IT Security News Weekly Summary – Week 06

• IT Security News Daily Summary 2023-02-12

• The Israel Institute of Technology Technion suffered a ransomware attack

• Top cybersecurity M&A deals for 2023

• Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks

• Using the blockchain to prevent data breaches

• Iranian State TV Hacked During President’s Speech on Revolution Day

• Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

• Is this website Safe : How to Check Website Safety – 2023

• Nobody Except Your Doctor Should be Aware of Your Menstrual History

• Cybercrime Utilizes Screenshotter to Find Targets in US

• 4 misconceptions about data exfiltration

• Contextualizing the Nigerian Government’s Forced Abortion Program

• Russian Government evaluates the immunity to hackers acting in the interests of Russia

• Can Twitter Fix its Bot Crisis with an API Paywall?

• Predicting which hackers will become persistent threats

• NewsPenguin Initiates Phishing Camapaign for Maritime & Military Secrets

• Latest Cyberthreats and Advisories – February 3, 2023

• The Most Controversial Surveillance Device Used By The FBI Is In Danger

• Security Affairs newsletter Round 406 by Pierluigi Paganini

• Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap

• Ransomware Targeting VMware ESXi Servers Rises

• How to Make Sure You’re Not Accidentally Sharing Your Location

• Week in review: VMware ESXi servers under attack, ChatGPT’s malicious potential, Reddit breached

• Cyber Security Management System (CSMS) for the Automotive Industry

• Cookie consent is not enough

• Calling All CISSP-ISSMP and CISSP Certification Holders

• Analysis: CircleCI attackers stole session cookie to bypass MFA

• Working with AWS to secure your data against attack

• The Evolution of Cloud-Native Authorization

• Are First Responders Prepared for Super Bowl LVII?

• IT Security News Daily Summary 2023-02-11

• Uncle Sam wants to strip the IoS out of IoT with light crypto

• Test Data Compliance: How to Rewrite Your Organization’s DNA

• Why passkeys from Apple, Google, Microsoft may soon replace your passwords

• Dynamic Approaches Witnessed in AveMaria’s Distribution Strategy

• Clop ransomware claims the hack of 130 orgs using GoAnywhere MFT flaw

• Why Apple, Google, Microsoft passkeys may soon replace your internet passwords

• Data Breached on Toyota Supplier Portal

• ChatGPT: A Potential Risk to Data Privacy

• Essential Team Building for Strong Cloud Security

• The top 8 Cybersecurity threats facing the automotive industry heading into 2023

• Why Apple, Google, Microsoft passkeys should soon replace your own passwords

• What is Vulnerability Scanning & How Does It Work?

• Unwitting Insider Threats Remain A Challenge As Security Solutions Struggle To Keep Up

• North Korean Hackers Are Attacking US Hospitals

• Cybersecurity and the Cloud in Modern Times

• New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

• Watch Out for Windows 11, as it Collects Data Even While you are Offline

• Tor And I2P Networks Embraced Multiple DDoS Attacks

• North Korean Hackers Targeting Healthcare to Fund for Malicious Activities

• US Blacklists 6 Chinese Entities Over Balloon Program

• KeePass isn’t as safe as we once thought. Here’s why

• Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users

• CISA adds Fortra MFT, TerraMaster NAS, Intel driver Flaws, to its Known Exploited Vulnerabilities Catalog

• Build or Buy your own antivirus product

• CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

• Weekly Update 334

• AT&T Cybersecurity awarded the Palo Alto Networks 2022 Partner of the Year Award

• Cybersecurity Industry News Review: February 7, 2023

• Juggling the Demands of a Multicloud Environment

• This week’s Reddit breach shows company’s security is (still) woefully inadequate

• Key findings from the latest ESET Threat Report – Week in security with Tony Anscombe

• AI-powered Bing Chat spills its secrets via prompt injection attack

• Mozilla plans ground-up UI redesign for Thunderbird email client this July

• California Medical Group’s Ransomware Breach Affects 3.3M

• Penang government data leaked online

• My Strange Day With Bing’s New AI Chatbot

• Ransomware crooks steal 3m+ patients’ medical records, personal info

• Austrian ‘mobile concierge’ app Gustaffo leaking 100k customers’ data

• CyberData Pros and Ketch help companies build modern privacy programs

• $800,000 recovered from Business Email Compromise attack

• Beware fake Facebook emails saying “your page has been disabled”

• Reddit breached, here’s what you need to know

• KillNet hits healthcare sector with DDoS attacks

• Ransomware attack hit the City of Oakland

• Digital Rights Updates with EFFector 35.2

• DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure

• IT Security News Daily Summary 2023-02-10

• How to Use Cloud Access Security Brokers for Data Protection

• 2023-02-07 – OneNote file pushes unidentified malware

• Chinese spy balloon over the US: An aerospace expert explains how the balloons work and what they can see

• ChatGPT is a data privacy nightmare. If you’ve ever posted online, you ought to be concerned

• Toyota Global Supply Chain Portal Flaw Put Hacker in the Driver’s Seat

• It Isn’t Time to Worry About Quantum Computing Just Yet

• ESXiArgs Ransomware Virtual Machine Recovery Guidance

• NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices

• Honoring our ‘Cybersecurity Defender of the Year’ in EMEA

• Friday Squid Blogging: Squid Is a Blockchain Thingy

• Suspect In Finnish Psychotherapy Blackmail Hack Arrested

• North Korea Using Healthcare Ransomware To Fund More Hacking

• Clop Ransomware Flaw Permitted Linux Victims to Restore Files for Months

• Reddit Hack Shows Limits of MFA, Strengths of Security Training

• List of Proxy IPs Exposed to Block Killnet’s DDoS Bots

• Researcher Hacked Toyota’s Global Supplier Portal

• Announcing Check Point Software’s Americas Partner Winners at CPX 360 New York

• Biden’s State of the Union highlights semiconductor success and big tech privacy concerns

• Do traffic signals need a fourth light for self-driving cars?

• How fleet management can boost overall data security and integrity

• SOC 3 (System and Organization Controls 3)

• UK Politician’s Email Hacked by Suspected Russian Threat Actors

• Top 7 Threat Intelligence Platforms

• Unpatched Security Flaws Disclosed in Multiple Document Management Systems

• Russian national pleads guilty to money laundering linked to Ryuk Ransomware operation

• Top Android Phones From China Are Packed With Spyware, Research Finds

• Scammers Steal $4 Million In Crypto During Face-To-Face Meeting

• Mysterious Russian Satellites Are Now Breaking Apart In Low Earth Orbit

• Mysterious Leak Of Booking.com Data Being Used For Scams

• National Security Roundup for the 2023 State of the Union

• Solving one of NOBELIUM’s most novel attacks: Cyberattack Series

• A Majority of Security Experts Prioritize Prevention Over Detection

• New Password-sharing Rule from Netflix Can Annoy Users

• CDC map shows health impact of local environmental burdens

• New ESXi ransomware strain spreads, foils decryption tools

• Cybersecurity Analysts Using ChatGPT for Malicious Code Analysis, Predicting Threats

• UK Watchdog Finds Microsoft’s Activision Deal Could Hurt Gamers

• Intel Now Seeks $10 Billion State Aid For German Factory – Report

• Securing the Clouds: An Evaluation of Cloud Security Solutions

• Defending Against Data Breaches: An Overview of Cyber Insurance for MSPs

• Your Go-to Guide to Develop Cryptocurrency Blockchain in Node.Js

• The cloud’s growing impact on cybersecurity

• What responders really want from their tech

• Internet and email usage policy

• Royal ransomware spreads to Linux and VMware ESXi

• Lawmakers Press Facebook Over Risky Data Access In Hostile Countries

• Why ChatGPT Isn’t a Death Sentence for Cyber Defenders

• Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach

• A Hacker’s Mind Is Now Published

• What’s Next in Cybersecurity? Join Us at Ignite on Tour!

