pays $180,000 Bonus To Halt Staff Defections – Report

• How to avoid getting hacked in 2022?

• Researchers Caught Multiple Backdoors In Auerswald VoIP Phone System

• All that you need to know about Identity Orchestration

• Apple Places Indian Foxconn Factory On Probation

• Elon Musk Sells Off Another $1 Billion Of Shares

• Learn highly marketable ethical hacking skills for less than $45

• AvosLocker ransomware gang releases a free decryptor after an affiliate hit US gov agency

• FinTech Company Impacted by Log4j Says No to Paying the Ransom

• The Challenge with Alexa – Intego Mac Podcast Episode 220

• Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution

• New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping Attacks

• How To Fix Sorry This Page Isn’t Available On Instagram Error 404? – 2021

• Sweden’s Northvolt Gigafactory Begins Battery Production

• Penetration Testing

• How to Browse Plenty of Fish (POF) Without Signing Up? – 2021 Dating Guide

• Do you know what your supply chain is and if it is secure?

• IT security firm says there’s a talent shortfall in cybersecurity

• Is Your Phone Actually Secure? | Avast

• China-linked APT group Aquatic Panda leverages Log4Shell in recent attack

• It’s time for a unified approach to securing data, applications, and the edge

• Cyber Threat to Healthcare and Corona Virus Vaccine supply

• Aquatic Panda found stealing industrial intelligence and military secrets

• Ransomware and terrorism: For security pros the threat is equal

• RedLine Stealer – 441,657 breached accounts

• Businesses need to stop thinking that ransomware is different from other attacks

• N-able Technology Alliance Program Primed for Growth into 2022

• Infineon Showcases Intelligent, Secured IoT Solutions and Dependable Electronics for Automotive at CES 2022

• Find A New Cybersecurity Job in 2022

• Top 10 AT&T Cybersecurity blogs published in 2021

• 5 Products Discontinued by Apple in 2021

• Fraud detection and prevention market to hit $100 billion by 2027

• IT security firm discusses the lack of talent in cybersecurity

• Will Zero Trust Shape the Future of Cloud Security?

• The Pentagon shifts to maximum telework as omicron surges

• 2021 in Review, Part 2: 5 Top Cybersecurity Stories

• SCOTUS stays out of contractor mandate case, for now

• IT Security News Daily Summary 2021-12-29

• LastPass VPs confirm ‘no indication’ of compromised accounts after security alerts

• Happy 12th Birthday, KrebsOnSecurity.com!

• T-Mobile suffered a new data breach

• cryptographic checksum

• LastPass VPs say ‘no indication’ of accounts compromised or credentials harvested after reports

• Patching Log4j to version 2.17.1 can probably wait

• Aquatic Panda infiltrated academic institution through Log4j vulnerability, says CrowdStrike

• Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud

• Editor’s picks: Top cybersecurity articles of 2021

• T-Mobile’s Latest Data Breach Linked to SIM Swap Attacks

• Chinese Spies Exploit Log4Shell to Hack Major Academic Institution

• LastPass Automated Warnings Linked to ‘Credential Stuffing’ Attack

• BlackTech Hacker Group Uses New Flagpro Malware to Execute OS Commands

• The three most significant cyberattacks of 2021?

• white hat hacker

• APT group seen attacking academic institution through Log4J vulnerability: Crowdstrike

• T-Mobile Reportedly Suffers Another Data Breach

• That Toy You Got For Christmas Could Be Spying On You

• Cryptomining Attack Exploits Docker API Misconfig Since 2019

• Chinese Espionage Group Leveraged Log4j Bug In VMware

• assetfinder – Find Related Domains and Subdomains

• Wedbush’s Dan Ives names Zscaler, Palo Alto and Tenable as top cybersecurity picks in 2022

• CrowdStrike Changes Designation of Principal Executive Office to Austin, Texas

• OverWatch Exposes AQUATIC PANDA in Possession of Log4Shell Exploit Tools During Hands-on Intrusion Attempt

• China-based group used Log4j flaw in attack, CrowdStrike says

• Log4Shell vulnerability Number Four: “Much ado about something”

• Introducing ‘The MacRumors Show’ Podcast

• Students Are Learning To Resist Surveillance: Year in Review 2021

• 2021 Year In Review: Sex Online

• Ukraine President enforces Information Security Strategy

• Microsoft investigating Defender issue with Log4j scanner

• What Is IPAM in Networking and Cybersecurity?

• Vulnerabilities In Garrett Walk-Through Metal Detectors Allow Remote Attacks

• New Formbook Malware Targets Unpatched Windows Systems – Update Now!

• International Data Encryption Algorithm (IDEA)

• smart card

• Storage Devices of Major Vendors Impacted by Encryption Software Flaws

• The Right to Work and Non-Competes in the Security Industry

• New Year’s Deals: Shop the Best Year-End Discounts on Apple Accessories From Nomad, Brydge, Incase, More

• Why Cyber Due Diligence Is Essential to the M&A Process

• Apache Log4j 2.17.1 fixes new remote code execution flaw (CVE-2021-44832)

• The Fifth Log4j Vulnerability Has Been Fixed by Apache

• Top 5 DevOps Resource Center Articles of 2021

• 5 Cybersecurity Trends to Watch in 2022

• Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

• 7 Steps for Navigating a Zero-Trust Journey

• Ongoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics

• Rivian Delays Long Range SUVs, Pickups To 2023

• A cyber attack against Norwegian Media firm Amedia blocked newspaper publishing

• D.C. Circuit May Blow Up the Remote Identification Rule for Drones

• China Approves Plans For Four Mega Data Centre Clusters

• Apple Puts Foxconn Factory in India on Probation Following Protests

• Another Remote Code Execution Vulnerability Patched in Log4j

• How to Avoid Getting Your Instagram Account Hacked

• What Were the Best Cybersecurity Webinars of 2021?

• Your Code Security Scanning Is Not Enough

• Norwegian Media Firm Amedia Suffers Disruption Due to Cyberattack

• How to Use MITRE ATT&CK to Understand Attacker Behavior

• Watch Out! RedLine Malware Steals Your Password from the Browser

• LinkedIn Overcharging Lawsuit Dismissed By US Judge

• Poland’s Tusk Calls Spyware Use ‘Crisis for Democracy’

• Settings Inside the Android Developer Options – 2021 Fully Explained

• Google CEO Pichai To Be Questioned In $5bn Web Tracking Lawsuit

• How to Change Google Home WiFi Network Settings? – 2021 Easy Fix

• DuckDuckGo Search Engine Grows 46 Percent In 2021

• Apple Closes New York Stores, As Omicron Infections Surge

• Build your own Android security product

• China-linked BlackTech APT uses new Flagpro malware in recent attacks

• LastPass: some users report compromised accounts

• McMenamins suffers a Ransomware Attack

• Details of T-Mobile December 2021 Data Breach

• The Log4j Flaw Will Take Years to be Fully Addressed

• Critical Security Flaws with Apache HTTP Server Let Hackers Execute Arbitrary Code Remotely

• When employees leave, is your data walking out the door?

• Need to improve application security? Reduce friction between developers and security teams

• New Apache Log4j Update Released to Patch Newly Discovered Vulnerability

• Most companies struggling to achieve observability despite investing in tools

• Meyer Shank Racing Partners with Arctic Wolf

• Druva Appoints Tracey Newell to Board of Directors

• Protect Your Organization by Cultivating a Culture of Cybersecurity Awareness

• What is challenging cloud native policy management?

