IT Security News Daily Summary 2021-01-11

• The first Patch Tuesday of ’21; time to delay updates

• Did Trump shrink the government? Not according to the Plum Book

• USAID seeks remote sensing, analytics platform to track location, condition of aid

• DISA takes on DOD cloud operations

• The evolving threat of ransomware: Beware of cyber extortion in 2021

• IT cleanup at U.S. Capitol presents massive challenge

• CES 2021: Intel adds ransomware detection capabilities at the silicon level

• Ubiquiti tells customers to change passwords after security breach

• Millions of Social Profiles Leaked by Chinese Data-Scrapers

• Expert Says Facebook Should Be “Held Responsible” For Violence At U.S. Capitol

• SolarWinds Hack Lessons Learned: Finding the Next Supply Chain Attack

• Minimize Risk and Impact with a Security Platform Approach

• DEF CON 28 Safe Mode Lock Picking Village – N∅thing’s ‘How I Defeated The Western Electric 30C’

• Security Mindset, Indeed

• Ubiquiti: Change Your Password, Enable 2FA

• Connecting the dots between SolarWinds and Russia-linked Turla APT

• Mac Shipments Rise Significantly in Q4 2020 Amid Overall PC Market Growth

• Lack of clarity hampers new regulation’s ability to stop SolarWinds-type attack on power grid

• More than 25 DevOps and Automation sessions on demand from NetApp INSIGHT 2020

• Security researchers claims downloading 70TB of sensitive Parler data

• Many state capitols have security holes

• Microsoft Sysmon adds support for detecting Process Herpaderping attacks

• Accenture buys Brazilian security firm Real Protect

• Researcher Builds Parler Archive Amid Amazon Suspension

• WUfB vs. WSUS: Which handles Windows updates better?

• Cybersecurity career path: 5-step guide to success

• (ISC)² Offers Online Exam Proctoring

• Francisco Partners Completes Forcepoint Acquisition

• Q&A: Here’s why securing mobile apps is an essential key to tempering political division

• Ecobee Updates HomeKit-Enabled SmartCamera With Spotify Integration and More, Lowers Price to $130

• Twitter Permanently Bans Donald Trump

• US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security

• CES 2021: Western Digital Debuts New 4TB SSDs From SanDisk and WD

• The Facebook Oversight Board Should Review Trump’s Suspension

• Supreme Court Hears Oral Arguments in Nestlé v. Doe and Cargill v. Doe

• The Government Has All of the Powers it Needs to Find and Prosecute Those Responsible for the Crimes on Capitol Hill this Week.

• Zero-day Privilege Escalation Vulnerability Has Affected PsExec for 14 Years

• United Nations Breach Exposed 100K+ UNEP Staff Records

• A Crypto-Mining Docker Botnet Now Stealing AWS Credentials

• Security researchers download, leak 70TB of sensitive Parler data

• Cybersecurity for Healthcare: Addressing Medical Image Privacy

• Quick Hits

• FCW Insider: Jan. 11

• Decryptor Released for Ransomware That Allegedly Helped Cybercriminals Make Millions

• 5 cybersecurity vendors to watch in 2021

• Naked Security Live – HTTPS: do we REALLY need it?

• New Tool Sheds Light on AppleScript-Obfuscated Malware

• The SolarWinds Hackers Shared Tricks With a Russian Spy Group

• Microsoft Releases Security Updates for Edge

• XKCD ‘Steepen The Curve’

• SolarWinds: The CSO Perspective

• CES 2021: Linksys Debuts Wi-Fi 6E Tri-Band Mesh System

• CES 2021: Belkin Debuts New 2-in-1 MagSafe Charger, Find My-Compatible Soundform Wireless EarBuds

• CES 2021: OtterBox Launches New Mobile Gaming Clip and Gaming Cases

• CES 2021: Anker Unveils New Magnetic Series Accessories, PowerWave Stand and More

• Apple Releases iOS 12.5.1 With Exposure Notifications Bug Fix for Older iPhones

