IT Security News Weekly Summary – Week 27

• IT Security News Daily Summary 2023-07-09

• OSINT Tool ‘Illicit Services’ Shuts Down Amidst Exploitation Concerns

• Introduction to Cloud Database

• Russian Dark Net Markets Dominate the Global Illicit Drug Trade: Report

• Two spyware sending data of more than 1.5M users to China were found in Google Play Store

• French Government Allows Remote Access to Suspects’ Devices: Privacy Concerns Arise

• ChatGPT Loses Its Spark: Google A.I. Researcher Identifies Children as the Key Challenge

• Ransomware Affiliates, Triple Extortion, and the Dark Web Ecosystem

• Shell Confirms MOVEit-based Hack After the Threat Group Leaks Data

• Pakistan Election Commission Faces Cyber Attack

• “Big Head” ransomware fakes Windows Update to trick users

• Escalating Global Threats Targeting Cloud Infrastructure

• Can TV and Radio Broadcasts Be Hacked?

• Netwrix Auditor RCE Bug Abused in Truebot Malware Campaign

• Investing Wisely

• Online Privacy Statistics

• Week in review: Fileless attacks increase 1,400%, consumers ditch brands hit by ransomware

• Cyber Security Management System (CSMS) for the Automotive Industry

• Security Affairs newsletter Round 427 by Pierluigi Paganini – International edition

• ​​​​​​​With new aerospace Cybersecurity rules set to land – What’s the standard for operators?

• New Phishing Attack Spoofs Microsoft 365 Authentication System

• IT Security News Daily Summary 2023-07-08

• Hiding In The Windows Event Log

• Google addressed 3 actively exploited flaws in Android

• Understanding The Difference Between DDR and EDR

• Are Your Google Docs Safe From AI Training?

• Pentagon Concludes Review Following Discord Leak, Tightens Controls on Classified Info

• Toward a more resilient SOC: the power of machine learning

• Will Threads be a ‘Threat’ to Twitter?

• Closing the Zero Trust Gap: Invary Leads Cybersecurity Innovation with New Approach

• Navigating the Ransomware Threat Landscape: A Comprehensive View by Safi Raza

• Advanced Vishing Attack Campaign “LetsCall” Targets Andriod Users

• E2E Encryption Under Scrutiny: Debating Big Tech’s Role in Reading Messages

• Protecting Yourself from ATM Scams: Understanding and Preventing Shoulder Surfing

• Defending Against Ransomware Attacks

• Senior OPERA1ER Cybercrime Gang Member Arrested in Global Operation

• Unveiling the Shield How Online Casinos Use Technology to Thwart Hackers

• Russia’s Notorious Troll Farm Disbands

• Ransomware Attack Forces Major Japanese Port to Halt its Operation

• Technician Indicted for Hacking California Water Treatment Facility

• Iran-linked APT TA453 targets Windows and macOS systems

• Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China

• Secure Booting for Embedded Devices: Safeguarding Systems from Intrusions

• Build or Buy your own antivirus product

• Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam

• Cybersecurity is not a tool or software piece; is a state of mind: Bridging the gap for career changers

• 1.5 Million-Download File Management App Transfers Data to China

• Warning issued over vulnerability in cardiac device monitoring software

• Solar monitoring systems exposed: Secure your devices

• How kids pay the price for ransomware attacks on education

• 2023-07-04 thru 2023-07-07 – AgentTesla to my honeypot email accounts

• The Importance of Penetration Testing in Cloud Security

• Nickelodeon Data Leak Labeled ‘Old’: Interview with @GhostyTongue Reveals Inside Info

• Exposure Management Looks to Attack Paths, Identity to Better Measure Risk

• Bangladesh government website leaked data of millions of citizens

• 12 Types of Vulnerability Scans & When to Run Each

• Global Hacking Competition Addresses Critical Increase in Cybersecurity Threats for Businesses

• How to Safely Architect AI in Your Cybersecurity Programs

• IT Security News Daily Summary 2023-07-07

• Truebot Malware Variants Abound, According to CISA Advisory

• Meta’s Rush to Topple Twitter Sets Up Looming Privacy Debate

• Friday Squid Blogging: Giant Squid Nebula

• A man has been charged with a cyber attack on the Discovery Bay water treatment facility

• 8 Best Penetration Testing Tools and Software for 2023

• Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

• Microsoft Defender for Endpoint is ranked number one in market share in the IDC Worldwide Corporate Endpoint Security Market Shares report, 2022

• The five-day job: A BlackByte ransomware intrusion case study

• EDM Council Survey: Management of Cloud Data Deployment is Lacking

• Spyware Gamed 1.5M Users of Google Play Store

• Microsoft Edge cheat sheet

• Government Officials Banned From Contacting Facebook In Free Speech Case

• MOVEit Transfer Faces Another Critical Data-Theft Bug

• Vishing Goes High-Tech: New ‘Letscall’ Malware Employs Voice Traffic Routing

• Live Training: Dallas, TX, USA

• Live Training: Miami, FL, USA

• Industrial Solar Panels Face Critical RCE Bugs

• OpenAI Faces Lawsuit for Exploiting User Data to Train ChatGPT, DALL-E

• Amazon Brushing Scam: What It Is And How To Avoid It

• Educational Institutions Under Attack: Ransomware Criminals Leak Students’ Sensitive Data Online

• Data Leak Affects 425,000 Swiss Addresses

• How the FBI Hacked Hive and Saved Victims

• After Zero-Day Attacks, MOVEit Turns to Security Service Packs

• 10 ways SecOps can strengthen cybersecurity with ChatGPT

• network intrusion protection system (NIPS)

• Enterprise risk management should inform cyber-risk strategies

• Progress warns customers of a new critical flaw in MOVEit Transfer software

• What is an incident response plan (IRP) and how effective is your incident response posture?