• The Proud Boys Jurors: Who Are They and Can They Be Fair?

• Dingo Token Charging 99% Fee is a Scam

• Police in Hong Kong and Interpol Discover Phishing Servers and Apps

• Malvertiser “D-Shortiez” abuses WebKit back button hijack in forced-redirect campaign

• Geo Targetly URL Shortener Abused in Phishing Scam

• CrowdStrike exec explains why the cloud is a ‘net-positive’ for cybersecurity

• Trickbot Members Sanctioned for Pandemic-Era Ransomware Hits

• Vulnerability Research is a Journey: CVEs Found by KeenLab

• Emerging Defense in Android Kernel

• WindowServer: The privilege chameleon on macOS (Part 1)

• WindowServer: The privilege chameleon on macOS (Part 2)

• Tax Season has officially arrived and cyber criminals are happy

• Password Manager Dashlane Open-sourced Its Mobile Apps

• Zoom Sheds 15 Percent Of Workforce

• Scottish MP Admits Hack Of Personal Email, After NCSC Warning

• Google Chrome 110 arrives – but not all Windows PCs will get it

• Why Some Cloud Services Vulnerabilities Are So Hard to Fix

• How to Optimize Your Cyber Insurance Coverage

• How the US Can Stop Data Brokers’ Worst Practices—Right Now

• The FBI’s Most Controversial Surveillance Tool Is Under Threat

• 10 API Security Best Practices To Protect Your Organization

• Scammers steal $4 million in crypto during face-to-face meeting

• Analysis: Could NIST’s Cybersecurity Framework 2.0 be the beginning of international best practice?

• Why threat modeling can reduce your cybersecurity risk

• The Role of Data Hygiene in the Security of the Energy Industry

• This beginner-friendly ethical hacker training is 97% off

• Reddit admits it was hacked and data stolen, says “Don’t panic”

• MagicWeb Mystery Highlights Nobelium Attacker’s Sophistication

• Integreon Launches Cyber Incident Response Offering with Development of AI-Based Review and Integration of RadarFirst

• The Journey of a complete OSX privilege escalation with a single vulnerability – Part 1

• Car Hacking Research: Remote Attack Tesla Motors

• A Link to System Privilege

• Racing for everyone: descriptor describes TOCTOU in Apple’s core

• New Car Hacking Research: 2017, Remote Attack Tesla Motors Again

• ARM Boss Committed To Public Listing In 2023

• Microsoft Adds AI To Bing Search Engine, Edge Browser

• Major CrackDown – Police Hacked Exclu ‘secure’ Cybercriminal Message Platform

• Check Point 2023 Security Report: Cyberattacks reach an all-time high in response to geo-political conflict, and the rise of ‘disruption and destruction’ malware

• Singapore hit by growing cybercrimes, clocks $501M in losses from scams

• New cybersecurity data reveals persistent social engineering vulnerabilities

• Cisco: Companies are spending on privacy protection, but do customers know it?

• Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware

• How to Think Like a Hacker and Stay Ahead of Threats

• Russian Hackers Using Graphiron Malware to Steal Data from Ukraine

• How Cannabis Cultivators Are Using New Technology to Be More Productive in 2023?

• Picking The Right Password Manager: Five Things To Bear In Mind

• These Top Background Check Services Impacted by a Data Breach

• Which Type of MFA Is Most Secure?

• OIG finds oversight issues with GSA’s performance-based contracts

• How video evidence is presented in court can hold sway in cases like the beating death of Tyre Nichols

• Reddit Hit By Phishing Attack, Source Code Stolen

• Attacker Allure: A Look at the Super Bowl’s Operational Cyber-Risks

• Malicious Game Mods Target Dota 2 Game Users

• CISA Adds Three Known Exploited Vulnerabilities to Catalog

• A bunch of Red Pills: VMware Escapes

• TenSec 2018

• New Vehicle Security Research by KeenLab: Experimental Security Assessment of BMW Cars

• Exploiting iOS 11.0-11.3.1 Multi-path-TCP:A walk through

• Tencent Keen Security Lab: Experimental Security Research of Tesla Autopilot

• Russian hackers are trying to break into ChatGPT, says Check Point

• Twistlock: Prisma Cloud Container Security Overview and Analysis

• Biden’s SOTU: Data Privacy Is Now a Must-Hit US State of the Union Topic

• CISA Adds Three Known Exploited Vulnerabilities to Catalog

• CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks

• Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages

• Biden Brings Semiconductors to the Forefront of Americans’ Minds

• Power Struggles: Grid Attacks and Extremism in an Age of Climate Volatility

• Suspect in Finnish psychotherapy center blackmail hack arrested

• Smishing: The elephant in the room

• 5 steps to deal with the inevitable data breaches of 2023

• Inflation, workforce issues challenge defense contractors amid security pivot

• Industry, Congress have eye on Login.gov and the public, private sector role in digital identity

• Microsoft OneNote Abuse for Malware Delivery Surges

• US Warns Critical Sectors Against North Korean Ransomware Attacks

• DPRK Uses Unfixed Zimbra Devices for Spying on Researchers

• Telehealth Companies Monetizing and Sharing Health Data

• TenSec 2019

• Exploiting Wi-Fi Stack on Tesla Model S

• Tencent Keen Security Lab joins GENIVI Alliance

• Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars

• Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars

• LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 10, 2023

• What Is Browser Sandboxing?

• Congress told HHS to set up a health data network in 2006. The agency still hasn’t.

• The 5 best identity theft protection & credit monitoring services in 2023

• OpenSSL fixes High Severity data-stealing bug – patch now!

• LookingGlass Cyber Solutions: Threat Intelligence Review

• Remote Code Execution vs. Reverse Shell Attacks – Staging, Purpose, and Impact

• US and UK governments issue sanctions on 7 Russians spreading ransomware

• Reddit Hacked After Employee Bites on Phishing Scam

• Hackers Breached Reddit – Stole Source Code & Internal Data

• Securing Admin Access to Apache APISIX

• Zero trust’s creator John Kindervag shares his insights with VentureBeat — Part II

• Malicious Npm Package Uses Typosquatting, Downloads Malware

• LA Hospital Sued For Selling Patient Data To Facebook

• New TA886 group targets companies with custom Screenshotter malware

• How to delete yourself from the internet

• LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 10, 2023

• Some towns get funding boost from census corrections

• New virtual data fabric to support DoD cyber testing

• Military Organizations in Pakistan Targeted With Sophisticated Espionage Tool

• Security Awareness Training Startup Riot Raises $12 Million

• NIST Picks Ascon Algorithms to Protect Data on IoT, Small Electronic Devices

• Siemens Drives Rise in ICS Vulnerabilities Discovered in 2022: Report

• Australian Government Bans Chinese CCTV Tech

• Novel Phishing Campaign Takes Screenshots Before Payload Delivery

• Musk Seems To Think His Own Employees Are Shadowbanning Him

• Valve Waited 15 Months To Patch High Severity Flaw. A Hacker Pounced.

• Bill Gates thinks A.I. like ChatGPT is the ‘most important’ innovation right now

• The Cryptocurrency Was Stolen by Hackers Last Year to the Tune of $4 Billion.

• 5 Ways to Delete Your Digital Presence

• Should You Use Google Password Manager?

• Six Common Ways That Malware Strains Get Their Names

• Addressing the Elephant in the Room: Getting Developers & Security Teams to Work Together

• Endpoint Security vs. Antivirus: A Comparison

• New Screenshotter Malware Performs Surveillance Before Stealing Data

• Uncle Sow: Dark Caracal in Latin America

• The Cryptocurrency Was Stolen by Hackers Last Year to the Tune of $4 Billion

• Tax-related identity theft: How to protect yourself

• Reddit was hit with a phishing attack. How it responded is a lesson for everyone

• Microsoft Announces New OpenAI-Powered Bing

• GoAnywhere MFT Zero-Day Exploitation Linked to Ransomware Attacks

• US, South Korea: Ransomware Attacks Fund North Korea’s Cyber Operations

• North Korea targets US, South Korean hospitals with ransomware to fund further cyber operations

• February 2023 Patch Tuesday forecast: A Valentine’s date

• Release Management: Is Your Product Ready for Success?

