IT Security News Daily Summary 2021-02-15

• Experts Believe Facebook Isn’t Doing Enough To Fight Vaccine Misinformation

• France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

• Revised macOS Big Sur 11.2.1 Update Properly Checks Free Available Space to Prevent Installation Errors

• Cybercrooks Rake in $304M in Romance Scams

• France Ties Russia’s Sandworm to a Multiyear Hacking Spree

• BSidesSF 2020 – Bryan Zimmer’s ‘So You’re The First Security Hire’

• US Cyber Command Valentine’s Day Cryptography Puzzles

• Celebrating Black History Month on Insta

• Vulnerability Patching: Why Does It Fall Short So Often?

• Brave New World: Safari Content Blocking

• MSSP Visionary Takes Bold Step into the Future

• Google Meet is getting an important new security feature

• Sandworm Hackers Hit French Monitoring Software Vendor Centreon

• UK’s Top Cyber Schools Revealed

• Apple Offering Free Repairs for Apple Watch Series 5 and SE Models With Power Reserve Issue Not Fixed by watchOS 7.3.1

• French Hospital Hit with Egregor Ransomware

• Egregor Ransomware Members Arrested by Ukrainian, French Police

• Canadian Rental Car Company Targeted by DarkSide Ransomware

• Scammers Target U.S. Tax Professionals

• Court docs show FBI can unlock iPhones, access Signal messages

• Unleash the Power of MITRE for a More Mature SOC

• 270 addresses are responsible for 55% of all cryptocurrency money laundering

• Microsoft Azure and Canonical Ubuntu Linux have a user privacy problem

• France: Russian state hackers targeted Centreon servers in years-long campaign

• Linux 101: How to remove legacy communication services

• Mercedes Issues eCall Recall

• IRS Warns of EFIN Scam

• OSINT: Mapping Threat Actor Social Media Accounts

• BSidesSF 2020 – Amol Sarwate’s ‘Real Time Vulnerability Alerting’

• 10 Reasons Check-the-Box Compliance Puts Your Organization at Risk

• CommitStrip ‘Experts’

• DisplayLink Manager Updated With Native Support for M1 Macs and More

• Apple Releases watchOS 7.3.1 With Fix for Apple Watch Series 5 and SE Charging Issue

• Nuclei- A Fast and Customizable Vulnerability Scanner

• Members of the infamous Egregor ransomware arrested in Ukraine

• Naked Security Live – When is a bug bounty not a bug bounty?

• Apple Launches ‘For All Mankind’ Companion Podcast

• Talking Emotet’s takedown with Adam Kujawa: Lock and Code S02E01

• Network Segmentation Series: What is It?

• 270 addreses are responsible for 55% of all cryptocurrency money laundering

• Many SolarWinds Customers Failed to Secure Systems Following Hack

• Internal Leak of 4,887 Users: Yandex Employee Fate Unknown

• The malicious code in SolarWinds attack was the work of 1,000+ developers

• A Secure Environment Where People Can Be Their Whole Selves

• Millions of Email based Cyber Attacks missed by organizations

• Tech Resume Library: 24 downloadable templates for IT pros

• Wine and tech: Making it better

• Microsoft: SolarWinds attack took more than 1,000 engineers to create

• Post Office Announces New Digital ID Solutions

• Malware Exploits Security Teams’ Greatest Weakness: Poor Relationships With Employees

• Vulnerability Summary for the Week of February 8, 2021

• Securing and Optimizing Networks: Using pfSense Traffic Shaper Limiters to Combat Bufferbloat, (Mon, Feb 15th)

• France Pushes to Widen EU Regulations on Big Tech Companies

• Cyber security companies miss million of email attacks

• U.S Internal Revenue Service warns of phishing scam

• UK watchdog fines two firms £270k for cold-calling 531,000 people who had opted out

• Singtel Suffered Third-Party Breach In The Wake Of Accellion FTA Zero-Day Attack

• Vulnerability In Telegram for macOS Retained Self-Destruct Messages On Devices

• Vendor Ships Unofficial Patch for IE Zero-Day Vulnerability

• Egregor ransomware criminals allegedly busted in Ukraine

• RansomExx Gang Target French Health Insurance Company in a Ransomware Attack

• French and Ukrainian police arrested Egregor ransomware members

• 3.2 billion emails and passwords leaked in data breach

• Disruptors: How Businesses are Using Technology to Radically Change

• Open-Source Kernel Security Technologies>

• This phishing email promises you a bonus – but actually delivers this Windows trojan malware

• Cybersecurity M&A Roundup for Week of Feb. 8, 2021

• SBRC Adds Ransomware Scenario to Security Training Program

• COVID-19 chiefs of police working group meets to talk pandemic and fighting crime threats

• How to Submit a Column to Dark Reading

• 100+ Financial Services Firms Targeted in Ransom DDoS Attacks in 2020

• On Vulnerability-Adjacent Vulnerabilities

• Threat Alert: Zoom Impersonated for Phishing Attacks

• Apple Music ‘Replay 2021’ Playlist Now Available

• Microsoft Begins Testing xCloud Game Streaming Service in Browser for iOS and iPadOS

• Virginia Poised To Pass Major Data Privacy Law

• My Phone Is Listening To Me, Say 60% Of People – Expert Reaction

• Experts On 223 Vulnerabilities Used In Recent Ransomware Attacks

• Security Expert Reaction On U.S CBP Uses Facial Recognition To Verify Travelers

• How Healthcare Organizations Can Protect Themselves Against IoT Ransomware

• Gang arrested for SIM-swapping celebrities, stealing $100 million

• Vulnerability in VMware vSphere Replication Can Facilitate Attacks on Enterprises