• Chinese Spyware Discovered on Google Play Store

• mobile authentication

• Twitter User Exposes Nickelodeon Data Leak

• Settled Human Rights Standards as Building Blocks for Platform Accountability and Regulation: A Contribution to the Brazilian Debate

• Rising Costs of Cyberattacks: Ransomware Victims Paying More, Finds Report

• Fujitsu Cloud Security rebuked by Japan and Nickelodeon Data Breach

• Iranian Cyberspies Target US-Based Think Tank With New macOS Malware

• Former Contractor Employee Charged for Hacking California Water Treatment Facility

• In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques

• New Campaigns Use Malicious npm Packages to Support Phishing Kits

• Ex-Employee Charged For Hacking Water Treatment Facility

• Secure and Scalable Cloud Networking with Oracle Cloud Intra-VCN Routing and Check Point CloudGuard

• Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software

• Sticky Sessions With Apache APISIX — The Demo

• OpenAI Is Hiring Researchers to Wrangle ‘Superintelligent’ AI

• Can Generative AI Be Trusted to Fix Your Code?

• Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

• StackRot: A New Linux Kernel Flaw Allows Privilege Escalation

• AI in Cybersecurity – Take the Survey

• Hackers Exploit Netwrix Auditor RCE Flaw in Truebot Malware Attack

• Security Firm Finds Over 130k Internet-Exposed Photovoltaic Diagnostics Systems

• OWASP SwSec 5D Tool Provides SDLC Maturity Ratings, Aids Software Supply Chain

• Vulnerabilities in PiiGAB Product Could Expose Industrial Organizations to Attacks

• 4 Best VPN Services (2023): For Routers, PC, iPhone, Android, and More

• Before You Deploy Advanced Tech, Consider the Hidden Cyberthreats

• From AI-driven Defense to Dark Web Threat Intelligence

• Bluesky Surpasses One Million Downloads

• Evolving DORA Metrics: Discussing Emerging Trends and Advancements in DORA Metrics, Such as Incorporating Security and Quality Metrics Into the Assessment Framework

• AWS Exec: Generative AI can create a flywheel effect for business growth

• Top Data Breaches in 2023: Alarming Incidents Impacting Companies

• Malicious Insider Explained: The Call is Coming from Inside the House

• Tailing Big Head Ransomware’s Variants, Tactics, and Impact

• Generative AI Policy Must Be Precise, Careful, and Practical: How to Cut Through the Hype and Spot Potential Risks in New Legislation

• Capita staffers told attackers stole data from its own pension fund

• Global Translation Service Exposed Highly Sensitive Records Online

• Two Apps Hosted on Google Play Caught Sending User Data to Chinese Servers

• How To Tell If You’ve Been DDoSed: 5 Signs of a DDoS Attack

• CISA, FBI: A New Version of the Truebot Malware Is Actively Used in Attacks

• Close Security Gaps with Continuous Threat Exposure Management

• The AI Dividend

• How Digitalization Has Revolutionized The Process Of Obtaining A Second Passport

• Broadcom Signals $1 Billion Investment In Spain

• ENISA: Ransomware Makes Up Over Half of Healthcare Cyber-Threats

• July 2023 Patch Tuesday forecast: A month of instability and uncertainty

• Meduza Stealer Targets Password Managers

• 10 Email Security Best Practices in 2023

• Kubernetes: Advantages and Disadvantages

• BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days

• Twitter Threatens Lawsuit Over Threads App

• US and Canadian Authorities Warn of Increased Truebot Activity

• Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks

• JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident

• Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities

• Decoding the Algorithms: How Online Casinos Are Programmed to Operate – 2023 Guide

• Printing the Future: The State of Additive Manufacturing

• HSBC Joins Quantum-Secure Network

• Strengthening the Security of Embedded Devices

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?

• Silicon UK Pulse: Your Tech News Update: Episode 10

• StackRot – New Linux kernel Privilege Escalation Vulnerability

• BlackByte 2.0 Ransomware Employs Wide Range of Tools in 5 Days

• CISA and FBI warn of Truebot infecting US and Canada based organizations

• Minneapolis Public Schools Faces Data Leak Following Ransomware Attack

• Unmasking the Threat: Understanding Fileless Attacks

• Startup Spotlight: Endor Labs Focuses on Reachability

• Next-Generation Firewalls: A comprehensive guide for network security modernization

• Benefits of Using NFV with SASE

• API tools and services are fueling revenue growth

• Is your browser betraying you? Emerging threats in 2023

• Scammers using AI voice technology to commit crimes

• How We Found Another GitHub Action Environment Injection Vulnerability In A Google Project

• Mastodon Fixes Critical TootRoot Vuln Allowing Node Jacking

• Iranian Hacking Group Impersonating Nuclear Experts To Gain Intel From Western Think Tanks