• Canadian Bookstore Indigo Hit By Cyberattack

• What Is An IT Asset?

• Data: A Thorn in the Flesh for Most Multicloud Deployments

• Researcher Discovers Backdoor In Toyota Supplier Management Network

• 1Password plans to become the first password manager without passwords

• SpaceX Test Fires StarShip ‘Super Heavy’ Booster Rocket

• Google Cloud Connects Chronicle to Health ISAC Feed

• Canadian Bookstore Indigo Shuts Down Website After Cyberattack

• How to Secure Your Website in 10 Easy Steps

• North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations

• Phishing attacks are easy for criminals. This is how expensive they could be for you

• Documents, Code, Business Systems Accessed in Reddit Hack

• Meet the Creator of North Korea’s Favorite Crypto Privacy Service

• Reddit breached: Internal docs, dashboards, systems accessed

• UEBA 101: An Introduction to User and Entity Behavior Analytics

• Google Shares Still Down After Bard AI ChatBot Blunder

• Cyber Security New Innovation – Over 2,000 Applications Filed for Patent

• 3 Overlooked Cybersecurity Breaches

• Announcing the 2023 Federal 100

• Reddit discloses security breach that exposed source code and internal docs

• 10 Free & Open Source Threat-Hunting Tools for 2023

• Yahoo To Layoff 20 Percent Of Workforce

• Fifth of ICS Bugs Have No Patch Available

• U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks

• How do you secure the Big Game?

• 3 reasons not to repatriate cloud-based apps and data sets

• Refund and Invoice Scams Surge in Q4

• Good, Perfect, Best: how the analyst can enhance penetration testing results

• Reddit Hacked In Phishing Attack Against Its Employee

• Reddit Breached: Threat Actors Steal Source Code and Internal Data

• New Threat Group Reviews Screenshots Before Striking

• Smart and Frictionless Zero Trust Access for the Workforce

• (ISC)² Puts Members at the Center of Our Cybersecurity Content in 2023

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• How The UK Is Taking A Stand Against Ransomware Criminals

• How to Send Ctrl-Alt-Delete in a Remote Desktop Session?

• US, UK slap sanctions on Russians linked to Conti, Ryuk, Trickbot malware

• Android mobile devices from top vendors in China have pre-installed malware

• Live Cyber Forensics Analysis with Computer Volatile Memory

• US teases more China tech sanctions, this time to deflate balloon-makers

• Reddit discloses security breach: what you need to know

• An email attack can end up costing you over $1 million

• The dangers of unsupported applications

• New infosec products of the week: February 10, 2023

• ChatGPT is malware makers’ new A.I. partner in crime

• KeePass 2.53.1 password manager resolves vulnerability controversy

• Reddit Suffers Security Breach Exposing Internal Documents and Source Code

• SecuriThings Managed Service Platform secures physical security devices

• ChatGPT and Cyber Attacks

• Australian government gives made-in-China CCTV cams the boot

• Strike Graph integrates assessment and audit capabilities in TrustOperation platform

• Acalvio’s ITDR solution combats identity threats and strengthens zero trust

• SentryBay protects business data at the endpoint with Armored Client for AVD & W365

• N-able Managed EDR accelerates the investigation of threat events

• Endpoint security getting easier, but most organizations lack tool consolidation

• Alexa, who else is listening?

• Romance scammers’ favorite lies cost victims $1.3B last year

• Get Up to Speed With the Latest Cybersecurity Standard for Consumer IoT

• Australian Defense Department to Remove Chinese-Made Cameras

• Reddit reveals security incident that looks more SNAFU than TIFU

• Socure joins FIDO Alliance to improve identity verification industry standards

• Adaptive Shield and Datadog provide users with the ability to visualize SaaS security alerts

• Veza integrates with GitHub to secure customers’ data

• Bard AI Causes Google Losses of $100 Billion

• Integrating DevOps with IT Service Management (ITSM): Best Practices for Effective DevOps-ITSM Integration

• Ryuk ransomware laundering leads to guilty plea

• Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints

• Reddit Breached With Stolen Employee Credentials

• The best travel VPNs of 2023

• How Do Playbooks Help CISOs Improve SecOps?

• SE Labs 2023 Annual Security Report Names Cisco as Best Next Generation Firewall

• NewsPenguin Goes Phishing for Maritime & Military Secrets

• IT Security News Daily Summary 2023-02-09

• Are your kids talking about Safer Internet Day?

• Google To Release ChatGPT-Style AI Chatbot

• How IBM’s new supercomputer is making AI foundation models more enterprise-budget friendly

• crypto wallet (cryptocurrency wallet)

• 4 Ways to Handle AI Decision-Making in Cybersecurity

• VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

• Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

• Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?

• Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

• All in for Security: Cisco Secure at Cisco Live EMEA 2023

• Malware Delivered through Google Search

• Critical Baicells Device Vulnerability Could Make Telecom Networks Vulnerable to Spying

• Principle of DevOps: Establish a Successful Development Team

• Platform streamlines sharing, analysis of criminal justice data

• AI-powered career recommendation engine delivers more job options

• How to Factory Reset any Apple TV, HomePod, AirTag, AirPods, or Beats Headphones

• How to Factory Reset any Mac, iPhone, iPad, iPod touch, or Apple Watch

• Zero Trust Can Guarantee the Future of Computer Security

• LockBit Claims Responsibility For Royal Mail Attack

• Locking down Super Bowl security

• This notorious ransomware has now found a new target

• How IT jobs and recruiting on the dark web might trick you

• UK second most targeted nation behind America for Ransomware

• Different Types of Phone Charging Stations – Ultimate Guide 2023

• Ex Uber Employee Made 388 Fake Driver Profiles, Duped Company of Rs 1.17 Crore

• Personal data encryption in Windows 11

• U.S., U.K. hit TrickBot cybercrime gang with sanctions

• SynSaber Releases ICS CVE Retrospective: 3 Years of CISA Advisories

• 7 Critical Cloud Threats Facing the Enterprise in 2023

• Avast Threat Report: Consumers Plagued With Refund Fraud, Tech Support Scams, and Adware

• Russia’s Ransomware Gangs Are Being Named and Shamed

• Cloud-Native Abstraction and Automation

• Super Bowl ticket scams: Security tips for football fans

• U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

• Kaspersky Finds Growing Number of Parents Experiencing Ransomware Attacks on Children’s Schools

• Safer Internet Day 2023: Empowering Kids and Families for a Safer Internet

• Web beacons on websites and in e-mail

• Podcast Episode: When Tech Comes to Town

• Eurocops shut down Exclu encrypted messaging app, arrest dozens

• Verification, authentication, recognition: Deciphering biometric terms

• Hypervisor patching struggles exacerbate ESXiArgs attacks

• Cryptographers Decode Secret Letters of Mary, Queen of Scots

• US and UK sanctioned seven Russian members of Trickbot gang

• Cyberspace and Instability: Reconceptualizing Instability

• SlashNext Joins the Microsoft Intelligent Security Association

• VulnCheck Raises $3.2M Seed Round for Threat Intel

• S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

• A Fool With a Tool Is Still a Fool: A Cyber Take

• Phishing Surges Ahead, as ChatGPT & AI Loom

• National Cyber Director to retire next week

• Thousands of victims apparently hit by ESXiArgs ransomware

• #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

• #StopRansomware – Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities

• Hackers Actively Exploiting VMware ESXi Servers to Deploy Ransomware

• Data Privacy From a Data Governance Standpoint

• In Perfect Harmony: Cybersecurity Regulation Harmonization

• NIST Picks IoT Standard for Small Electronics Cybersecurity

• Why Lists?

