IT Security News Weekly Summary – Week 03

• IT Security News Daily Summary 2023-01-22

• FBI Chief Says He’s ‘Deeply concerned’ by China’s AI Program

• Expert found critical flaws in OpenText Enterprise Content Management System

• Roaming Mantis uses new DNS changer in its Wroba mobile malware

• How Ukraine Fought Against Russia’s Air War

• Bitdefender Internet Security Named AV-Comparatives’ Product of the Year

• Policy Brief – U.S. Cyber Threat Intelligence, Part 2: Summary, Recommendations & Challenges

• 37 Million Accounts’ Data were Stolen from T-Mobile in a Data Breach Involving APIs

• Hackers Designs Malware for Recently Patched Fortinet Zero-Day Vulnerability

• A Credential Stuffing Attack Breaches PayPal Accounts

• Roaming Mantis Virus Features DNS Setups

• How to Encrypt any File, Folder, or Drive on Your System

• Takeaways from the CircleCI Incident

• Security Affairs newsletter Round 403 by Pierluigi Paganini

• Week in review: Critical git vulnerabilities, increasingly malicious Google Search ads

• Cyber Security Management System (CSMS) for the Automotive Industry

• Travelers Institute to Host Cybersecurity Symposium in Phoenix

• Predictions 2023, Part 1: What will the new year bring for the InfoSec Community?

• Vanta acquires Trustpage to accelerate its product innovation

• Exterro acquires Zapproved to address critical business challenges

• How 5G Networks Are Secured and Enabled By SASE

• IT Security News Daily Summary 2023-01-21

• Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day

• The Irish DPC fined WhatsApp €5.5M for violating GDPR

• Blockchain: Is it hackable?

• Advertising Strategies For PaaS Services

• Arcserve Unified Data Protection 9.0 Boosts Enterprise Data Resilience

• (ISC)² New Jersey Chapter Hosts International Event with 500 Attendees

• Darktrace Unveils Cyberattack Data Trends for Energy, Healthcare & Retail

• What diabetes is revealing about benefits and risks of personal medicine connected to the internet

• What diabetes reveals about benefits and risks of personal medicine connected to the internet

• Cybersecurity in 2023: Russian Intelligence, Chinese Espionage, and Iranian Hacktivism

• DoControl: Growing its SaaS Security Platform

• The benefits and risks of personal medical monitoring on the internet

• Key to success while implementing IAM- Best practices that every company should implement

• Hackers Actively Exploiting Critical ManageEngine Vulnerability

• The Biggest US Surveillance Program You Didn’t Know About

• US Criminals Responsible for Widespread Credit Card Fraud

• Bogus DHL Emails Enable Attackers to Hack Microsoft 365 Accounts

• Google Receives Sensitive Data From Abortion Pill Websites

• Around 19,500 end-of-life Cisco routers are exposed to hack

• Publisher’s Weekly Review of A Hacker’s Mind

• PayPal Data Breach – Over 35000 Thousand Users’ Accounts Compromised

• DefenseStorm Named Inc. 5000 Fastest-Growing Private Company with 251% Growth Rate

• LATEST CYBERTHREATS AND ADVISORIES – JANUARY 20, 2023

• Ransomware payments down 40% in 2022 – Week in security with Tony Anscombe

• Beware of the New ‘Blank Image’ Attack that Hides Malicious Scripts in Image Files

• 20 Top Cybersecurity Companies for 2023

• Bitwarden acquires Passwordless.dev to boost passwordless solutions

• Fingerprint partners with Ping Identity to help customers prevent fraud

• T-Mobile suffered a new data breach, 37 million accounts have been compromised

• Chinese 8220 Gang Aims For Public Clouds And Vulnerable Apps

• Ransomware money laundering operation disrupted, founder arrested

• Credit card fraud group member could get up to 30 years in jail

• Mailchimp breach feels like deja vu

• T-Mobile’s New Data Breach Shows Its $150 Million Security Investment Isn’t Cutting It

• Drupal Releases Security Advisories to Address Multiple Vulnerabilities

• Ireland’s privacy watchdog fines WhatsApp €5.5 million

• Ransomware Profits Decline as Victims Dig In, Refuse to Pay

• T-Mobile’s 2023 Data Breach Shows Its $150 Million Security Investment Isn’t Cutting It

• Drupal Releases Security Advisories to Address Multiple Vulnerabilities

• IT Security News Daily Summary 2023-01-20

• T-Mobile Breached Again, This Time Exposing 37M Customers’ Data

• Booklist Review of A Hacker’s Mind

• Friday Squid Blogging: Another Giant Squid Captured on Video

• T-Mobile data breach shows API security can’t be ignored

• Facial recognition: Can fake data produce real results?

• AI-enabled robots may increase recycling, workplace safety

• How to select a security analytics platform, plus vendor options

• GPT Emerges as Key AI Tech for Security Vendors

• Compromised Zendesk Employee Credentials Lead to Breach

• Database Malware Strikes Hundreds of Vulnerable WordPress Sites

• Cisco Releases Security Advisory for Unified CM and Unified CM SME

• For Would-Be Censors and the Thin-Skinned, Copyright Law Offers Powerful Tools

• Risk & Repeat: Breaking down the LastPass breach

• 6 cybersecurity buzzwords to know in 2023

• Cisco Releases Security Advisory for Unified CM and Unified CM SME

• How AI and data enrichment can protect the vulnerable during a recession

• Automated vehicles coming to Ohio roads

• The 5 best VPN routers of 2023

• ChatGPT’s Dark Side: An Endless Supply of Polymorphic Malware

• Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”

• Orca Security deploys ChatGPT to secure the cloud with AI

• Keeper vs LastPass (2023): Which password manager is better for you?

• ManageEngine Vulnerability CVE-2022-47966

• Microsoft Innovations for 2023: What to Look Out for This Year

• Defense industry decries possible GOP-led spending cuts

• T-Mobile admits to 37,000,000 customer records stolen by “bad actor”

• What is an IP address and how can you change it with a VPN?

• T-Mobile data breach affects 37M customers

• LATEST CYBERTHREATS AND ADVISORIES – JANUARY 20, 2023

• Malvertiser Makes the Big Bucks on Black Friday

• IT/OT convergence and Cybersecurity best practices

• FAA attributes ground-stop glitch to contractor error

• Tech gig workers love the flexibility, report finds

• Get lifetime access to this powerful backup tool for $59.99

• Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers’ DNS Settings

• Ireland’s data protection watchdog fines WhatsApp €5.5 million

• Critical Manufacturing Sector in the Bull’s-eye

• Taking patch management to the next level with automation

• Right to Repair Advocates Have Had Good Victories. We Have To Keep Fighting.