• Building Faster AMD64 Memset Routines

• The Rise And Fall Of Parler | Avast

• SolarWinds Hack Potentially Linked to Turla APT

• PE Firm Completes Acquisition of Forcepoint

• Vulnerability Summary for the Week of January 4, 2021

• RangeForce Partners with Managed Detection and Response Provider CRITICALSTART

• Hackers Didn’t Only Use SolarWinds to Break In, Says CISA

• CES 2021: Pioneer Introduces Wireless CarPlay Receiver With Modular Design for Flexible Installation

• CES 2021: TCL to Release More 8K TVs and ‘Roku TV Ready’ Sound Bars With AirPlay 2 This Year

• Biogen Launches Study to Find Out if Apple Watch and iPhone Can Detect Declining Cognitive Health

• CES 2021: Netgear Launches Tri-Band RAXE500 Wi-Fi 6E Router

• CES 2021: PopSockets Unveils New MagSafe-Compatible Grips

• TA551 Hacker Group Pushes New Information Stealer Malware IcedID

• Free decrypter released for victims of Darkside ransomware

• Biometric security technology could see growth in 2021

• JetBrains – A possible Doorway to Massive Hacking Plot?

• Using the NVD Database and API to Keep Up with Vulnerabilities and Patches – Tool Drop: CVEScan (Part 3 of 3), (Mon, Jan 11th)

• SolarWinds Orion Breach – What It Means for the Industry Writ Large

• Canalys: Apple Shipped 16% More PCs in 2020, but Still Lags Behind Dell, HP, and Lenovo

• New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely

• Is Single Sign-On Secure? SSO Benefits for Remote Work

• A week in security (January 4 – January 10)

• Thou shalt not hack indiscriminately, High Court of England tells Britain’s spy agencies

• WhatsApp Good Morning messages filled with Chinese Phishing Cyber Attacks

• UN hacked for good as 100K+ employee records accessed

• 6 Health Tips For Working From Home | Avast

• United Nations Environment Programme Exposed 100,000 Employee Records

• Bridewell Appoints Martin Riley as Director of Managed Security Services

• When It Comes To Security Tools, More Isn’t More

• Network Security and Containers – Same, but Different

• New version of Sysinternals released, Process Hollowing detection added in Sysmon, new registry access detection added to Procmon https://docs.microsoft.com/en-us/sysinternals/, (Mon, Jan 11th)

• SolarWinds Hackers Linked To Known Russian Spying Tools

• Capitol Attack’s Cybersecurity Fallout: Stolen Laptops, Lost Data, And Possible Espionage

• Ransom Hacker Locks Internet Connected Chastity Cage

• Nissan Balances Fallout From Source Code Leak

• CES 2021: Kensington’s New StudioDock Combines iPad Pro Docking Station With iPhone and AirPods Chargers

• CES 2021: LG Unveils First OLED UltraFine Monitor and 39.7″ UltraWide 5K2K Monitor

• A Role for the Vulnerabilities Equities Process in Securing Software Supply Chains

• Creating a culture of cybersecurity and tech innovation

• The State of Cybersecurity in 2021: Predictions for the New Era of Digital Life

• (ISC)² Is Pilot Testing Online Exam Proctoring for CISSP and Other Cybersecurity Certifications

• Capitol attack’s cybersecurity fallout: Stolen laptops, lost data and possible espionage

• Kaspersky Connects SolarWinds Attack Code to Known Russian APT Group

• Google Titan security keys hacked by French researchers

• Russian Threat Actor to Serve 12 Years in Prison for Breaching JPMorgan Chase

• Trend Micro Employs Serverless Computing to Scan Cloud Files for Malware

• CES 2021: Satechi Launches Dock5 Multi-Device Charging Station

• Apple Highlights Commitment to Privacy in New Ads on First Day of CES 2021

• Learning Lessons From Previous Lockdowns – How Not To Fall Into The Trap Of A Cyberattack

• Expert Reaction On INM Alleged Data Hack Case

• Unauthorised RAC staffer harvested customer details then sold them to accident claims management company

