IT Security News Daily Summary 2021-02-20

• Introducing Crowdsec: A Modernized, Collaborative Massively Multiplayer Firewall for Linux>

• BSidesSF 2020 – Sourya Biswas’ ‘How The Coasts Approach Information Security Differently’

• M1 Macs Targeted by Additional Malware, Exact Threat Remains a Mystery

• Chrome Used 10X More RAM Than Safari on macOS Big Sur in Recent Test

• Brave browser Tor feature leaked .Onion queries to ISPs

• BSidesSF 2020 – Jacob Brackett’s ‘RIS-ky Business: Exploiting Medical Information Systems’

• XKCD ‘Perseverance Microphones’

• Sequoia Capital Venture Capital firm discloses a data breach

• Mitsubishi Begins Adopting Wireless CarPlay

• Why is Wikepedia So Racist?

• Robot Detained a Google AI Ethicist, Terminated Her

• SolarWinds hackers accessed source code of Azure, Exchange, Intune

• Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users

• SonicWall releases second firmware updates for SMA 100 vulnerability

• Revisiting Apple’s MagSafe Leather Wallet After 3 Months of Usage

• Experian challenged over massive data leak in Brazil

• Brazilian firms fail to increase security spend through Covid-19

• Malware Affecting Apple’s New M1 Chip Detected by Researchers

• CLoP Hacker Group Purloined Data From Jones Day

• Think Before Investing – A Mantra for Investors Who Bindly Follow the Tweets of Elon Musk

• Sites Have a Sneaky New Way to Track You Across the Web

• Omegle investigation raises new concerns for kids’ safety

• Silver Sparrow, a new malware infects Mac systems using Apple M1 chip

• Microsoft Rolls Out “Kids Mode” For Safe Browsing In Edge Browser

• Cybercrime Undercover: Phishing Attacks Imitating Famous Brands Proliferate

• Top Stories: More iOS 14.5 Beta Changes, iPhone 13 Rumors, Apple Watch Charging Issue Fixed

• Happy birthday, Python, you’re 30 years old today: Easy to learn, and the right tool at the right time

• ScamClub Malvertiser Exploited WebKit Zero-Day To Redirect Users To Shady Sites

• ‘Build’ or ‘Buy’ your own antivirus product

• TDoS attacks could cost lives, warns FBI

• Week in security with Tony Anscombe

• 2021-02-19 – Mensagem “Pascholotto” empurra malware

• The data of 110 thousand customers was stolen from the Lithuanian car rental service

• The Cloud Shift Is Now: Boost Your Enterprise Security Portfolio

• The massive coronavirus IT blunder with a funny side

• Getting Into the Rhythm of Chart Typography with {ragg} and {hrbragg} (a.k.a. It’s {ragg}-time}

• Gurman: No Apple Event Happening on March 16

• iPadOS 14.5 Beta Adds Apple Pencil Scribble Support for German, French, Spanish, Italian and Portuguese

• Threat Roundup for February 12 to February 19

• Kia Denies Ransomware Attack as IT Outage Continues

• Mandiant Exposes APT1 – One of China’s Cyber Espionage Units &
  Releases 3,000 Indicators

• Privacy bug in the Brave browser exposes Tor addresses to user’s DNS provider

• Come Work With Lawfare, As Our Bookkeeping Office Manager!

• How You Can Take The CISSP Exam From Home

• IT Security News Daily Summary 2021-02-19

• Malformed URL Prefix Phishing Attacks Spike 6,000%

• How do cybercriminals steal credit card information?