• AT&T Cybersecurity awarded the Palo Alto Networks 2022 Partner of the Year Award

• T-Mobile Hacked Again: 37 Million Accounts Compromised

• NIST releases potential updates to its cybersecurity framework

• 35,000 PayPal Accounts Hacked

• T-Mobile Data Breach: 37 million customers affected

• Ransomware Payouts in Review: Highest Payments, Trends & Stats

• ISG to Publish Reports Evaluating Cybersecurity Providers

• Hacker steals data of 37 million T Mobile customers

• Sophisticated ‘VastFlux’ Ad Fraud Scheme That Spoofed 1,700 Apps Disrupted

• In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences

• What Is a Brute Force Attack?

• Hackers Steal Data from  KFC, Pizza Hut, Taco Bell & Habit Burger

• WhatsApp Hit with €5.5m fine for GDPR Violations

• The Evolution of Account Takeover Attacks: Initial Access Brokers for IoT

• The Small but Mighty Danger of Echo Chamber Extremism

• PayPal notifies 34942 users of data breach over credential stuffing attack

• Malicious Android App Incorporates DNS Hijacking

• Pros Blame 3rd Parties For The Increase Of Security Incidents

• New FTX Boss Could Bring Back Bankrupt Crypto Firm

• Criminals Steal Data On 40 Million T-Mobile US Customers

• 37 Million T-Mobile API Data On Customers Stolen in Hack

• Threat from Cyberspace Pushing Data Budgets Up and Delaying Digital Transformation

• Info-stealing Ads Spread by Malvertising

• A Cautionary Tale: What Iran and Cuba Can Teach Us About Designating Russia a State Sponsor of Terrorism

• From Fake News to Fake Views: New Challenges Posed by ChatGPT-Like AI

• The Rise in Cyber-Attacks from Bad International Actors

• Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram

• Ransomware Revenue Down As More Victims Refuse to Pay

• Major Companies Impacted by Ransomware [2022-2023]

• After a Security Incident, CircleCI Urges Customers to Rotate Secrets

• Lazarus Moves More than $60 Million from Harmony Bridge Hack

• How Much is the U.S. Investing in Cyber (And is it Enough)?

• Critical Vulnerabilities Patched in OpenText Enterprise Content Management System

• Welcome to the Era of Internet Blackouts

• T-Mobile Hacked – Over 37 Million Customer Data Exposed

• WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws

• C++ programming language and safety: Here’s where it goes next

• T-Mobile API Data Breach Affects 37 Million Customers

• Ransomware Profits Declined by 40% in 2022

• Ransomware Revenue Plunged in 2022 as More Victims Refuse to Pay Up: Report

• PayPal Warns 35,000 Users of Credential Stuffing Attacks

• EU’s Breton Warns TikTok CEO: Comply With New Digital Rules

• Real-World Steganography

• What Is a DNS Zone and How to Keep Safe From DNS Zone Transfer Attacks

• OpenAI’s ChatGPT Can Create Polymorphic Malware

• “Workarounds” Helped Royal Mail Resume Shipping After Ransomware Attack

• Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

• 35k PayPal Accounts Compromised In Credential Stuffing Attack

• Google Delays Potion Of Bonus Payments To Staff

• 12 Ways to make ZTNA deployments effortless

• Drupal Patches Vulnerabilities Leading to Information Disclosure

• Ransomware Shuts Hundreds of Yum Brands Restaurants in UK

• A Change in Mindset: From a Threat-based to Risk-based Approach to Security

• Chinese Hackers Exploited Fortinet VPN Vulnerability as Zero-Day

• Exploring The Dangers of EmojiDeploy: A New Microsoft Azure Vulnerability for RCE Attacks

• What Is Cybersecurity Risk Management: Explaining the Concept And Process

• Phishers Use Blank Images to Disguise Malicious Attachments

• Ransomware Attack Shuts Down KFC and Pizza Hut Brand Owner`s Restaurants

• Russian Hackers Responsible for Attack on Samsung

• T-Mobile Confirms Hacker Stole Data Of 37 Million Customers

• API Attacker Steals Data on 37 Million T-Mobile Customers

• Massive Credential Stuffing Campaign Hits 35,000 PayPal Users

• Crypto Lender Genesis Files For Chapter 11

• Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

• A New Era is Emerging in Cybersecurity, but Only the Best Algorithms will Survive

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• TOP 10 Deep Web Search Engine Alternatives for Google and Bing – 2023

• Weekly Update 331

• New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability

• TOP 10 Deep Web Search Engine Alternatives for Google and Bing 2023

• Cyber Attack news headlines trending on Google

• TLS Connection Cryptographic Protocol Vulnerabilities

• 11 robot toys that make great gifts in 2023

• Cisco fixes SQL Injection flaw in Unified CM

• New infosec products of the week: January 20, 2023

• Miscreants sure do love ransacking cloud networks, more so than before

• Enterprises remain vulnerable through compromised API secrets

• The threat of location spoofing and fraud

• Zero trust network access for Desktop as a Service

• New T-Mobile Breach Affects 37 Million Accounts

• New Survey Sheds Light on Why Enterprises Struggle to Thwart API Attacks

• Impact Podcast with John Shegerian Features The Home Depot’s Ron Jarvis

• Are WE the firewall?

• Immuta Detect provides insights into risky user data access behavior

• Arcserve Unified Data Protection 9.0 enhances data resilience

• Tech support scammers are still at it: Here’s what to look out for in 2023

• T-Mobile Says Hackers Used API to Steal Data on 37 Million Accounts

• Crims steal data on 40 million T-Mobile US customers

• Ransomware severs 1,000 ships from on-shore servers

• PayPal says crooks poked around 35,000 accounts in credential stuffing attack

• PayPal Breach Exposed PII of Nearly 35K Accounts

• PayPal says crooks accessed 35,000 customers’ info in credential stuffing attack

• Google sponsored ads lead to rogue imitation sites

• How to find out if an AirTag is tracking you

• T-Mobile reports another data breach, impacting 37 million customers

• Dashlane vs 1Password: Which password manager should you use in 2023?

• Hornetsecurity appoints Irvin Shillingford as Regional Manager for Northern Europe

• PayPal says crooks accessed 34,942 customers’ info in credential stuffing attack

• 5 Data Privacy Tips for Small Businesses

• PayPal Notifies 35,000 Users of Data Breach

• Bitwarden vs LastPass (2023): Which password manager is better for you?