• KingRoot 2021 – The Ultimate Root Software

• IT Security News Daily Summary 2021-12-28

• LastPass investigated recent reports of blocked login attempts

• 2021 in Review, Part 1: 5 Cybersecurity Topics that Made News

• Facebook Investors Call For More Oversight To Avoid Safety, Privacy Scandals

• 7 Latest Cybersecurity News

• 10 of the biggest ransomware attacks in the second half of 2021

• Review: 2022 Honda Civic Adds Available Wireless CarPlay

• Some Apple Engineers Rewarded Up to $180K in Stock Bonuses as Incentive to Stay

• registration authority (RA)

• How to make security accessible to developers

• Researchers Dive Into Equation Group Tool ‘DoubleFeature’

• Top infosec best practices, challenges and pain points

• Types of cybersecurity controls and how to place them

• Apple Launching Limited-Edition ‘Year of the Tiger’ Beats Studio Buds

• Open source security leader Brian Behlendorf discusses the impact of Log4j

• AV-Comparatives Reveals Results of Long-Term Tests of 19 Leading Endpoint Security Solutions

• After Google’s Landmark Settlement, How Ad Networks Should Tackle Child Privacy

• Why Are Authoritarians Framing International Approaches to Disinformation?

• Changing the Conversation with Risk Quantification

• Microsoft launches new Defender capabilities for fixing Log4j

• James Webb Space Telescope: An astronomer on the team explains how to send a giant telescope to space – and why

• Check for Log4j vulnerabilities with this simple-to-use script

• That Toy You Got for Christmas Could Be Spying on You

• The Human Connection: A Mindset for the Coming Year

• Shutterfly Reports Ransomware Incident

• Polish Senator Says Prosecutors Dragging Feet Over Phone Hacking

• The 5 Most Wanted Threatpost Stories Of 2021

• Nation State Actors Are Posing Greater Threats

• Apple Maps Team Members Receive Unique Thank You Gift

• Beware of this Crypto wallet draining Echelon Malware

• Why IoT is the cornerstone of AWS’s zero-trust strategy

• Threat actors are abusing MSBuild to implant Cobalt Strike Beacons

• Shutterfly hit by a Conti ransomware attack

• Deals: Apple Watch Series 7 Models Drop $50 in Amazon’s Newest Sale

• CrowdStrike Strengthens Exploit Protection Using Intel CPU Telemetry

• An Adaptive Security Strategy Is Critical for Stopping Advanced Attacks

• Threat Actors Abuse MSBuild for Cobalt Strike Beacon Execution

• A Year in Microsoft Bugs: The Most Critical, Overlooked & Hard to Patch

• DoubleFeature, post-exploitation dashboard used by Equation Group APT

• How to Set iCloud Account Recovery Contacts, Legacy Contacts, and Trusted Phone Numbers

• How to Use Two-Factor Authentication for Your Apple ID and iCloud Account

• Amazon Updates Alexa After Dangerous Suggestion

• 2021 Zero Trust Security Intelligence Roundup

• State Workers to Be Paid on Time Despite Ransomware Attack

• An Increased Wave of eCh0raix Ransomware Attacks Hits QNAP NAS Devices

• Apple Patched a macOS Gatekeeper Bypass Vulnerability

• Code Execution Vulnerabilities Fixed In DaVinci Resolve Video Editor

• Ransomware Attacks Prompting Global Response – Mandiant CEO

• In 2021, We Told Apple: Don’t Scan Our Phones

• Where Net Neutrality Is Today and What Comes Next: 2021 in Review

• OneWeb Reaches 60 Percent With Launch Of 36 Satellites

• Shutterfly Says Ransomware Attack Impacted Manufacturing

• China Slams SpaceX For Satellite Near Miss – Report

• What most cloud-using CIOs want in 2022

• Ransomware Attack Disrupts Shutterfly Services

• 2021 Wants Another Chance (A Lighter-Side Year in Review)

• CES 2022: Microsoft Follows Others And Pulls Physical Attendance

• Telefonica Spain Replaces Huawei 5G Kit For Ericsson Gear

• Experts Detail Logging Tool of DanderSpritz Framework Used by Equation Group Hackers

• A week in security (Dec 20 – 26)

• Logistics giant D.W. Morgan exposed 100 GB worth of clients’ data, including Fortune 500 Clients

• Looking for adding new detection technologies in your security products?

• Hackers Tried to use ‘Spider-Man: No Way Home’ movie to Deliver Monero Cryptominer

• Countering Disinformation Report | Avast

• Russia slaps $100m fine on Google America

• Blister malware using code signing certificates to evade anti malware detection

• How will the cybersecurity industry evolve in 2022?

• External attackers can penetrate most local company networks

• Developments that will define data governance and operational security in 2022

• Log4Shell Active Exploitation Continues…

• How to Protect Your Organization from Log4j Exploitation

• Learn to Lead with Cybersecurity and Defeat Modern Adversaries

• Protect Yourself from Holiday Grinches!

• Safeguarding Your Assets Against Apache Log4j Vulnerability

• Cybersecurity: When Stress and Trauma ‘Get in the Way’

• Enterprise data loss prevention market to reach $6.265 billion by 2026

• HackDHS Bug Bounty Program Now Includes Log4j Bug Reports

• New AvosLocker Ransomware Exploits AnyDesk, Reboots System In Safe Mode

• US CISA, CrowdStrike Release Free Log4j Scanners

• Fisher-Price Chatter Bluetooth Phone Can Become An Audio Bug

• New BLISTER Malware Loader Exploits Valid Code Signing Certificate

• How to Develop Complex Marketing Operations with “No Code” Tools

• Robotic process automation in 2022

• 2021 in review: The biggest cybersecurity stories of the year

• Vulnerability Summary for the Week of December 20, 2021

• IT Security News Daily Summary 2021-12-27

• 2021: A year in open source

• Vulnerability Summary for the Week of December 20, 2021

• Apple to Offer Limited-Edition AirTag as Part of Japanese New Year Promotion

• Kubernetes security will have a breakout year in 2022

• Apple Store Closures Surpass 20 Today Across the U.S. as COVID Cases Rise [Updated]

• Check Point CEO explains dangers from Log4j cybersecurity exploit

• Experts Debate How To Fix Facebook In 2022

• Global Cyberattacks from Nation-State Actors Posing Greater Threats

• How Do I Reduce the Risk of An Insider Threat?

• A new wave of ech0raix ransomware attacks targets QNAP NAS devices

• Logistics giant D.W. Morgan exposed 100 GB worth of clients’ data

• Shutterfly reports ransomware incident

• The 5 Most-Wanted Threatpost Stories of 2021

• DuckDuckGo Signals Entry Into Desktop Browser Market

• The dangers of dark data: How to manage it and mitigate the risks

• The 10 worst tech stories of 2021

• Apache addressed a couple of severe vulnerabilities in Apache HTTP Server

• Apple Store Closures Surpass 20 Today Across the U.S. as COVID Cases Rise

• Android Banking Malware Uses Fake Google Play Page to Spread to Devices

• Why DevSecOps offers the ‘most transformative’ approach to application security

• Tips for providing digital security benefits to employees

• DuckDuckGo Signals Entry into Desktop Browser Market

• New Apple Card Customers Can Get 5% Cash Back on Apple Purchases

• Shop Deals on Cases and Bands for Your New iPhone 13 and Apple Watch

• The Defense Department’s Role in the New Sustainability Executive Order

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Shutterfly hit by Conti Ransomware

• In 2022, security will be Linux and open-source developers job number one

• The CISO as Sustaining Force: Helping Infosec Staff Beat Burnout

• Experts found backdoors in a popular Auerswald VoIP appliance

• High-Risk Flaw Haunts Apache Server

• Apple Shares Three New Humorously Dramatic Ads Showing Off iPhone 13 Pro Camera Capabilities

• PrimeXBT Software Update – What Does This Mean To The User?