• #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities

• #StopRansomware – Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities

• BlueHat 2023: Connecting the security research community with Microsoft

• Following a Breach at ION Group, LockBit Hackers Received a Ransom

• The LockBit Ransomware Takes Responsibility for the Royal Mail Cyberattack

• Weee! Grocery Service Hacked, 1.1m Accounts Leaked

• GraphQL vs REST: Differences, Similarities, and Why To Use Them

• Building accountability into the coming spyware ban

• The end is near for outdated government financial reporting

• US, UK Slap Sanctions on Trickbot Cybercrime Gang

• CISA Releases Six Industrial Control Systems Advisories

• A new variant of ESXiArgs ransomware makes recovery much harder

• Learn what an AI-driven future means for cybersecurity at Microsoft Secure

• C-suite execs expect cyberattacks targeting financial data to increase this year

• Twitter Implements API Paywall, but Will That Solve Its Enormous Bot Crisis?

• CISA Releases Six Industrial Control Systems Advisories

• Hackers Are Selling A Service That Bypasses ChatGPT Restrictions On Malware

• U.S., Britain Impose Sanctions On Russia’s Trickbot Hacking Gang

• Hackers Bypass ChatGPT Restrictions Via Telegram Bots

• Automate your attack response with Azure DDoS Protection solution for Microsoft Sentinel

• Remembering Professor Carter

• US Says Chinese Military Behind Vast Aerial Spy Program

• Twitter Implements API Paywall; But Will That Solve Its Enormous Bot Crisis?

• What Is API Security?

• Bard: Google launches ChatGPT Rival

• Cybersecurity Industry News Review – 31 January 2023

• Royal Mail “cyber incident” is an ongoing cyberattack CEO admits to MPs

• Finland’s Most-Wanted Hacker Arrested in France

• Available Now: Check Point Quantum SD-WAN delivers the Best Security with Optimized Connectivity

• If your business needs cybersecurity, you should become the expert

• #SOOCon23: Open Source Tools can Automate SBOM Requirements

• Netflix Extends Crackdown On Password Sharing To More Countries

• Auto Dealers Are Prime Targets For Hackers, Warn Researchers

• Codebreakers Decipher Mary, Queen Of Scots’ Secret Letters 436 Years After Her Execution

• Uncle Sam Wants To Strip The IoS Out Of IoT With Light Crypto

• Google’s Bard AI Bot Mistake Wipes $100 Billion Off Shares

• PREDICTIONS 2023, PART 2: WHAT WILL THE NEW YEAR BRING FOR THE INFOSEC COMMUNITY?

• Microsoft Empowers Its Bing And Edge With ChatGPT AI Chatbot

• Zero trust’s creator John Kindervag shares his insights with VentureBeat — Part I

• digital footprint

• US and UK Sanction Seven Russian Cyber-Criminals

• Phyron partners with konversable to provide WhatsApp in video

• Block KillNet’s DDoS Bots Using These Proxy IP Addresses

• Australia issues ban on Chinese surveillance cameras and products

• How Application Mapping Can Boost Application Security

• Google Describes Privacy, Security Improvements in Android 14

• The Culture and Practices of Policing That Killed Tyre Nichols (and So Many Others)

• If Congress Wants to Protect Section 702, It Needs to Rein in the FBI

• Ways in Which Online Merchants Scam Customers

• UK Sanctions Seven Russian Ransomware Cyber Criminals

• SaaS Security Best Practices: Safeguard Consumer Data

• What is a Pentester, and Can They Prevent Data Breaches?

• Vulnerabilities in Popular DMS Products Can Expose Sensitive Documents

• Lessons From the Cold War: How Quality Trumps Quantity in Cybersecurity

• Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices

• The Top 10 Predictions For The Cybersecurity Industry In 2023

• Typical Cybersecurity Methods Aren’t Enough to Support the Modern Workforce

• Understand And Reduce The Sap Attack Surface

• Following a Surge in Metaverse Crimes, Interpol Promises to Implement Punishment

• SpaceX Restricts Ukrainian Starlink Use For Drones

• Boomi AtomSphere Platform (Dell Boomi AtomSphere)

• OpenSSL Releases Security Advisory

• Introduction to Kubernetes Event-Driven Auto-Scaling (KEDA)

• Cybercrime Gang Uses Screenlogger to Identify High-Value Targets in US, Germany

• Android’s February 2023 Updates Patch 40 Vulnerabilities

• OpenSSL Releases Security Advisory

• THN Webinar – Learn How to Comply with New Cyber Insurance Identity Security Requirements

• Avast Threat Labs Q4 2022 Threat Report | Avast

• Lawmakers clash during hearing about unemployment insurance fraud

• Russian Hackers Steal Data In Ukraine With New Graphiron Malware

• This next-gen cybersecurity stock could rally nearly 30%, Canaccord Genuity says

• How Threat Actors Are Changing Money Laundering Campaigns

• Twitter Tells Users They Have Hit Daily Post Limit

• Ransomware has hit 3,800 servers, but CISA says this tool might help

• Tiny IoT devices are getting their own special encryption algorithms

• Vulnerability Allows Hackers to Remotely Tamper With Dahua Security Cameras

• Dark Web Market Revenues Sink 50% in 2022

• Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs

• Ransomware Revolution: 4 Types of Cyber Risks in 2023

• Want to Delete Your Twitter DMs? Good Luck With That

• Mary Queen of Scots Letters Decrypted

• NIST chooses encryption algorithms for lightweight IoT devices

• List of Proxy IPs Used by Killnet, Released

• NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities

• Twitter restricted in Turkey after the earthquake amid disinformation fear

• 12 Ways to Open Files on a Mac

• Panda Free Antivirus, awarded Best New Endpoint by SE Labs

• Bitwarden’s web vault suffers an outage; apps and extensions are safe and unaffected

• Tor and I2P Networks Suffered DDoS Attacks

• There’s been a big rise in phishing attacks. This one worked

• How to Blur Background on iPhone After Taking Photo

• Guide to Container Management on AWS

• ESET Threat Report T3 2022

• ESXiArgs Ransomware Hits Over 3,800 Servers as Hackers Continue Improving Malware

• Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms

• A Hackers Pot of Gold: Your MSP’s Data

• Securing open source development: A supply chain perspective

• Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery

• Growing number of endpoint security tools overwhelm users, leaving devices unprotected

• Threat group targets over 1,000 companies with screenshotting and infostealing malware

• How to unleash the power of an effective security engineering team

• Yes, CISOs should be concerned about the types of data spy balloons can intercept

• Tor Network Hit By a Series of Ongoing DDoS Attacks

• Trio Arrested in COVID PPE Fraud Probe

• OpenSSL Fixes Multiple New Security Flaws with Latest Update

• How do you secure a Super Bowl?

• Weee! Acknowledges Data Leak,1.1 million People Impacted

• Heimdal® Announces Rebrand and Name Consolidation

• Netflix Expands Password Sharing Crackdown

• Silicon In Focus Podcast: Wellness Tech for Businesses

• 20 Powerful Vulnerability Scanning Tools In 2023

• Steps To Planning And Implementation Of Data Privacy

• Dota 2 Game Mods Use Backdoor to Infect Players with Malware

• AmerisourceBergen Healthcare Company Has Been Breached

• New Info-Stealer Discovered as Russia Prepares Fresh Offensive

• ChatGPT & AI Risks – Intego Mac Podcast Episode 278

• Bitwarden’s web vault suffers an outage; password manager’s apps and extensions are unaffected

• Australia To Remove Chinese CCTV From Sensitive Locations

• Pwned Passwords Adds NTLM Support to the Firehose

• Do you know what your supply chain is and if it is secure?

