IT Security News Monthly Summary – May

• IT Security News Daily Summary 2021-04-30

• Was SUNBURST really a Zero-day attack?

• NSF, NIST, DOD team up on resilient next-gen networking

• CISA tests cloud log aggregation to ID threats

• Data privacy demands a unified view across siloes

• Security awareness training quiz: Insider threat prevention

• New Threat Group Carrying Out Aggressive Ransomware Campaign

• How to Put an AirTag in Lost Mode

• Hands-On With Apple’s New AirTags

• ‘Defend Forward’ and Sovereignty

• Proposed New Internet Law in Mauritius Raises Serious Human Rights Concerns

• Task Force delivers strategic plan to address global ransomware problem

• What to Do If Your Mac Keeps Freezing

• Blocking Fileless Script-based Attacks Using CrowdStrike Falcon’s Script Control Feature

• UI modernization may get more funding, oversight

• A Tale of Two Hacks: From SolarWinds to Microsoft Exchange

• WeSteal: A Cryptocurrency-Stealing Tool That Does Just That

• PortDoor Espionage Malware Takes Aim at Russian Defense Sector

• MITRE Adds MacOS, Linux, More Data Types to ATT&CK Framework

• Edible Wrappers Are Centuries Old. Why Are They Now Disruptive?

• “Pearl Harbor Was a Bolt Out of the Blue” Unlike Cyber Attacks

• The Night Witches of WWII

• How to Locate an AirTag in Find My on iPhone

• Anti-vax Hijack Shows QR Code Vulnerability

• Experts Warn Of Cybersecurity ‘Apocalypse’ As Goldman Sachs Inch Closer To Quantum Revolution

• World Wide Web Anniversary Today – Expert Commentary

• Experian Leaked Consumer Credit Scores – Expert Commentary

• Ransomware Task Force | Expert Insight

• Tell Congress: Support the Fourth Amendment Is Not For Sale Act

• BrandPost: Protecting 5G Networks Requires an Integrated, Holistic Security Approach

• Cloud and hosting providers: Are you leveraging public cloud to your own benefit?

• Tesla cars can be remotely hacked using drone, WIFI dongle

• WeSteal: A Cryptocurrency Stealing Tool That Does Just That

• Experts reported cyber attacks from the U.S. during the Navalny rallies in Russia

• MacRumors Giveaway: Win a MagSafe-Compatible 2-in-1 Charger From Choetech

• Shipping Estimates for 12.9-Inch Mini-LED iPad Pro Slip to July

• Asda Issues Online Home Delivery Warning After Thousands Targeted By Scam

• Elekta Cyberattack Took Some Us Cancer Radiation Services Offline

• Improve Your Cyber Risk Monitoring Tools

• OMB job satisfaction scores plummeted in 2020

• Is the SolarWinds Hack Really a Seismic Shift?

• Task Force Calls for Aggressive US ‘Anti-Ransomware’ Campaign

• Unknown Chinese APT Targets Russian Defense Sector

• Survey Finds Broad Concern Over Third-Party App Providers Post-SolarWinds

• Apple Seeds Second Beta of tvOS 14.6 to Developers

• Apple Seeds Second Beta of watchOS 7.5 to Developers

• Apple Seeds Second Betas of iOS and iPadOS 14.6 to Developers

• Ransomware Task Force of 60+ Members From Industry, Government, Law Enforcement, Civil Society, and International Organizations Publishes Comprehensive Framework to Combat Ransomware

• Who has the smartest home in cinema history?

• Introducing the world’s first SIM made of 100% recycled plastic from old refrigerators

• Best practices for businesses to stay safe online this tax season

• Ransomware Task Force Releases its Comprehensive Framework for Action

• 5 common SD-WAN challenges and how to prepare for them

• PHP community sidesteps its third supply chain attack in three years

• British Prime Minister’s Cell Phone Number Exposed

• CPDP 2021 – Moderator: Liesbet Stevens ‘Is ‘No’ Still ‘No’ In An Online World? Discussing Non-Consensual Distribution Of Intimate Images And Deepfakes’

• UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed

• Apple TV+ Musical Comedy ‘Schmigadoon!’ Debuting July 16

• ElevationLab Launches ‘TagVault’ AirTag Holder

• Microsoft and Amazon call for regulation as crypto laundering grows

• Bill to protect UK against harmful foreign investment becomes law

• Report: (ISC)2 Cybersecurity Career Pursuers Study Provides Insights From Professionals and Jobseekers to Highlight What Security Jobs Actually Entail

• How to Mitigate DDoS Attacks with Log Analytics

• Nitro Ransomware asks for Gift Cards as ransom

• Security and Compliance Considerations for Using Salesforce

• How to Talk to Leadership About a Zero Trust Model That’s Right For You

• pass the hash attack

• Contract Tracing Breach Impacts Private Info of 72K People

• Software Company Self-Reports Illegal Exports

• Ghost Town Security: What Threats Lurk in Abandoned Offices?

• Apple Maps Cycling Directions Now Available Across California and Seattle

• Pattern-or-Practice Investigations and Police Reform

• Brazil’s Bill Repealing National Security Law Has its Own Threats to Free Expression

• Happy Friday? Darktrace gets 40 per cent boost on London IPO debut

• Hands On with Apple’s AirTags: Find Lost Keys, Bags, and More

• April 2021 Web Server Survey

• Why Data Monopolies Mean Breaches Hit Harder (And How to Help)

• Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

• SonicWall Zero-Day Exploited by Ransomware Group Before It Was Patched

• Security Operations and Management Startup StrikeReady Emerges From Stealth

• INSA Forms Critical Infrastructure Subcommittee

• Lloyds Bank Warns Britons of Phishing Scam That Could Drain Their Bank Accounts

• The Ticking Time Bomb in Every Company’s Code

• 7 Modern-Day Cybersecurity Realities

• Samba Releases Security Updates

• Codecov Releases New Detections for Supply Chain Compromise

• Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization

• The IRS Wants Help Hacking Cryptocurrency Hardware Wallets

• Australia Proposes Teaching Cybersecurity To 5 Year Olds

• Multi-Gov Task Force Plans To Take Down The Ransomware Economy

• Ransomware Group Targeted SonicWall Vulnerability Pre-Patch

• Packaging Reveals Apple Was Preparing to Ship AirTags as Early as 2019

• It’s Possible to Drill a Hole Through an AirTag

• Government Must Act to Choke Bitcoin Ransom Payouts Says Experts

• Illegal Football Streaming Sites are Absolutely Riddled with Dangerous Malware

• Previously undocumented backdoor targets Microsoft’s Equation Editor

• 3 Ransomware Threats in 2021 and How to Protect Against Them

• FCW Insider: April 30, 2021

• How to connect a client to the open-source Pritunl VPN

• Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

• Password Reuse Risk is Exacerbated by Dark Web Data

• PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector

• 100 Days Down, 1,360 Days of Nation-State Cybersecurity Threats to Go

• Deals: Pair Your New iPad Pro With the Apple Pencil 2 for $103.99 ($25 Off)

• Microsoft Discloses Vulnerabilities in OT and IoT Devices

• Microsoft Study Shows Human Brain Needs Break From Meetings

• Ransomware task force unveils broad manifesto for fighting back

• Google’s Grand Plan to Eradicate Cookies Is Crumbling

• Serious MacOS Vulnerability Patched

• New M1 iPad Pros, 24-Inch M1 iMacs, Apple TV 4K, and Siri Remote Now Available to Order

• Third-Party Retailers Selling Apple’s New iPad Pro, 24-Inch iMac, and Apple TV 4K

• PM’s Phone Number Not Changed for 15 Years

• IoT riddled with BadAlloc vulnerabilities

• Own a Mac? It’s time to update your software

• Amazon Posts Record Results, As Prime Video Catches Netflix

• Microsoft Warns 25 Critical Vulnerabilities in IoT, Industrial Devices

• Cybersecurity Community Unhappy With GitHub’s Proposed Policy Updates

• Cautious Welcome for Ransomware Task Force Proposals

• Stop Tweeting, Says Click Studios: Phishers Use Breach Notification Information to Create New Lures

• Data Breach at Digital Oceans Leaves Customer Billing Data Exposed

• Microsoft warns of BadAlloc flaws in OT, IoT devices

• Darktrace shares soar 43% in London IPO as investors shrug off Deliveroo flop

• What is an IP address? Do I need one?