• IT Services Firm Inetum Discloses Ransomware Attack

• The CISO as Sustaining Force: Helping InfoSec Staff Beat Burnout

• 2021 Manufacturing and Supply Chain Security Roundup

• Experts monitor ongoing attacks using exploits for Log4j library flaws

• Jackson Public Schools Ups Cybersecurity After Hacker Attack

• 6 Security-Tech Innovations We’re Excited to See in 2022

• Looking Back at 2021 and Forward to 2022

• Organizations Targeted With Babuk-Based Rook Ransomware

• Dark web marketplace ToRReZ shuts down on their own’s decision

• Apple Ordered To Change App Store Policies In Netherlands

• White House To Meet With Tech Firms Over Cyber-Security Crisis

• Facebook Metaverse To Use Tech From Former Military Contractor

• Internet Association To Break Up Amidst Tech Industry Tensions

• PECB Certified Lead Ethical Hacker: Take Your Career to the Next Level

• Garrett Walk-Through Metal Detectors Can Be Hacked Remotely

• How to Know if Someone Unmatched You on Tinder? – 2021 Guide

• 2021 – Looking Back on a Great Year

• New Flaws Expose EVlink Electric Vehicle Charging Stations to Remote Hacking

• ‘Spider-Man: No Way Home’ Pirated Downloads Contain Crypto-Mining Malware

• How to Find Kik Groups With Simple Methods? – 2021 Full Guide

• What app developers need to do now to fight Log4j exploits

• Albania Prime Minister apologizes over the recent massive leak of government data

• New Android banking Malware targets Brazil’s Itaú Unibanco Bank

• Albanian Prime Minister Apologizes Over Database Leak

• Protect Your Firm’s Resources With Continuous Security Validation

• Russia Fines Google $100m Over Banned Content

• TikTok Beats Google To Top US Traffic Spot

• China Government Suspends Partnership With Alibaba Over Log4j

• Critical flaws in myPRO HMI/SCADA product could allow takeover vulnerable systems

• Trying to register your antivirus in Windows Security Center?

• Location and Online Privacy | Avast

• New Android Malware Targeting Brazil’s Itaú Unibanco Bank Customers

• 4 practical strategies for Log4j discovery

• How to avoid “festive fraud” during the holiday season

• Microsoft reveals a serious vulnerability hidden in its Azure Cloud

• France Inetum group hit by Ransomware

• Manufacturers of IT devices should step up when it comes to security

• Web app attacks are skyrocketing, it’s time to protect APIs

• Apple Allegedly Preparing for iPhones Without SIM Card Slot by September 2022

• Five megatrends for 5G mmWave for 2022 and beyond

• Encrypt and Decrypt a CSV File Using Mule 4

• Ars Technica’s top 20 video games of 2021

• Intel apologizes for banning use of components from Xinjiang

• Nasty new malware strain creeps quietly past Windows defenses

• You might not like the term ‘zero trust,’ but the concept is on point

• We Encrypted the Web: 2021 Year in Review

• IT Security News Weekly Summary – Week 51

• IT Security News Daily Summary 2021-12-26

• What to Buy With the Apple Gift Card You Unwrapped

• French IT services provider Inetum hit by BlackCat ransomware attack

• Tips and Tricks for New iPhone 13 Owners

• 2021 Was the Year Lawmakers Tried to Regulate Online Speech

• Top 5 macOS Monterey Issues You Might Need to Fix

• 10 Tips for Getting the Most Out of Your New Apple Watch

• Security Affairs newsletter Round 346

• Apple fixed macOS flaw that could allow to bypass Gatekeeper security feature

• Week in review: Log4j new vulnerabilities, Microsoft patch bypass, 2022 e-commerce threat trends

• Penetration testing

• ‘Spider-Man: No Way Home’ used to spread a cryptominer

• IT Security News Daily Summary 2021-12-25

• New Rook Ransomware borrows code from Babuk

• 10 Things You Need to Know About Your New iPad

• Stalkerware: 2021 in Review

• Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

• Six Useful Tips for New AirPods Owners

• Albania’s Prime Minister Issues Data Leak Apology

• Data assessment, user consent key to compliance with China law

• Build or Buy your own antivirus product

• Hackers Bypass Recently Patched MS Office Bug to Deliver Formbook Malware

• Weekly Update 275

• Russia Fines Google $100m Over “Illegal” Content

• Albania’s Prime Minister Issues Data Leak Apology

• IT Security News Daily Summary 2021-12-24

• Attackers bypass Microsoft security patch to drop Formbook malware

• SFW! The Top N Cyber­security Stories of 2021 (for small positive integer values of N)

• Pushing Back on Police Surveillance: 2021 Year in Review

• The Future is in Interoperability Not Big Tech: 2021 in Review

• The Future Is in Interoperability Not Big Tech: 2021 in Review

• Sketchy Rumor Claims iPhone 15 Pro Won’t Have Physical SIM Card Slot

• Switch to a well-paid tech career in 2022: Check out these 200+ IT courses

• NY Makes Falsifying Vaccination Cards a Crime

• Top 7 Ransomware Attacks of year 2021

• US Senator Urges FTC To Investigate Facebook For Misleading Customers, Users

• Italy’s Talks With Intel ‘Intensifies’ Over $9bn Chip Factory – Report

• Merry Christmas To Readers Of Silicon UK

• What’s the Difference Between Identity Fraud and Identity Theft?

• Fisher Price Chatter Bluetooth Telephone 60G LTE has serious privacy issues

• Log4j: A CISO’s Practical Advice

• Alibaba Punished By The Chinese Government For Failing To Tell It About The Log4Shell Flaw First

• Tesla Stops Gaming While Moving, Amid US Safety Investigation

• Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security

• Privacy and Confidentiality in Security Testing

• The Worst Hacks of 2021

• Here’s What Your Favorite Mac Apps Would Have Looked Like in 1999

• The IT Security Guru Buyer’s Guide 2022

• CES 2022: Google, GM Join Others In Halting Physical Attendance

• New Ransomware Variants Flourish Amid Law Enforcement Actions

• Unique cyber-attacks declined for the first time in 3 years

• Flaw behind Gatekeeper bypass fixed on macOS

• New CoinSpot phishing campaign discovered

• Tropic Trooper Hackers Group Targets Transportation & Government Companies

• Hellmann Warns Customers They Could Face Malicious Communications Following Attack

• Former Uber CSO Faces New Charge for 2016 Breach

• Experts warn of a new stealthy loader tracked as BLISTER

• Track Santa’s Journey From the North Pole Using Google’s Santa Tracker

• Unique Cyber-Attacks Fall for First Time Since 2018

• New BLISTER Malware Using Code Signing Certificates to Evade Detection

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• NVIDIA informs customers of its products affected by Log4j flaws

• Police Federation of England and Wales to be sued for Ransomware breach

• Russian hacker need not pay compensation to LinkedIn, Dropbox and Automatic

• New infosec products of the week: December 24, 2021

• Four years: that’s how long Azure’s App Service had a source code leak bug

• Bots are stealing Christmas!

• The retail sector needs to know when and not if it will be hacked

• Governance and data privacy: What to expect in 2022?