• EmojiDeploy Attack Chain Targets Misconfigured Azure Service

• NDAA’s cloud cyber-testing provision marks another hefty DOD compliance lift, analyst says

• IT Security News Daily Summary 2023-01-19

• Finally, ransomware victims are refusing to pay up

• Privacy Rights Group Accuses Facebook Of Dodging Billions In Fines

• ‘If we can do it, why can’t you?’ local gov tech veteran asks

• Challenges quickly test creative solutions to operational snags

• Secure your email with this top-rated backup service

• Attackers Crafted Custom Malware for Fortinet Zero-Day

• Massive Adware Campaign Shuttered

• Experts released PoC exploit for critical Zoho ManageEngine RCE flaw

• Massive Ad Fraud Scheme Shut Down: 11 Million Phones Targeted

• Heartbleed

• OMB streamlines contracting officer training with certification update

• Fair Use Creep Is A Feature, Not a Bug

• Tech keeps city’s fleet vehicles within speed limits

• How to check if your VPN is working (and what to do if your VPN won’t connect)

• 16 Best Digital Forensics Tools & Software

• Oral Argument Preview: Turkiye Halk Bankasi A.S. v. United States (Halkbank)

• Digital Rights Updates with EFFector 35.1

• ITAR and EAR compliance

• Founder of Bitzlato Exchange Arrested for ransomware, $700 mln Fraud

• Chainguard Trains Spotlight on SBOM Quality Problem

• Chainalysis: Ransomware payments down, fewer victims paying

• Have You Tried Turning It Off and On Again: Rethinking Tech Regulation and Creative Labor

• Making risk work for you

• Cybersecurity in the Metaverse Will Require New Approaches

• Shift Identity Left: Preventing Identity-Based Breaches

• Roaming Mantis Uses DNS Changers to Target Users via Compromised Public Routers

• The 2022 Federal 100

• How Does Ransomware Spread? Here’s What You Need to Know

• Common Browser Security Vulnerabilities Used By Hackers To Take Over Browser

• Roaming Mantis’ Hacking Campaign Adds DNS Changer to Mobile App

• Name That Toon: Poker Hand

• CISA Releases One Industrial Control Systems Advisory

• Synthetic Media Creates New Social Engineering Threats

• New HHS data strategy is coming in ‘weeks,’ CIO says

• IT email templates: Security alerts

• Meta Slapped With 5.5 Million Euro Fine for EU Data Breach

• As Social Engineering Tactics Change, So Must Your Security Training

• CISA Releases One Industrial Control Systems Advisory

• Malicious Office Macros: Detecting Similarity in the Wild

• Open Data and the AI Black Box

• Twitter: Five Changes to the Platform for Users by Elon Musk

• As a cybersecurity blade, ChatGPT can cut both ways

• S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]

• ThreatModeler Makes DevSecOps More Accessible With New Marketplace

• The Media Industry Is the Most Vulnerable to Cyber Attacks, Report Shows

• New Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE Attacks

• University of Texas latest US school to ban TikTok

• CyberGRX Leverages MITRE Techniques to Uncover Security Gaps in Third Parties

• [redacted] Taps Adam Flatley to Lead [rTIC Ghost Group

• Independent Research Firm Analysis Found 87% Reduction in Time to Resolve Threats with ExtraHop

• TuxCare Unveils OEM Partner Program for Best-in-Class Vulnerability Patching

• HUMAN Orchestrates Unprecedented Private Takedown, VASTFLUX

• LockBit ransomware – what you need to know

• Critical Microsoft Azure RCE flaw impacted multiple services

• Cross Site Request Forgery Bug Would Facilitate Remote Code Execution In Microsoft Azure Services

• Instagram just got an update that gives you more control over what you see in your feed

• LastPass users should move their crypto funds, experts warn

• Update now! Two critical flaws in Git’s code found, patched

• University of Texas becomes latest US school to ban TikTok

• LATEST CYBERTHREATS AND ADVISORIES – JANUARY 13, 2023

• Improve your AWS security posture, Step 3: Encrypt AWS data in transit and at rest

• Understanding Malware-as-a-Service (MaaS): The future Of cyber attack accessibility

• Ransomware attack on Yum Brands Inc closes 300 restaurants in the UK

• Mailchimp Hit By Another Data Breach Following Employee Hack

• SynSaber Releases ICS Vulnerabilities & CVEs Report Covering Second Half of 2022

• WhatsApp Fined 5.5 Million Euro By Lead EU Privacy Regulator

• Ransomware Attack Severs 1,000 Ships From Their On-Shore Servers

• Bitzlato Crypto Founder Charged With $700m Financial Crimes

• Mailchimp Confesses To Second Digital Burglary In Five Months

• Cybercrime Gangs’ Earnings Slide As Victims Refuse To Pay

• Twitter Plans More Staff Layoffs – Report

• People, Process and Technology: The Incident Response Trifecta

• Credential Leakage Fueling Rise in API Breaches

• B2B Payment Security Firm NsKnox Raises $17 Million

• International Council of E-Commerce Consultants Launches Cybersecurity Essentials Professional Certificate Program on edX

• KnowBe4 to Offer $10,000 Women in Cybersecurity Scholarship and (ISC) 2 Certification Education Package

• SecurityGen Identifies the Cybersecurity Priorities for Mobile Operators in 2023

• Turkiye Halk Bankasi A.S. v. United States, Part 3: The Odd Executive Agreement Preemption Argument

• A Federal Cyber Insurance Backstop Is Premature

• Rhadamanthys: Malware Hidden in Google Ads

• Synthetic Identity Fraud: What Is It?

• New Research From EMA Reveals How Organizations Are Struggling to Develop Secure Software Applications

• Mendix and Software Improvement Group Launch a New Software Application Quality and Security Scanning Solution

• Ethically Exploiting Vulnerabilities: A Play-by-Play

• New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks

• Businesses are Furious Following the Royal Mail Export Chaos

• Feds Arrest Russian Founder Of Crypto Exchange Bitzlato

• A Sneaky Ad Scam Tore Through 11 Million Phones

• Android Users Beware: New Hook Malware with RAT Capabilities Emerges

• Ransomware Trends In Q4 2022: Key Findings and Recommendations

• What Is DevSecOps: Definition, Benefits, and Best Practices

• Mailchimp ‘fesses up to second digital burglary in five months

• Donald Trump Petitions Meta To Restore Facebook Account

• Hackers Abuse GitHub Codespaces Feature to Host and Deliver Malware

• 50% of orgs report experiencing data breaches due to exposed API secrets

• Sophos Joins List of Cybersecurity Companies Cutting Staff

• CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services

• International Arrests Over ‘Criminal’ Crypto Exchange

• Cisco Patches High-Severity SQL Injection Vulnerability in Unified CM

• Ransomware Payments Fall by 40% in 2022

• Cybercriminals Target Telecom Provider Networks

• Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)

• Data Security in Multicloud: Limit Access, Increase Visibility

• New Research Delves into the World of Malicious LNK Files and Hackers Behind Them

