IT Security News Daily Summary 2021-04-12

• Kentucky county clerks to authenticate via Yubikey

• NIST prototypes tech that bridges LMR and wireless broadband networks.

• 911 pilot tests emergency systems’ cyber defenses

• 1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free

• Sample CompTIA Security+ exam questions and answers

• Advice on how to prepare for the CompTIA Security+ exam

• Expert: Facebook Had Years To Fix Recent Data Breach Problem

• Microsoft Warns of Malware Delivery via Google URLs

• The Cost of Cloud LDAP

• Two former NSA Officials appointed by Joe Biden for prominent cyber roles

• After Cookies, Ad Tech Wants to Use Your Email to Track You Everywhere

• ShinyHunters dump partial database of broker firm Upstox

• JAIC feels pressure to go faster as tight budgets loom

• Man Arrested for AWS Bomb Plot

• How to raise the cybersecurity poverty line and make companies more secure

• 5 ways to increase your security on Clubhouse and why you should take precautions

• Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy

• On #DFIR Analysis, pt III – Benefits of a Structured Model

• Everything You Need to Know About Apple’s Find My Network Accessory Program

• VoIP Scams: The Basic Guide

• Following Facebook, Data Of 500+ Million LinkedIn Users Put For Sale

• BRATA Keeps Sneaking into Google Play, Now Targeting USA and Spain

• 3 Reasons Cyberattacks are Increasing (and How Zero Trust Can Help)

• IcedID Circulates Via Web Forms, Google URLs

• Zero Trust: The Mobile Dimension

• Biden Nominates More Ex-NSA Officials to Top Cybersecurity Roles

• UK Sports Teams Boycott Social Media

• ColorTokens Appoints Co-Founder Rajesh Khazanchi as CEO to Build an Industry Leader in Zero Trust Cybersecurity Solutions

• Identity Management Day: Cybercriminals No Longer Hack in, They Log In

• Recent Supreme Court Rulings on the Foreign Sovereign Immunities Act

• Under the Hood: Inside (ISC)² Exam Development Cycle

• Three ways technology can help revive the music industry

• Customer Spotlight: Managing Uploads to Non-Traditional Applications

• Gartner and the Top Strategic Technology Trends for 2021

• The Healthcare Breach Report: Hacking and IT Incidents on the Rise

• Threat Actors Abusing Contact Forms to Infect Employees’ Workstations

• Pierre Fabre Hit With $25 Million Ransomware Attack

• TriHealth Affected After Columbus Law Firm is Breached

• NetApp at NVIDIA GTC: Reducing AI infrastructure complexity and risk

• IAM Security: IBM Named Overall Leader

• Nvidia announces Morpheus, an AI-powered app framework for cybersecurity

• Billions of smartphone owners will soon be authorising payments using facial recognition

• IcedID Trojan Operators Experimenting With New Delivery Methods

• Iran Used Fake Instagram Accounts to Try to Nab Israelis: Spy Agencies

• DoControl Emerges From Stealth With SaaS Security Platform

• Threat intelligence frameworks to bolster security

• Apple and Google block official UK COVID-19 app update

• Security Researchers Find Critical Zero-Day Exploit in Zoom Messenger

• MAR-10331466-1.v1: China Chopper Webshell

• MAR-10330097-1.v1: DearCry Ransomware

• Google Maps App for iOS Finally Updated After Four Months

• Deals: Get Up to $69 Off Apple’s iPad Mini 5, Starting at $344.99 for 64GB Wi-Fi

• FCC Asks People to Use FCC Speed Test App to Measure U.S. Broadband Availability

• The VC View: Data Security – Deciphering a Misunderstood Category

• ID Verification Firm Veriff Lands $69 Million in Series B Funding

• Unearthing the ‘Attackability’ of Vulnerabilities that Attract Hackers

• Iran Nuclear Facility Suffers Cyber-Attack

• Vulnerability Summary for the Week of April 5, 2021

• Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator

• Criminals Spread Malware Using Contact Forms With Google URLs

• Stuxnet Sibling Theory Surges After Iran Says Nuke Facility Shut Down By Electrical Fault