• The Other Type of Shadow IT

• Three ways banks can ensure a sustainable future

• 5 Endpoint security tips for the holidays

• Holiday shopping? Get an amazing 75% discount offer? A case study on evaluating a special holiday sale

• Security and vulnerability management market size to reach $20.1 billion by 2027

• Intel oneAPI 2022 toolkits help developers to improve productivity and accelerate innovation

• Juniper Networks selects Synopsys to design and optimize its hybrid silicon and InP optical platform

• Samsung PM1743 SSD provides improved power efficiency for enterprise servers

• DeFinity partners with Cobalt to enable dynamic credit management of digital asset trades

• Eckoh acquires Syntec to enhance its security solutions and accelerate cloud growth

• Dridex affiliate dresses up as Scrooge

• 2021-12-23 – Astaroth/Guildma infection from Brazil malspam

• Multiple Log4j scanners released by CISA, CrowdStrike

• Apple fixes macOS security flaw behind Gatekeeper bypass

• Significant changes need to be made in the way we do security, says Zscaler CEO

• IT Security News Daily Summary 2021-12-23

• Microsoft informs customers of ‘NotLegit’ Azure bug

• Multiple Log4j scanners released by CISA, Crowdstrike

• Russian Hacker’s $1.7M Restitution Order Overturned

• NSO spyware used to hack Polish politicians, Khashoggi’s wife, others

• Meta Appeals Against UK Order To Sell Giphy

• Grinch bots hijack all kinds of holiday shopping, from gift cards to hype drop sales

• 4-Year-Old Microsoft Azure Zero-Day Exposes Web App Source Code

• AvosLocker ransomware reboots in Safe Mode and installs tools for remote access

• Electronic Frontier Alliance Defending Local Communities: 2021 in Review

• 2021 Year in Review

• 5 best practices for strengthening your software supply chain with DevSecOps

• NSO spyware used to hack Polish politicians, wife of Khashoggi, UN war crimes investigator and more

• SolarWinds-Like Supply Chain Attacks will Peak in 2022, Apiiro Security Chief Predicts

• The cool retro phone with a REAL DIAL… plus plenty of IoT problems

• Best Intrusion Detection and Prevention Systems for 2022: Guide to IDPS

• How to Comply with GDPR, PIPL and CCPA

• Army Recruiter Cyber-Stalked by Wannabe Soldier

• How SASE protects from Log4j

• TSMC Expected to Begin 3nm Chip Production in Late 2022 Ahead of First M3 Macs

• Baselining and Hunting Log4Shell with the CrowdStrike Falcon Platform

• What’s next for FedRAMP?

• How to deploy a Bitwarden server with Docker

• Former Harvard Professor Convicted In Victory for Justice Department’s China Initiative

• The Chatter Podcast: Women’s Health and National Security with Anushay Hossain

• The Role of Firewall as a Service in An Ever-Evolving Security Landscape

• Over 35,000 Java Packages Impacted by Flaws in The Apache Log4j library

• Telegram Abused to Steal Crypto-Wallet Credentials

• ManageEngine attacks draw warning from FBI

• Texas Convicts BEC Scammer

• Trending news on Apache Log4J Shell Vulnerability

• Beware of cryptominers when torrenting ‘Spider-Man: No Way Home’

• Deals: 41mm GPS Apple Watch Series 7 Drops to $339 ($60 Off)

• Jack Dorsey Blocked On Twitter By Netscape’s Marc Andreessen

• Stellar Cyber Takes Home the Gold in 2021 ‘ASTORS’ Awards Program

• ‘Spider-Man: No Way Home’ Download Installs Cryptominer

• The Future of Work Has Changed, and Your Security Mindset Needs to Follow

• Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware

• 7 of the Most Impactful Cybersecurity Incidents of 2021

• US Intel And Satellite Images Show Saudi Arabia Is Now Building Its Own Ballistic Missiles With Help Of China

• Four Bugs In Microsoft Teams Left Platform Vulnerable Since March

• Log4j Makes Waves In The US Financial Industry

• Apache’s New Security Update For HTTPD Server Fixes Two Flaws

• What Is DNS Content Filtering and Why Does Your Business Need It?

• November 2021 Cyber Attack Statistics

• Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

• Russia Hits Twitter With Fine For Banned Content

• Ransomware Attackers’ New Tactic: Double Extortion

• NVIDIA, HPE Products Affected by Log4j Vulnerabilities

• Apache’s new security update for HTTP Server fixes two flaws

• Train at your own pace to become an expert ethical hacker for only $43

• Several Critical Vulnerabilities Found in myPRO HMI/SCADA Product

• Amazon Staten Island Workers Refile Union Vote Request

• Consumers Warned of Surging Delivery Text Scams Ahead of Christmas

• Hacker Faces Over 20 Years in Jail for Creating Fake Rideshare and Delivery Service Accounts

• Microsoft Office Patch Bypassed for Malware Distribution in Apparent ‘Dry Run’

• CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities

• Three trivial bugs in Microsoft Teams Software remain unpatched

• Monongalia Health System victim to BEC attack

• 2021 (ISC)² Leadership Webinars On-Demand

• US Opens Tesla Investigation Over In-Car Computer Games

• This new ransomware has simple but very clever tricks to evade PC defenses

• Fulfilling Security Requirements for the Transportation Sector

• Five Eyes Nations Issue Joint Guidance on Log4j Vulnerabilities

• IoT SAFE — An Innovative Way to Secure IoT

• 4 Steps To Good Ops Management

• Cryptographic Security And The Quantum Apocalypse

• World’s top cybsersecurity agencies warn of Apache vulnerability threats

• 400,000 Individuals Affected by Email Breach at West Virginia Healthcare Company

• CISA Releases Free Scanner to Spot Log4j Exposure

• Alibaba Suffers Government Crackdown Over Log4j

• iPhone 14 Pro and Pro Max Hole-Punch Displays to Be Supplied By LG and Samsung

• Belgium’s Military hit by cyber attack

• FBI traces and grabs back $150 million theft that was turned into bitcoins

• Intel Provokes Fury In China Over Supplier Letter

• Log4j vulnerability Protection for Endpoints

• Up to 120,000 Cops May Have Legal Claim Over 2019 Breach

• Logistics giant warns of scams following ransomware attack

• $1,139 of Gelato – Intego Mac Podcast Episode 219

• Europol IOCTA 2021 Report: The Key Takeaways

• HackDHS bug bounty program accepts reports of Log4j-related flaws in DHS systems

• Multiple Vulnerabilities Found In Microsoft Teams – Only One Fixed So Far

• Behavioral Threat Fingerprinting | Avast

• Log4Shell is a dumpster fire that should have been avoided

• Do you know what your supply chain is and if it is secure?

• Fisher Price’s Bluetooth reboot of pre-school play phone has adult privacy flaw

• 4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories

• Researchers Disclose Unpatched Vulnerabilities in Microsoft Teams Software

• A flaw in Microsoft Azure App Service exposes customer source code

• PCI SSC updates its device security standard for HSMs

• Five cybersecurity predictions for 2022 and beyond

• Alibaba Cloud slapped by Chinese ministry for mishandling Log4j

• Facebook turns least trusted website in America over data and privacy

• UK NCSC reveals data breach related to quarter billion passwords

• Watch out for Christmas 2021 credential stuffing attacks!