• Twitter Access Restored In Turkey After Earthquake Criticism

• 10 Tips for Securely Filing Taxes Online | Avast

• Singapore officially deactivates contact tracing system, to ‘refurbish’ wearables

• Codebreakers decipher Mary, Queen of Scots’ secret letters 436 years after her execution

• Establishing secure habits for software development in 2023

• Global Ransomware Attack on VMware EXSi Hypervisors Continues to Proliferate

• Online Dating Safety Tips | Avast

• Experts published a list of proxy IPs used by the pro-Russia group Killnet

• Cybercriminals exploit volatile job market for targeted email attacks

• The impact of Russia’s Ukraine invasion on digital threats

• Inadequate cybersecurity investments leave rail industry at risk

• How CISOs can improve security practices to keep up with evolving technologies

• Cyber Attack news headlines trending on Google

• Weee – 1,117,405 breached accounts

• Stories from the SOC – RapperBot, Mirai Botnet – C2, CDIR Drop over SSH

• Minister: Cybercrimes Now 20% of Spain’s Registered Offenses

• Mordecai Rosen joins Skybox Security as CEO

• Opscura raises $9.4 million to address industrial cybersecurity challenges

• Appdome integrates with CircleCI to accelerate secure mobile app delivery

• Latest Cyberthreats and Advisories – February 3, 2023

• SaaS security provider raises $50M to boost application security

• Riskonnect partners with OnSolve to offer a new Threat Intelligence module

• SonarQube 9.9 LTS empowers organizations to boost the quality of their code

• Shufti Pro releases risk assessment and eIDV services to help firms fight fraud

• Deepwatch SecOps Platform enhancements detect and contain identity threats

• ChatGPT integration for Logpoint SOAR allows users to explore its potential in cybersecurity

• Cybersecurity in the Next-Generation Space Age, Pt. 1: Introduction to New Space

• Combating the Ever-Increasing Cyber Attacks in 2023

• Uncle Sam wants to strip the IoS out of IoT with light crypto

• Cybersecurity Experts Provide Insights for Safer Internet Day

• Elite Roster of Cybersecurity Investors Backs Lineaje to Deliver Industry-first Supply Chain Security Solution

• Test Data Compliance: How to Rewrite Your Organization’s DNA

• 10 Top Cloud Security Companies in 2023

• CISA Offers Recovery Tool for ESXiArgs Ransomware Victims

• How To Use MQTT in Golang

• ION starts bringing customers back online after LockBit ransomware attack

• Stalkerware-type app developers fined by NY Attorney General

• Encrypted messaging service eavesdropped on by police, users arrested

• Update now! GoAnywhere MFT zero-day patched

• Ransomware review: February 2023

• What is Vulnerability Scanning & How Does It Work?

• Finland’s Most-Wanted Hacker Nabbed in France

• Reality Reimagined: Exploring Transformative Power of Virtual Worlds on Social Media

• House bill would put grid operators on a short clock for breach reporting

• CISA battles ESXiArgs ransomware campaign with recovery tool

• CISA Releases Recovery Script for Victims of ESXiArgs Ransomware

• (ISC)² Makes Certified in Cybersecurity Exam Available in More Languages to Address Global Workforce Shortage

• The Political Theater Behind the State of the Union Data Privacy Push

• IT Security News Daily Summary 2023-02-08

• Jailbreak Trick Breaks ChatGPT Content Safeguards

• Among the thousands of ESXiArgs ransomware victims? FBI and CISA to the rescue

• ARMO integrates ChatGPT to secure Kubernetes

• ‘Shark Tank’ for state agency IT modernization

• Building Up IAM in a Multicloud World

• Exploit in Dota 2 Video Game Modes Infecting Players

• Analysis: CircleCI attackers stole session cookie to bypass MFA

• Calling All CISSP-ISSMP and CISSP Certification Holders

• Among the thousands of ESXiArgs ransomware victim orgs? FBI and CISA to the rescue

• Incident response: How to implement a communication plan

• ESXiArgs ransomware campaign raises concerns, questions

• Exclu Shutdown Underscores Outsized Role Messaging Apps Play in Cybercrime

• Russian e-commerce giant Elevel exposed buyers’ delivery addresses

• What Is an API Integration Example?

• Anomali ThreatStream: Threat Intelligence Product Overview and Insight

• Leading Energy Companies Tap Fortress to Build and Operate Industry Repository to Identify and Remediate Critical Software Vulnerabilities

• ActZero Unveils Next-Generation MDR Platform

• Legacy Code Refactoring: Tips, Steps, and Best Practices

• State looks to ‘unconventional’ tactics to find talent

• DevSecOps needs to improve to grow adoption rates, maturity

• Skybox Security Appoints Cybersecurity Veteran Mordecai Rosen as CEO

• Researcher compromised the Toyota Supplier Management Network

• Stalkerware Maker Fined $410k and Compelled to Notify Victims

• Essential Team Building for Strong Cloud Security

• What CISOs Should Know About Hacking in 2023

• White House looks to shore up public trust in government websites

• IRS names advisors on possible government-run direct filing system for taxpayers

• CISA and FBI Release ESXiArgs Ransomware Recovery Guidance

• Mass Ransomware Campaign Hits US & EU

• Gigamon Exits NDR Market, Sells ThreatInsight Business to Fortinet

• Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting and Financial Data in Year Ahead

• Corelight Expands Partnership With CrowdStrike to Provide Network Detection and Response Technology for CrowdStrike Services

• GAO Calls for Action to Protect Cybersecurity of Critical Energy, Communications Networks

• SecuriThings Brings Managed Service Capabilities to Physical Security, With New Managed Service Platform

• ESXiArgs Ransomware Virtual Machine Recovery Guidance

• CISA and FBI Release ESXiArgs Ransomware Recovery Guidance

• New MSRC Blog Site

• 2023-02-07 – OneNote file pushes unidentified malware

• ChatGPT is a data privacy nightmare. If you’ve ever posted online, you ought to be concerned

• Tor Network Under DDoS Pressure for 7 Months

• Toyota Global Supply Chain Portal Flaw Put Hacker in the Driver’s Seat

• Gigamon Exits NDR Market, Sells ThreatINSIGHT Business to Fortinet

• ESXiArgs Ransomware Virtual Machine Recovery Guidance

• NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices

• Participation in the Fediverse

• Clop Ransomware Flaw Permitted Linux Victims to Restore Files for Months

• It Isn’t Time to Worry About Quantum Computing Just Yet

• Honoring our ‘Cybersecurity Defender of the Year’ in EMEA

• Mirai-based Medusa Botnet Is Back with Ransomware Capabilities

• What Are Industrial Control Systems?

• Chinese spy balloon over the US: An aerospace expert explains how the balloons work and what they can see

• Application Security Protection for the Masses

• Chrome 110 Patches 15 Vulnerabilities

• Australian Man Sentenced for Scam Related to Optus Hack

• Spies, Hackers, Informants: How China Snoops on the US

• Skybox Security Raises $50M, Hires New CEO

• How to Use Cloud Access Security Brokers for Data Protection

• Researcher Hacked Toyota’s Global Supplier Portal

• Announcing Check Point Software’s Americas Partner Winners at CPX 360 New York

• UK Politician’s Email Hacked by Suspected Russian Threat Actors

• National Security Roundup for the 2023 State of the Union

• Solving one of NOBELIUM’s most novel attacks: Cyberattack Series

• 9 Ways smart devices can compromise your privacy

• List of Proxy IPs Exposed to Block Killnet’s DDoS Bots

• Biden’s State of the Union highlights semiconductor success and big tech privacy concerns

• A Majority of Security Experts Prioritize Prevention Over Detection

• New Password-sharing Rule from Netflix Can Annoy Users

• Do traffic signals need a fourth light for self-driving cars?