• ChatGPT: What AI holds in store for security

• BackdoorDiplomacy Is Going after Iranian Government Entities

• Elon Musk ‘Lied’ With Tesla Privatisation Tweet, Alleges Attorney

• NY Man Admits to Leading Massive Credit Card Scam that Impacted Thousands

• What Programmers Need to Learn About Supply and Demand

• The state of software supply chain security heading into 2023

• Malicious PyPI Packages Drop Malware in New Supply Chain Attack

• Russia Affiliated NoName057(16) Hacktivist Group Puts 2023 Czech Presidential Election on the Spot

• 6 Types of Risk Assessment Methodologies + How to Choose

• Mailchimp discloses a new security breach, the second one in 6 months

• Security Analysis of Threema

• 5 Reasons Why Your Business Needs Penetration Testing

• Policy-Based Access Control (PBAC) – The Complete Know How for Organizations

• MailChimp Suffers Data Breach Due to Social Engineering Attack

• Safe Homes: Security Tech for Remote Workers

• Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals

• Mailchimp Reports Data Breach, Employees Records Exposed

• It’s up to us to determine if generative AI helps or harms our world

• Ransomware attack severs 1,000 ships from their on-shore servers

• FTX: Over $400m Stolen from Bankrupt Exchange

• Over a Third of Recent ICS Bugs Still Have No Vendor Patch

• Bitzlato Crypto Exchange Seized in Major Money Laundering and Ransomware

• Russian Hackers Attack Ukraine’s News Agency with a Data-wiper

• Git Patches Two Vulnerabilities With Critical Security Level

• Crypto-Exchange Used to Launder Ransomware Transactions Dismantled

• FTX: Over $400m Was Stolen from Bankrupt Exchange

• US CISA adds Centos Web Panel RCE CVE-2022-44877 to its Known Exploited Vulnerabilities Catalog

• Q4 2022 Cyber Attacks Statistics

• M2 Chip Boost, New Macs, and the Return of the HomePod – Intego Mac Podcast Episode 275

• 52 Alarming Cyberbullying Statistics and Facts for 2023

• Tech Executives Face Prison For Online Safety Breaches

• Pwned or Bot

• Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

• Hundreds of Malicious Packages Found in npm Registry

• Gen Digital Customers’ Accounts were Breached by Hackers

• Microsoft Confirms It Will Axe 10,000 Jobs

• Do you know what your supply chain is and if it is secure?

• Is My Smartphone Safe? 10 Tips To Enhance Your Mobile Security

• Modern CyberSOC – A Brief Implementation Of Building a Cyber Security Infrastructure

• Modern CyberSOC – A Brief Implementation Of Building a Collaborative Cyber Security Infrastructure

• Microsoft works with partners on Cybercrime Atlas

• CloudSEK offers a search engine to detect malicious apps

• Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information

• EU cyber resilience regulation could translate into millions in fines

• Cyber insurance can offset the risks of potential breaches

• Techniques that attackers use to trick victims into visiting malicious content

• ECS Announces Sponsorship with Old Glory DC for 2023 Major League Rugby Season

• Israeli Mission to the UN, Israel’s National Cyber Directorate and Team8, Host Cyber Security Event at UN

• ERI Opens New State-of-the-Art ITAD & Electronics Recycling Facility in Arizona

• CISSP-ISSAPs – We Need Your Input

• Improve your AWS security posture, Step 2: Avoid direct internet access to AWS resources

• IDrive 360 enhancements enable IT departments to oversee data protection

• Sygnia’s MXDR service helps organizations minimize business disruption

• TD SYNNEX SMB Fraud Defense Click-to-Run reduces risks within cloud environments

• Zyxel Astra prevents unauthorized endpoint access

• What is Business Attack Surface Management?

• 2023-01-16 – IcedID (Bokbot) with Backconnect and VNC and Cobalt Strike

• Period-tracking apps, search engines on notice by draft law

• 2023-01-18 – Google ad –> Fake Libre Office page –> IcedID (Bokbot) –> Cobalt Strike

• Chinese APT Group Vixen Panda Targets Iranian Government Entities

• nsKnox raises $17 million to strengthen B2B payment security

• Abacus Group acquires two cybersecurity consulting companies

• Forter acquires Immue to enhance bot detection capabilities

• Ivanti and Lookout extend partnership to secure the hybrid workforce

• Threat attackers can own your data in just two days

• Bitzlato cryptocurrency exchange founder arrested, charged

• How Would the FTC Rule on Noncompetes Affect Data Security?

• Avast Releases Free Decryptor for BianLian Ransomware

• Thousands of Sophos firewalls still vulnerable out there to hijacking

• CISA hires Navy cyber expert to help oversee vulnerability management

• IT Security News Daily Summary 2023-01-18

• Vulnerable Historian Servers Imperil OT Networks

• FTX Says $415 Million Of Its Crypto Assets Was Hacked

• Not a chance of a recession for IT spending this year, says ServiceNow’s Bill McDermott

• How data sharing amplifies benefits programs

• Facebook Oversight Board Recommends Company Changes Nudity And Sexual Activity Community Standard

• The Case for Designating Wagner Group as a Foreign Terrorist Organization Is Still Compelling

• Period-tracking apps and search engines put on notice by draft law

• Threat Actors Spreading NjRAT in New “Earth Bogle” Campaign

• FDA falls short on IT contract management, watchdog finds

• CISA’s chief of technology strategy stepping down ‘much earlier’ than expected

• Twitter’s new blue checkmark isn’t always blue, and other verification system changes

• States should follow feds in Chinese tech bans

• Two critical flaws discovered in Git source code version control system

• A week in security (January 9—15)

• Rise of cloud-delivered malware poses key security challenges

• Top 10 ICS cybersecurity threats and challenges

• LastPass faces mounting criticism over recent breach

• Palantir CEO tells tech workers who don’t like the company’s military deals, ‘Don’t work here’

• CircleCI: Malware stole GitHub OAuth keys, bypassing 2FA

• Flood forecasts in real-time with block-by-block data could save lives – a new machine learning method makes it possible

• ChatGPT Could Create Polymorphic Malware Wave, Researchers Warn

• Sophos Cuts Jobs to Focus on Cybersecurity Services

• Founder and Majority Owner of Cryptocurrency Exchange Charged With Processing Over $700 Million of Illicit Funds

• Walmart’s ongoing cyber security investment

• Proposed Washington law puts period-tracking apps and search engines on notice

• 3 Tools to Round Out Your Privacy Protection Toolbox

• A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam

• KnowBe4 2022 Phishing Test Report Confirms Business-Related Emails Trend

• DoControl Announces SaaS Security Platform Expansion With Shadow Apps Module Launch