• Wireless 5G connections to exceed 540 million by the end of the year

• (ISC)² Ransomware Study: Collaboration and Communication are Essential for Ransomware Readiness

• 5 holiday Cybersecurity tips retailers need this year

• Why authorization and authentication are important to API security – and why they’re not enough

• The Changing Profile of the CISO: New Roles, New Demands, New Skills

• Cyber-Attack on Belgium’s Military

• Could passwordless be the solution to poor shopping sign-up processes?

• Active Directory Domain Service Bug Let Attackers To Takeover Windows Domains

• Big data moving to Kubernetes with speed, complexities arising

• Box launches enhanced tools to drive insights and mitigate security risks

• Lacework Cloud Care helps security teams uncover Log4j vulnerability

• BlackBerry Guard XDR protects enterprises and governments against evolving cyber threats

• Securonix Autonomous Threat Sweeper automates search for Log4j related activity

• NS1 announces outage mitigation bundle to improve resiliency for critical applications

• This holiday season, give your children the gift of cybersecurity awareness

• Building the Zero Trust Enterprise: A Holistic Approach

• Some Apple Watch Users Experiencing Charging Issues After Updating to watchOS 8.3

• Chinese regulators suspend Alibaba Cloud over failure to report Log4j vulnerability

• ISACA releases three audit resources to help professionals keep pace with compliance trends

• Matthew McNulty joins ECI as CRO

• Redpoint Cybersecurity expands executive team with three appointments

• Tracey Newell joins Druva Board of Directors

• CISA, FBI issue new guidance on addressing Log4j risks

• White House formalizes 2.7% pay raise

• Research: Simulated Phishing Tests Make Organizations Less Secure

• IT Security News Daily Summary 2021-12-22

• CrowdStrike Launches Free Targeted Log4j Search Tool

• Monitoring File Changes with Falcon FileVantage

• Cincinnati maps food insecurity gaps

• Microsoft Customer Source Code Exposed via Azure App Service Bug

• CISA releases a scanner to identify web services affected by Apache Log4j flaws

• CISA’s New Log4j Scanner Aims to Find Vulnerable Apps

• Nearly 50% of People Will Abandon Sites Prohibiting Password Reuse

• Apple Shares 10 Helpful iPhone Tips and Tricks

• Apple Exec Explains Why You Should Use Apple Maps

• Log4j flaw gets big attention from ‘ruthless’ ransomware gang

• Log4j flaw: Attackers are ‘actively scanning networks’ warns new CISA guidance

• Log4J added to DHS bug bounty program

• Phishing incident causes data breach at West Virginia hospitals

• Cybercrime Cops Arrest NHS Workers

• Cybersecurity asset management takes ITAM to the next level

• Apache Releases Security Update for HTTP Server

• Ubisoft discloses unauthorized access to ‘Just Dance’ user data

• CISA, cybersecurity centers from Australia, NZ, UK and Canada release Log4j advisory

• PYSA Emerges as Top Ransomware Actor in November

• Microsoft Confirms ‘NotLegit’ Azure Flaw Exposed Source Code Repositories

• BEC Attack on Monongalia Health System

• On Writing DFIR Books, pt III

• Apache Releases Security Update for HTTP Server

• Software flaws in walk-through metal detectors made them hackable

• Threat Intelligence and Protections Update Log4Shell CVE-2021-44228

• All in One SEO Plugin Bug Threatens 3M Websites with Takeovers

• Plundered bitcoins recovered by FBI – all 3,879-and-one-sixth of them!

• 25 Years Ago, Apple Acquired NeXT and Brought Back Steve Jobs

• Conti ransomware gang exploits Log4Shell bug in its operations

• Azure App Service Linux source repository exposure

• Amazon Brings Back Masks For Warehouse Workers

• As reliance on data analytics grows, agencies look to talent, automation

• Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS

• Log4j Reveals Cybersecurity’s Dirty Little Secret

• The Value Of XDR For Cybersecurity Teams

• Mobile Network Vulnerabilities Affecting All Cellular Generations Since 2G

• Cybersecurity Risks Introduced By Quantum Computing – Expert Opinion

• DuckDuckGo developing a robust privacy-focused desktop browser

• The Role of Malware Analysis in Cybersecurity

• Is ZTNA Your First Stop to SASE?

• Deadline extended for Federal 100 nominations!

• 10 common types of malware attacks and how to prevent them

• Support a Better Web for Everyone & Unlock Grants for EFF

• Ubisoft Confirms Unauthorized Access to ‘Just Dance’ User Data

• Understanding the Offense’s Systemwide Advantage in Cyberspace

• Conti ransomware is exploiting the Log4Shell vulnerability to the tune of millions

• How to Comply with GDPR, PIPL, and CCPA

• Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

• Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

• Stolen Bitcoins Returned

• Review: Twinkly’s HomeKit-Compatible String Lights Are Perfect for the Holidays

• More Users Trust Amazon and Google to Handle Their Personal User Data Than Apple, Survey Suggests

• Details of new PYSA n Everest Ransomware

• New Log4j Attack Vector Exploits WebSocket To Trigger RCE – Update to Log4j 2.17.0

• Elon Musk Warns Of Overtaxation in California

• OnlyFans Founder Steps Down, Appoints Female Boss

• 9 Ways to Determine If Your Identity Has Been Stolen

• Helping Older Adults Build Strong Digital Literacy Skills

• What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake

• Virginia Still Working to Fix Issues After Ransomware Attack

• CISA Says No Federal Agencies Compromised in Log4Shell Attacks to Date

• Why We Need to Consolidate Digital Identity Management Before Zero Trust

• Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

• Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

• PYSA ransomware gang is the most active group in November

• What’s in store for cybersecurity in 2022?

• Future of Identity-Based Security: All-in-One Platforms or Do-It-Yourself Solutions?

• The Best Twitter Cybersecurity Accounts You Should Follow [Updated 2021]

• PYSA Ransomware Gang Responsible for Most Double Extortion Attacks in November

• December 2021 Web Server Survey

• Cyber Warfare: What To Expect in 2022

• Four Bugs in Microsoft Teams Left Platform Vulnerable Since March

• Targeted Links Used to Steal Tens of Millions in Global Scam Campaign

• The Cybersecurity Stories Vice Was Jealous Of In 2021

• Walk-Through Metal Detectors Can Be Hacked, New Research Finds

• The Secret Uganda Deal That Has Brought NSO To The Brink of Collapse

• Ubisoft Confirms Just Dance Data Breach

• Net Neutrality May Return, As Biden Seeks FCC Commissioner Confirmation

• $80 Million Go Monthly into the Hackers’ Pockets Via False Giveaways and Surveys, Experts Say

• 2easy: A New Dark Web Marketplace for Stolen Data

• AV Artists Complain Monterey ‘Orange Dot’ Security Feature Makes Macs Unsuitable for Live Performances

• Hackers Targeted Belgium Defense Ministry Exploiting Log4j Bug

• UK Donates 225 Million Stolen Passwords To Hack-checking Site

• Cybersecurity Careers Around the World

• Ghana govt agency exposed 700k citizens’ data in a database mess up

• Windows Firewall | Avast

• Poland Rejects Accusations of ‘Political’ Spyware Use

• What do cybersecurity experts predict in 2022?