• Vulnerability In ABUS Secvest Connected Alarms Allowed Remote Disabling

• Check Point Software is a finalist for two Microsoft Security 20/20 awards

• SAP admits to ‘thousands’ of illegal software exports to Iran

• Ransomware is now a national security risk. This group thinks it knows how to defeat it

• Dutch Government Pauses Coronavirus App Over Data Leak Fears

• Paleo Lifestyle Site Found Leaking PII on 70,000 Users

• Ransomware Task Force Urges Tighter Crypto Regulation

• Apple in Breach of EU Competition Law, European Commission Finds

• New US CISO appointments, April 2021

• Darktrace Enjoys Successful London IPO

• Macs Attacked By Worst Hack in Years | Avast

• WeSteal: A ‘shameless’ cryptocurrency stealer sold in the underground

• Microsoft Finds ‘BadAlloc’ Flaws Affecting Wide-Range of IoT and OT Devices

• Qiling: A true instrumentable binary emulation framework, (Fri, Apr 30th)

• Privacy Alert for Unknown AirTag Triggers When a User Returns Home

• Darktrace shares surge 43% in London IPO as investors shrug off Deliveroo flop

• Signal app insists it’s so private it can’t provide subpoenaed call data

• International Girls in ICT Day Workshop | Avast

• ISC urges updates of DNS servers to wipe out new BIND vulnerabilities

• BIND Vulnerabilities Expose DNS Servers to Remote Attacks

• DC Officer Info Leaked Online by Ransomware Group: Report

• Credit Scores of Americans were Exposed Through Experian API

• Here’s A New Forum for Cybersecurity Leaders Outside of the Fortune 2000

• The Kubernetes Network Security Effect

• Cybersecurity firm Darktrace’s shares skyrocket 43% in London IPO

• Australia’s eSafety and the uphill battle of regulating the ever-changing online realm

• Passwordstate Warns of Ongoing Phishing Attacks Following Data Breach

• Research Shows Glaring Mobile App Security Issues

• How Private Cloud Enables Data Security

• Windows 10 Gaining Improved Audio Support for AirPods in Future Update

• BBC reports on the Ransomware surge ruining lives

• Microsoft identifies critical code execution flaws in IoT and OT devices

• Dorset police investigating data breach

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• Emotet malware steals 4.3 million email addresses

• Hacker steals funds from customer bank accounts through Brute Force Attacks

• Singapore-Thailand pact lets users send money cross-border via mobile number

• AFP issues search warrant following alleged dodgy tech support scheme

• Neurodiversity in IT Security

• Shedding light on the threat posed by shadow admins

• Microsoft finds memory allocation holes in range of IoT and industrial technology

• Prime targets: Governments shouldn’t go it alone on cybersecurity

• FBI teams up with ‘Have I Been Pwned’ to alert Emotet victims

• What is threat modeling and why should you care?

• APIs in the insurance industry: Accessing a growing world of data

• Datto CISO Ryan Weeks Contributes to Ransomware Task Force’s Comprehensive Framework to Combat Ransomware

• BIGtoken to Host Webinar on Thursday, May 6, 2021 to Discuss New Opportunities for Ad Tech in a World Without Third-Party Cookies

• National health passes: Short-term fix or long-term legacy?

• The 5 most crucial Cybersecurity updates for businesses in 2021

• Weekly Update 241

• Lack of visibility into IT assets impacting security priorities

• Researchers develop program that helps assess encryption systems’ vulnerabilities

• Department of Energy Launches 100-day Plan to Accelerate Cybersecurity Detection, Mitigation, and Response Capabilities Across Electric Utilities

• 4 cosas que debe incluir una política de gestión de vulnerabilidades

• ISC Stormcast For Friday, April 30th, 2021 https://isc.sans.edu/podcastdetail.html?id=7480, (Fri, Apr 30th)

• PKI market valuation to cross $7 billion by 2027

• AI can alter geospatial data to create deepfake geography

• ParkMobile – 20,949,825 breached accounts

• Kisi Intrusion Detection allows customers to implement alarm policies from their Kisi dashboard

• Entrust PKIaaS simplifies cloud migration with pre-built secure solutions

• Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites

• Australia proposes teaching cyber-security to five-year-old kids

• Home Affairs’ online team referred over 1,500 violent or extremist items for take-down

• UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat

• StackPulse helps enterprises deliver reliable production-grade Kubernetes applications

• Mirantis Lens IDE for Kubernetes helps accelerate adoption of cloud-native technologies

• Echoworx introduces biometric authentication to its Email Encryption platform

• Kaspersky spots CIA malware with backdoor capabilities

• Stealthy RotaJakiro Backdoor Targeting Linux Systems

• Which is more Important: Vulnerability Scans Or Penetration Tests?

• Fusion Risk Management helps financial institutions meet Bank of England, PRA, FCA regulatory requiremets

• Nintex offers business solution templates to help organizations accelerate their DX

• Split and Atlassian offer bidirectional integration for Jira issues and feature flags

• Snyk enables Bitbucket Cloud users to manage and mitigate their open source risk

• XDR Pushing Endpoint Detection and Response Technologies to Extinction

• iPad Air 2020 vs. iPad Pro 2021 Buyer’s Guide

• Opsera raises $15M to grow its engineering team and and accelerate global sales

• Accenture acquires Openminded to strengthen presence in France and accelerate growth in Europe

• Senet and SenRa partner to design, deploy and manage LoRaWAN networks globally

• Stealthy Linux backdoor malware spotted after three years of minding your business

• OPM details pandemic emergency paid leave program

• Babuk Ransomware Gang Mulls Retirement

• 8 Reasons why you should pick Cisco Viptela SD-WAN

• Christina Cravens and Steven Cooperman join Flashpoint’s leadership team

• Fastly increases WebAssembly contributions to support secure-by-design software ecosystem

• BadAlloc: Microsoft looked at memory allocation code in tons of devices and found this one common security flaw

• Senate defense committee delays NDAA markup

• Boosting student loan debt forgiveness could pay off for cyber recruiting

• Ransomware Task Force takes aim at cryptocurrencies

• Researchers Connect Complex Specs to Software Vulnerabilities

• Will France be Worse Off Using AI for Anti-Terrorism?

• How Facebook Avoids Consequences for Crimes

• Strata Identity Brings Order to Identity Management Chaos

• Command injection flaw in PHP Composer allowed supply-chain attacks

• AirTags and Purple iPhone 12 Models Start Arriving to Customers in New Zealand and Australia

• IT Security News Daily Summary 2021-04-29

• OGUsers hacker forum hacked for 4th time; database leaked

• $2.1 billion in UI modernization comes with oversight

• Mayorkas: DHS running ransomware task force, White House plan coming

• NYC returns robotic dog

• What cities must do to responsibly deploy facial recognition solutions

• Court will hear JEDI political interference case against Trump

• ‘Location spoofing’ creates deepfake satellite images

• Human-AI teaming for DC-based emergency response

• F5 Big-IP Vulnerable to Security-Bypass Bug

• BadAlloc: Microsoft Flags Major Security Holes in OT, IoT Devices

• Breached Online Ordering Platforms Expose Dozens of Restaurants

• App Store Now Offers Search Suggestions

• Hackers hold D.C. police data for ransome

• Texas Senate passes new bill to protect state from cyber attacks

• A highly sarcastic Android security warning

• Network Encryption, Modern Applications Impact Security Visibility

• BrandPost: Mitigating Security Threats on Nontraditional Platforms

• BrandPost: Hunting Hackers: Reducing the Time to Discovery

• Eutelsat Buys 24 Percent Stake In OneWeb For $550m

• Curating a Framework To Defend Against Phishing Attacks

• Multi-Gov Task Force Plans to Take Down the Ransomware Economy

• Experian API Leaks Most Americans’ Credit Scores

• SolarWinds puts national cybersecurity strategy on display

• Boston Nanny Arrested After Cyber-Tip

• Accenture to Acquire Openminded

• White House Asked to Increase Crypto Regulation

• Report: Facebook Allows Ads Targeting Children With Smoking, Alcohol And More

• Security Researchers Raise Concerns Over Security Flaws in Machine Learning

• Your Digital Identity’s Evil Shadow

• ‘BadAlloc’ Flaws Could Threaten IoT and OT Devices: Microsoft

• API Hole on Experian Partner Site Exposes Credit Scores

• 8 Reasons why you should pick Cisco Viptela SDWAN

• How to Introduce More Empathy into Security Operations

• La nueva normalidad en la gestión de dispositivos móviles

• CPDP 2021 – Moderator: Gloria González Fuster ‘Automated Gender Attribution: It’s A Boy! It’s A Girl! Said The Algorithm’

• Sonrai Wins Silver Stevie Award for Healthcare Technology Solutions

• The Infosec Meme That Touched a Raw Nerve

• An alleged ransomware attack hit the Italian Banca di Credito Cooperativo causing chaos

• Deals: Get Apple’s Silver and Space Gray AirPods Max for $532.32 on Amazon ($17 Off)

• iOS 14.5: How to Change Siri’s Voice

• Siri Response Suggests Find My Support Might Come to New Siri Remote

• iOS 14.5: How to Print a Reminders List

• Apple Says New 12.9-Inch iPad Pro is ‘Functionally Compatible’ With Older Magic Keyboard, But Fit May Be Imperfect When Closed

• 5 Ways Your Software Supply Chain is Out to Get You, Part 4: Dependency Confusion

• 1-15 April 2021 Cyber Attacks Timeline

• EFF at 30: Protecting Free Speech, with Senator Ron Wyden

• What is Smishing? The 101 guide

• AI Capital Announces Their Portfolio Company Link3D To Be Acquired by Materialise; Firm Closes Fund I, Plans Fund II and EU Fund I

• Cyber Threats: The Financial System’s Top Risk

• What is Schrems II and how does it affect your data protection in 2021?