• Get lifetime access to award-winning cybersecurity training for just $80

• Over Four Billion People Affected By Internet Censorship in 2022

• ChatGPT Opens New Opportunities for Cybercriminals: 5 Ways for Organizations to Get Ready

• Vulnerability Summary for the Week of January 9, 2023

• CISA Releases Four Industrial Control Systems Advisories

• CISA Updates Best Practices for Mapping to MITRE ATT&CK®

• CISA Adds One Known Exploited Vulnerability to Catalog

• Mozilla Releases Security Updates for Firefox

• Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa

• The Case for Designating Wagner Group as a Foreign Terrorist Organization is Still Compelling

• Cybersecurity Under the Ocean: Submarine Cables and US National Security

• Microsoft Quietly Revealed a New Kind of AI

• Don’t Miss Open Source Software (OSS), While Assessing Cloud App Security

• CSI Banking Priorities Executive Report Reveals Bankers Will Deploy Customer-Centric Features for Retention in 2023

• QuSecure Achieves Critical Breakthrough in Post-Quantum Encryption Over Public Internet – Closes Loop for End-to-End Quantum-Safe Data Security

• Latest Cyberthreats and Advisories – December 23, 2022

• nsKnox Raises $17 Million From Link Ventures, Harel Insurance and Existing Investors Including M12 and Viola Ventures to Meet Growing Demand for B2B Payment Security & Compliance Solutions

• The dos and don’ts of ransomware negotiations

• Third-Party Firm Exposes Personal Info for Nissan Customers

• Cloud IAM recovery firm raises $5M to tighten identity access management

• Exploited Control Web Panel Flaw Added to CISA ‘Must-Patch’ List

• Vendors Actively Bypass Security Patch for Year-Old Magento Vulnerability

• How to build a cyber-resilience culture in the enterprise

• ICS Confronted by Attackers Armed With New Motives, Tactics, and Malware

• Zendesk – Is It A One Way “Ticket” to Ransomland?

• The Lingering Power of Cyber Brandishing

• Ivanti and Lookout Announce Extension on Partnership To Protect Mobile Devices

• Emails are Vulnerable to Cyber Threat

• Telephony fraud and risk mitigation: Understanding this ever-changing threat

• Help Shape the CGRC Exam – Formerly Known As CAP

• Three easy steps to dramatically improve your AWS security posture: Step 1, set up IAM properly

• How do the latest iPhone updates address Cybersecurity issues?

• Difference between Cybersecurity and Information Security

• Over 4,000 Internet-facing Sophos Firewalls Vulnerable to Code Injection Attacks

• Texas universities block access to TikTok on campus Wi-Fi networks

• Remote Code Execution Vulnerabilities Found in TP-Link, NetComm Routers

• Critical Git Vulnerabilities Discovered in Source Code Security Audit

• ChatGPT Creates Polymorphic Malware

• 1000 Shipping Vessels Impacted by Ransomware Attack

• Unpatched Zoho ManageEngine Products Open to Possible Attack

• Spy Cams Reveal the Grim Reality of Slaughterhouse Gas Chambers

• More Than 4,400 Sophos Firewall Servers Remain Vulnerable To Critical Exploits

• More Malicious Packages Posted To Online Repository. This Time It’s PyPI

• FTX Says $415 Million In Crypto Was Hacked

• Four Azure Services Vulnerable To SSRF Flaws

• Third-Party Hack Leads To Theft Of Patient Data For Over 251,000

• 1,000 Ships Affected By Ransomware Attack On DNV’s Software

• New Updates for Keeper Connection Manager

• Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)

• Doenerium: When Stealing from Thieves Is Also a Crime

• Five Ways to Keep Endpoint Protection Simple

• Apple Announces M2 Pro & M2 Max Chips, New MacBook Pros, New Mac mini, and New HomePod

• Apple Postpones AR Glasses Launch – Report

• What the New Federal Cybersecurity Act Means for Businesses

• Lares Research Highlights Top 5 Penetration Test Findings From 2022

• Governance in the Cloud Shifts Left

• Cybersecurity and the Myth of Quiet Quitting

• New Coalfire Report Reveals CISOs Rising Influence

• Abacus Group Acquires Gotham Security and GoVanguard to Expand Cybersecurity Service Offerings

• Mozilla Releases Security Updates for Firefox

• A couple of bugs can be chained to hack Netcomm routers

• How to choose the right Mac for your use case in 2023

• A Senior’s Guide to Navigating Tech Issues in 2023

• FTX Claims $415m Crypto Was Hacked

• GitLab Critical Security Flaw Let Attacker Execute Arbitrary Code

• #WEF23: Geopolitical Instability Means a Cyber “Catastrophe” is Imminent

• Encryption is on the Rise!

• Perception Point Launches Advanced Threat Protection and Rapid Remediation for Zendesk Customers

• Avast Provides A Free Decryptor For BianLian Ransomware

• Cost of data breaches to global businesses at five-year high

• Google ads increasingly pointing to malware

• Global instability increases cyber risk, says World Economic Forum

• Data Leaks: How An HR Platform Left Employees’ Private Data Exposed

• CrowdStrike is a buy as it becomes a bigger player in the cybersecurity space, BMO says

• Ransomware decryption: This tool could help some BianLian ransomware victims get files back

• Okta Expands No-Code Offerings for Identity Cloud

• Over 2.5 Billion Google Chrome Users’ Information was Breached

• Russian hacker group took a shot at three American top nuclear labs

• Twitter Revenue Down 40 Percent, As 500 Advertisers Pause Spending

• Oracle’s First Security Update for 2023 Includes 327 New Patches

• Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels

• 18k Nissan Customers Affected by Data Breach at Third-Party Software Developer

• Hackers Can Exploit GE Historian Vulnerabilities for ICS Espionage, Disruption

• Almost Half of Critical Manufacturing at Risk of Breach

• Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

• Myrocket HR platform’s data leak turns into privacy nightmare for employees

• AI and Political Lobbying

• CrowdStrike is a buy as it become a bigger player in the cybersecurity space, BMO says

• Hack the Pentagon 3.0: Groundbreaking Bug Bounty Program Is Back

• Researchers warn of malicious Visual Studio Code extensions

• Guide: How MSSPs and vCISOs can extend their services into compliance readiness without increasing cost

• Varonis strengthens data security with least privilege automation

• Malicious Download Links Impersonating Popular Software Pushed by Hackers Through Google Ads

• Data of 18.000 Nissan North America Clients Exposed by a Third-party Breach

• 1,000 Vessels Affected by Ransomware Attack on Marine Software Provider DNV

• Microsoft Azure Services Found Vulnerable to Server-Side Request Forgery Attacks

• “Payzero” Scams and The Evolution of Asset Theft in Web3

• Microsoft To Cut Thousands Of Jobs – Report

• Apple Launches MacBook Pro With Upgraded M2 Chips

• Cybersecurity Crisis Management and Business Continuity

• Data Classification: Your 5 Minute Guide

• FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War

• Nissan Supplier Leaked Data on Thousands of Customers

• Git Users Urged to Update Software to Prevent Remote Code Execution Attacks

• Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

• Nissan Data Breach Caused By Vendor-Exposed Database

• How to Safeguard Your Data in the Era of Privacy Violations

• Twitter Auctions Off Office Furniture, Fixtures And Fittings

• European Businesses Admit Major Privacy Skills Gap

• Experts found SSRF flaws in four different Microsoft Azure services

• 5 Best VPN for Warzone 2 Lag 2023? Play Smoothly

• Why performing security testing on your products and systems is a good idea

• Wireless Penetration Testing Checklist – A Detailed Cheat Sheet

• The dark web in 2023: What’s on it?

• CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

• What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

• Importance of having a Threat Intelligence Platform

• Potential threats and sinister implications of ChatGPT

• Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism”

• MassChallenge and MITRE Select 10 Startups for the MITRE Social Innovation Mentorship Program

• Veterans Affairs unveils draft for $60B T4NG 2 vehicle

• Top 10 Venmo scams – and how to stay safe

• How data protection is evolving in a digital world

• Trellix Endpoint Scores 100% Detection with Zero False Positives in Latest SE Labs Endpoint Security Test

• ERI Becomes First Electronic Recycler & ITAD Company to Achieve Official Carbon Neutral Status

• Hypori, Inc. Secures Series B to Redefine Zero-Trust BYOD

• Latest Cyberthreats and Advisories – January 6, 2023

• Key to success while implementing IAM- Best practices that every company should implement

• 2023-01-16 – Google ad –> Fake 7-Zip page –> Malicious .msi file

• Thinking of Hiring or Running a Booter Service? Think Again.

• DigiCert Trust Lifecycle Manager unifies CA-agnostic certificate management

• Devo DeepTrace helps security teams investigate alerts and suspicious events

• NS1 DNS Insights empowers network teams to troubleshoot misconfigurations

• Varonis unveils least privilege automation to improve data security

• Been hit by BianLian ransomware? Here’s your get-out-of-jail-free card

• Nearly 300 MSI motherboards will run any old code in Secure Boot, no questions asked

• Russian criminals can’t wait to hop over OpenAI’s fence, use ChatGPT for evil

• Denial of service vulnerability discovered in libraries used by GitHub and others

• Web skimmer found on website of Liquor Control Board of Ontario

• University suffers leaks, shutdowns at the hands of Vice Society

• Update now! Proof of concept code to be released for Zoho ManageEngine vulnerability

• Russian criminals can’t wait to hop over OpenAI fence, use ChatGPT for evil

• IBM: Quantum computing poses an ‘existential threat’ to data encryption

• Communities are rethinking their push for data centers

• SimSpace CEO brings dogfight mentality to terra firma for IT cybersecurity training

• State of data privacy laws in 2023

• Facebook Sues Surveillance Company For Scraping Data Of 600,000 Users

• Secrets Rotation Recommended After CircleCI Security Incident

• Initial Access Broker Market Booms, Posing Growing Threat to Enterprises

• Vulnerability Summary for the Week of January 9, 2023

• Tesla Executive Admits Self-Driving Video Was Staged

• Governor calls for $37M boost in drone funding

• Future-proofing smart cities with open standards

• OPM pushes to rebrand government and capitalize on tech layoffs

• CISA Updates Best Practices for Mapping to MITRE ATT&CK®

• CISA Adds One Known Exploited Vulnerability to Catalog

• 1,000 ships impacted by a ransomware attack on maritime software supplier DNV

• Nearly 300 MSI motherboards will run any code in Secure Boot, no questions asked

• Why Quantum Computing Capabilities Are Creating Security Vulnerabilities Today

• Lawmakers propose a federal reserve corps for digital talent

• Serious Security: Unravelling the LifeLock “hacked passwords” story

• Unpatched Zoho MangeEngine Products Under Active Cyberattack

• VIPRE Security Group Launches New Endpoint Detection and Response (EDR) Technology Built for SMEs

• Researcher Finds Class Pollution – A Prototype Pollution Variant Affecting Python

• Check Point Research flags a 48% growth in cloud-based networks attacks in 2022, compared to 2021

• Making an apology

• Hackers to get a crack at systems running the Pentagon in new bug bounty

• Microsoft fixes SSRF vulnerabilities found in Azure services

• Vice Society Claims Ransomware Attack Against University of Duisburg-Essen

• Why Businesses Need to Think Like Hackers This Year

• A New Era Is Dawning in Cybersecurity, but Only the Best Algorithms Will Win

• CISA Releases Four Industrial Control Systems Advisories

• US Copyright Term Extensions Have Stopped, But the Public Domain Still Faces Threats

• Veeam Research Finds IT Leaders Feel Increasingly Unprotected from Cyberattacks and Other Disasters

• GrammaTech and T.E.N. Announce Winner of First Annual Product Security Executive of the Year Award

• ProArch Acquires Data Protection Firm Trum & Associates

• TD SYNNEX Unveils New Fraud Defense Solution to Combat Widespread Security Risks

• Cyber Hygiene: How to get buy-in from employees

• Foxconn Replaces Head Of iPhone Assembly – Report

• Britishvolt Calls In Administrators, After Months Of Struggle

• Disruption on High Seas: Shipping Software Hit by Ransomware Attack

• Self-Checkout This Discord C2

• Hinds County electronic system knocked offline, blocking jail, courts and DA communication

• Smart home appliances have long lives, but software support is much shorter

• Researchers Warn Against Zoho ManageEngine Exploit Attacks

• Major Canadian Liquor Distributor’s Website Infected With Skimmer

• It’s important to look at overall macro sentiment, says Palo Alto Networks’ Nikesh Arora

• Secure your business like you secure your home: 5 steps to protect against cybercrime

• Microsoft locks door to default guest authentication in Windows Pro

• Fiber Broadband Association Opens Fiber Connect 2023 Call for Speakers

• Teleion, a Minority-Owned Business, Selected as Best Place to Work for Third Year

• Token Wins Fourth Award for MFA Technology that Stops Phishing and Ransomware

• IT/OT convergence and Cybersecurity best practices

• How to say your webcam on laptop or smartphone has been hacked

• Azure Services SSRF Vulnerabilities Exposed Internal Endpoints, Sensitive Data

• PyPI Users Targeted With ‘Wacatac’ Trojan in New Supply Chain Attack

• Earth Bogle Group Targets Middle East With NjRAT, Geopolitical Lures

• Three-Quarters of UK Schools Have Experienced a Cyber Incident

• Cygna Labs Introduces Entitlement and Security for Active Directory

• How to abuse GitHub Codespaces to deliver malicious content

• More Than Half Of US States Restrict TikTok Access From Govt Devices

• Tencent Fired 100 People For Corruption In 2022

• Crypto Exchanges Freeze Accounts Tied To North Korea’s Notorious Lazarus Group

• Cryptoverse: Bitcoin Is Back With A Bonk

• Huge Network of Fake Cracked Software Distributes Raccoon and Vidar Malware

• Your Guide on How Ransomware Spreads in Company Networks & on the Internet

• Internet Security: How to Defend Yourself Against Hackers

• US Spies Lag Rivals in Gathering Data That is Concealed From Plain Sight

• Watch Out For This AnyDesk Phishing Campaign That Delivers Vidar Info Stealer

• What is the Future of Password Managers?