• CES 2022: Amazon, Meta, Twitter Pull Attendance

• Chinese Government Punishes Alibaba for Not Telling It First About Log4Shell Flaw: Report

• China suspends deal with Alibaba for not sharing Log4j 0-day first with the government

• PYSA Dominated the Ransomware Landscape in November: Report

• The Need for Survivable, Trustworthy Secure Systems

• Russian Cyber Exec Extradited After Alleged Trading Conspiracy

• Covid vaccine researchers are under attack

• Lady Gives Birth Whilst Tesla Used Autopilot

• This ransomware strain just started targeting lots more businesses

• Ubisoft Reveals Player Data Breach Came from User Error

• Choosing Christmas gifts for kids: Squid Game and Huggy Wuggy are trending

• 16-30 November 2021 Cyber Attacks Timeline

• US Returns $150m to Sony After Employee BEC Attack

• Apple Offers Free Two-Hour Holiday Delivery on Mac, iPhone, iPad, and Apple Watch Orders

• New 27-inch iMac Said to Launch in Multiple Colors

• Report: Redesigned 27-Inch iMac to Feature LCD Display, Not Mini-LED

• Just Dance latest cyber-attack victim

• Belgian Military in Five-Day Battle Against Cyberattack

• Attackers bypass Microsoft patch to deliver Formbook malware

• IT Asset Management – What You Need to Know

• Build your own Android security product

• New Exploit Lets Malware Attackers Bypass Patch for Critical Microsoft MSHTML Flaw

• Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers

• A new version of the Abcbot bot targets Chinese cloud providers

• A Backdoor Found in U.S. Federal Government Networks

• Google to take serious action against SEO Poisoning

• Ransomware attack on Brazil Health Ministry

• Ransomware Empire: Who might blackmail your company?

• Open-source software holds the key to solving Log4Shell-like problems

• Salesforce CTO talks e-commerce cybersecurity threat trends for 2022

• What’s stopping consumers from using credit freezes?

• Four technologies that will boost your customers’ Black Friday shopping sprees

• Global outbreak of Log4Shell

• Cybersecurity in 2022 and Beyond

• How Tripwire Can Be a Partner on Your Zero Trust Journey

• Imperva Snapshot™ Scan: What You Can Find in the Report

• Valuing IT professionals to retain talent and reduce their stress

• How confident can organizations be in their managed services security?

• Cybercriminals shifting focus: IT sector most targeted in 2021

• Of course a Bluetooth-using home COVID test was cracked to fake results

• Veriff’s metaverse identity verification solution protects users from fake accounts and bots

• NICE introduces AI-powered capabilities to help organizations boost ROI

• Edgecore Networks Work-from-Anywhere delivers enterprise-grade services for remote workers

• BAE Systems partners with Embraer to explore potential defence variants for the Eve eVTOL vehicle

• Semtech SurgeSwitch protects circuits and systems operating in harsh industrial environments

• GoSecure acquires Covail to enhance AI and automation of its platform

• Beyond Identity joins MISA to defend customers against increasing cyber threats

• Fibocom selects Keysight Technologies to perform comprehensive testing of wireless modules

• How to protect yourself from identity theft after a data breach

• DataTribe invests $2M in ContraForce to make cyber security accessible for SMBs

• Second ransomware family exploiting Log4j spotted in U.S., Europe

• CMMC assessments could resume in January

• CMMC Accreditation Body elects new board officers

• Albert Nieves joins Aqua Security as VP of Federal Sales

• Affected by a Data Breach? Here Are Security Steps You Should Take

• How to check if your Linux servers are vulnerable to the Log4j flaw with a single command

• Experts’ Responses: Cyber Security Predictions 2022

• IT Security News Daily Summary 2021-12-21

• 93% of Tested Networks Vulnerable to Breach, Pen Testers Find

• Meta Files Federal Lawsuit Against Phishing Operators

• UK Security Agency Shares 225M Passwords With ‘Have I Been Pwned’

• Zillow Adds FaceTime SharePlay Feature for Collectively Browsing Homes

• Ubisoft confirms Just Dance data breach amid developer exodus

• Russian national extradited to US for trading on stolen Information

• 5 ways to automate security testing in DevSecOps

• US Sentences Money Launderer Linked to QQAAZZ

• White House releases ‘leaning agenda’ draft for PMA

• Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look

• Desjardins Proposes $155M Data Breach Settlement

• Facebook Whistleblower Says She Is “Super Scared” About Metaverse Plans

• How to tackle hybrid cloud security and DevSecOps

• CrowdStrike Services Launches Log4j Quick Reference Guide (QRG)

• Half-Billion Compromised Credentials Lurking on Open Cloud Server

• DuckDuckGo Working on Privacy-Focused Desktop Browser for Mac

• Why SBOM management is no longer optional

• The Link Between Ransomware and Cryptocurrency

• Eco-friendly data centers key to sustainable enterprises

• Preemptive Strategies to Stop Log4j and Its Variants

• Macs With Intel Processors Still Coming Amid Transition to Apple Silicon

• Top 10 IT security frameworks and standards explained

• How to mitigate Log4Shell, the Log4j vulnerability

• Bill to train acquisition workforce on AI clears Senate

• Apache’s other product: Critical bugs in ‘httpd’ web server, patch now!

• Escalation in Healthcare Data Breaches

• TSA Preparing to Begin Accepting Mobile Driver’s Licenses in February 2022

• We’re starting to see a national response to ransomware, says Mandiant CEO

• EU Approves Microsoft’s $16 Billion Nuance Acquisition

• Why CISOs Shouldn’t Report to CIOs in the C-Suite

• Desperate for state workers, governors offer raises to keep them

• 5 cybersecurity predictions for 2022

• Muscle Car Owner Targeted With Hidden AirTag Placed by Thieves

• Two backdoors detected in Auerswald VoIP ystem

• Two Active Directory Bugs Lead to Easy Windows Domain Takeover

• Log4Shell enumeration, mitigation and attack detection tool

• Acer Slaps Volkswagen With 4G Patent Lawsuit – Report

• IT security: Computer attacks with laser light

• Facebook files lawsuit against Phishing Attack

• Oracle Makes Biggest Acquisition With Cerner Purchase

• Understanding Software Supply Chain and How to Secure It

• Fintech 2022 Trends: Future of Cryptocurrency and Blockchain

• Patch these 2 Active Directory flaws to prevent the takeover of Windows domains

• Police forces pipe 225 million pwned passwords into ‘Have I Been Pwned?’

• Advantages of Shift Left Testing in DevOps

• China’s Narrative War on Democracy

• MacRumors Exclusive: Get 50% Off Your First Year of Flexibits Premium for Fantastical and Cardhop

• Artistic Renders Offers Best Look Yet At Apple’s Upcoming AR/VR Headset

• New 27-Inch iMac With Mini-LED Display Reportedly Moves Towards Production

• iPhone 12 Production Halted in India by Protests Over Food Poisoning

• Have I Been Pwned Receives 585 M Passwords from the UK Government

• FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

• Ransomware Threat Just as Urgent as Terrorism, Say Two-Thirds of IT Pros

• The Future of Ransomware

• 21 Billion Scam Calls Were Blocked by T-Mobile This Year

• Airbus, Boeing CEOs Call For Delay In US 5G Service

• 10 Ways to Protect Your Identity

• F-Secure uses flaw in at-home COVID-19 test to fake results

• Authorization and IAM Company PlainID Raises $75 Million in Series C Funding

• Silicon UK In Focus Podcast: Salesforce: The Value of Diversity

• The Power of Diversity

• What Cybersecurity Professionals Are Wishing for This Holiday Season

• What Is Data Logging?

• Microsoft Urges Customers to Patch Recent Active Directory Vulnerabilities

• How Is Zero Trust Evolving to Be More Continuous in Verifying Trust?