• The importance of creating a small business Cybersecurity plan

• Introducing AT&T’s Managed Endpoint Security with SentinelOne

• Apple AirDrop Vulnerability Exposes Users’ Personal Information – Official Patch Awaited

• Stealthy RotaJakiro backdoor malware targeting Linux for 3 years

• COVID-19 Results for 25% of Wyoming Accidentally Posted Online

• Adopting containers and preventing container security risks

• Learn how to mitigate container security issues

• Northern Ireland Government Announces Partnership to Offer Cyber Career Opportunities

• The Challenge of Securing Non-People Identities

• Cisco Releases Security Updates for Multiple Products

• CISA Releases ICS Advisory on Real-Time Operating System Vulnerabilities

• An issue in the Linux Kernel could allow the hack of your system

• Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix

• “BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks

• 5 Best Practices for Conducting Cyber Security Assessments

• (ISC)2 Offers New Approaches to Cybersecurity Hiring, Training and Team Building

• Ransomware as National Security Threat

• Trade Union Evidence Could Overturn Amazon Vote, Labor Board Says

• FCW Insider: April 29, 2021

• Quick Hits

• Vulnerability Exposes F5 BIG-IP to Kerberos KDC Hijacking Attacks

• Three arrested in Spain for encouraging terrorist attacks against France and its interests abroad

• ISC Releases Security Advisory for BIND

• A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks

• Here for Change: 12 Groups Supporting Women in Cybersecurity

• Anyone For a Smart Network Slice?

• Sonatype + Muse: How Improved Code Quality Compliments Enterprise SAST

• The Academy of Fraud & Abuse Arts and Sciences

• City fined for tracking its citizens via their phones

• A prescription for democratizing pharmaceutical data: Tear down those silos

• Chip Shortage Will Not End Soon, Forrester Warns

• Is Multifactor Authentication Changing the Threat Landscape?

• DigitalOcean Discloses Breach Involving Billing Information

• LuckyMouse Hackers Target Banks, Companies and Governments in 2020

• APT trends report Q1 2021

• Perception Point CEO Reveals His Top Strategies for Aggressive Growth

• Reminder: New 24-Inch iMac, M1 iPad Pro, and New Apple TV 4K Available for Pre-Order Tomorrow

• Users Despair at Apple Podcasts App After iOS 14.5 Update

• Apple Quietly Confirms 24-inch iMac, M1 iPad Pro, and New Apple TV Shipping on May 21

• Spotify Announces Updated ‘Your Library’ With New Grid Views, Dynamic Filters, Improved Search, and More

• 77% of Q1 Ransomware Attacks Threaten Exfiltration – Experts Reaction

• Threat Intelligence Expert On ASDA and Morrisons New Phishing Scam

• How to get rid of Ransomware Attacks?

• DigitalOcean Data Breach Exposed Customers’ Billing Information

• BrandPost: Network Encryption, Modern Applications Impact Security Visibility

• The Story of FakeChat

• TerraTrue, which brings privacy-by-design to product teams, nabs $15M

• Anti-Vaxxer Hijacks QR Codes at COVID-19 Check-In Sites

• Threat Detection Firm Vectra Raises $130 Million at $1.2 Billion Valuation

• RedLine Stealer: Masquerades as Telegram Installer

• Analysis of the Iranian cyber attack landscape

• Have You Been Smished? Mass Smishing Operation Targeting Mobile Users with Fake Amazon and USPS Update Messages

• Qualys Board Names Sumedh Thakar as CEO

• Leading Multinational Bank Implements Cloud Strategy with Sonrai Dig

• The Business of Fraud: Deepfakes, Fraud’s Next Frontier

• Intel CET In Action

• Deals: Amazon Introduces All-Time Low Prices on 512GB M1 MacBook Air ($1,099.99) and M1 MacBook Pro ($1,299.99)

• Reminder: New 24-inch iMac, M1 iPad Pro, and New Apple TV 4K Available for Pre-Order Tomorrow

• Data Brokers and National Security

• Experts Insight On Merseyrail Targeted with Lockbit Ransomware

• 16 Percent of Mobile Devices are Infected with Malware in Emerging Markets, Expert Weighs in

• 48 recommendations for a global fight against ransomware

• Merseyrail Likely Hit by Lockbit Ransomware

• Data Breach Affecting DigitalOcean Exposes Customer Billing Information

• Apple Profits Double As Users Upgrade To 5G iPhones

• AI-powered cybersecurity platform Vectra AI raises $130M

• DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down

• SaaS Attacks: Lessons from Real-Life Misconfiguration Exploits

• FluBot Android Malware Expected to Start Targeting U.S.

• Apple Patches Security Bypass Vulnerability Impacting Macs With M1 Chip

• Effective Security Needs to See and Interrupt Every Step in an Attack Chain

• S3 Ep30: AirDrop worries, Linux pests and ransomware truths [Podcast]

• Task Force Seeks to Disrupt Ransomware Payments

• Conditions applicable to the cooperation with the UK since 1 January 2021

• MVP Growthfest 2021 Recap and Winner’s Circle

• 4 Ways to Mitigate Insider DLP Risk

• Purple Lambert, a new malware of CIA-linked Lambert APT group

• Identifying People Through Lack of Cell Phone Use

• AirTag Orders Moving to ‘Shipped’ Status for More Customers

• Memphis-based First Horizon Bank Discloses Data Breach, Customers Lose Close to $1 Million

• Security Expert Re: New Vulnerability Found in Linux Kernel

• Hackers Use SMS Phishing Scams to Trick Rogers Customers with Outage Refunds

• Emotet Malware Over the Years: The History of an Infamous Cyber-Threat [2021 Updated]

• Paleohacks Data Leak Exposes Customers’ Personal Information

• NASA’s bold bet on Starship for the Moon may change spaceflight forever

• Apple releases iOS 14.5, the biggest update since iOS 14 first launched

• Pentagon explains odd transfer of 175 million IP addresses to obscure company

• Hackers Used ‘Mind-Blowing’ Bug to Sneak Past macOS Safeguards

• How biometrics is moving from verifying identity to verifying humanity

• How To Achieve Device Visibility & Control With Ease

• A new Linux Botnet abuses IaC Tools to spread and other emerging techniques

• Boffins found a bug in Apple AirDrop that could leak users’ personal info

• Billions in data protection lawsuits rides on Google’s last-ditch UK Supreme Court defence for Safari Workaround sueball

• Vivaldi update unleashes the ‘Cookie Crumbler’ to simply block any services asking for consent (sites may break)

• AirTags, AirDrop, and App Tracking – Intego Mac Podcast Episode 185

• Task force proposes framework for combatting ransomware

• Judge Refuses To Dismiss AWS Claim Of Trump JEDI Interference

• Is VPN or Zero Trust Best for Remote Working Security?