• CES 2021: All of the business tech news you need to know

• Malware Used in SolarWinds Attack Linked to Backdoor Attributed to Turla Cyberspies

• The Reserve Bank of New Zealand Breached via Third-Party Hosting Service

• Researchers Find Links Between Sunburst and Russian Kazuar Malware

• SASE vs Zero Trust

• Russian hacker Andrei Tyurin sentenced to 12 years in prison

• CES 2021: TP-Link Introduces Line of 6GHz Wi-Fi Routers and Mesh Systems

• Russian Hacker sentenced to 12-Years for International Hacking Campaign

• SolarWinds hackers are tied to known Russian spying tools

• Researchers Show Google’s Titan Security Keys Can Be Cloned

• US Announces Controversial State Department Cyber-Bureau

• [Infographic] Global remote work stats in 2020 for IT admins

• Ransomware Gangs Scavenge for Sensitive Data by Targeting Top Executives

• CES 2021: Lutron Debuts New Outdoor Smart Plug for Caséta Lighting System

• Google’s Titan security key can be cloned

• Data stolen from New Zealand’s Central Bank following hack

• Two market analysts flag their favorite high-flying trades with stocks at records

• SolarWinds takes a leaf out of Zoom’s book, hires A-Team of Stamos and Krebs to sort out its security woes

• File Transfer Risks and How to Avoid Them

• 4 Common Hacks That Are Prevented With a VPN

• What IT leadership looks like in 2021

• Experts found gained access to the Git Repositories of the United Nations

• Parler suspended from Google’s Play Store and dropped by Amazon

• December 2020 Cyber Attacks Statistics

• Top 7 security mistakes when migrating to cloud-based apps

• Over 100,000 UN Employee Records Accessed by Researchers

• Software Fix for M1 Mac Bluetooth Connectivity Issues Reportedly On the Way

• Outlandish Stanford facial recognition study claims there are links between facial features and political orientation

• High Court Rules Against Government Bulk Hacking

• Europol and Frontex to exchange liaison officers

• Sunburst backdoor – code overlaps with Kazuar

• Response Comment: Hackers Post Hackney Council’s ‘Stolen Documents’

• Singapore touts ‘greener’ digital monetary gifts this Lunar New Year

• Parler on the Verge of Permanent Expulsion

• Singapore Witnessed a Sudden Surge in the Bank-Related Phishing Scam

• Trying to register your antivirus in Windows Security Center?

• Dassault Falcon Jet Disclosed Data Breach – Ransomware Attack Suspected

• Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack

• 28th January: Save the Date. Save the Data!

• How Hyperautomation Takes the Worry Out of Remote Work

• Source code for malware that targets Qiui Cellmate device was leaked online

• Heimdal™ Announcements: A Change in Our Product Names

• How to Break Into a Cybersecurity Career – Part 2 with Rafal Los

• Strike a chord: What cybersecurity can learn from music

• Cyber Attack on New Zealand Central Bank and Citrix

• Red Hat acquires Cloud Security provider StackRox

• Cybersecurity sales: Do you have what it takes to succeed?

• SQL injection: The bug that seemingly can’t be squashed

• China’s move to regulate its tech giants is part of its bigger push to become a tech ‘superpower’

• Cloning U2F Hardware Security Keys Possible With Certain Attack Limitations

• Verizon’s 2020 Payment Security Report: Focusing on Strategy

• It’s Always DNS – But Not in the Way You May Think

• Tripwire Patch Priority Index for December 2020

• Most Popular Cybersecurity Blog Posts from 2020

• Critical factors for early 5G success

• China’s move to regulate its giants is part of its bigger push to become a tech ‘superpower’

• XSOAR now available on Cyberbit, integrated into hands-on incident response simulation exercises

• ISC Stormcast For Monday, January 11th, 2021 https://isc.sans.edu/podcastdetail.html?id=7322, (Mon, Jan 11th)

• HITRUST, AWS and Microsoft Azure publish Shared Responsibility Matrices for cloud security