• Texas Man Wanted To Blow Up Amazon To Kill 70% Of The Internet

• There’s Another Facebook Phone Number Database Online

• Tim Cook Says App Store Would Become a ‘Flea Market’ if Third-Party Payment Systems Were Allowed

• Mike Lynch-backed Darktrace to file for London IPO in aftermath of Deliveroo flop

• Upstox suffers data breach of over 2.5 million users

• 11 Emerging Cybersecurity Trends in 2021

• 11 Types of Phishing + Real-Life Examples

• Hackers Deploy Malware To Gigaset Android Phones With Malicious Update

• Facebook and Google Account Authentication | Avast

• Nvidia announces BlueField-3 DPUs for AI and analytics workloads

• Biden Names 2 Ex-NSA Officials for Senior Cyber Positions

• Cyber-criminals Increasingly Leveraging Debates About Travel During #COVID19 to Launch Attacks

• Google Tricked Millions of Chrome Users in the Name of ‘Privacy’

• Microsoft Uses Machine Learning to Predict Attackers’ Next Steps

• Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

• Securing AWS EKS Environments

• The Inner Workings of Financially Motivated Cybercrime

• Tim Cook Says Apple is ‘Not Against Digital Advertising’ Ahead of iOS 14.5 Launch With App Tracking Transparency

• Apple Made Sudden Security Changes to its Chips in Fall 2020

• Exclusive Deals: Hyper Offering 20% Off Sitewide, Including Battery Packs, USB-C Hubs, and More

• Apple Adjusts Pro Display XDR Marketing in UK Following Complaints of Misleading Claims

• Protected: Tweet Chat: The Social Dilemma

• How Good is Your Enterprise’s Contingency Planning?

• AI Is Alive! But Not Without Our Help

• Transport Layer Security (TLS)

• FCW Insider: April 12, 2021

• Biden taps Inglis, Easterly for top cyber jobs

• New Malware Downloader Spotted in Targeted Campaigns

• Update to CVE-2019-7238 in Nexus Repository Manager 3

• Son of Stuxnet? Iran Nuke Site Hacked ‘by Israel’ (Again)

• Deals: Shop Best-Ever Prices on 21.5-Inch iMac ($949 for 256GB) and M1 MacBook Air ($1,149 for 512GB)

• At last – Thinking outside the SCIF

• Zerodium Will Triple Payouts for RCE Exploits for WordPress CMS

• Malware Found Embedded Within APKPure

• Joker Malware Hits 500,000 Huawei Android Smartphones

• 6-year-old Moodle flaw exposed millions to account takeover attack

• How scalper bots profit by buying and reselling Sony PS5 and Xbox consoles

• This browser extension promises to block Google’s controversial new tracking algorithm

• Cybersecurity M&A Roundup for April 1-11, 2021

• Iran Blames Israel for Sabotage at Natanz Nuclear Site

• Europol: “Virtually All” Crime Now Has a Digital Element

• Wake Up and Smell the JavaScript

• Axis Security Recognized as a Microsoft Security 20/20 Partner Awards Finalist for Emerging Security ISV Disruptor

• Kaseya’s Latest Innovation Cycle Strengthens IT Complete Platform to Support Ongoing Remote Work and Compliance Requirements

• Fake App Attacks On The Rise, As Malware Hides In Plain Sight

• Israel allegedly takes responsibility for Iran cyberattack

• Nation-state attackers are increasingly targeting businesses

• Microsofts new cyberattack simulator can help test your defences

• Pharmaceutical Group Pierre Fabre Fell Victim of REvil Ransomware Attack

• Largest Pathologists Association Worldwide Discloses Credit Card Incident

• Malicious Android App Targeted Users With Malware Via WhatsApp Auto-replies

• SafeGuard nabs $45M to combat cybersecurity risks using AI

• Omdia Research Spotlight: XDR

• What Does It Take To Be a Cybersecurity Researcher?