• SOC 3 (System and Organization Controls 3)

• Cybersecurity Analysts Using ChatGPT for Malicious Code Analysis, Predicting Threats

• Unpatched Security Flaws Disclosed in Multiple Document Management Systems

• Russian national pleads guilty to money laundering linked to Ryuk Ransomware operation

• Top Android Phones From China Are Packed With Spyware, Research Finds

• Scammers Steal $4 Million In Crypto During Face-To-Face Meeting

• Suspect In Finnish Psychotherapy Blackmail Hack Arrested

• Mysterious Russian Satellites Are Now Breaking Apart In Low Earth Orbit

• Mysterious Leak Of Booking.com Data Being Used For Scams

• The Proud Boys Jurors: Who Are They and Can They Be Fair?

• Google announces to launch conversational AI to its Search Engine

• How Businesses Benefit from Using Instagram Reels

• Securing the Clouds: An Evaluation of Cloud Security Solutions

• Defending Against Data Breaches: An Overview of Cyber Insurance for MSPs

• Your Go-to Guide to Develop Cryptocurrency Blockchain in Node.Js

• CISA releases ESXiArgs ransomware recovery script

• Dingo Token Charging 99% Fee is a Scam

• Police in Hong Kong and Interpol Discover Phishing Servers and Apps

• Intel Now Seeks $10 Billion State Aid For German Factory – Report

• The cloud’s growing impact on cybersecurity

• Lawmakers Press Facebook Over Risky Data Access In Hostile Countries

• Why ChatGPT Isn’t a Death Sentence for Cyber Defenders

• Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach

• New Graphiron info-stealer used in attacks against Ukraine

• UK Watchdog Finds Microsoft’s Activision Deal Could Hurt Gamers

• What’s Next in Cybersecurity? Join Us at Ignite on Tour!

• Malvertiser “D-Shortiez” abuses WebKit back button hijack in forced-redirect campaign

• Earth Zhulong: Familiar Patterns Target Vietnam

• Russian Admits in US Court to Laundering Money for Ryuk Ransomware Gang

• UN Experts: North Korean Hackers Stole Record Virtual Assets

• Siemens License Manager Vulnerabilities Allow ICS Hacking

• #SOOCon23: UK Government Urges Industry Input on Software Security Policy

• 10 API Security Best Practices To Protect Your Organization

• Scottish MP Admits Hack Of Personal Email, After NCSC Warning

• Scammers steal $4 million in crypto during face-to-face meeting

• Why Some Cloud Services Vulnerabilities Are So Hard to Fix

• Bard: Google Introduces New ChatGPT Rival

• Russian Citizen Accused of Laundering Money from U.S.- targeted Ransomware Attacks

• SYN Flood Explained. How to Prevent this Attack from Taking over your Server

• US Grocery Delivery Platform Weee! Suffers Massive Data Leak

• Analysis: Could NIST’s Cybersecurity Framework 2.0 be the beginning of international best practice?

• Password Manager Dashlane Open-sourced Its Mobile Apps

• Google Chrome 110 arrives – but not all Windows PCs will get it

• The Role of Data Hygiene in the Security of the Energy Industry

• How to Optimize Your Cyber Insurance Coverage

• Ukraine CERT-UA warns of phishing attacks employing Remcos software

• New Abnormal Security Research Shows Employees Open 28% of BEC Attacks, Fail to Report 98% of All Email Attacks

• How the US Can Stop Data Brokers’ Worst Practices—Right Now

• Tax Season has officially arrived and cyber criminals are happy

• Zoom Sheds 15 Percent Of Workforce

• Patient Information Compromised in Data Breach at San Diego Healthcare Provider

• CISA Releases Open Source Recovery Tool for ESXiArgs Ransomware

• A Deep Dive Into the Growing GootLoader Threat

• How to Think Like a Hacker and Stay Ahead of Threats

• Russian Hackers Using Graphiron Malware to Steal Data from Ukraine

• Microsoft Adds AI To Bing Search Engine, Edge Browser

• Check Point 2023 Security Report: Cyberattacks reach an all-time high in response to geo-political conflict, and the rise of ‘disruption and destruction’ malware

• New cybersecurity data reveals persistent social engineering vulnerabilities

• BEC Attacks Surge 81% in 2022

• CERT-UA Warns Ukrainian Authorities On Remcos Cyberattacks

• Top 3 resolutions for security teams

• #SOOCon23: Global Cooperation Needed to Enhance Open Source Software Security

• How Cannabis Cultivators Are Using New Technology to Be More Productive in 2023?

• Picking The Right Password Manager: Five Things To Bear In Mind

• Singapore hit by growing cybercrimes, clocks $501M in losses from scams

• CISA Releases Recovery Tool for VMware Ransomware Victims

• Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware

• US CISA releases a script to recover servers infected with ESXiArgs ransomware

• ARM Boss Committed To Public Listing In 2023

• Regulator Halts AI Chatbot Over GDPR Concerns

• Why performing security testing on your products and systems is a good idea

• Major CrackDown – Police Hacked Exclu ‘secure’ Cybercriminal Message Platform

• Vulnerability Research is a Journey: CVEs Found by KeenLab

• Emerging Defense in Android Kernel

• WindowServer: The privilege chameleon on macOS (Part 1)

• WindowServer: The privilege chameleon on macOS (Part 2)

• Suspect in Finnish psychotherapy center blackmail hack arrested

• CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks

• The Journey of a complete OSX privilege escalation with a single vulnerability – Part 1

• Car Hacking Research: Remote Attack Tesla Motors

• A Link to System Privilege

• Racing for everyone: descriptor describes TOCTOU in Apple’s core

• New Car Hacking Research: 2017, Remote Attack Tesla Motors Again

• Global Ransomware attack downs Florida Supreme Court and European Universities

• Cisco’s innovations protect hybrid work and multi-cloud environments

• Everbridge DigitalOps Insights provides visibility into IT service disruptions

• Neustar Security Services UltraPlatform protects enterprises’ digital assets

• Novel face swaps emerge as a major threat to biometric security

• Generative AI: A benefit and a hazard

• Biden’s SOTU: Data Privacy Is Now a Must-Hit US State of the Union Topic

• A bunch of Red Pills: VMware Escapes

• TenSec 2018

• New Vehicle Security Research by KeenLab: Experimental Security Assessment of BMW Cars

• Exploiting iOS 11.0-11.3.1 Multi-path-TCP:A walk through

• Tencent Keen Security Lab: Experimental Security Research of Tesla Autopilot

• Identifying and securing your business’s dark data assets in the cloud

• OpenSSL fixes High Severity data-stealing bug – patch now!

• TenSec 2019

• Exploiting Wi-Fi Stack on Tesla Model S

• Tencent Keen Security Lab joins GENIVI Alliance

• Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars

• Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars

• Biden’s SOTU: Data Privacy Is Now a Must-Hit US State of the Union Topic

• Into the void: Your tech and security in digital darkness

• The 5 best identity theft protection & credit monitoring services in 2023

• VMware Disputes Old Flaws at Root of ESXiArgs Ransomware Attacks

• What Is Browser Sandboxing?

• CISA Releases ESXiArgs Ransomware Recovery Script

• Vulnerability Summary for the Week of January 30, 2023

• New Linux variant of Clop Ransomware uses a flawed encryption algorithm

• Application Mapping: 5 Key Benefits for Software Projects

• NIST researcher calls for further evaluation of the AI impact on humans

• SolarWinds Security Event Manager – SIEM Product Overview and Insight

• CISA Releases ESXiArgs Ransomware Recovery Script

• Vulnerability Summary for the Week of January 30, 2023

• On the 20th Safer Internet Day, what was security like back in 2004?