• RAM-Ramming Rowhammer Is Back To Uniquely Fingerprint Devices

• LockBit Louts Unload At Japan’s Most Prolific Cargo Port

• North Korean Satellite Had No Military Unit For Spying, Says South Korea

• Update Android now! Google patches three actively exploited zero-days

• Warning issued over vulnerability in cardiac devices

• How Threads’ Privacy Policy Compares to Twitter’s (and Its Rivals’)

• Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted traffic

• Nickelodeon probes claims of massive data leak as SpongeBob fans rejoice

• Microsoft puts out Outlook fire, says everything’s fine with Teams malware flaw

• China-Linked Spyware Found in Google Play Store Apps, 2m Downloads

• OPM identifies over 50 skill sets to look for in federal AI workers

• How cities can navigate their state’s broadband preemption laws

• Black Hat Announces Maria Markstedter, Jen Easterly, Viktor Zhora, and Kemba Walden As Keynote Speakers for Black Hat USA 2023

• IT Security News Daily Summary 2023-07-06

• StackRot Linux Kernel Bug Has Exploit Code on the Way

• Microsoft puts out Outlook fire, says ‘everything’s fine’ with Teams malware flaw

• New court ruling may hinder federal information sharing efforts, experts warn

• CISA: Truebot malware infecting networks in U.S., Canada

• Penetration Testing vs Vulnerability Scanning: What’s the Difference?

• Expanding Broadband in Portland, The Time Is Now

• Truebot Hackers Exploiting Netwrix Auditor Flaw: CISA, FBI Alert

• Patchless Cisco Flaw Breaks Cloud Encryption for ACI Traffic

• Hashed Emergent Announces India Blockchain Week (IBW) Conference

• Shell Becomes Latest Cl0p MOVEit Victim

• Nexo Achieves Type 2 SOC 2 Audit, Reinforces Data Security Compliance

• Retail Wins with Umbrella

• single-factor authentication (SFA)

• Don’t Join Threads—Make Instagram’s ‘Twitter Killer’ Join You

• 6 steps to securing operational technology in critical infrastructure

• New Malware Targets 97 Browser Variants, 76 Crypto Wallets & 19 Password Managers

• S3 Ep142: Putting the X in X-Ops

• Experts Criticize New Facebook Privacy Features For Kids

• Don’t Join Threads—Make Meta’s Instagram-Linked Twitter Alternative Join You

• Now’s the Time for a Pragmatic Approach to New Technology Adoption

• JumpCloud invalidates API keys in response to ongoing incident

• Iranian Hackers’ Sophisticated Malware Targets Windows and macOS Users

• Microservices Security in a Nutshell

• Privacy Woes Hold Up Global Instagram Threads Launch

• StackRot, a new Linux Kernel privilege escalation vulnerability

• TikTok Seeks To Block Montana 1 January 2024 Ban

• TeamTNT Launches Widespread Attacks Against Cloud Infrastructures

• Meta’s Threads Surpasses 30 Million Signups

• Looking to create a LLM-based chatbot that harnesses your company’s data? — Join me at VB Transform and find out how

• TMF announces 5 new digital services and cybersecurity investments

• Hackers already infiltrate EV chargers. It could only get worse.

• 8 Best Password Managers for Business & Enterprises in 2023

• Cybersecurity’s Future Hinges on Stronger Public-Private Partnerships

• Rustbucket Malware Targeting MacOS Devices Silently

• ‘Cyber Battlefield’ Map Shows Attacks Being Played in Real Time

• Ransomware Attacks on the Rise in Manufacturing Industry

• Federal Report Highlights Steps for Enhancing Software Code Pipeline Security Amid App Attacks

• Open Standards & Open-Source Software: What do these solutions mean, and why are they relevant for Digital ID systems?

• Here are 11 of the best technology podcasts you should listen to

• ChatGPT, the new rubber duck

• Blacktail: Unveiling the tactics of a notorious cybercrime group

• Ongoing Incident Prompts JumpCloud to Reset API Keys

• Nurturing the Internet Freedom Movement 🌱

• The U.S. Patent Office Should Drop Proposed Rules That Favor Patent Trolls

• Data Protection: Utilizing the Power of SIEM and CASB

• Cisco Enterprise Switch Flaw Exposes Encrypted Traffic

• Nurturing the Internet Freedom Movement 🌱

• Horse Riding details of 10k users leaked by Ransomware group

• NHTSA Squeezes Tesla For More Records In Autopilot Probe

• Unpatched SolarView Systems Vulnerable to Exploits

• Google Searches for ‘USPS Package Tracking’ Leads to Banking Theft

• Nurturing the Internet Freedom Movement 🌱

• Embracing DevSecOps: Staying Ahead of the Curve for Enhanced Software Security

• Understanding Cloud-Native Application Protection Platforms: A Comprehensive Overview

• Human coding error identified as cause of digital bank service outage

• Android Security Updates Patch 3 Exploited Vulnerabilities

• JumpCloud Says All API Keys Invalidated to Protect Customers

• Dig Security adds OCR capabilities to detect sensitive customer data in image files

• Nurturing the Internet Freedom Movement 🌱

• June 2023’s Most Wanted Malware: Qbot Most Prevalent Malware in First Half of 2023 and Mobile Trojan SpinOk Makes its Debut