• How to unlock the Flipper Zero’s true power

• 3 Lessons Learned in Vulnerability Management

• 5 Cybersecurity Tips for Higher Education Institutions

• Microsoft Patches 4 SSRF Flaws in Separate Azure Cloud Services

• Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized Access

• CloudSEK BeVigil app protects Android users from security risks

• How Vice Society’s Ransomware Attack Impacted University of Duisburg-Essen

• What Is the Best Email App for IOS for 2023?

• Vampire Survivors Mobile Port Demonstrates Why Mobile Gaming Is Great

• Some of the Most Beloved Fictional Gamblers

• Microsoft resolves four SSRF vulnerabilities in Azure cloud services

• Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks

• Dutch Minister Queries Compliance Over US Chinese Export Controls

• Over 6000 Internet-Exposed Cacti Servers are Unpatched for Critical Security Vulnerability

• Attackers Can Abuse GitHub Codespaces for Malware Delivery

• Patch your Zoho ManageEngine instance immediately! PoC Exploit for CVE-2022-47966 will be released soon

• Sweden’s Challenging Road to NATO Membership

• Oral Argument Preview: United States v. Turkiye Halk Bankasi S.A. (Halkbank)

• Real Talk with CCSPs An interview with Vanessa Leite, CCSP, CISSP

• What is phishing? Everything you need to know to protect against scam emails – and worse

• Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware

• Odin Intelligence Website Used By Police Wrecked, Data Stolen

• PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)

• What Are Rainbow Table Attacks and How to Safeguard Against Them?

• Free Decryptors Released for BianLian, MegaCortex Ransomware

• Bill Would Force Period Tracking Apps to Follow Privacy Laws

• The FBI Identified a Tor User

• CISA Warns of Critical Vulnerabilities on Industrial Control Systems

• Bank of England Governor Questions Need For Digital Pound

• The Best Ways to Automate SBOM Creation

• 3 Learnings from the DoDIIS Conference

• The prevalence of RCE exploits and what you should know about RCEs

• Zoho ManageEngine PoC Exploit to be Released Soon – Patch Before It’s Too Late!

• 4 Places to Supercharge Your SOC with Automation

• Fortinet observed three rogue PyPI packages spreading malware

• VIPRE Security Group’s New Endpoint Detection And Response (EDR) Technology Powerfully Built For Small And Mid-sized Enterprises

• Cyber Threat Landscape Study 2023: Outpost24’s Honeypot Findings From Over 42 Million Attacks

• Outpost 24’s honeypots register 42 million attacks

• December 2022 Cyber Attacks Statistics

• Casino Crypto Games: Everything You Need to Know

• Largest European Rare Earth Deposit Found In Sweden

• Google Ads Malware Wipes NFT Influencer’s Crypto Wallet

• GDPR Fines Surge 168% in a Year

• Russia’s Ukraine War Drives 62% Slump in Stolen Cards

• Mass Data Scraping Lawsuit Filed by Meta

• Initial Access Broker Activity Doubles in a Year

• Managing Asset Risks During Healthcare M&As

• Heimdal Cyber-Security & Threat Intelligence Report 2023

• Proof-of-Concept Exploit Code to be Released for Critical Zoho RCE Bug

• CIA’s Hive Attack Kit Has Been Pirated by Hackers

• Need to improve the detection capabilities in your security products?

• Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures

• Policy Brief – U.S. Cyber Threat Intelligence, Part 2: Summary, Recommendations & Challenges

• CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers

• Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems

• (ISC)² Top-Ranked Webinars of 2022 by Region

• Crypto exchanges freeze accounts tied to North Korea’s notorious Lazarus Group

• Datadog Changes RPM Signing Key Exposed in CircleCI Hack

• How to succeed in cyber crisis management and avoid a Tower of Babel

• Cyber Attack news headlines trending on Google

• Tencent fired 100 people for corruption during 2022

• Training, endpoint management reduce remote working cybersecurity risks

• Threats that will dominate headlines in 2023

• 5 Updates to Secure Data as Workers Return to Work

• Hybrid commerce: Blurring the lines between business and pleasure

• Is the FSI innovation rush leaving your data and application security controls behind?

• Google to support the use of Rust in Chromium

• Law enforcement app SweepWizard leaks data on crime suspects

• Accountant ordered to pay ex-employer after bossware shows “time theft”

• TikTok dances to the tune of $5.4m cookie fine

• “Untraceable” surveillance firm sued for scraping Facebook and Instagram data

• Fighting technology’s gender gap with TracketPacer: Lock and Code S04E02

• Australian law firms team up to seek compensation for Medibank data breach

• Researchers: Brace for Zoho ManageEngine ‘Spray and Pray’ Attacks

• Hacktivists Leak 1.7TB of Cellebrite, 103GB of MSAB Data

• The 4 best VPN services for torrenting in 2023

• US to Launch Third Iteration of ‘Hack the Pentagon’ Bug Bounty Program

• It’s Copyright Week 2023: Join Us in the Fight for Better Copyright Law and Policy

• Predictions 2023, Part 1: What will the new year bring for the InfoSec Community?