• Florida hospital takes entire IT systems offline after ‘ransomware attack’

• Introducing Malwarebytes Mobile Security for Business: How to find malware and stop phishing attacks on smartphones and ChromeOS

• Cloud Apps Still Demand Way More Privileges Than They Use

• Cybersecurity Industry News Review: February 7, 2023

• Cisco turns to risk-based authentication to make MFA and zero trust practical

• Fresh, Buggy Clop Ransomware Variant Targets Linux Systems

• ‘Money Lover’ Finance App Exposes User Data

• Labor Secretary set to leave post for NHL players union, reports say

• Fresh (Buggy) Clop Ransomware Variant Targets Linux Systems

• IT Security News Daily Summary 2023-02-07

• IRS not capturing the true cost of its legacy IT footprint, watchdog says

• KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach

• How ‘Sliver’ and ‘BYOVD’ Attacks Are Giving Hackers Backdoor Access to Windows Devices

• OpenSSL Ships Patch for High-Severity Flaws

• Germany Appoints Central Bank IT Chief to Head Cybersecurity

• Shift left critical to app security; Build38 raises €13M for trust development kit

• House panel presses FAA to speed up modernization

• tokenization

• DPRK Using Unpatched Zimbra Devices to Spy on Researchers

• From silos to seamless: How state governments deliver personalized services

• Metaverse adds new dimensions to Web 3.0 cybersecurity

• VMWare user? Worried about “ESXi ransomware”? Check your patches now!

• Fortinet vs Palo Alto: Compare Top Next-Generation Firewalls

• New Banking Trojan Targeting 100M Pix Payment Platform Accounts

• Key Features of Enterprise Browser

• ImageMagick Vulnerabilities Could Allow DoS, Information Leak

• Emergency Patch Released For GoAnywhere MFT Zero-Day Vulnerability

• State details how agencies must apply TikTok ban

• Machine learning maps location of lead pipes

• Ongoing VMware ESXi Ransomware Attack Highlights Inherent Virtualization Risks

• Industrial Cybersecurity Innovator Opscura Receives $9.4M in Series A Funding as Critical Operations Transform

• Interpol is Determining How to Police the Metaverse

• Backdoor in Dingo Cryptocurrency Allows Creator to Steal (Nearly) Everything

• With TikTok Bans, the Time for Operational Governance Is Now

• Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement

• Attackers are searching for online store backups in public folders. Can they find yours?

• Massive ransomware operation targets VMware ESXi: How to protect from this security threat

• ARMO Integrates ChatGPT to Help Users Secure Kubernetes

• Coalfire Compliance Essentials Optimized for Automated Evidence Collection

• CISA Releases One Industrial Control Systems Advisory

• SpaceX May Attempt Starship Launch In March

• Google Introduces Bard: New ChatGPT Rival

• Agencies seek public input on updates to guiding plan for cyber R&D

• 10 types of security incidents and how to handle them

• Infosec Launches New Office Comedy Themed Security Awareness Training Series

• Intel 471 Announces Powerful and Scalable Attack Surface Protection Solution Suite

• CISA Releases One Industrial Control Systems Advisory

• VMware has no evidence of zero-day exploitation in ESXiArgs ransomware attacks

• Here’s A List Of Proxy IPs To Help Block KillNet’s DDoS Bots

• QNAP Backtracks On Scope Of Critical NAS Bug

• Lawsuit Blast GoodRx, Meta Over Egregious Privacy Practices

• Google Launches ChatGPT Rival Bard

• A Quick Look At The Chinese Spy Balloon Over The US

• AI and Cybersecurity: Some observational implications of the intersection between the two

• How to protect your car dealership from cyber-attacks

• China’s Baidu Prepares ChatGPT-Style Service

• VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks

• DataDome’s Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the U.S. as the Top Source of Bot Attacks

• Valtix Survey: 95% of Organizations Say Multi-cloud Is a ‘Strategic Priority’ but Only 58% Have the Security Architecture to Support It

• Financial Institutions Are Suffering From Increasingly Sophisticated Cyberattacks, According to Contrast Security

• How to Get into the Cybersecurity Industry

• How to Set Up the Perfect Workspace at Home

• How to Spot a Nefarious Cryptocurrency Platform

• Cyber Insurance, A Must-Have for Small Businesses

• Interpreting the ‘Twitter Files’: Lessons About External Influence on Content Moderation

• Constructive Ambiguity of the Budapest Memorandum at 28: Making Sense of the Controversial Agreement

• Password security tips to keep data safe from hackers

• Chinese Version Of TikTok To Expand Food Delivery Service

• Cybercriminals Bypass ChatGPT Restrictions to Generate Malicious Content

• Linux Variant of Cl0p Ransomware Emerges

• Patch Released for Actively Exploited GoAnywhere MFT Zero-Day

• Vulnerability Provided Access to Toyota Supplier Management Network

• ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding

• Software Supply Chain Security Firm Lineaje Raises $7 Million

• Optimizing Cybersecurity Investments in a Constrained Spending Environment

• Juggling the Demands of a Multicloud Environment

• Court Approves Lawsuit Against Meta In Kenya

• UK Metal Engineering Firm Vesuvius Hit by Cyber-Attack

• Released: Decryptor for Cl0p ransomware’s Linux variant

• PixPirate Malware Is Actively Stealing Banking Passwords

• Iranian Threat Group Behind Charlie Hebdo Data Breach

• The Quantum Threat: Our Government Knows More Than You Do

• U.S. Nuclear Facilities Witnesses Hacking and Espionage Threats

• Defending Data Breaches Through Cybersecurity

• Everything you can do with the Apple HomePod

• A Cybersecurity Risk Assessment Guide for Leaders

• UK Considers Backing Official ‘Digital Pound’

• Benefits Of Having Video Surveillance In Your Business

• Google expands virtual cards to American Express customers

• Widespread ransomware campaign targets VMware ESXi servers

• 5 Ways to Survive Scam Season — or Rather, Tax Season

• Palo Alto Networks Cortex and IBM Enhance Modern Incident Response

• Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

• Exploit Released for GoAnywhere File Transfer Zero-Day Flaw

• Calling custom security awareness training the answer to social engineering, Riot raises $12M

• ARMO shows how ChatGPT can help protect Kubernetes

• Social Networking Without Selling Yourself

• Safer Internet Day 2023: Protecting Your Personal Data

• Tripwire Patch Priority Index for January 2023

• VMware warns of ransomware attacks on unpatched ESXi hypervisors

• Keeping KillNet at Bay: Use the IP Address Blocklist

• Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?

• Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

• All in for Security: Cisco Secure at Cisco Live EMEA 2023

• Critical Baicells Device Vulnerability Could Make Telecom Networks Vulnerable to Spying

• Are your kids talking about Safer Internet Day?

• Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk

• Google To Release ChatGPT-Style AI Chatbot

• How IBM’s new supercomputer is making AI foundation models more enterprise-budget friendly

• VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

• Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

• OpenSSH addressed a new pre-auth double free vulnerability

• Malware Delivered through Google Search

• Eurocops Shuts Down Exclu Messaging App, Dozens Arrested

• Amazon S3 to apply security best practices for all new buckets

• LockBit Claims Responsibility For Royal Mail Attack

• This notorious ransomware has now found a new target

• Different Types of Phone Charging Stations – Ultimate Guide 2023

• Ex Uber Employee Made 388 Fake Driver Profiles, Duped Company of Rs 1.17 Crore

• Zero Trust Can Guarantee the Future of Computer Security

• Drugs Labs Busted After Encrypted Chat App Takedown

• Thirteen Teams Win at UK’s CyberFirst Girls Competition

• BlackSprut: Darknet Drug Market Advertises On Billboards In Moscow

• UK second most targeted nation behind America for Ransomware

• Cisco turns to risk-based authentication to make MFA and zero trust practical

• UK Banks Still Failing on Digital Security – Report

• Anonymous leaked 128GB of data stolen from Russian ISP Convex revealing FSB’s warrantless surveillance

• Need to improve the detection capabilities in your security products?