• RedEnergy Stealer Ransomware: A New Threat Targeting Critical Infrastructure

• Nurturing the Internet Freedom Movement 🌱

• User Data Goldmine: Google’s Ambitious Mission to Scrape Everything for AI Advancement

• Here’s Why Twitter is Limiting the Number of Tweets You May View

• China Releases Open Source Operating System

• Beware of the Growing Scourge of Job Recruitment Scams

• Decryption tool for Akira ransomware available for free

• Botnets Send Exploits Within Days to Weeks After Published PoC

• CISOs Find ‘Business as Usual’ Shows the Harsh Realities of Cyber-Risk

• How to Configure the Most Secure Settings for Microsoft Defender

• Preliminary Injunction Limiting Government Communications with Platforms Tackles Illegal “Jawboning,” But Fails to Provide Guidance on What’s Unconstitutional

• Canadian Government Halts Advertising On Facebook, Instagram

• 6 Steps To Outsmart Business Email Compromise Scammers

• ISACA joins ECSO to strengthen cybersecurity and digital skills in Europe

• TXOne Networks introduces Stellar to secure OT/ICS devices from malware and abuse threats

• Critical RCE Bugs Expose Hundreds of Solar Power Stations

• Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data

• 28,000 Impacted by Data Breach at Pepsi Bottling Ventures

• Critical RCE Vulnerability Puts 330,000 Fortinet Firewalls at Risk

• Cisco Switch Flaw Let Attack Reads Encrypted Traffic

• Interpol: Key Member of Major Cybercrime Group Arrested in Africa

• StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs

• Silentbob Campaign: Cloud-Native Environments Under Attack

• How Pen Testing can Soften the Blow on Rising Costs of Cyber Insurance

• Researchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation Vulnerability

• Surviving the 800 Gbps Storm: Gain Insights from Gcore’s 2023 DDoS Attack Statistics

• May 2023 Cyber Attacks Statistics

• Belgian Tax Hack

• SMUGX Campaign Targets European Entities

• Meta Launches Twitter Rival Threads

• Exploit Released For Barracuda Shell Command Injection Vulnerability

• How To Secure RESTful Web Services

• The Urban Gardener’s Guide to Growing Plants in Small Spaces with Concrete Planters (2023)

• Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic

• Human Error the Leading Cause of Cloud Data Breaches

• Risks and Best Practices: Navigating Privacy Concerns When Interacting with AI Chatbots

• How to delete saved addresses and credit cards in Firefox for improved security and privacy

• INTERPOL Nabs Hacking Crew OPERA1ER’s Leader Behind $11 Million Cybercrime

• Why Do Scientists Use ELN Notebooks to Improve Productivity, Research Data Integrity, and Team Collaboration?

• 12 Essential Tips for Keeping Your Email Safe

• Experts Warn of Impending TeamTNT Docker Attacks

• Internal Threats: A Major Risk to Any Business

• Linux Ransomware Exposed: Not Just a Windows Problem Anymore

• Ransomware Attackers Dump Students’ Data Online After School Hacks

• Police Arrest Suspected OPERAE1R Cybercrime Kingpin

• The rising risk of eavesdropping

• Suspicious Email Reports Up a Third as NCSC Hails Active Defense

• DSA Must Follow a Human-Rights Centered Enforcement Process, With Regulators Engaging International Civil Society Voices

• Do you know what your supply chain is and if it is secure?

• Thales payShield receives the French Cartes Bancaires HSM certification

• Four Must-haves to Strengthen Your Endpoint Security

• CVE-2022-29303 flaw in SolarView product can be exploited in attacks against the energy sector

• Ransomware accounts for 54% of cyber threats in the health sector

• Google Authenticator – what is it and why should you use it?

• TeamsPhisher Tool Exploits Microsoft Teams Flaw to Send Malware to Users

• Gmail client-side encryption: A deep dive

• India Union Cabinet approves Digital Personal Data Protection Bill

• Top five things to do in Amsterdam

• Turning fridges into SIM cards: An ecological SIM portfolio

• What is the difference between incident response & threat hunting?

• Stories from the SOC: Fighting back against credential harvesting with ProofPoint

• How to cultivate a culture of continuous cybersecurity improvement

• Cybercriminals can break voice authentication with 99% success rate

• ChatGPT’s unknown potential keeps us guessing

• Promoting responsible AI: Balancing innovation and regulation

• Startup Spotlight: Gomboc.ai Balances Cloud Infrastructure Security

• LockBit louts unload ransomware at Japan’s most prolific cargo port

• Potential 500GB Nickelodeon Data Leak: Unreleased Shows and Scripts at Risk

• Former boss who stole $10M from Amazon using fake vendor invoices is jailed for 16 years

• North Korean satellite had no military utility for spying, says South Korea

• Self-driving cars are a privacy issue, says security expert

• Google plans to scrape everything you post online to train its AI

• Malicious ad for USPS fishes for banking credentials

• Actively exploited vulnerability threatens hundreds of solar power stations

• Russian railway site allegedly taken down by Ukrainian hackers

• knowledge-based authentication

• Microsoft Teams Exploit Tool Auto-Delivers Malware

• 83% of Brits Demand Messaging Apps Remain Private, Ahead of Threat From Online Safety Bill

• 3 Critical RCE Bugs Threaten Industrial Solar Panels, Endangering Grid Systems

• IT Security News Daily Summary 2023-07-05

• Resource constraints led to EPA’s failure to address critical vulnerabilities in air and radiation data

• Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache

• Wall Streets sees even more upside for these 2 tech names — and we agree

• RAM-ramming Rowhammer is back – to uniquely fingerprint devices

• Pentagon’s reversal on new travel expense system “troubling,” key lawmaker says

• Is Quantum Computing Right for Your Business?

• RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild

• Cities extract mobility insights from ride-hailing company data

• SmugX: Chinese Hackers Targeting Embassies in Europe

• host intrusion prevention system (HIPS)

• How some agencies used tech to decrease improper payments

• What Is a Pentest Framework? Top 7 Frameworks Explained

• OPERA1ER Cybercrime Group’s Leader Arrested by Interpol

• Suspected bank-infecting OPERA1ER crime boss cuffed

• SmugX: Chinese Hackers Targeting Ministries and Embassies in Europe

• OPERA1ER Cybercrime Group’s Leader Arrested by INTERPOL

• US Spies Are Buying Americans’ Private Data. Congress Has a Chance to Stop It

• Raise a Glass: EFF’s 15th Annual Cyberlaw Trivia Winners!

• M2E Platform Sweat Economy Launches Flagship NFT Game: Sweat Hero

• Creating a framework for secure-by-design software development

• June saw flurry of ransomware attacks on education sector

• 4 Major Innovations in Healthcare Smart Cards

• Banking upstarts: from challengers to pace-setters

• Navigating the Cyber Insurance landscape as a Gen Z digital citizen

• Amazon Prime Day: This Year Already Started for Cybercriminals. Check Point Research calls online shoppers to be wary

• Ransomware Halts Operations at Japan’s Port of Nagoya

• Apple Cuts Production For Vision Pro Headset – Report

• Great job, US Embassy in Beijing

• Firefox 115 is out, says farewell to older Windows and Mac users

• Nagoya Port Faces Disruption After Ransomware Attack

• Judge Blocks Biden Officials Communicating With Social Media Firms

• Firefox, ESR, and Thunderbird Memory Safety Bugs Could Allow Unauthorized Code Execution

• ChatGPT Disables the Browsing Feature as it Bypasses Paywalls on Websites

• Handprints for IDs? State liquor board discusses biometrics for alcohol sales

• Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech

• C10p’s MOVEit Campaign Represents a New Era in Cyberattacks

• A Golden Age of AI … or Security Threats?

• Cato SASE Cloud Identified as a “Leader” in GigaOm’s Secure Service Access (SSA) Ranking

• Everything You Need to Know About Cyber hygiene

• ChatGPT is Only One Beginning point: 10 AI tools that are beating out to OpenAI’s Chatbot

• 11 best practices for securing data in cloud services

• 3 ways to troubleshoot using Wireshark and tcpdump

• High-Severity Flaws Fixed in Firefox 115 Update

• China’s Mustang Panda Linked to SmugX Attacks on European Governments

• New Meduza Infostealer Designed for Windows Collects Users’ and Systems` Data

• LockBit ransomware targets Japan Port of Nagoya

• Apple Loses London Appeal Over Optis 4G Patent

• Why the government should take a page from Google’s IT playbook

• High turnover is disrupting efforts to fix the workforce crisis, a survey finds

• Sophisticated Email Attacks Target Cryptocurrency Wallets

• HackGATE monitors activities of ethical hackers

• LTIMindtree V-Protect provides data protection for M365 workloads

• The Safety of VPN Use: A Closer Look

• AIIMS Ransomware Attack Leads to a New Cyber Response Framework

• EV Charger Hacking Poses a ‘Catastrophic’ Risk

• Best Practices for Building a Scalable and Secure Online Marketplace

• Realising the Potential of EMR Systems in Indian Healthcare

• Ransomware Makes Up 58% of Malware Families Sold as Services

• Chinese Chip Material Export Retaliation ‘Just A Start’

• RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors

• A Complete API Development Guide: Common Terms, Tools, and Best Practices

• Sweden Orders Four Companies to Stop Using Google Tool

• Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks

• Japan’s Nagoya Port Suspends Cargo Operations Following Ransomware Attack

• Microsoft Can Fix Ransomware Tomorrow

• The Port of Nagoya, the largest Japanese port, suffered a ransomware attack

• CampusGuard Central 2.0 enables organizations to manage their PCI DSS compliance status

• LockBit Ransomware Attack Freezes Japan`s Largest Port Activities

• ChatGPT Shared Links and Information Protection: Risks and Measures Organizations Must Understand

• Microsoft rubbishes Anonymous Sudan’s claim of Stealing 30M accounts

• China to Restrict Export of Chipmaking Materials

• SOAR and SIEM in 2023: Key Trends and New Changes

• Hackers use Malicious QR Codes to Retrieve Employee Credentials

• Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone

• Adarma Expands MDR Offering with Integrated Digital Forensics and Incident Response Capabilities

• 16-31 May 2023 Cyber Attacks Timeline

• Meta Set To Launch Twitter Rival This Week

• ChatGPT and Cybersecurity: Top 5 Cyber Security Risks of ChatGPT

• Cybersecurity M&A Roundup: 23 Deals Announced in June 2023

• Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities

• Ransomware Criminals Are Dumping Kids’ Private Files Online After School Hacks

• Class-Action Lawsuit for Scraping Data without Permission

• ImmuniWeb unveils email security test to help users verify privacy and compliance of email servers

• AI gold rush makes basic data security hygiene critical

• NoName(057)16’s DDoSia Project’s gets an upgrade

• What Is Passwordless Authentication?