• Facebook To Begin Cracking Down On Climate Change Misinformation

• Shares of Long-Range Wireless Charging Company Energous Nearly Double Today on Years-Old Rumors of Apple Partnership

• Mitigating Memory Safety Issues in Open Source Software

• Ransomware is Evolving – Agencies Must Prioritize Data Backup

• Top 100 Managed Security Service Providers (MSSPs)

• NIST updates smart grid framework

• CISA looks inward to stop future supply chain attacks

• DOD’s 5G-powered smart warehouse network kicks off

• How robots would help the Post Office

• Zero Trust is not a security solution. It’s a strategy

• Kia outage may be the result of ransomware

• Suspected Russian Hack Fuels New US Action on Cybersecurity

• BSidesSF 2020 – Chloé Messdaghi’s, Ryan Louie’s & Susan Peediyakkal’s ‘Panel: Mental Health for Hackers – Contents Under Pressure’

• XKCD ‘Animal Songs’

• BSidesSF 2020 – Brianne Hughes’ ‘How To Write Like It’s Your Job’

• Apple Highlights Upcoming Spring and Summer TV Shows

• Cybersecurity for a Cloud-First, Work-from-Home World (Part 2)

• Facebook tries to explain the WhatsApp privacy changes one more time

• Credential-Stuffing Attack Targets Regional Internet Registry

• Mysterious Silver Sparrow Malware Found Nesting on 30K Macs

• How to find details about user logins on Linux

• New malformed URL phishing technique can make attacks harder to spot

• US Arrests Six Alleged Cyber-Scam Money Launderers

• Windscribe VPN review

• MacRumors Giveaway: Win an Executive Laptop Backpack and AirPods Max Shield Case From WaterField Designs

• ‘Mythic Quest’ Season 2 Premiering on Apple TV+ on May 7

• Zero Trust Meets OS Patch Management

• How Do Copyright Rules Affect Internet Creators? And What Can They Do About It?

• North Korean hackers charged with $1.3 billion of cyberheists

• FBI Warns of Telephony DDoS Attacks

• Multiple Cities Disclose Data Breach After Vendor’s Ransomware Attack

• RIPE NCC targeted With Credential Stuffing Attack

• Jamaica’s Immigration Website Exposed Thousands of Travelers’ Data

• ELF Malware Analysis 101: Part 3 – Advanced Analysis

• cracker

• Take security to the Zero Trust Edge

• 1Kosmos Emerges from Stealth Mode With $15 Million in Funding

• Healthcare Data Breaches Halved in January

• Kia Denies Ransomware Attack

• Attackers Already Targeting Apple’s M1 Chip with Custom Malware

• New Masslogger Trojan variant exfiltrates user credentials

• Cops Using Music to Try to Stop Being Filmed Is Just the Tip of the Iceberg

• New variant of MassLogger Trojan stealing Chrome, Outlook data

• FCW Insider: Feb. 19

• IRS issues urgent notice on scams aimed at tax professionals

• The massive coronavirus pandemic IT blunder with a funny side

• Omdia’s On-Demand Webinars

• Reducing the Time to Discovery: How to Determine if You Have Been Hacked

• Apple TV+ Series ‘Physical’ Starring Rose Byrne Coming This Summer

• Apple Shares Teaser for ‘The Mosquito Coast’ Coming to Apple TV+ April 30

• Reflections On Reform of the Impeachment Process

• CEOs Comments On Report: Rise In Healthcare Attacks

• Expert Reaction On UK Cyber Security Attracts Record Investment

• Cloud Data Security is Now Available in AWS Marketplace

• International law firm Jones Day hacked with data posted on dark web

• Racial and Immigrant Justice Groups Sue Government for Records of COVID-19 Data Surveillance

• WhatsApp To Press Ahead With Privacy Update

• 11 Ways To Fix the ERR_SSL_VERSION_INTERFERENCE Chrome Error

• Manufacturing Cybersecurity Threats and How To Face Them

• Brave browser leaks onion addresses in DNS traffic

• Inside the Battle to Control Enterprise Security Data Lakes

• Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

• Personal Information of Nearly 1,30,000 Singtel Users’ Stolen in a Data Breach

• SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs

• Deals: Numerous Sales Hit Apple’s 2020 iPad Air, Prices Start at $549 for 64GB Wi-Fi

• Apple Reportedly in Active Talks With Multiple LiDAR Sensor Suppliers for Self-Driving Vehicle

• WhatsApp gives new data privacy deadline of May 15

• Malaysia arrests 11 suspects for hacking government sites

• Linux 101: How to block users from setting up their own cron jobs

• Forrester report highlights Zero Trust Edge model for networking and security infrastructure

• Brussels Okays EU-UK Personal Data Flows

• Draft Adequacy Decision Paves the Way for EU-UK Data Flows to Continue Freely

• DoppelPaymer Gang Reportedly Attacked Kia Motors America with Ransomware

• Police dismantle criminal network linked to international VAT fraud trading vegetable oil

• New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card

• Industry Recognition for Runtime Application Security: Omdia Research

• It’s not stupid if it works: best tech support MacGyver moves

• AppSec Bites Part 3: Has the New Virtual Reality Created Opportunities for AppSec?