• Mac Shipments More Than Doubled in First Three Months of 2021 Compared to Same Period in 2020

• Expert Reaction On Europol Publishes Its Serious And Organised Crime Threat Assessment 2021

• Expert On Study That Brits Using Pets’ Names As Online Passwords

• Apple and Google block NHS Covid-19 App update

• Microsoft: Threat Actors Use Contact Forms on Websites to Deliver IcedID Malware

• Duo Care’s Premium Customer Care Provides Extra Layers of Support

• How ransomware gangs are connected, sharing resources and tactics

• Wanted: Software Developers with a Security Mindset

• The difference between SASE and Zero Trust

• Do customers really care about SASE? Absolutely, and here’s why

• Use AI to fight AI-powered cyber-attacks

• 5 steps to respond to a data breach

• SD-WAN vs. MPLS: how do they compare from a security perspective?

• Is Linux A More Secure Option Than Windows For Businesses? >

• Data access management startup DoControl emerges from stealth with $13.35M

• PayPal rolls out new fraud management tools for merchants

• Zerodium Offering $300,000 for WordPress Exploits

• Fed Chair Says Cyberattacks Main Risk to US Economy

• Naked Security Live – How to spot “government” scammers

• Apple Blocks Update to UK NHS Contact Tracing App for Breaking Location Data Collection Rules

• How bitcoin payments unmasked a man who hired a Dark Web contract killer

• 5 perspectives on modern data analytics

• Judge Deals Amazon Setback In New York Labour Row

• Apple App Store Security ‘Like Bringing Butter Knife To Gunfight’

• TOP 11 Deep Web Search Engine Alternative for Google and Bing 2021

• Check Point’s Mobile Security Report 2021: Almost Every Organization Experienced a Mobile-related Attack in 2020

• Who do I pay to get the ‘phone’ removed from my iPhone?

• Criminals spread malware using website contact forms with Google URLs

• Critical security alert: If you haven’t patched this old VPN vulnerability, assume your network is compromised

• Tripwire Patch Priority Index for March 2021

• Brits Still Confused by Multi-Factor Authentication

• Enhancing Tenable.io Web Application Scanner Results

• Bloomberg: Apple Working on New Apple TV With Integrated HomePod Speaker and FaceTime Camera

• Bloomberg: Future HomePod May Feature iPad Connected Via Robotic Arm to Track Users Around The Room During FaceTime Calls

• How to Spot Fake Reviews on Amazon

• Zero days explained: How unknown vulnerabilities become gateways for attackers

• How data poisoning attacks corrupt machine learning models

• Software Glitch Led To ‘Serious’ Tui Flight Incident

• US Senate Chastises Apple Over ‘Abrupt’ Testimony U-Turn

• Over 90% of Organizations Hit by a Mobile Malware Attack in 2020

• Serious and Organised Crime in the EU: A corrupting influence

• Iran Natanz Nuclear Facility Struck by a Blackout Labelled as an Act of “Nuclear Terrorism”

• LinkedIn confirmed that it was not a victim of a data breach

• Images Depict ‘Extremely Rare’ iPhone 11 Pro Prototype With Misaligned Apple Logo

• Google Pixel Watch Allegedly Leaks with Circular Design, Rumored to Launch in October

• Natanz Nuclear Facility Based in Iran Became the Victim of Sabotage

• Critical Vulnerability in Zoom Discovered During Pwn2Own

• Cybersecurity start-up Darktrace plans to go public in London despite Deliveroo’s IPO flop

• Google Loses Dispute Over Data Centre Working Conditions

• Neuralink Video Shows Monkey Playing Pong With Its Mind

• Man Arrested After Failed AWS Bomb Plot

• Amazon Defeats Alabama Unionisation Drive

• Belden Says Health-Related Information Leaked in Cyberattack

• Yanbian Gang Malware Continues With Large-Scale Distribution and C2

• Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

• Visibility, Context, Automation are Key to Security Control

• Beating security fatigue with Troy Hunt, Chloé Messdaghi, and Tanya Janca: Lock and Code S02E06

• Trying to register your antivirus in Windows Security Center?