• Companies Affected by Ransomware [Updated 2023]

• Toyota Claims Battery Breakthrough For EVs

• Password Management Policy

• UK Citizens Wary of NHS AI Use, Citing Privacy Concerns

• Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

• Email crypto phishing scams: stealing from hot and cold crypto wallets

• Innovative AI System Trained to Identify Recyclable Waste

• Behind the business of NASA’s digital transformation

• European Commission to Tweak GDPR For Cross-Border Cases

• CISA Warning! 8 Actively Exploited Flaws in Samsung and D-Link Devices

• PCI DSS 4.0 Requirements –Test Security Regularly and Support Information Security with Organizational Policies and Programs

• Phishing Trends and Tactics: Q1 of 2023

• EU Court Deals Blow to Meta in German Data Case

• New Tool Helps Devs Check For Manifest Confusion Mismatches

• Instagram’s Twitter Alternative ‘Threads’ Launch Halted in Europe Over Privacy Concerns

• Burp Suite New GraphQL API to Detect Hidden Endpoints

• Security Experts Raise Major Concerns With Online Safety Bill

• Swedish data protection authority rules against the use of Google Analytics

• Charming Kitten’s POWERSTAR Malware Boosts its Techniques

• Why performing security testing on your products and systems is a good idea

• The Importance of Implementing an Information Security Management System (ISMS)

• Singapore tells crypto operators: act like grown up financial institutions

• Ransomware attacks on manufacturing sector proving successful

• Understanding Cybersecurity Risk Assessment: A Comprehensive Overview

• 75% of consumers prepared to ditch brands hit by ransomware

• How to make your phishing campaign a success

• How ransomware impacts the healthcare industry

• Small organizations face security threats on a limited budget

• Island Enterprise Browser: Intelligent security built into the browsing session

• Cyber Security & Cloud Expo Europe: Agenda Delivers Beyond Expectations

• What Are Software Whitelisting and Blacklisting?

• Elderly targeted in car accident scam, kingpin arrested

• Fake reviewers face big fines

• Waterfall Security Solutions is expanding its European presence to the Netherlands

• Deepfaking it: What to know about deepfake‑driven sextortion schemes

• IT Security News Daily Summary 2023-07-04

• ChatGPT’s Bing Browsing Feature Disabled for Paywall Article Access

• Court Rules That Cops Must Get A Wiretap To Snoop On Facebook Posts

• Ghostscript bug could allow rogue documents to run system commands

• How to Boost Cybersecurity in Your E-commerce Business

• Swedish Data Protection Authority Warns Companies Against Google Analytics Use

• Iranian APT Group Charming Kitten Updates Powerstar Backdoor

• Data Sovereignty Compliance Requires Strong Data Protection

• Teen among suspects arrested in Android banking malware scheme

• Report Reveals Companies Unprepared For Darknet Data Leaks

• How to Achieve AWS Operational Excellence in Your Cloud Workload

• Mediatek Security Flaws Affecting Smartphones, Tablets, Wi-Fi, and Other Chipsets

• Over Two-Thirds of FortiGate Firewalls Still at Risk

• HHS Data at Risk After MOVEit Hack Impacted Third-Party Vendors

• Thales and Google Cloud team up for AI powered data security

• Over 300,000+ Fortinet Firewalls are Vulnerable to a Critical RCE Flaw

• Mexican Hacker Unleashes Android Malware on Global Banks

• Companies Appeal for Relief From Biometric Privacy Act

• MOVEit attack on Aon exposed data of the staff at the Dublin Airport

• Surge in ‘Call Center Gangs’ Linked to Organized Crime and Human Trafficking

• Decoding the Buzz Around AI Corpora

• OT Assets High Priority for Security Leaders as Industrial Threats Loom

• Authors Sue OpenAI: ChatGPT’s Training Methods Challenged in Lawsuit

• TSA Hopes To Expand Facial Recognition To Hundreds of Airports Within Next Decade

• Novel PlugX Malware Attacks Target European Diplomats

• Mexico-Based Hacker Targets Global Banks With Android Malware

• Breaking it Down: What You Need to Know About Data Breaches

• Cyberattack on Suncor Energy Affects Petro-Canada Gas Stations

• Hackers for Hire Going After Law Firms, Alert French and UK Watchdogs

• EarlyRat Malware From Andariel Strikes North Korea

• Data Governance: Data Architecture (Part 2)

• Without Which Gadgets It Is Difficult To Imagine The Educational Process Now

• Microsoft ‘Faces New EU Antitrust Probe’

• China Orders Export Restrictions On Chip Materials

• Neo_Net runs eCrime campaign targeting clients of banks globally

• Node4 acquires ThreeTwoFour to strengthen its security capabilities

• Protecting Sensitive Information Within Translation

• DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors

• The Password Game

• CISA Warns of 8 Frequently Exploited Flaws in Samsung and D-Link Devices

• Mexico-Based Hacker Targets Global Banks with Android Malware

• Hackers stole millions of dollars worth of crypto assets from Poly Network platform

• How to Identify Phishing Emails and Prevent an Attack Using DNS Filtering

• BYD-Mercedes Joint Venture Launches Second EV

• US Firms Keep Low Profile At Shanghai AI Conference

• Apple Takes App Store Appeal To US Supreme Court

• Samsung Sues Chinese Rival Over Display Patents

• Thirty-three US Hospitals Hit By Ransomware This Year

• What is progressive profiling and how can it benefit your business?