• iPhone 13 Mini Still Expected Despite Lackluster iPhone 12 Mini Sales

• New WatchGuard Cloud Platform Capabilities Usher in the Era of Simplified Security Management for MSPs

• Apple Proxies User Traffic From Safari When Using Safe Browsing Feature

• Miami Votes To Explore Offering Bitcoin Transactions

• Canada Approves Breakthrough Bitcoin Exchange Fund

• UK Holders Of .EU Domains Get Three-Month Reprieve

• Clubhouse Security and Privacy | Avast

• Duo Charged with Multimillion-Dollar Dark Web Drugs Scheme

• IRS Warns Tax Professionals of Phishing Campaign Targeting EFINs

• Apple will proxy Safe Browsing requests to hide iOS users’ IP from Google

• Let’s Encrypt completes huge upgrade, can now rip and replace 200 million security certs in ‘worst case scenario’

• Okta CEO: Here’s where cloud identity management is headed

• How ransomware negotiations work

• Yandex Insider Breach Hits Nearly 5000 Inboxes

• FBI Warns About Using TeamViewer and Windows 7

• PayPal Suffered Cross-Site Scripting -XSS Vulnerability

• Employment Questionnaire Filled in By Steve Jobs Going Up for Auction

• iPhone 13 Rumored to Include Always-On Display With 120Hz ProMotion, Astrophotography Capabilities, Stronger MagSafe, and More

• Google To Pay £55m To French Publishers Under Copyright Deal

• Facebook ‘Working On Smartwatch’ With Messaging, Health Features

• File Taxes Safely And Securely | Avast

• Accellion to Retire File Transfer Service Targeted in Attacks

• Police Reportedly Arrest Egregor Ransomware Members

• French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine

• Spam and phishing in 2020

• The weirdest hacking techniques you’ve never heard of

• Dating App Bumble Sees Shares Soar On Debut

• Network Security: 5 Fundamentals for 2021

• Nissan Denies Reports of Apple Car Partnership Discussions

• Trying to register your antivirus in Windows Security Center?

• Zerologon Vulnerability: What You Need to Know

• AWS asks new Australian computer warrant provide immunity for account takeovers

• Commonwealth Bank proposes industry self-regulation for Australia-wide digital ID

• How do I select a DRM solution for my business?

• Have we put too much emphasis on protecting the network?

• Microsoft warns Australia for complicating Cyber Attack response

• Scotland girls excel in UK Cybersecurity Competition

• Quantum computing and encryption: Key to achieving resilience, technological sovereignty and leadership

• Nearly 40% of consumers lost money to phone scams in 2020

• Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack

• ThreatSwitch Study Finds Security Budgets Increasing in 2021, Driven by COVID-19 and the Cybersecurity Maturity Model Certification (CMMC)

• Scams Starting on Social Media and Targeting Your Business

• Common Criteria Certification: What Is It, and What Does It Mean for Tripwire Enterprise?

• CFOs are becoming catalysts of digital strategy

• Rampant password reuse puts companies and customers at risk

• Russian explained why hackers steal personal data of CD Projekt RED employees

• ASD says cyber attack intervention will be ‘rare’ under critical infrastructure Bill

• 
Video: tshark & Malware Analysis, (Sun, Feb 14th)

• ISC Stormcast For Monday, February 15th, 2021 https://isc.sans.edu/podcastdetail.html?id=7372, (Mon, Feb 15th)

• SpyCloud adds a password filter feature to Active Directory Guardian

• [SKP’s Novel Concept #01] Information Engineering Principles for the Internet

• Bitglass reveals additional technical integrations between its platform and SD-WAN providers

• Denim Group and NowSecure create a clear path toward scalable vulnerability remediation

• Ivanti appoints Erik Randles as SVP of global channels and alliances

• Google Cloud partners with Sigfox to scale its cloud infrastructure and extend its IoT services portfolio

• Microsoft asks government to stay out of its cyber attack response in Australia

• The kingpin behind Joker’s Stash retires with a billionaire exit

• SurePoint Technologies names Steve Crossman as Chief Revenue Officer

• IT Security News Weekly Summary – Week 06

• IT Security News Daily Summary 2021-02-14

• Data Risk, Intelligence and Insider Threats

• Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 316’

• BSidesSF 2020 – Daniel Tobin’s & Paul Karayan’s ‘From Cockroaches To Marble Floors’

• AustCyber merges with Stone & Chalk to boost local capability in emerging tech

• Video: tshark & Malware Analysis, (Sun, Feb 14th)

• BSidesSF 2020 – Mike Malone’s ‘If You’re Not Using SSH Certificates You’re Doing SSH Wrong’

• Foreside Launches Connect+

• Egregor ransomware operators arrested in Ukraine

• Fraudsters Target US Tax Experts in Ongoing Phishing Campaign

• Volkswagen CEO: We’re ‘Not Afraid’ of a Potential ‘Apple Car’

• Russia’s New Crises on the Periphery

• Combatting the Growing Cyberthreat of QR Code Abuse

• PayPal addresses reflected XSS bug in user wallet currency converter

• The Untold History of America’s Zero-Day Market

• Security Affairs newsletter Round 301

• FBI’s alert warns about using Windows 7 and TeamViewer

• Romania’s Iimobiliare.ro Website Suffer Major Security Breach

• Week in review: Improving vulnerability triage, RDP attacks soaring, hackers in high demand

• Adorcam Leaks Thousands of Webcam Accounts

• Penetration testing

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Apple’s Heart Month Activity Challenge Requires 60 Minutes of Exercise on Valentine’s Day

• Code42 Expects Security Business to Double in 2021

• Google Published a Research Blog About who are the People Prone to cyber-attacks via Email

• Hacked Finnish psychotherapy clinic files for bankruptcy

Generated on 2021-02-15 23:55:15.968492