• Several High-Severity Vulnerabilities Expose Cisco Firewalls to Remote Attacks

• Emotet Group Harvested Over 4.3 Million Victim Emails

• Chinese Hackers Attacking Military Organizations With New Backdoor

• How to Conduct Vulnerability Assessments: An Essential Guide for 2021

• Apple Files New M1 iPad Pro in Eurasian Economic Database

• Pixelmator Pro Update Adds LUT Support for Color Adjustments

• The Babuk Gang ARE Back IN Town

• Users Flocking To Telegram May Face Toxic Trojan

• How to Tell Apps Not to Track You in iOS 14.5

• Apple releases iOS 14.5, watchOS 7.4, macOS 11.3 and more

• SASE is coming, but adoption will be slow (especially for large enterprises)

• To better defend digital assets, follow physical security’s playbook

• Government and industry to combat ransomware with Bitcoin regulation

• Accenture acquires French cybersecurity firm Openminded

• RotaJakiro: A Linux backdoor that has flown under the radar for years

• Paleohacks data leak exposes customer records, password reset tokens

• 48 ways you can avoid file-scrambling, data-stealing miscreants – or so says the Ransomware Task Force

• First Horizon Bank Customers Have Account Funds Drained

• Cancer Patients Diverted After Cyber-Attack on MedTech Firm

• CISA & NIST Publish Recommendations for IT Admins to Defend Against the Next ‘SolarWinds’ Event

• Cloud Misconfiguration is Still the Leading Source of Cloud Data Violations

• An Ambitious Plan to Tackle Ransomware Faces Long Odds

• Researchers Uncover Stealthy Linux Malware That Went Undetected for 3 Years

• Leaker Claims New Apple TV 4K to Launch May 21

• Taiwan Dashes EU Hopes Of Advanced Chip Production In Europe

• 1 600 offences detected in a global operation against marine pollution

• From Python to .Net, (Thu, Apr 29th)

• UK Retailer John Lewis Lists iPad Pro and iMac Launch Date as May 21

• AirTag vs. Tile Buyer’s Guide

• Lloyds Bank tells customers to beware of text message scam

• Anatomy of how you get pwned

• API Security Weekly: Issue #131

• Linux Machine Compromised: Power of Observation

• Senate committee wants further protections inserted into Australia’s data-sharing scheme

• When you’re building a cybersecurity pro, you need to get the foundations right

• Covid-19 has led to Increase in Cyberattacks Against Banks and Insurers

• Welcoming the Romanian Government to Have I Been Pwned

• How to Become a Data Protection Officer

• Student researcher discovered Experian API flaw that exposed credit scores of “most Americans”

• Warning over illegally streaming football on websites “riddled with malware”

• Want to add antivirus to your existing portfolio?

• Twitter is strange when it comes to business accounts

• RotaJakiro Linux backdoor has flown under the radar since 2018

• Q1 2021 ransomware trends: Most attacks involved threat to leak stolen data

• Jailbreak or Jail – Is Hacking for the Government A Crime?

• The realities of working in and pursuing a career in cybersecurity

• MythBusters: What pentesting is (and what it is not)

• Digital Ocean springs a leak: Miscreant exploits hole to peep on unlucky customers’ billing details for two weeks

• Building Cyber Resilience in a Cloudy World

• Wanted: Software Developers with a Security Mindset

• Digital transformation moves application security to the top of mind list!

• Cancer Treatment across United States halted by Cyber Attack

• Veeam offers ransomware protection to Kubernetes containers

• COVID-19 Supply Chain Attacks and More: Your April 2021 Security Intelligence Roundup

• Improving Data Security in Schools: Privacy at a Distance

• Chinese Cyberspies Target Military Organizations in Asia With New Malware

• Penetration testing leaving organizations with too many blind spots

• Solve evolving enterprise issues with GRC technology

• The Hidden Benefits of Compliance

• ISC Stormcast For Thursday, April 29th, 2021 https://isc.sans.edu/podcastdetail.html?id=7478, (Thu, Apr 29th)

• Worldwide 5G enterprise market to reach $10.9 billion by 2027

• Middle market companies facing a record number of data breaches

• Emotet Malware Uninstalls Itself From All The Infected Computers World Wide

• Non-sensitive PII + Sensitive PII = Sensitive PII

• US Government Taking Creative Steps to Counter Cyberthreats

• Box enhances security features to prevent accidental data leaks, protect content in the cloud

• NETGEAR launches Dual-Band WiFi 6 Access Point for small and medium businesses

• Excelero unveils NVMesh on Azure for IO intensive workloads like AI/ML/DL, HPC and analytics

• Red Hat OpenShift Platform Plus helps customers adopt DevSecOps across the hybrid cloud

• Membership inference attacks detect data used to train machine learning models

• Apple Pay Promo Offers Mother’s Day Discounts From 1-800-Flowers, J.Crew, Zazzle and More

• CloudLinux announces support options for AlmaLinux OS

• Red Hat enhances customer choice for open hybrid cloud computing

• Appgate SDP enables clientless, browser-based access to protected resources

• Doghouse: How Not to Build a Club or a House.

• Facebook Says Impact of iOS 14.5’s App Tracking Transparency Will Be ‘Manageable’

• AirTags Arriving Early to Some Customers

• Sysdig raises $188M to invest in continued innovation in its open source foundation

• Tellimer adds IHS Markit’s economic and risk analysis to its Insights network

• Cybersecurity in Healthcare: Considerations for Improvement

• Apple Expecting iPad and Mac Supply Shortages in Second Half of 2021

• AccuKnox raises $4.6M to capitalize on its technology innovations in security and zero trust solutions

• StrikeReady raises $3.6M to accelerate go-to-market and sales, grow the R&D team

• Biden taps D.C. employment lawyer to lead MSPB

• FCC to share network outage data more broadly

• Feds’ job satisfaction climbs in latest survey

• Data matching flags suspicious unemployment claims

• Apple’s Wearables Category Sets Quarterly Revenue Record of $7.8 Billion in Q2 2021

• Apple Services Revenue Hits All-Time Record High of $16.9 Billion in Q2 2021

• iPhone 12 is Most Popular Model in Flagship Lineup, Apple Also Seeing Strong Sales of Pro and Pro Max

• Apple CEO Tim Cook: We Feel ‘Really Good About Where We Are’ With Apple TV+

• IT Security News Daily Summary 2021-04-28

• The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash

• Court will hear case against Trump on JEDI

• Army wants AI to improve analysis of intelligence data

• Experian API Exposed Credit Scores of Most Americans

• FluBot Malware’s Rapid Spread May Soon Hit US Phones

• What Are Your NOT Detecting?

• Apple Reports 2Q 2021 Results: $23.6B Profit on $89.6B Revenue, Record Mac and Services Revenue

• Apple’s Mac Revenue Up 70% in Q2 2021, iPad Revenue Up Almost 79%

• Apple’s macOS 11.3 fixes a zero-day exploit and includes M1 improvements

• Codecov breach raises concerns about software supply chain

• 74% of Financial Institutions See Spike in COVID-Related Threats

• Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

• Apple Pay Support for Coinbase Card Appears to Be Getting Closer

• Google Tracking Of Safari Users, Heads To UK Supreme Court

• CISA experiments with cloud log aggregation to ID threats

• Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks

• FBI Works With ‘Have I Been Pwned’ to Notify Emotet Victims

• CPDP 2021 – Moderator: TJ McIntyre ‘Analysis Of Private Communications In The Fight Against Child Sexual Abuse Online’

• Netflix Launches New ‘Play Something’ Shuffle Feature

• Isolate Your CloudHub Worker Instances Using VPN

• Google Chrome V8 Bug Allows Remote Code-Execution

• Ransomware attack hits Washington, D.C. police department

• Cybersecurity key to protect brands in the digital landscape

• Data Breach Impacts 1 in 4 Wyomingites

• US Arrests Alleged Crypto Mixer

• Facebook Blocks Employees From Reading Controversial Report

• XKCD ‘Virus Consulting’

• Indusface GDPR Data Processing Addendum – Now Part of Service Terms

• Groups & User Right Management

• Chipolo Takes Dig at AirTags When Advertising ONE Spot Item Tracker: ‘No Accessory Needed’

• Apple Updates AirPods Pro and AirPods 2 Firmware to Version 3E751

• Watch out! Android Flubot spyware is spreading fast

• Bitcoin scammers phish for wallet recovery codes on Twitter

• Deadline is Extended for 2021(ISC)² Global Achievement Awards Nominations!

• What Docker runtime deprecation means for your Kubernetes

• Lessons learned from building an inventory of systems

• Passwordstate Password Manager Suffered Supply-Chain Attack

• GitHub Announces Blocking Google’s FLoC

• Hackers Using Prometei Botnet to Exploiting Microsoft Exchange Vulnerabilities

• Death of the Manual Pen-Test: Blind Spots, Limited Visibility

• How to Secure Employees’ Home Wi-Fi Networks

• Tala welcomes Jim Routh to its Board of Advisors

• T-Mobile Launches $60 LTE ‘SyncUP’ Item Tracker

• Ransomware crooks who broke into Merseyrail used director’s email address to brag about it – report

• Lockbit Ransomware targets England Merseyrail

• Biden picks former Army acquisition exec for DOD’s top tech job

• CISO Conversations: Raytheon and BAE Systems CISOs on Leadership, Future Threats

• Rise in ransom payments may fuel more dangerous attacks

• Gamers update! Nvidia patches GPU driver kernel escalation bugs

• G7 Nations Sign Declaration to Keep the Internet Safe and Open

• Alsid SAS Acquired by Tenable

• Apple will pay $100 million to Russian hackers for leaking data on new products

• NTLM Relay Attack Exploits Windows RPC Flaws

• Cartoon Caption Winner: Rough Patch?