• Ghost Camaro of Bosnia

• How to change region on Steam

• Plex Testing TV App Integration Across iPhone, iPad, and Apple TV

• Apple Demanded Sales Information on 30,000+ Games From Steam in Ongoing Lawsuit With Epic Games

• Companies unprepared for cloud migration

• Apple details major security, privacy enhancements in its devices

• EPP EDR: What Is Each and How They Differ

• What Is a Zero-Day Vulnerability?

• The Biggest Data Breaches of 2021

• More Supply-Chain Cyberattacks are in the Wind

• Fireside Chat – Running A Cyber Crisis Drill For The US Government, Homeland Security & Tabletops For Enterprise Board Members

• Myanmar arrests 11 suspects for hacking government sites during protests

• Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code

• After IT Outage, Carmakers Kia and Hyundai Say No Evidence of Ransomware Attack

• Kaspersky: Decline in DDoS Attacks Linked to Surge in Cryptocurrency Value

• How to Fine-Tune Vendor Risk Management in a Virtual World

• New version adds encrypted communication

• AirPods Max in Silver Now Available to Ship on Verizon

• US cities affected after ATFS Ransomware attack

• SECURITY ALERT: Newly Discovered Fan Courier Phishing Campaign Targets Romanian Companies

• Blueprint for fault-tolerant qubits

• Quantum computing: When ignorance is wanted

• Leaving LastPass? Here’s how to get your passwords out

• WhatsApp tries again to explain what data it shares with Facebook and why

• Virginia Lawmakers Advance Consumer Data Protection Act

• Carmakers Kia and Hyundai Say No Evidence of Ransomware Attack

• Shift to Remote Work Necessitating Greater Innovation in Cybersecurity

• 2021 Security Outcomes Study: Stress Relief for CISOs

• Microsoft Wraps SolarWinds Probe, Nudges Companies Towards Zero Trust

• Browser Tracking Via Favicons Affects Multiple Browsers

• BBC Select Now Available Through Apple TV Channels

• Clubhouse Reportedly Surpasses 8 Million App Store Downloads

• How to Understand Iranian Information Operations

• The Weeds and Flowers of Information Security

• Google Appoints Executive At Troubled AI Research Group

• MyData Global Data Trust Network | Avast

• Microsoft: SolarWinds Hackers Attempted to Access Our Systems Until January 2021

• Protecting Against Vaccine-Themed Attacks and Misinformation

• CrowdStrike Snaps Up London Start-Up Humio

• Lakehead University Shuts Down Campuses and Computers After Cyberattack

• Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning

• Router Security

• Bloomberg: iPhone Reverse Charging for Apple Watch and AirPods ‘Unlikely in the Near Future’

• Apple Maps Expands Turn-by-Turn Directions for United Arab Emirates

• Millions of Californian DMV records possibly exposed in breach

• People’s Postcode Lottery scam claims you could have won £1,000

• Red Canary closes $81 million Series C financing round led by Summit Partners

• Microsoft: Solorigate attackers grabbed Azure, Intune, Exchange component source code

• UK Court Rules Uber Drivers Are Workers

• SolarWinds Attackers Breached 100+ Private Firms

• HomeKit Support Rolling Out to IKEA’s TRADFRI Motion Sensor and Shortcut Button

• Bloomberg: Apple Working on MagSafe Battery Pack for iPhone 12

• The CSO guide to top security conferences, 2020

• Egregor ransomware group explained: And how to defend against it

• Internet Registry RIPE NCC Warns of Credential Stuffing Attack

• Banks Investing in Automated Cyber-Defenses to Fight Business Email Compromise, Survey Shows