• 5 Best Technologies to Secure Kubernetes – 2023

• Super Bowl ticket scams: Security tips for football fans

• Shift left is critical to app security; Build38 raises €13M for trust development kit

• Web beacons on websites and in e-mail

• Eurocops shut down Exclu encrypted messaging app, arrest dozens

• Safer Internet Day 2023: Empowering Kids and Families for a Safer Internet

• Fortinet launches FortiSP5 to secure distributed network edges

• OPSWAT MetaDefender Kiosk K2100 secures critical networks in challenging environments

• Podcast Episode: When Tech Comes to Town

• Cequence Security API Security Testing uncovers and remediates API vulnerabilities

• ChatGPT’s potential to aid attackers puts IT pros on high alert

• How to scale cybersecurity for your business

• India-China relations will define the IoT landscape in 2023

• Balancing risk and security tradeoffs

• iPhone using parents to get precise location of kids via Apple Watch

• Microsoft attributes Charlie Hebdo attacks to Iranian nation-state threat group

• OPSWAT mobile hardware offers infrastructure security for the air gap

• Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition

• BrandPost: Tackling Cyber Influence Operations: Exploring the Microsoft Digital Defense Report

• Massive ransomware attack targets VMware ESXi servers worldwide

• Transport Layer Security (TLS): Issues & Protocol

• A Fool With a Tool Is Still a Fool: A Cyber Take

• No experience, No Problem – (ISC)² Recruits 140,000 Individuals Interested in a Cybersecurity Career

• 12 ways to improve your website security

• Hackers Actively Exploiting VMware ESXi Servers to Deploy Ransomware

• Following a Breach at ION Group, LockBit Hackers Received a Ransom

• Online safety laws: What’s in store for children’s digital playgrounds?

• Industrial Defender and Nozomi Networks partner to protect critical operational technology

• Why Lists?

• BlueHat 2023: Connecting the security research community with Microsoft

• Cloud-ready and Channel-first

• Data Privacy From a Data Governance Standpoint

• U2opia licenses ORNL technologies for cybersecurity monitoring in real time

• A week in security (January 30 – February 5)

• Two year old vulnerability used in ransomware attack against VMware ESXi

• Embarrassment as US cyber ambassador’s Twitter account is hacked

• IT Security News Daily Summary 2023-02-06

• Major Cybercrime Crackdown: Encrypted Messenger Exclu Seized

• 4 reasons it’s time to reassess your cloud architecture

• Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread

• Crypto Drainers Are Ready to Ransack Investor Wallets

• Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out

• LimeVPN – 23,348 breached accounts

• The Role of Cloud-Native Security in Application Delivery

• Software industry group offers FedRAMP wishlist to OMB, GSA

• Cadien Cyber Response Launches to Deliver Incident Response & Complex Digital Forensics Services

• Italy, France and Singapore Warn of a Spike in ESXI Ransomware

• Smart infrastructure bolsters energy conservation

• ChatGPT-powered cyberattacks expected, report says

• Here’s a list of proxy IPs to help block KillNet’s DDoS bots

• Vastaamo hacking suspect arrested in France

• Court Rules That Facebook Must Face Lawsuit From Content Moderators

• Mortgage Broker 8Twelve Exposes Data of Canadian Residents

• House Dem pushes back on bill to cancel VA’s $20B-plus software refresh

• Cybercrime Shows No Signs of Slowing Down

• Getting results from your zero-trust initiatives in 2023

• Singapore open to ChatGPT use in schools, but urges caution

• Patching & Passwords Lead the Problem Pack for Cyber-Teams

• Protect Your Passwords Like Never Before with Dashlane’s Mobile Apps Source Code Release

• Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping

• Comcast Wants a Slice of the Enterprise Cybersecurity Business

• Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto

• Intern with Lawfare!

• Italy Bans US-based AI Chatbot Replika From Using Personal Data

• Microsoft: Iran Unit Responsible for Charlie Hebdo Hack-and-Leak Operation

• How to fix the top 5 cybersecurity vulnerabilities

• Novel Banking Trojan ‘PixPirate’ Targets Brazil

• 128GB Of Russian ISP Convex Data Leaked By Anonymous Hacker

• Four-Day Working Week: A Cybersecurity Challenge or New Opportunity?

• Ivanti’s Michelle Hodges Honored as a 2023 CRN Channel Chief

• RevBits Endpoint Security Fully and Successfully Deployed, in a government-based entity PoC, for a True Air-Gapped Environment

• Chris Peterson of Anomali Honored as a 2023 CRN Channel Chief

• JFrog Proves FORTUNE 100 Companies Are Getting IoT-Ready and Increasing Their Focus on Securing the Software Supply Chain

• In A Cloud Speed World, Is It Time To Leave It To The Machines?

• OpenAI says ChatGPT must be regulated. Meanwhile, get ready for AI audits | The AI Beat

• Finnish psychotherapy extortion suspect arrested in France

• What Is Container Security? Definition, Benefits, and Risks

• The New HomePod Brings a New Sound and More Home Smarts

• NSF will invest up to $28M for STEM open-source ecosystems

• TrickGate crypter discovered after 6 years of infections

• New York Attorney General Fines Vendor for Illegally Promoting Spyware

• Iranian Threat Actor Neptunium Associated With Charlie Hebdo Cyber-Attacks

• Introducing Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

• How to make sure the reputation of your products and company is good

• DTEX Systems’ Brian Stoner Honored as a 2023 CRN Channel Chief

• iLearningEngines Completes 20th Webinar of its Quarterly Series Focused on the Insurance Sector and Employment Legal Issues

• How are you marking data privacy day?

• The ethics of biometric data use in security

• How to Earn Your (ISC)² Certification

• Apple Discounts High-End iPhones In China As Demand Sags

• No Evidence Global Ransomware Hack Was By State Entity, Italy Says

• Iran Crew Stole Charlie Hebdo Database, Says Microsoft

• School Laptop Auction Devolves Into Extortion Allegation

• Dutch Police Read Messages Of Encrypted Messenger Exclu

• Court Considers Independent FTX Probe

• Major Florida Hospital Shuts Down Networks, Ransomware Attack Suspected

• Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

• Will Emphasising App Security Lead to More App Installs?

• Extortion Attempt by Former Ubiquiti Developer

• Unpatched VMware servers vulnerable to Ransomware Attacks

• Google ‘Invests $300m’ In AI Start-Up Anthropic

• The Ongoing Battle: Is Time on the Side of Hackers or Defenders?

• Why Crowdsourced Security is Devastating to Threat Actors

• Name That Edge Toon: For the Birds

• GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry

• Top 10 Endpoint Security Best Practices That Help Prevent Cyberattacks

• Cybercriminals used sophisticated tech to fool Chase and its customer in scam that stole $120,000

• How Cybercriminals Are Operationalizing Money Laundering and What to Do About It

• Importance of Standards to National Security

• Water Wars: Japan’s Defense Buildup Signals a Shift Away from Post-WWII

• AI Models Produces Photos of Real People and Copyrighted Images

• Stop Siri, Google & Alexa from Stealing Audio Files for Unauthorized Usage

• Wall Street Advisory Firm Sues Twitter Over Unpaid Bill

• Massive Ransomware attack Targets VMware ESXi Servers

• The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

• Cisco secures IoT, keeping security closer to networking

• A prominent UK cybersecurity stock is under attack from short sellers. Here’s what you need to know

• VERT Reads All About It – Cybersecurity News February 6 2023

• SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022

• How to Fix Cyclic Redundancy Check Data Error?

• OpenAI Rolls Out AI-Text Detection Tool Following ChatGPT’s Popularity

• Anonymous Leaks 128 GB of Data from Russian ISP Convex

• VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability

• Widespread Ransomware Attacks On Vulnerable VMware ESXi Installations

• DevOps Challenges to Watch Out for in 2023: and How to Approach Them

• How to Create a Dockerfile?

• Keeping unstructured data safe and sound

• Cyber Insights 2023 | Zero Trust and Identity and Access Management

• Cyber Insights 2023 | The Coming of Web3

• 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder

• Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack

• GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry

• Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)

• Inside Safe City, Moscow’s AI Surveillance Dystopia

Generated on 2023-02-12 23:59:19.538230