• Machines Learn That Brussels Writes the Rules: The EU’s New AI Regulation

• Facebook disables Palestinian APT Group Activities

• Cybersecurity and Online Gaming

• What Is SSL Vulnerability In Computer Network Science?

• Password-Stealing Android Malware Is Spreading Quickly

• REvil Ransomware Gang Warns to Leak New Apple Logos and iPad Plans

• German Hospitals on their Way to the Future

• Jeff Bezos Blue Origin Protests NASA’s SpaceX Contract

• watering hole attack

• Chase Bank Phish Swims Past Exchange Email Protections

• How phishing attacks spoofing Microsoft are evading security detection

• Cyberspace Solarium Commission: CISA Funding Should Increase by at Least $400M

• Google Data Protection Case to be Heard in UK Supreme Court

• Cisco Live 2021 – Highlights from a fresh perspective!

• Webinar: The Current State and Future Challenges of Security

• Retailer DeinDeal Secures its API-driven E-commerce Platform with Salt Security

• Code42 Incydr Delivers Innovative Detection of Browser Uploads to Combat Insider Risk

• Ransomware Crooks Threaten To ID Informants If Cops Don’t Pay Up

• Signal’s Cellebrite Hack Is Already Causing Grief For The Law

• Apple Patches macOS Gatekeeper Bypass Vulnerability

• Linux Kernel Vuln Exposes Stack Memory, Causes Data Leaks

• CES 2022 Returning to Las Vegas Next January as Both In-Person and Digital Event

• Delta Rolling Out iPhone 12 to Over 19,000 Flight Attendants

• Experts Advise on World Password Day

• APT Security: What You Need to Know about Advanced Persistent Threats

• Google’s FLoC Tracking Blocked by GitHub

• FBI Speeds Emotet Cleanup by Sharing Over 4 Million Email Addresses on HIBP

• What Is Endpoint Privilege Management?

• Brit MPs and campaigners come together to oppose COVID status certificates as ‘divisive and discriminatory’

• Why is USPS tracking social media posts?

• Apple patches macOS Gatekeeper bypass vulnerability exploited in the wild

• Navy SEALs to Shift From Counterterrorism to Global Threats

• Attacks Targeting ADFS Token Signing Certificates Could Become Next Big Threat

• Is Your Cloud Raining Sensitive Data?

• Ghostwriter Update: Cyber Espionage Group UNC1151 Likely Conducts
  Ghostwriter Influence Activity

• Cybercriminals Widely Abusing Excel 4.0 Macro to Distribute Malware

• Google addresses a high severity flaw in V8 engine in Chrome

• Stay Ahead of Global Uncertainty With Real-time Geopolitical Intelligence for Esri

• Deals: 40mm GPS Apple Watch Series 6 Marked Down to Lowest Price Yet at $299 ($100 Off)

• Secure by default: Take these steps to reduce your attack surface

• Washington DC Police Dept Threatened After Ransomware Attack

• Secrets management and authentication platform Akeyless raises $14M

• Viso Trust assesses third-party cybersecurity risk with AI, raises $3M

• Prisma Cloud can now automatically protect cloud workloads and containers

• DevSecOps Company Sysdig Raises $188 Million at $1.19 Billion Valuation

• FBI Offers Millions of Emotet Compromised Credentials to Have I Been Pwned

• F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability

• The Changing Attack Landscape and Foiling Detection Evasion

• The Multi-Layered K-12 Cybersecurity Tech Stack

• Akeyless Reimagines Cloud Security, Raises $14M Series A

• Apple Explains Why ‘Allow Apps to Request to Track’ May Be Grayed Out on iOS 14.5

• Report: (ISC)2 Cybersecurity Career Pursuers Study Provides Insights From Professionals and Jobseekers to Highlight What Security Jobs Actually Entail

• CISA issues guidance on defending against software supply chain attacks

• Emotet botnet harvested 4.3 million email addresses. Now the FBI is using Have I Been Pwned to alert the victims

• Russia-Linked ‘Ghostwriter’ Disinformation Campaign Tied to Cyberspy Group

• Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords

• Security Spending Doubles but Two-Fifths of Firms Suffer Breaches

• #GartnerIAM: Pandemic Disruption Necessitates a Transformation in Identity Access Management

• Leaked Apple Schematics & Extortion Threats Removed From Dark Web

• PARETO Botnet Utilized Hacked Android Phones To Generate Fake Ad Views

• UK To Regulate Self-Driving Cars On Motorways

• Ransomware Strain Qlocker Targeting QNAP NAS Flaws – Patch It!

• Double Trouble – the Threat of Double Extortion Ransomware and How Your Organization Can Protect Itself

• Sysdig raises $189M to monitor containers and apps in the cloud

• Linux kernel vulnerability exposes stack memory, causes data leaks

• Threat Actor Leaks Personal Records of 250 Million American Households on Hacking Forum

• UK rail network Merseyrail hit by ransomware gang

• Ransomware group threatens to leak information about police informants

• 3 ways to prevent firmware attacks without replacing systems

• 6 tips for better collaboration between security and cloud teams

• FCW Insider: April 28, 2021

• Microsoft mulls over tweaks to threat data, code-sharing scheme following Exchange Server debacle

• Average Ransom Surges 43% After Accellion Attacks

• Cloud misconfiguration, a major risk for cloud security

• Australian Watchdog Wants iOS Users to Have More Control Over Preinstalled Apps

• Apple To Build $1 Billion Campus In North Carolina

• Telsa Executives Says Fatal ‘Driverless’ Crash Had Driver

• Apple And Digital Identity | Avast

• Google Patches Yet Another Serious V8 Vulnerability in Chrome

• #COVID19 Rattles Banks and Insurers as Security Budgets Are Slashed

• 30 arrested in the Netherlands and Poland after 5,4 million counterfeit cigarettes seized

• Fake Microsoft DirectX 12 Distributes Malware

• 5.6 Million Customer Records Leaked as Music Marketplace Giant Reverb Suffers Data Breach

• Welcoming the Luxemburg Government CERT to Have I Been Pwned

• Securing AWS Management Configurations By Combating 6 Common Threats

• Should Doctors Receive a Cybersecurity Education?

• Descomplica – 4,845,378 breached accounts

• Attention! FluBot Android Banking Malware Spreads Quickly Across Europe

• Why Financial Services Needs Network Transformation

• Achieving Data Protection With SASE

• Looking for adding new detection technologies in your security products?

• Hacker leaks financial data of European Super League

• Ransomware Cyber Attack on Mining firm Gyrodata

• Shorten wants Morrison to pivot social media ‘evil’ remark to fighting online harms to kids

• Thoma Bravo Lacks Options with Proofpoint

• Deeper Analyzis of my Last Malicious PowerPoint Add-On, (Wed, Apr 28th)

• Apple Reportedly Lowering AirPods Production Due to Decreasing Sales

• Ombudsman finds unlawful metadata access by ACT cops on 1,704 occasions

• Apple patches severe macOS security flaw

• Managing and maturing Kubernetes security in the enterprise

• The next big thing in cloud computing? Shh… It’s confidential

• Evolving Identity: Why Legacy IAM May Not Be Fit for Purpose

• Considerations for performing IoMT Risk Assessments

• COVID-19, WFH prompts spike in cyberattacks against banks, insurers

• MFA spending on the rise, but organizations still unclear on best practices

• Only 8% of businesses that paid a ransom got all of their data back

• Creating Cloud Security Policies that Work

• Despite the pandemic, 85% of organizations completed their audits as planned

• IT security teams challenges fueled by record-setting cyberattacks

• ISC Stormcast For Wednesday, April 28th, 2021 https://isc.sans.edu/podcastdetail.html?id=7476, (Wed, Apr 28th)

• Scality and HPE introduce ARTESCA, a cloud-native object storage solution for Kubernetes

• VMware Telco Cloud Platform RAN enables CSPs to virtualize RAN functions

• Metodologías ágiles y ‘trabajo en reversa’: el caso de Amazon

• Second Click Here to Kill Everybody Sale

• Verimatrix Multi-DRM Core offers video streaming service providers a customizable DRM solution