• Masslogger Campaigns Exfiltrates Clients Credentials

• “LinkedIn Private Shared Document” Shared Via Phishing Email by Hackers

• Tim Cook: 2020 Was Apple’s ‘Top Year of Innovation Ever’

• RIPE NCC reveals failed brute-force assault on its SSO service

• Cybersecurity in Cyberpunk 2077: the good, the bad, and the cringeworthy

• How to make Microsoft Office (mostly) unhackable

• Capital Group Appoints Marta Zarraga as Global Chief Information Officer

• Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials

• Hackers steal credit card data abusing Google’s Apps Script

• iPhone Production in India Reportedly Impacted By Tensions Along Chinese Border

• Apple to Hold Preview Event At Second Apple Store in South Korea on February 24

• CityBee – 110,156 breached accounts

• Study Proves AI Can Encourage Dishonesty | Avast

• Fight Back Against COVID-19 Cyberfraud

• Dynamic Data Exchange (DDE) is Back in the Wild?, (Fri, Feb 19th)

• Want your endpoint security product in the ‘Microsoft Consumer Antivirus Providers for Windows’ ?

• Accelerate your storage—first the cloud, then to infinity and beyond

• Weekly Update 231

• SolarWinds Hackers Stole Some Source Code for Microsoft Azure, Exchange, Intune

• Nation-State Espionage in ‘The Flight Attendant’

• Ransomware attack on California Department of Motor Vehicles

• United States charges 3 North Koreans for Global Cyber Attacks

• SolarWinds hackers downloaded some Microsoft source code for Azure, Exchange, and Intune

• What behavioral experts can teach us about improving security

• Atheists warn followers of unholy data leak, hint dark deeds may have tried to make it go away

• Malware authors already taking aim at Apple M1 Macs

• Apple Donating to Texas Relief Efforts

• Season 2 of ‘For All Mankind’ Now Available on Apple TV+

• The Coronavirus Pandemic Is Widening the Cybersecurity Skills Gap

• CXOs consider mainframe and legacy modernization a business priority

• Most security pros think a WAF is high maintenance

• Business email compromise is a top concern for banks

• 5G security market to reach 5.226 billion by 2026

• Ukrainian police arrested members of a well-known cyber ransomware group

• ISC Stormcast For Friday, February 19th, 2021 https://isc.sans.edu/podcastdetail.html?id=7380, (Fri, Feb 19th)

• ShiftLeft Illuminate reduces risk to organizations’ software code base

• CIS launches MDBR, a no-cost ransomware protection service for private hospitals

• Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use

• Calix updates AXOS to expand infrastructure APIs to enable full modularity across network functions

• CircleCI announces privacy enhancements for engineering teams

• Microsoft admits some Azure, Exchange, Intune source code snaffled in SolarWinds schemozzle

• What is SQL Injection? How to Prevent SQL Injection

• Bitglass further expands its SD-WAN integration ecosystem

• JEDEC issues JESD304-4.01 DDR4 NVDIMM-P Bus Protocol

• Marvell and Toshiba extend HDD controller and preamplifier collaboration

• D-Link unveils DCS-8300LHV2 Full HD Wi-Fi Camera with AI-based person detection

• Windstream WE Connect gives customers enhanced insight into their networks

• Lawmakers press OPM, CDC for vaccine allocations for federal employees

• Microsoft Concludes Internal Investigation into Solorigate Breach

• Backblaze expends Board of Directors with three new members

• CrowdStrike acquires Humio to expend its XDR capabilities

• Neustar’s digital and call center identity service approved by Kantara

• Pentagon plans for spectrum policy changes, modernizing IT tools

• S3 Ep20: Corporate megahacking, true love gone bad, and tax grabs [Podcast]

• Un año de resiliencia con espíritu latino.

• iOS and iPadOS Apps Worth Checking Out – February 2021

• Why Are Farmers Protesting in India?

• Situational Ethics Drove the Military’s Decision to Delay Female Officer Promotions

• CloudSense appoints two new executives to its leadership team

Generated on 2021-02-20 23:55:10.179464