• FBI: Hackers Are Actively Exploiting This Flaw On ManageEngine Desktop Central Servers

• New Duo Feature Lets Users Skip the VPN Hassle

• Beware!! Hackers Hide Fileless Malware “DarkWatchman” In The Windows Registry

• FBI: Hackers are actively exploiting this flaw on ManageEngine Desktop Central servers

• No-Code Security Automation Company ContraForce Emerges From Stealth

• Vulnerability Summary for the Week of December 13, 2021

• iPhone SE 3 Reportedly Entering Trial Production Phase With Launch Set for Early 2022

• Decisions, Decisions and the Role of Authorization

• PlainID lands $75M to reduce identity and access policy chaos

• Russian Hacker Extradited to US for Trading on Stolen Information

• Vulnerability Summary for the Week of December 13, 2021

• Tropic Trooper Cyber Espionage Hackers Targeting Transportation Sector

• Cyber Security Professionals Suffering From Burnout

• Belgian defence ministry admits attackers accessed its computer network by exploiting Log4j vulnerability

• 7 Scams To Avoid This Christmas

• An IDOR Bug In Facebook Android Could Expose Page Admins – Patch Deployed

• UK Donates Stolen Passwords To Have I Been Pwned Website

• Log4j flaw: 10 questions you need to be asking

• AP Exclusive: Polish Opposition Duo Hacked With NSO Spyware

• Vulnerabilities Can Allow Hackers to Tamper With Walk-Through Metal Detectors

• New phishing campaign claims $80m per month

• Meta Sues Threat Actors Responsible for the Phishing Scams Ran on Its Platforms

• How is Zero Trust Evolving to be More Continuous in Verifying Trust?

• Hellmann warns customers to be aware of scammers

• Zoho Zero-Day Exploited by State Threat Actors Since October, FBI Says

• Elon Musk To Pay $11 Billion In Taxes

• 5 Ways to Reduce the Risk of Ransomware to Your OT Network

• FBI Sees APTs Exploiting Recent ManageEngine Desktop Central Vulnerability

• Feedzai endorsed by several analyst firms for AML and fraud management solutions

• Warning over patching Active Directory takeover flaws

• Dridex Malware Installed With the Help of Log4j Vulnerability

• Police found 225 million stolen passwords hidden on a hacked cloud server. Is yours one of them?

• Meta Sues to Disrupt Prolific Phishing Campaign

• Top 7 common Cybersecurity Myths — Busted

• Merrick Garland Needs to Speak Up

• UK Cyber Cops Share 225 Million Passwords with Breach Site

• Secret Backdoors Found in German-made Auerswald VoIP System

• Facebook Patches Vulnerability Exposing Page Admin Identity

• Scam Phishing Network Costs Victims $80m Per Month

• British Council Struck by Two Ransomware Attacks in Five Years

• More than 35,000 Java packages impacted by Log4j flaw, Google warns

• 5 Tips For Staying Safe Online | Avast

• iPhone 13 Mass Production Set to Begin in India From February

• Looking for adding new detection technologies in your security products?

• Log4j Vulnerability Aftermath

• Security Issues With WordPress

• Why the updated OWASP Top 10 list can’t be addressed by WAF?

• Podcast Episode: The Life of the (Crypto) Party

• Meta Sues Hackers Behind Facebook, WhatsApp and Instagram Phishing Attacks

• 6 top cybersecurity trends from 2021 and their impact on 2022

• UK National Crime Agency finds 225 million previously unexposed passwords

• Cyber insurance trends: Insurers and insurees must adapt equally to growing threats

• Combating identity fraud: The key is to avoid stagnation

• Microsoft and its Passwordless Authentication on Windows 11

• Critical SSRF Bug in VMware Workspace ONE UEM Console Let Attacker Steal Sensitive Data

• Cybersecurity budgets surge, as skills gap wreaks havoc on 2022 plans

• Google and Facebook Meta to protect data on undersea cable

• Relay races, batons, and techniques: How to improve your cloud security posture

• How familiar are consumers with data protection best practices?

• Rethinking cybersecurity becomes imperative as devices and apps move away from physical offices

• SentinelOne Recognized by Comparably Across Award Categories

• ISACA and Greek Ministry of Digital Governance Partner to Advance Cybersecurity Awareness, Best Practices and Training

• CCSP vs. Microsoft Azure Certified Security Engineer Associate — How Does Vendor Focus Factor In?

• Five James Bond gadgets which use real world technologies

• How online retailers can boost sales completion at checkout

• Major Updates to the Cybersecurity Maturity Model Certification: What You Need to Know

• Revisiting the Relevance of the Industrial DMZ (iDMZ)

• Half of all helpdesk tickets relate to UC&C issues

• 5 Common Types of Identity Theft

• US bags Russian accused of stealing millions after stealing pre-release financial filings

• How to detect Apache HTTP Server Exploitation

• How To Prevent Clickjacking Attacks

• Log4j vulnerabilities, malware strains multiply; major attack disclosed

• Arctic Wolf collaborates with Red Bull Racing Honda to safeguard its mission-critical data and operations

• MetricStream partners with HCL Technologies to provide real-time visibility into IT risk

• Honeywell, SES and Hughes deliver high-speed connectivity for government customers

• Semperis and Sirius Healthcare help healthcare companies to combat ransomware attacks

• Q&A: Vast Data’s cofounder talks affordable SSDs replacing magnetic disks

• Wipro acquires Edgile to strengthen strategic cybersecurity services

• Aena partners with Vueling to use Mobbeel’s facial recognition technology in the boarding process

• Telefónica Germany collaborates with Tech Mahindra to elevate its development and testing

• iTecs partners with Check Point to improve cybersecurity protection for clients

• Don’t forget to unplug your devices before you leave for the holidays!

• ZeroFox acquires IDX to address emerging security challenges and goes public through a merger with LNFA

• Nurse Arrested in Hacking Investigation

• DarkWatchman RAT uses Windows Registry fileless storage mechanism

• Data I/O appoints Cheemin Bo-Linn to Board of Directors

• Jim Whitehurst joins Tanium Board of Directors

• security awareness training

• New Log4j Attack Vector Discovered

• Russian National Extradited for Illegal Hacking & Trading

• UK government introduces law to toughen up security of internet-connected devices

• Belgian Defense Ministry confirms cyberattack through Log4j exploitation

• Cybersecurity company identifies months-long attack on US federal commission

• Towards OECD Principles for Government Access to Data: Can Democracies Show the Way?

• IT Security News Daily Summary 2021-12-20

• Securing the Supply Chain During Shipping Challenges

• 2022 Cybersecurity Trends for DevSecOps

• USAID plans new ‘Digital Front Door’ portal for contractors

• Climate data tools win NOAA challenge

• Conti Ransomware Gang Has Full Log4Shell Attack Chain

• Restrict remote users to a chroot jail in Linux

• Apple Releases Safari Technology Preview 137 With Bug Fixes and Performance Improvements

• Apple’s Updated 3D Maps With Custom Landmarks Available in Philadelphia

• مؤسسة الجبهة الإلكترونية نيابة عن ناشطة حقوقية سعودية، تقاضي صانع برامج التجسس دارك ماتر لانتهاك قوانين مكافحة القرصنة الأمريكية والقوانين الدولية لحقوق الإنسان

• US bags Russian accused of stealing millions after stealing per-release financial filings

• More funding needed for Biden’s CX order, says industry group

• Cybersecurity company ZeroFox acquires IDX, merges with L&F to create $1.4 billion entity

• Nation-state actors are exploiting Zoho zero-day CVE-2021-44515 since October, FBI warns

• Log4j: Everything You Need to Know [Updated]>

• Cyber-Attack Impacts Aussie Companies

• NetSPI Adds IoT Penetration Testing to its Suite of Offensive Security Services

• Brillio Acquires Cedrus Digital to Strengthen Their Digital Transformation Service Capabilities

• Defending Against Log4j Exploits with Cisco Secure Endpoint

• 7 cyber defense use cases

• Apple Music Voice Plan: Everything You Need to Know

• $30 million stolen from Grim Finance, audit firm blames new hire for vulnerability

• After ransomware attack, global logistics firm Hellmann warns of scam calls and mail

• Best last-minute gifts for hackers: Cybersecurity presents, secured

• Robocalls More Than Doubled in 2021, Cost Victims $30B

• Google Finds 35,863 Java Packages Using Defective Log4j

• Tech Companies to Protect Data on Undersea Cable

• Synthetic identity fraud: What is it, and why is it harmful?