• ComplyAdvantage announces ComplyLaunch, a free AML program for early-stage startups

• Sensitive source codes exposed in Microsoft Azure Blob account leak

• Australian government’s major IT shops to help others with cybersecurity

• iOS 14.5: How to Automatically Download New Podcast Episodes and Follow Shows

• Rambus partners with Lattice to leverage their technology expertise in next-gen security solutions

• Microsoft and Intel join forces to advance endpoint detection and response against cryptojacking

• Samsung launches PM1653, a 24G SAS SSD to handle AI and big data in enterprise servers

• Extreme Networks achieves three ISO certifications for information security and data protection

• Cyber Intelligence House signs agreement with INTERPOL to aid in investigating cybercrime

• Fudo Security partners with SYNNEX to deliver zero trust network security

• Jefit – 9,052,457 breached accounts

• 5 Cases of Blockchain for Cybersecurity

• Biden selects former Army acquisition exec for DOD’s top tech job

• Do Cyberattacks Affect Stock Prices? It Depends on the Breach

• Feds Arrest an Alleged $336M Bitcoin-Laundering Kingpin

• ‘America’s Back’ at the Table: Cataloguing the Biden Administration’s First Security Council Presidency

• Optiv Security announces key appointments to accelerate growth and drive brand visibility

• Nick Baglin joins Guardicore as VP of EMEA Sales

• Dasera appoints David McCaw as VP of Sales

• Don’t fall for this trick that unleashes nasty new Android malware

• Senator discusses priorities for advancing national cybersecurity legislation

• Emotet Malware Uninstalled From Infected Devices

• Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise

• Katie Moussouris Interviews Dan Kaminsky

• Contact Tracing Fail: Why is Google So Bad at Basic Security and Privacy?

• Eddy Cue Wanted to Port iMessage to Android in 2013 According to Epic Deposition

• Apple Inks Deal for Siegfried & Roy Podcast

• IT Security News Daily Summary 2021-04-27

• Vulnerabilities In Cosori Smart Air Fryer Could Allow Remote Code Execution Attacks

• Biden orders $15 minimum wage for federal contractors

• Former CIO urges lawmakers to relax TMF paybacks

• How automation can transform storage provisioning

• Cloud solution improves VSAT communication

• Keeping cloud collaboration after CVR winds down

• Kessel Run seeks DevSecOps help with modernization

• Esports gaming platforms take off in Air Force

• FireEye Q1 revenue, EPS top expectations, forecast higher, shares rise

• Nintendo Sues Video-Game Pirates

• Apple Explains How Unlocking iPhone With Apple Watch Works

• How to use iOS 14.5 privacy settings to turn off iPhone apps tracking

• Linux Kernel Bug Opens Door to Wider Cyberattacks

• FBI/DHS Issue Guidance for Network Defenders to Mitigate Russian Gov Hacking

• Collaboration is key to a secure web application architecture

• Applying web application reconnaissance to offensive hacking

• 10K Hackers Defend the Planet Against Extraterrestrials

• Emotet Malware Uninstalled from Infected Devices

• Apple Celebrating International Dance Day With New Fitness Challenge

• iOS 14.5: How to Use AirPlay 2 With Apple Fitness+

• D.C. Police Department suffers ransomware attack

• “Crypto Dictionary: 500 Cryptographic Tidbits for the Curious” is a crash course in ciphers and cryptids

• Kik Tip Leads to Kindergarten Teacher’s Arrest

• Ransomware Recovery Costs Near $2M

• CPDP 2021 – Moderator: Daniel Drewer ‘Radical Insights – The Fight Against Online Radicalisation And Its Data Protection Implications’

• FBI shares with HIBP 4 million email addresses involved in Emotet attacks

• Lawfare Live: The Biden Administration’s First 100 Days

• Come Work For Lawfare—As Our Managing Editor

• Russia’s Illegal Restriction of Navigation in the Black Sea

• Security expert publishes coffee table book for cryptographers to explain the science of secrecy

• Online Music Marketplace Suffers Data Breach

• Threat Actors Impersonate Chase Bank

• Abusing Replication: Stealing AD FS Secrets Over the Network

• Gathering Cyber Threat Intelligence on the Dark Web: Guidance for the Private Sector

• WhiteHat Security Adds Enterprise-Grade Attack Surface Management Features with New Bit Discovery Partnership

• Cigent Technology Extends Firmware to Secure SSDs

• Apple Files Expert Witness Testimony Ahead of Upcoming Trial With Epic

• iOS 14.5: How to Share Apple Music Lyrics and Song Clips

• Apple Fined $12 Million in Russia for Violating Anti-Monopoly Rules With App Store

• Hands-On With the Apple TV’s New Color Balance Calibration Feature

• Here’s what Russia’s SVR spy agency does when it breaks into your network, says US CISA infosec agency

• Box Releases Powerful Set of Security Features to Advance the Content Cloud

• Updates to the (ISC)² CAP Exam. What is Changing?

• Priority on people – An argument against the excessive use of Cybersecurity technology

• Bridging the Cybersecurity frontier: SaaS

• ToxicEye Malware Emerges As The Latest Threat To Telegram

• New Security Approach to Cloud-Native Applications

• Digital Estate Planning – What to Do With Your Digital Assets

• HASC chair calls for new incentives to reduce defense costs

• Space Command moves for tighter cyber integration

• Pentagon readies new policy to boost cyber workforce

• University of Minnesota responds to Linux security patch requests

• Smishing: Why Text-Based Phishing Should Be on Every CISO’s Radar

• Password-stealing spyware targets Android users in the UK

• US Air Force Adopts Zero Trust to Secure Flightline Operations

• Millions of the Pentagon’s Dormant IP Addresses Sprang to Life, Just Minutes Before Trump Left Office

• International Law Enforcement Takes Down Emotet Malware in a Joint Operation

• 4 Ways CISOs Can Strengthen Their Security Resilience

• iOS 14.5: How to Recalibrate Your iPhone 11 Battery

• 5 Ways Your Software Supply Chain is Out to Get You, Part 3: Exploit Open Source Libraries

• Apple’s AppTrackingTransparency is Upending Mobile Phone Tracking

• Meet critical infrastructure security compliance requirements with Microsoft 365

• Apple Airdrop vulnerability to leak personal details of users

• Ransomware attack exposes 250GB files of Washington Police Department

• Thoma Bravo acquires Proofpoint for $12.3 billion

• OneWeb Grows Total Constellation To 182 satellites With New Launch

• Cybersecurity on the Move: Preventing Attacks on Shipping and Logistics

• Adopting Microsegmentation Into Your Zero Trust Model, Part 1

• Red Hat touts safety in future Linux OS for cars

• Babuk Ransomware Gang Targets Washington DC Police

• Phishing attacks target Chase Bank customers

• Sift Raises $50M at ‘Unicorn’ Valuation

• Expect an Increase in Attacks on AI Systems

• Google Releases Security Updates for Chrome

• Apple Releases Security Updates

• CISA, NIST published an advisory on supply chain attacks

• Apple’s Privacy Battle With Facebook Just Became All-Out War

• Pentagon Explains Odd Transfer Of 175 Million IP Addresses To Obscure Company

• Washington DC Police Force Confirms Data Breach From Ransomware

• Actively Exploited Mac 0-Day Neutered Core OS Defenses

• Emotet Takedown And Its Implications

• Experts Reaction On Passwordstate Breached

• Defence In Depth – Time To Start Thinking Outside The Box

• DC Police Confirms Cyberattack

• Cheers to our partners’ marketing success

• Cigent Technology melds security and storage to protect sensitive data

• FBI: Russian hackers are still trying to break into networks, here’s how to protect yours from attack

• Anti-Facebook MeWe continues its user growth surge

• Why hackers are increasingly targeting video game companies

• Endpoint Management Firm Automox Raises $110 Million

• Challenging Our Education System to Nurture the Cyber Pipeline

• Apple Shares First Trailer for Rose Byrne-Starring TV+ Show ‘Physical’

• Deals: 2020 iPad Pro Models Further Discounted to Record Low Prices on Amazon (Up to $150 Off)

• Spotify Announces Podcasts Subscription Service to Rival Apple Podcasts

• A New Report Reveals London Has The Highest Rate Of Cybercrime In The UK

• Apple’s AirDrop Leaks Users’ PII, And There’s Not Much They Can Do About It

• HashiCorp Affected by A Security Breach That Occurred Due to A Codecov Supply-Chain Attack