• WhatsApp Proxy Feature Supports Sharing More Content Types

• Tripwire Patch Priority Index for June 2023

• 5 Things Everyone Needs to Know About GRC

• Four Men Face 20 Years For Money Laundering Charges

• Why Schools are Low-Hanging Fruit for Cybercriminals

• 17 Million Instagram Accounts, 178 GB of TikTok and Yahoo Databases were Leaked

• Microsoft Denies Major 30 Million Customer-Breach

• Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw

• Need to improve the detection capabilities in your security products?

• Tesla Stock Surges Following Record Deliveries

• Top 6 Benefits of AWS Certification

• 335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

• The State of Security 2023

• Microsoft banishes rumors of cyber attack and steal of data from 30m accounts

• Undiplomatic Chinese threat actor attacks embassies and foreign affairs departments

• 53% of SaaS licenses remain unused

• Fileless attacks increase 1,400%

• IT leaders believe hybrid cloud solutions are the future of IT

• Hackers Use HTML Smuggling Technique to Attack European Government Entities

• One Shot of a Kidney Protein Gave Monkeys a Brain Boost

• Chinese hackers target European embassies with HTML smuggling technique

• 336,000 servers remain unpatched against critical Fortigate vulnerability

• Apple forced to make major cuts to Vision Pro headset production plans

• 2023-07-01 – 30 days of Formbook: Day 27, Saturday 2023-07-01 – “NES8”

• 2023-07-02 – 30 days of Formbook: Day 28, Sunday 2023-07-02 – “SY18”

• 2023-07-03 – 30 days of Formbook: Day 29, Monday 2023-07-03 – GuLoader Formbook “AU22”

• Fortanix Builds Hardware Security Wall Around Plaintext Search

• FBI Finally Track Swatting Incidents As Attacks Increase

• 330K FortiGate Firewalls Are Unpatched And Open To RCE Attacks

• How A Dispute Over IPv4 Addresses Blew The Lid Off An Effort To Reshape Global Allocation

• Cybersecurity Challenges for Remote Work

• A week in security (June 26 – July 2)

• Brave browser will prevent websites from port scanning visitors

• Of sharks, surveillance, and spied-on emails: This is Section 702, with Matthew Guariglia

• You’ve patched right? ‘340K+ Fortinet firewalls’ wide open to critical security bug

• Anonymous Sudan claims to have stolen 30 million Microsoft’s customer accounts

• TSA wants to expand facial recognition to hundreds of airports within next decade

• IT Security News Daily Summary 2023-07-03

• Police Bust International Phone Scam Gang Targeting Elderly

• TechRepublic Premium Editorial Calendar: IT Policies, Checklists, Hiring Kits and Research for Download

• How to Add the Docker Scout Feature to the Docker CLI

• Researchers Develop Exploit Code for Critical Fortinet VPN Bug

• Verizon 2023 DBIR: What’s new this year and top takeaways for SMBs

• Vulnerability Summary for the Week of June 26, 2023

• SmugX: Chinese APT uses HTML smuggling to target European Ministries and embassies

• Russian Satellite Internet Downed via Attackers Claiming Ties to Wagner Group

• New Meduza Malware Targets Wallets, Passwords and Browsers on Windows

• Israel Aided UAE in Defending Against DDoS Attack

• WordPress plugin lets users become admins – Patch early, patch often!

• What is post-quantum cryptography and why is it important?

• ​​​​​​​With new aerospace Cybersecurity rules set to land – What’s the standard for operators?

• Massive Data Breach Affects UK Hospital Group

• Risk Assessment Using Blockchain

• Governor calls for more speed cameras to curb deadly traffic crashes

• USPTO’s API Flaw Leads to Years-Long Data Leak

• AI Scams: When Your Child’s Voice Isn’t Their Own

• Russians Hackers May Have Breached NHS Trust With 2.5 Million Patients

• TSMC Cyberattack: LockBit Demands a Ransom of $70m

• Israel Takes Bold Steps to Expose Cyber Threat Actors, Faces Potential Retaliation

• Mockingjay Process Injection Technique Permits EDR Bypass

• Proton Pass Password Manager Is More Of An Identity Manager – Describes Proton

• Brave Browser Limits Local Resource Access To Enhance User Privacy

• POV on Best Fit Solution for Managing Secure Properties in MuleSoft

• Exploring Amazon Security Lake: Strengthening Data Security in the Cloud

• Amazon Instance Connect Endpoint

• Chinese Threat Actors Target Europe in SmugX Campaign

• Free Vulnerability Management Policy Template (+ Examples)

• The Impacts of Data Loss on Your Organization

• How to make sure the reputation of your products and company is good

• 7 cool and useful things to do with your Flipper Zero

• Who’s Behind the DomainNetworks Snail Mail Scam?