• MariaDB Connector/R2DBC: Create fully reactive solutions

• BMC AMI and Compuware solutions help enterprises accelerate innovation

• New Zealand Central Bank Suffered Cyber Attack Leading To Data Breach

• Axiologic Solutions acquires Knowledge Link to support the federal national security spectrum

• Airgain acquires NimbeLink to expand penetration of IIoT and M2M markets

• F5 Networks acquires Volterra to create an edge platform for enterprises and service providers

• Renesas and Sequans collaborate to include development of 5G modules

• 4 Things to Know About FISMA

• 2021 Cybersecurity Trends: BitSight Predicts the Top 3

• Are Your Payment Card Vendors Maintaining PCI Security Standards?

• Don Heckman joins Guidehouse as Defense Cyber Solutions Leader

• Martin Schroeter appointed CEO of IBM’s Managed Infrastructure Services business

• Cisco expands board of directors with the appointment of John D. Harris II

• Lacework raises $525M to accelerate the strategies that drove to revenue growth in 2020

• 4Things to Know About FISMA

• A Linux Admin’s Getting Started Guide to Improving PHP Security>

• Heather Hinton joins RingCentral as CISO

• SAS appoints Bryan Harris as Executive Vice President and Chief Technology Officer

• Tips for Hiring the Right PHP Web Developer

• How to Track Live Cell Phone Location Without Touching It

• How to Receive A Fax through Web Browser

• Facebook Updated WhatsApp Privacy Policy – What It Means For You

• Donald Trump Is Still a Danger to Our National Security

• IT Security News Weekly Summary – Week 01

• IT Security News Daily Summary 2021-01-10

• It is time to re-evaluate Cyber-defence solutions

• DEF CON 28 Safe Mode Lock Picking Village – Jared Dygart’s ‘Safecracking For Everyone’

• Apple and Hyundai to Sign Apple Car Deal by March With Production Beginning in 2024

• DEF CON 28 Safe Mode Lock Picking Village – N∅thing’s ‘ Intro To High Security Locks And Lockpicking’

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 141’ [From The Archive]

• Meet Oski Stealer: In-depth Analysis Of the Popular Credential Stealer

• CES 2021: Dell Introduces 40-Inch 5K2K Ultrawide Monitor With Thunderbolt 3 Connectivity for Macs

• Prospects for U.S.-Iran Relations at the Start of the Biden Administration

• TOP WEBINARS OF 2020

• SECURITY PREDICTIONS FOR 2021 FROM THE (ISC)² COMMUNITY OF SECURITY PROFESSIONALS (PART 1)

• NEW YEAR’S RESOLUTION: WRITE FOR THE (ISC)² BLOG

• OAuth 2: Pattern to Keep access_tokens Inside a Secured Zone at All Times

• Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets

• Apple Removes Parler From App Store Due to ‘Inadequate’ Measures to Address Dangerous Content

• New Zealand Central Bank Hit by Cyber Attack

• New Zealand central bank hit by a cyber attack

• Experts Weigh In on Cybersecurity Risks of Capitol-Like Attacks

• Security Affairs newsletter Round 296

• TeamTNT botnet now steals Docker API and AWS credentials

• Maldoc Analysis With CyberChef, (Sun, Jan 10th)

• Week in review: Fileless malware, key risk areas in 2021, Patch Tuesday forecast

• The RBI Warns Patrons of Unauthorized Money Lending Apps

• Critical Bugs in Firefox and Chrome Allow Exploitation

• Penetration testing

• Multilingual Cybersecurity Awareness Training adapted for your needs

• 2021 Cybersecurity in healthcare

• Catch the Unknown Cyber-Attacks with Threat Hunting

• How to Check Code Signing Installation: A Quick Guide

• Apple Removes Parler From App Store After Failing to Take ‘Adequate Measures’ to Address Dangerous Content

• Glofox – 2,330,735 breached accounts

• Apple Suspends Parler From App Store After Failing to Take ‘Adequate Measures’ to Address Dangerous Content

• Executive Branch Legal Process and the Self-Pardon

Generated on 2021-01-11 23:55:10.354147