• Ransomware Gang Made $260,000 By Using The 7zip Utility

• ToxicEye RAT Exploits Telegram Communications to Steal Users’ Data

• Over 5.6 Million Records with Reverb Customers Details Leaked Online

• Texas Senate passes new bill to protect state from cyber attacks

• Security Vulnerabilities In John Deere API Could Expose Tractor Customers

• Apple iOS Update With Tracking Consent Prompts Mixed Reaction

• Trusted Notifiers and the Future of DNS Abuse

• BigBasket Data Leak – Over 20 Million Personal Records Published on Hacking Forum

• Vulnerabilities in Eaton Product Can Allow Hackers to Disrupt Power Supply

• Adobe Releases Open Source Anomaly Detection Tool “OSAS”

• More than one hundred Russian companies were subjected to a cyber attack

• Inadequate Cybersecurity

• Corvus Insurance Enhances Digital Policyholder Experience with vCISO

• Twelve South Launches ‘Forte’ MagSafe Charger Stand

• Nomad Launches New Base Station Mini

• Eve Debuts Thread-Enabled Eve Energy HomeKit Smart Plug

• Editing Text in a PDF File

• Automox raises $110M to help enterprises manage endpoints

• Rewind extends SaaS data backup and recovery to Trello

• Ransomware extortion demands are growing, and so is the downtime caused by attacks

• Private Internet Access VPN’s 2-year subscription is 72% off

• Linux kernel security uproar: What some people missed

• Ransomware: don’t expect a full recovery, however much you pay

• Parents Should Take Action to Protect Children from Cyber-Risks

• AirDrop Is Leaking Email Addresses and Phone Numbers

• Top Flaws in Typical Email Security Solutions

• Perception Point Raises $28 Million Grow Collaboration Protection Platform

• Apple Music Launches Top 25 Song Playlists for Over 100 Cities

• Deals: Save 40% On the Adobe Creative Cloud Annual Subscription ($359.88 For Your First Year)

• Apple Listed as ‘Leader’ In TIME’s Most 100 Influential Companies List of 2021

• 1-15 April 2021 Cyber Attacks Timeline

• Why cybersecurity is a driver for commercial success in 2021

• 5 Best Practices for Conducting Cyber Security Assessments

• Washington DC police force confirms data breach after ransomware upstart Babuk posts trophies to Tor blog

• Toyota Buys Lyft’s Autonomous Car Unit for $550m

• Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses

• Apple Patches macOS Security Bypass Vulnerability Exploited by ‘Shlayer’ Malware

• CISA, NIST Provide New Resource on Software Supply Chain Attacks

• Cybersecurity Webinar: Understanding the 2020 MITRE ATT&CK Results

• Hackers Threaten to Leak D.C. Police Informants’ Info If Ransom Is Not Paid

• Ransomware hit Guilderland Central School District near Albany

• Security Vulnerabilities in Cellebrite

• Apple to Ban Apps That Reward Users For Enabling ATT Tracking

• CocoaPods RCE Vulnerability Could Risk 3 Million Mobile Apps Including Signal

• DC Police Department Hit by Apparent Extortion Attack

• REvil Removes Apple Extortion Attempt from Site: Report

• DC Police Extorted by Ransomware Gang Who Allegedly Stole Sensitive Law Enforcement Files

• Hackers Exploit 0-Day Gatekeeper Flaw to Attack MacOS Computers

• Russian Hackers Target Washington DC Police Department

• Apple patches macOS zero-day exploited by malware for months (CVE-2021-30657)

• Hackers hold D.C. police data for ransome

• Buying cyber insurance in 2021? Expect greater scrutiny, higher premiums

• Twitter Removes Critical Tweets Of Indian Government Covid Response

• Former Post Office Boss Apologises After Horizon Scandal

• HashiCorp revoked private key exposed in Codecov security breach

• FCW Insider: April 27, 2021

• Quick Hits

• Adobe releases open source ‘one-stop shop’ for security threat, data anomaly detection

• Ransomware Group Threatens DC Cops with Informant Data Leak

• Private Equity Giant Snaps Up Proofpoint for $12.3 billion

• FBI, CISA Uncover Tactics Employed by Russian Intelligence Hackers

• APT trends report Q1 2021

• Apple’s ‘M2’ Next-Gen Mac Chip Enters Mass Production, Expected to Debut in Redesigned MacBooks Later This Year

• EU Likely to Charge Apple With Anti-Competitive Behavior This Week

• macOS 11.3: How to Use Two HomePods With a Mac for Stereo Audio Output

• Thoma Bravo to acquire Proofpoint in a $12.3B transaction

• Password manager hijacked to deliver malware in supply chain attack

• 15 open source GitHub projects for security pros

• Foxconn Scales Back $10bn Wisconsin Factory

• Define, Reinforce and Track: Helping Develop Positive Cybersecurity Habits

• Apple’s AirDrop Comes with a Security Flaw

• 250 Million Americans Sensitive Data Leaked Online by Pompompurin

• Microsoft Defender uses Intel TDT technology against crypto-mining malware

• Networks Are Becoming Cloud-centric. Network Security Must Adapt.

• Report: Apple’s ‘M2’ Next-Gen Mac Chip Enters Mass Production

• Wormable Malware Comes Back As ‘WhatsApp Pink’ – Now Targets Signal, Telegram Too

• Homebrew Package Manager Vulnerability Could Allow Code Execution Attacks

• Scraping And Social Media Leaks | Avast

• WhatsApp For What? Spammers Bomb User Inboxes With Fake Adult-Themed Opportunities

• What’s Next for Connected Devices in Health Care?

• Is It Ethical To Buy Breached Data?

• Securing Health Care Transformation

• Application security testing is not just buzzwords

• Remembering Dan Kaminsky | Avast

• Patched Exchange to head off Hafnium? You might only be halfway to safety

• Shlayer macOS malware abuses zero-day to bypass Gatekeeper feature

• Codebar Festival | Avast

• 4 common ways scammers use celebrity names to lure victims

• Contextual Biometrics for Improved Application Security

• Avoid these CSPM mistakes to increase your cloud security posture

• Attackers can teach you to defend your organization against phishing

• Organizations can no longer afford to overlook encrypted traffic

• The Delicate Balance of Security Versus Usability

• Best practices for businesses to stay safe online this tax season

• What is a cybersecurity strategy and how can your business develop one?

• Signal CEO Highlights Vulnerabilities In Cellebrite Software

• How Retailers Navigate Through Unpredictability And New Risks

• 16% of mobile devices in developing markets now infected with malware

• Research directions in cybersecurity to support a digital strategic autonomy

• ISC Stormcast For Tuesday, April 27th, 2021 https://isc.sans.edu/podcastdetail.html?id=7474, (Tue, Apr 27th)

• A data-driven look at the key developments shaping the future of work

• Trends in the evaluation and implementation of enterprise AI adoption

• UnitingCare Queensland security incident takes some systems offline

• Officials Say School District Near Albany Hit by Cyberattack

• Diving into a Singapore Post Phishing E-mail, (Tue, Apr 27th)

• TrustGrid unveils digital vaccine passport for identity authentication and vaccination status

• Auth0 Organizations enables providers of B2B SaaS apps to manage their business customers

• Trend Micro Warns Users For Active Exploitation Of An Already-Patched Bug

• Three SonicWall Zero-Day Bugs Under Active Attack – Patches Deployed – Update Now

• Hashicorp revoked private key exposed in Codecov security breach

• AttackForge Core: A pentest management solution for consultancies and medium-sized enterprises

• Private equity firm Thoma Bravo to spend $12.3 billion on Proofpoint acquisition

• NTLM Relay Attack Abuses Windows RPC Protocol Vulnerability

• Apple’s iPhone Privacy Clampdown Arrives After 7-Month Delay

• N-able N-central integrates with Microsoft Intune helping MSPs protect clients’ apps and devices

• Accenture and SAP extend partnership to help businesses capture value from sustainability

• NASA’s bold bet on Starship for the Moon may change spaceflight forever

• Apple releases iOS 14.5, the biggest update since iOS 14 first launched

• Pentagon explains odd transfer of 175 million IP addresses to obscure company

• Hackers Used ‘Mind-Blowing’ Bug to Sneak Past macOS Safeguards

• How biometrics is moving from verifying identity to verifying humanity

• openSUSE: 2021:0621-1 important: MozillaFirefox>

• University of Minnesota researchers issue apology letter to the Linux community>

• Minified Linux Offerings Boost Containers and Edge Processing>

• Protect Your WordPress Sites with CrowdSec>

• Cybersecurity World Mourns Over Security Researcher Dan Kaminsky’s Passing>

• The Linux Foundation’s demands to the University of Minnesota for its bad Linux patches security project

• US Urges Organizations to Implement MFA, Other Controls to Defend Against Russian Attacks

• iOS 14.5: How to Set a Preferred Music Streaming Service With Siri

• SAIC acquires Koverse to strengthen its AI and analytics capabilities

• ACRE acquires TDS to accelerate growth plans and expand competitive position

• Valve Finally Patched A Steam RCE Vulnerability That Waited A Fix For Two Years

• Apple iOS 14.5 Patches 50 Security Vulnerabilities

• In Appreciation: Dan Kaminsky

• Apple Patches Serious MacOS Security Flaw

• Hackers Used ‘Mind-Blowing’ Bug to Dodge macOS Safeguards

• Data From The Emotet Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU

• Experian’s Credit Freeze Security is Still a Joke

• Apple’s new iPhone privacy changes, explained

• Remaining Emotet infections uninstalled by German police

• iOS 14.5: How to Report Speed Checks, Traffic Accidents, and Other Hazards in Apple Maps

• When Should U.S. Cyber Command Take Down Criminal Botnets?