• Meduza Stealer Targets Windows Users With Advanced Tactics

• Dublin Airport staff pay data ‘compromised’ by criminals

• Zero-Day Exploit Threatens 200,000 WordPress Websites

• Hackers use Cloned pages of Popular Tools to Deliver Blackcat Ransomware

• ChatGPT Creator Sued for $3 Billion Over Theft of Private Data

• Exploring API Headers

• What is a VLAN? Ultimate Guide to How VLANs Work

• SSH Servers Hit in ‘Proxyjacking’ Cyberattacks

• In-house automation, analytics tools speed audit processing

• Name That Edge Toon: Three-Ring Circus

• A CISO’s Guide to Paying Down Software Supply Chain Security Debt

• Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX

• OpenAI, the Maker of ChatGPT, Sued for Allegedly Exploiting “Stolen Private Information”

• CERT-In Publishes Security Norms for Government Data Safety

• RustBucket malware: A PDF could finish your Mac

• The Psychology of Video Translation: Building Trust and Connection

• How Fraudsters Redefine Mobile Banking Account Takeovers

• How to add the Docker Scout feature to the Docker CLI

• CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog

• BlackCat Ransomware Gang to Launch Malicious WinSCP Ads

• Navigating the Data Privacy Maze: How DataGrail Advances Privacy Management

• Siemens Automation Device Flaw Lets Attacker Execute Remote Code

• Less Frequently Used HTTP Methods

• Siemens Automation Device Flaw Let Attackers Execute Remote Code

• VMware, Other Tech Giants Announce Push for Confidential Computing Standards

• ChatGPT tricked into generating Windows 10 and Windows 11 keys

• Virtualization Security Best Practices: Protecting Your Data and Applications

• New Windows Meduza Stealer targets tens of crypto wallets and password managers

• Dublin Airport staff details leaked in Cyber Attack

• The Future of Artificial Intelligence: Transforming Industries and Shaping Society

• Jailed S Korean Chip Executive Protests Innocence

• Twitter Requires Sign-In To View Tweets

• Research Finds AMD AI Chip Rivals Nvidia Dominance

• Apple, Civil Liberty Groups Condemn UK Online Safety Bill

• CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices

• Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam

• Self-Driving Cars Are Surveillance Cameras on Wheels

• What Is a Managed Security Service Provider (MSSP)?

• Top 8 Software Programs to Install on Gaming Laptops Right Away

• Thousands of Individuals Were Rescued from Cybercrime Groups

• TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

• TSMC Targeted by LockBit via Supplier Breach

• Hacktivists With a Pro-Russian Agenda Increase Membership by 2,400% in DDoSia

• Ultimate Member Plugin Zero-Day Risks 200K+ WordPress Sites

• Severe OS Command Injection Vulnerability Caught In Zyxel NAS Products

• Google Patched Four Security Flaws With Chrome Browser 114 Update

• SmugX: Unveiling a Chinese-Based APT Operation Targeting European Governmental Entities: Check Point Research Exposes a Shifting Trend

• Croydon Council Hit With Enforcement Notice For FOI Fail

• Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets

• Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware

• 5 Cyber Survival Tips for Businesses

• The Top 10 Highest Paying Jobs in Cybersecurity – Part 1

• IT Physical Security Policy

• International Police Operation Dismantles Phone Scam Network

• Understanding Managed SIEM: Empowering Businesses with Proactive Security

• EU and Japan look to partner on A.I. and chips as China ‘de-risking’ strategy continues

• Musk Losing Battle of Bad Bots as Rate Limits Begin

• Cisco urges users to stop using weak crypto algorithms with OSPF

• The Silicon UK In Focus Podcast: How Green is Industry 4.0?

• Microsoft-Backed Chatbot Maker Inflection AI Raises $1.3bn

• Netherlands Blocks More Chip Equipment Sales To China

• Snappy – A New Tool to Detect Fake WiFi Access Points

• Software developers, how secure is your software?

• All you need to know about Apple Vision Pro’s privacy and security

• Pokemon Go Developer Niantic Lays Off Quarter Of Workforce

• CISA Warns of DDoS Attacks on US Organizations Following Multiple Incidents

• US authorities warn on China’s new counter-espionage law

• BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

• Cloud security: Sometimes the risks may outweigh the rewards

• One third of security breaches go unnoticed by security professionals

• The rise in cyber extortion attacks and its impact on business security

• Architecting XDR to Save Money and Your SOC’s Sanity

• Infosec products of the month: June 2023

• Short-staffed teams must find ways to do more with less

• Japan rebukes Fujitsu for cloud security fails

• IT Security News Weekly Summary – Week 26

• IT Security News Daily Summary 2023-07-02

• Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

• Kick: The New Streaming Platform Making Headlines

• Canadian Government Hit by Hackers 2,300,000,000,000 Times Last Year

• Operation Cookie Monster: FBI Seizes Genesis Market Involved in Identity Theft

• Google’s 6 Essential Steps to Mitigate Risks in Your A.I. System

• Elevated Cybercrime Risks in Metro Cities: Understanding Urban Vulnerabilities

• Millions Impacted by the MOVEit Mass Hacks, and the Toll is Rising

• Incident Management Chronicles: Striking The Right Balance

• Winning Budget and Trust as a CISO

• Week in review: 5 free online cybersecurity courses, 8Base ransomware group leaks data

• Cyber Security Management System (CSMS) for the Automotive Industry

• WordPress sites using the Ultimate Member plugin are under attack

• Submarine Cable Growing Popularity Intensifying Cyber Attacks

Generated on 2023-07-09 23:59:04.928631