• Scammers Netted $7.7 Billion worth of Cryptocurrency in 2021

• Log4J and The Memory That Knew Too Much

• Secrecy Creep

• copyright

• Apple Seeds First Public Betas of iOS 15.3 and iPadOS 15.3

• White House elevates CX with executive order

• $30 million stolen from DeFi protocol Grim Finance, audit firm apologizes for missing vulnerability

• DDoS Defenses Divide and Conquer

• Everything you always wanted to know about NFTs (but were too afraid to ask): Lock and Code S02E24

• A Journey in Organizational Resilience: Survive the Disruption and Become Stronger

• Synthetic identity fraud: What is it and why is it harmful?

• Planning for the Future: What’s Ahead in 2022

• HomePod Mini Helps Apple Nearly Double Its Market Share of Smart Speakers and Screens

• Russian National with ties to Putin’s office extradited to U.S. over insider trading, hacking scheme

• Ruled by algorithms, gig workers remain powerless against automated decision-making

• How to perform Azure AD bulk operations with PowerShell

• Reblaze Appoints New CEO

• Trend Micro Crowns Champions of 2021 Capture the Flag Competition

• SecurityScorecard Research Reveals Cyber Vulnerabilities Pose a Threat to U.S. Maritime Security

• BlackBerry Launches New Managed Extended Detection and Response (XDR) Service

• SAIC Launches Rugged Apps to Provide Secure Commercial Apps to Government Users

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Avast found backdoor in US Federal Agency Network

• What is a Supply Chain Attack & How it Occurs?

• Surveillance-for-hire: Are you a target of the booming spy business?

• Are Ransomware Attacks Slowing Down? It Depends on Where You Look

• Rocket Companies acquires Truebill for $1.275 billion cash

• British police data published on dark web by Clop Ransomware Group

• 4 Ways Cybercriminals Exploit Remote Teams

• Third Log4J Bug Can Trigger DoS; Apache Issues Patch

• Belgian defense ministry hit by cyberattack exploiting Log4Shell bug

• Answering Log4Shell-related questions

• The TellYouThePass Ransomware Reappeared After the Windows Log4j Attacks

• Police National Computer not pwned by Clop ransomware crims, insists Home Office

• How to manage the security risk of remote working

• Apache Releases Third Major Log4j Update To Fix A DoS Flaw

• Alleged APT implanted a backdoor in the network of a US federal agency

• More on NSO Group and Cytrox: Two Cyberweapons Arms Manufacturers

• Kuo: iPhone 14 Pro to Feature 48-Megapixel Camera, Periscope Lens Coming 2023

• Deals: Beats Studio Buds Available for $99.99 ($50 Off)

• ZeroFox to Go Public in $1.4 Billion SPAC Deal

• Zero Trust Shouldn’t Mean Zero Trust in Employees

• New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G

• VMware Patches Vulnerabilities in Workspace ONE Access

• Cybersecurity M&A Roundup for December 13-19, 2021

• How to see if cybersecurity of your organization is in check for the New Year

• What You Need to Know About RDP Security Going Into 2022

• Log4Shell: The Movie… a short, safe visual tour for work and home

• BBC Bitcoin Mining Report Used In Crypto-Scam

• Google Warns That NSO Hacking Is On Par WIth Elite Nation-State Spies

• Bad Things Come In Threes: Apache Reveals Another Log4j Bug

• Scammers Stole $7.7 Billion In Crypto In 2021

• The DarkWatchman Malware Was Found Hidden in Windows Registry

• Spider-Man Fans, Watch Out! You Might Become the Next Victim in a New Phishing Campaign

• Find A New Cybersecurity Job in 2022

• SAP Addresses Log4Shell Vulnerability Patching in 20 Applications

• CrowdXDR Alliance Expands to Help Security Teams Identify and Hunt Threats Faster

• Scammers grabbed $7.7 billion worth of cryptocurrency in 2021, say researchers

• Ransomware Gang Publish Confidential Police Data on the Dark Web

• Ransomware Gang Stole Confidential Data From The UK Police And Leaked It On Dark Web

• CISA Log4j Emergency Directive, Experts Weigh In

• Facebook Aka Meta Bans Seven Spy-For-Hire Entities

• When a deepfake “empire” continues to grow

• How to secure your laptop at college?

• Wireless Coexistence Attacks Exploit (Systems on a Chip) SoCs

• New Hancitor Malware Loader Delivers Malware Via Clipboard

• Joker Malware Disguised As ‘Color Message’ App Targeted 500K Android Users

• Google’s OSS-Fuzz Tool Now Detects “Log4Shell” Via Jazzer

• Ransomware Operators Leak Data Stolen From Logistics Giant Hellmann

• How to Limit What a Toddler Can Do When You Hand Over Your iPhone or iPad

• Fraudsters thriving off new Spiderman film hype

• Build Back Better setback imperils TMF boost, other tech funding

• Log4j Update Patches New Vulnerability That Allows DoS Attacks

• Execs Get 16+ Years After SBA Fraud Scheme

• Ukrainian War Games Test Electricity Grid

• 1.8 million card details stolen from sporting goods sites

• A week in security (Dec 13 – 19)

• ‘Flying Taxi’ Company Vertical Aerospace Soars On NYSE Debut

• Rivian Shares Hit Record Low On 2021 Production Cuts

• New Log4j Patch Released to Fix DoS Flaw

• Apple Silicon Roadmap Based on 18-Month Upgrade Cycle, Claims Report

• French News Channel Gets Rare Access Into Apple Park, ‘One of the Most Secret Places on the Planet’

• AI Argues For And Against Itself In Oxford Debate

• Northvolt Plans Massive Lithium Plant As EU Ramps Battery Drive

• Experts Discover Backdoor Deployed on the U.S. Federal Agency’s Network

• Apple Silicon Roadmap Based on 18-Month Upgrade Cycle, Claims Chinese Report

• How to Keep Kids from Making Purchases on Your iPhone or iPad

• Radiation ‘Protection’ Products Found To Be Radioactive

• Sainsbury’s Payroll Disrupted By US Ransomware Attack

• Protect Against Log4j Data Exfiltration

• How and why do we attack our own Anti-Spam?

• 4 Benefits of Empowering Your Team’s Security Champions

• How to keep on top of cloud security best practices

• Trying to register your antivirus in Windows Security Center?

• US Adds Drone Maker DJI To Investment Blacklist

• Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store

• A new attack vector exploits the Log4Shell vulnerability on servers locally

• The Log4j saga: New vulnerabilities and attack vectors discovered

Generated on 2022-01-01 00:01:50.903559