• Here Are 458 California Law Enforcement Agencies’ Policy Documents All in One Place

• IT Security News Daily Summary 2021-04-26

• New bill would task CISA with infrastructure risk assessments

• How CBII secures DOD networks, improves performance

• Joint advisory warns of Russian operations targeting cloud, email

• Flubot Spyware Spreading Through Android Devices

• Proofpoint to Be Acquired by Thoma Bravo for $12.3B

• Boffins found a bug in Apple AirDrop that could leak users’ personal info

• CAD: .DGN and .MVBA Files, (Mon, Apr 26th)

• Apple’s Clips App Adds Immersive AR Spaces Enabled With LiDAR Scanner

• Thoma Bravo’s $12.3 billion purchase of Proofpoint marks largest private equity cloud deal

• Mining Tech Firm Gyrodata Suffered Ransomware Attack

• The FBI is breaking into corporate computers to remove malicious code – smart cyber defense or government overreach?

• Encryption key management: Best practices for federal agencies

• When artificial intelligence learns to attack us

• Hackers targeting VPN vulnerabilities in ongoing attacks

• HashiCorp reveals exposure of private code-signing key after Codecov compromise

• You Don’t Have to Give Up Your Crown Jewels in Hopes of Better Cloud Security

• Federal employee job satisfaction climbed during pandemic

• Nvidia Warns: Severe Security Bugs in GPU Driver, vGPU Software

• Bitcoin cheat sheet: Everything professionals need to know

• CPDP 2021 – Moderator: Michalina Nadolna Peeters ‘AI & Humanitarian Action: Raising The Standards?’

• XKCD ‘Fully Vaccinated’

• CPDP 2021 – Moderator: Romain Robert ‘International Data Transfers: What Shall We Do To Avoid A Schrems III?’

• U.S. DoD has World’s Largest Honeypot: 6% of Internet Space

• macOS 11.3 Patches Security Vulnerability That Bypassed Built-In Malware Protections

• Apple’s Craig Federighi on App Tracking Transparency: ‘Users Deserve and Need Control’ of Data

• Apple Shares Video Explaining How App Tracking Transparency Works

• iOS 14.5 Features: Everything New in iOS 14.5

• Consortium OTAs suffer from lack of guidance, data, IG finds

• Privacy Fight Escalates Between Facebook And Apple

• Threat Actors are Using YouTube to Lure Users into their Trap

• Cybersecurity and the Way to a Balanced Life

• Apple Releases tvOS 14.5 With New Color Balance Feature, Expanded Controller Support

• Apple Releases watchOS 7.4 With iPhone Unlocking, Apple Fitness+ AirPlay 2 Support

• Apple Releases macOS Big Sur 11.3 With M1 Optimizations, AirTag Integration, Updated Controller Support, Apple Music Updates and More

• Apple Releases iOS 14.5 and iPadOS 14.5 With Apple Watch iPhone Unlocking, Dual-SIM 5G Support, Apple Maps Accident Crowdsourcing and Tons More

• How to Prevent Apps From Tracking You in iOS 14.5

• Zoom deepfaker fools politicians…twice

• Codecov Breach Following Supply-Chain Attack Affected Hundreds Of Networks

• Serious Vulnerability In Facebook Could Allow Deleting Live Videos

• Serious SQL Vulnerability Found In Django Debug Toolbar

• Nintendo Sues Bowser

• Microsoft Targets MacBook Air’s Need for Dongles, Lack of Touchscreen in New Ad

• How to Unlock Your iPhone With Your Apple Watch When Wearing a Mask

• In the Wake of SolarWinds, the U.S. Must Grapple With the Future and Not Just the Past

• Security vendor Proofpoint snapped up by private equity for $12.3bn but still in search of profit

• UnitingCare Australia ransomware attack and stock price collapse

• Types of Cybercrime

• Apple AirDrop users reportedly vulnerable to security flaw

• Thoma Bravo Buys Proofpoint in $12.3 Billion All-Cash Deal

• Oilfield Services Company Gyrodata Discloses Data Breach

• 8 remote access security risks and how to prevent them

• Space Command to Launch Dedicated Cyber Center

• Cyber-attack on NBA Team

• How CISOs Can Impact Security for All

• Malware Party Tricks and Cybersecurity Trends

• Passwordstate Was Hacked in a Supply Chain Attack

• A New Cryptomining Malware Is Building an Army of Bots

• 20 Million BigBasket User Records Got Leaked

• Defending against cryptojacking with Microsoft Defender for Endpoint and Intel TDT

• Breaking free from the VirusTotal silo: Lock and Code S02E07

• 23 Things You Can Track with Apple’s New AirTags

• New CloudOne TL;DR video series looks inside NetApp IT’s hybrid multicloud platform for DevOps

• Window Snyder Launches IoT Security Company Thistle Technologies

• Naked Security Live – Just how (un)safe is AirDrop?

• Why Zero Trust is Least Trust

• Christopher Krebs to Keynote in Live Fireside Chat/Q&A Session at DevOps Connect: DevSecOps at RSA Conference 2021

• Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

• Promotei Botnet Could Fire Up APT-Style Attacks

• Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines

• Prominent Security Expert Dan Kaminsky Passes Away At 42

• Enterprise Password Manager Hit In Supply Chain Attack

• Deals: Anker Discounts New Assortment of Charging, Audio, and Smart Home Accessories

• Antitrust Complaint Filed in Germany Over Apple’s Incoming App Tracking Transparency Requirement

• Google Ban App Developers And Prevent Malicious Apps

• Ursnif Phishing Campaign Targets Michael Page Agency

• Fake DirectX12 Download Website Installs Crypto-Stealing Malware

• End of An Era: Emotet Malware Uninstalled from All Infected Devices

• Cloud-Native IAM Controls Part 3: Following Cloud Governance Blueprints

• Network security company Proofpoint goes private in $12.3B deal

• This password-stealing Android malware is spreading quickly: Here’s what to watch out for

• University of Minnesota security researchers apologize for deliberately buggy Linux patches

• Uninstall Command Completes Emotet Botnet Cleanup Operation

• E-commerce Fraud to Exceed $20 Billion in 2021

• Shift Left: From Concept to Practice

• FBI-DHS-CISA Joint Advisory on Russian Foreign Intelligence Service Cyber Operations

• Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

• iOS 14.5 Will Reportedly Be Released Later Today

• Apple Says iCloud Mail is Experiencing an Outage

• Scam victims find same fraudulent ads lurking on Facebook and Google even after flagging them up

• AirTag Explained

• Silicon UK In Focus Podcast: Hybrid Workers

• This password-stealing Android malware is spreading quickly: Here’s watch to watch out for

• Cybersecurity M&A Roundup for April 19-25, 2021

• Minnesota University Apologizes for Contributing Malicious Code to the Linux Project

• Hacker Group Mysteriously Removes Stolen Apple Schematics and Extortion Threat From Ransomware Website

• Leaker Claims 11-inch iPad Pro to Ship on May 22, 12.9-inch on May 21

• Mount Locker Ransomware Thwarts Recovery, May Target Healthcare & Biotech

• Expert Reaction On Stock Market Ransomware Attack

• GCHQ Boss: West Faces Tech ‘Moment Of Reckoning’

• EU Industry Chief To Meet With Intel, TSMC Execs Amidst Chip Crisis

• Hacker dumps sensitive household records of 250M Americans

• IoT Security: Be Aware of What You Connect at Home

• Darktrace slashes valuation price estimate ahead of IPO: report

Generated on 2021-05-01 00:02:14.833680