• Multi-million investment scammers busted in four-country Europol raid

• CircleCI Confirms Data Breach Was Caused By Infostealer on Employee Laptop

• How to make sure the reputation of your products and company is good

• How to handle personal data of students

• YouTube Tests Free Ad-Supported Streaming Channels

• Hidden Email Addresses in Phishing Kits

• InHand Industrial Router Vulnerabilities Expose Internal OT Networks to Attacks

• Qbot Overtakes Emotet in December 2022’s Most Wanted Malware List

• Avast researchers released a free BianLian ransomware decryptor for some variants of the malware

• Pro-Russian Group Targets Organizations in Ukraine and NATO Countries with DDoS Attacks

• Europol Dismantled a Cybercrime Ring Involved in Cryptocurrency Scams

• CircleCI Breach: Encryption Keys & User Data Seized

• LastPass, Okta, and Slack: Threat Actors Switch to Targeting Core Enterprise Tools

• Abusing a GitHub Codespaces Feature For Malware Delivery

• What to Know About the Pentagon’s New Push for Zero Trust

• 6 Common Phishing Attacks and How to Protect Against Them

• Website of Canadian Liquor Distributor LCBO Infected With Web Skimmer

• The Dangers of Default Cloud Configurations

• Cybercriminals Are Using Malicious JARs and Polyglot Files to Distribute Malware

• SECURITY ALERT: Danish Consumers Targeted by Danskespil.dk Smishing Wave

• To Get Around Security, Hackers Use This Old Trick

• Norton LifeLock Issues a Warning for Password Manager Account Breach

• Ransomware Gangs are Starting to Forego Encryption

• CircleCI Breach : Encryption Keys & User Data Seized

• TikTok Banned On State Devices In Kentucky

• Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems

• Java, .NET Developers Prone to More Frequent Vulnerabilities

• Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software

• Experts spotted a backdoor that borrows code from CIA’s Hive malware

• CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie

• Twitter Offers Free Adverts To Major Brands – Report

• GitHub Disables Pages of Pro-Russia DDoS Group NoName057(16)

• Hackers Compromised CircleCI Employee’s Laptop to Breach the Company’s Systems

• Report: Facebook’s Privacy Troubles Could Make It Vulnerable To Competitors

• Third-Party Risk Management: Why 2023 Could Be The Perfect Time To Overhaul Your TPRM Program

• 6,000+ Customer Accounts Breached, NortonLifeLock Alert Users

• 2023 Data Privacy Predictions

• This “teler-waf” Tool Protects Go Apps From Web-based Attacks

• Brave Browser Turns Your Device Into A Proxy For Others Via “Snowflake” Feature

• DDoS Trends 2023

• Crypto.com Axes 20 Percent Of Staff

• DDosia: A botnet created to facilitate DDoS attacks

• Teaching an Old State Analyzer Some New Tricks

• Cybersecurity Experts Cast Doubt on Hackers’ ICS Ransomware Claims

• CircleCI Hacked via Malware on Employee Laptop

• All the Data Apple Collects About You—and How to Limit It

• CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers

• A Secure User Authentication Method – Planning is More Important than Ever

• Hacked Cellebrite and MSAB Software Released

• Malicious Office Macros: Detecting Similarity in the Wild

• Pro-Russia Hacktivist Group NoName057(16) Strikes Again

• Cacti servers under attack by attackers exploiting CVE-2022-46169

• Tesla Cuts EV Prices In US, UK, Europe

• For password protection, dump LastPass for open source Bitwarden

• New Backdoor Created Using Leaked CIA’s Hive Malware Discovered in the Wild

• T95 Android TV Box sold on Amazon hides sophisticated malware

• Malicious VPN Installers Used to Infect Devices with Spyware

• Static Vs Dynamic IPs: Differences, Similarities and Cybersecurity Considerations

• CircleCI Security Incident: How a Malware Attack on An Engineer’s Laptop Led to Chaos

• TikTok Fined $5.4 Million By French Authorities Over Cookie Opt-Out Feature

• Warning! Credit Card Skimmer Injected on Canada’s Largest Alcohol Retailer’s Site

• NortonLifeLock says some Norton Password Manager accounts were compromised

• This is How to Start Your Own Cybersecurity Business

• US Court Orders $17m Be Given to BitConnect Victims

• Hackers Hijack NortonLifeLock Customer Accounts

• Threats of Quantum: The solution lies in quantum cryptography

• Bulk Cacti Servers Exploited In Unpatched Vulnerabilities

• Tim Cook Agrees To Huge Pay Cut

• Android TV Box Sold on Amazon Contain Malware

• TikTok Fined Over $5m for Cookie Violations

• What Is Malware? Definition, Types and Protection

• Software developers, how secure is your software?

• (ISC)² New Jersey Chapter Hosts International Event with 500 Attendees

• Zendesk – Is It A One Way “Ticket” to Ransomland

• Passkeys, going passwordless, and the future of authentication

• ChatGPT has investors drooling, but can it bring home the bacon?

• The Overwatch League ruled esports. Then everything went wrong

• Amid China’s massive COVID wave, 42% of people on one flight tested positive

• What You Need to Know About the Kraken Covid Variant

• Norton Password Manager Breached – Hackers Accessed Username and Password

• Schneier on Security Audiobook Sale

• Europol arrested cryptocurrency scammers that stole millions from victims

• Why encrypting emails isn’t as simple as it sounds

• Vulnerability puts data of 2.5 billion Chrome users at risk

• What’s holding Web3 back from prime time

• Post-quantum cybersecurity threats loom large

• 10 data security enhancements to consider as your employees return to the office

• Wi-Fi Geolocation, Then and Now

• China aims to grow local infosec industry by 30 percent a year, to $22 billion by 2025

• Ransomware has now become a problem for everyone, and not just tech

• Multiple schools hit by Vice Society ransomware attack

• Timely patching is good, but sometimes it’s not enough

• The 3 best VPN services for Mac in 2023

• 1.7 TB of data stolen from digital intelligence firm Cellebrite leaked online

• $5.4 Million Slammed On TikTok By France For  Cookies Privacy

• Who Are You Calling a Great Power?

• The big risk in the most-popular, and aging, big tech default email programs

• Megaport and Qrypt demonstrate First of its Kind Global Quantum Secure Data Transmissions

• Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

• Cisco Fixes a Major Issue in Small Business Routers

• Most Important Network Penetration Testing Checklist

• Microsoft quietly revealed a new type of AI (it may quietly petrify you)

• The most-popular big tech default email programs are old and vulnerable

• One in Three Companies Holds off on Giving Cybersecurity Training to Remote Workers.

• What’s 6G & its Way Forward?

• Protecting the World’s Energy Systems: Physical and Cybersecurity Need to Coexist

• No Evidence: Twitter Denies Hacking Claims and The Stolen Data Being Sold Online

• Security Affairs newsletter Round 402 by Pierluigi Paganini

• Week in review: ChatGPT as an infosec assistant, Google offers help to EU cybersecurity startups

• Cyber Security Management System (CSMS) for the Automotive Industry

• The biggest risks of using Bluetooth trackers like Apple AirTag, Tile

• The biggest security pros and cons of using Bluetooth trackers

• DevSecOps and Digital Transformation: Bridging the Security Gap

• SpiderOak raises $16.4 million to protect space mission systems

• Crisis24 acquires Topo.ai to enhance global risk intelligence capabilities

• Conceal joins forces with Thousand Guards to improve web-browser security

Generated on 2023-01-22 23:58:55.504981