• The Azure Identity Governance Tools

• Nation-State Cyberthreats Persist

• Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities

• Stuxnet sibling theory surges after Iran says nuke facility shut down by electrical fault

• Israel cyber attack on Iran Natanz Nuclear Facility

• Popular carding forum hacked and data leaked

• The SOC is blind to the attackable surface

• Using Salesforce? Here are 5 security and compliance considerations

• Securing an online marketplace through the COVID-19-fueled boom

• Upcoming 12.9-Inch iPad Pro Supplies Could Be Limited Due to Mini-LED Production Issues

• Increasing need for ITOps process automation due to digital transformation

• The benefits of cyber threat intelligence

• How Tripwire Can Help U.S. Federal Agencies Implement the CIS Controls

• CFOs focused on growth, investing for the future

• Scientists develop quantum machine learning methods for reasoning

• 
Building an IDS Sensor with Suricata & Zeek with Logs to ELK, (Sat, Apr 10th)

• ISC Stormcast For Monday, April 12th, 2021 https://isc.sans.edu/podcastdetail.html?id=7452, (Mon, Apr 12th)

• United States’ plan to beat China includes dominating tech standards groups, especially for 5G

• USA’s plan to beat China includes dominating tech standards groups, especially for 5G

• Scraped data of 1.3 million Clubhouse users published online

• Cisco invests in Securiti to help customers address multicloud and edge security

• Apple M1 hardware support merged into Linux 5.13

• No password required: Mobile carrier exposes data for millions of accounts

• Ransomware: The internet’s biggest security crisis is getting worse. We need a way out

• Jonathon Dixon joins Cloudflare as VP and GM, Asia Pacific

• IT Security News Weekly Summary – Week 14

• IT Security News Daily Summary 2021-04-11

• Apple Agrees to Provide Executive to Testify At Upcoming App Store Senate Hearing

• Iran Calls Natanz Atomic Site Blackout ‘Nuclear Terrorism’

• XKCD ‘Eradication’

• BSides Philly 2020 – Christopher Lopez’ ‘Asking Questions And Writing Effectively’

• Android apps on APKPure store caught spreading malware

• BSides Philly 2020 – Kelley Robinson’s ‘What If We Had TLS For Phone Numbers’

• Is the recent accident at Iran Natanz nuclear plant a cyber attack?

• Al-Qaeda After Ayman al-Zawahiri

• Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021

• Cybercriminals Used Facebook Ads to Lure Users into Installing the Fake Clubhouse App

• Developer Recreates Flappy Bird as Interactive macOS Notification

• 2021 Cybersecurity Outlook: The More Things Change, The More They Stay the Same

• Next Generation Software Fills Some Gaps – But Agencies Still Need Accelerated Visibility and Control of Endpoints

• Personal data of 1.3 million Clubhouse users leaked online

• An Insider’s View into Blocking Email Threats

• HUSH – THIS DATA IS SECRET

• How to Log In to Your Devices Without Passwords

• Three Years In: An Update on the Georgia Cyber Center

• Bitcoin Touches the Peak at $60,000 – Everything you Need to Know!

• “You shouldn’t treat knowledge like it’s a competition”

• Security Affairs newsletter Round 309

• Joker malware infected 538,000 Huawei Android devices

• Week in review: SAP apps under attack, Zero Trust creator talks, Patch Tuesday forecast

• New Wormable Android Malware Disguised as a Netflix Tool Spreads Through WhatsApp Messages

• Slack and Discord are Being Hijacked by Hackers to Distribute Malware

• Penetration testing

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Cybersecurity experts warned of a possible attack on Russian accounts in May

Generated on 2021-04-12 23:55:08.748986