IT Security News Daily Summary 2021-10-09

• Facebook Permanently Bans User Who Created A Tool To Help People Quit The Platform

• CCSP vs. EXIN Cloud Certifications: What are the Differences?

• AT&T Business Summit is virtual Oct. 27-28 and free!

• Security.org: 68% of Americans use the same password across accounts

• Firefox Suggest to display sponsored ads but users can disable them

• Google addresses four high-severity flaws in Chrome

• Your cybersecurity team will face burnout, and you need to help

• Report: Government is the most-targeted sector by nation-state attackers

• Someone Hacked a US Warship Facebook Account to Stream Games

• Cloudflare Isn’t Liable for Sites That Hawk Counterfeits

• Top Stories: Apple Watch Pre-Orders, October Apple Event?, Remembering Steve Jobs, and More

• Russian Hackers are Responsible for 58% of All Hacks on Government Networks – Microsoft

• Security expert published NMAP script for Apache CVE-2021-41773 vulnerability

• Meet Megan West, Honoree of the 2021 (ISC)² CEO Global Achievement Award

• Sky.com servers exposed via misconfiguration

• Cox Media Group took down broadcasts after a ransomware attack

• Build or Buy your own antivirus product

• Why App Security Should Be a Major Concern For Financial Service Providers

• How Will $1.9 Billion for Cybersecurity Protect American Infrastructure?

• Introduction to SAST

• Sontiq Digital Safety and Security features help families tackle identity crimes and cyberthreats

• Skyflow Fintech Privacy Vault accelerates product development for software teams

• Week in security with Tony Anscombe

• Brewer’s Token Gaffe Causes Massive PII Breach

• ECU Student Charged with Cyber-stalking

• ESET PROTECT Advanced Review: Features & Benefits

• Qualys Automates Ransomware Risk Assessment

• Visa selects Callsign as their behavioral biometric and device intelligence identity provider

• 2021-10-07 – Qakbot (Qbot) obama111 with Cobalt Strike

• Why enterprise patch management pains are cybercriminals’ gain

• SecZetta partners with One Identity to automate identity access for third-party users

• Concentric integrates with Box to protect data, build ransomware resiliency and mitigate risk

• Apple Files Appeal in Epic Games Lawsuit, Asks to Delay App Store Changes

• Emily Rollin joins McAfee Board of Directors

• eSentire and Guidewire apply risk modeling and proprietary data for cyber security risk reduction

• McAfee/FireEye merger completed, CEO says automation only way forward for cybersecurity

• CompTIA updates CASP+ certification for security architects and senior security engineers

• Ann Chaplin joins Qualcomm as General Counsel and Corporate Secretary

• Aura appoints Kelly Merryman as President and COO

• Beware- FontOnLake Rootkit Malware Attacking Linux Systems

• What the Facebook Whistleblower Tells Us About Big Tech

• Firefox reveals sponsored ad “suggestions” in search and address bar

• White House looks to step up endpoint monitoring

• IT, supply chain figure in agency climate resilience plans

• White House, Congress Target Ransomware Payments

• IT Security News Daily Summary 2021-10-08

• 58% of all nation-state attacks in the last year were launched by Russian nation-state actors

• When Is a State Secret Not a Secret?

• cryptographic nonce

• FirstNet to be deployed at 15 Air Force bases

• North American Orgs Hit With an Average of 497 Cyberattacks per Week

• Tips for DFIR Analysts, pt III

• Shaping the Future of Cybersecurity

• Admins: Patch management is too complex and cumbersome

• Apple Stops Signing iOS 15.0 Following iOS 15.0.1 Release, Downgrading No Longer Possible

• You can create Let’s Encrypt SSL certificates with acme.sh on Linux

• A Brief Walkthrough On CMMS Cybersecurity

• What Is Data Protection and Why Does it Matter?

• Apple Watch SE vs. Apple Watch Series 7 Buyer’s Guide

• AI Weekly: EU facial recognition ban highlights need for U.S. legislation

• Citizen Lab researcher disputes claims from NSO Group after UK court finds UAE ruler used Pegasus to hack ex-wife, lawyers

• MacRumors Giveaway: Win an Apple Watch Series 7 and Fitness Award Prize Pack From Activity Awards

• Twitch data breach resulted from server configuration error

• Nevada adds dashcam data to digital twin of work zone traffic

• Motion Picture Academy employs cutting-edge tech to keep Oscar contenders secure

• ‘FontOnLake’ Malware Family Targets Linux Systems

• Challenge seeks mobile fingerprint capture tech for responders

• US Shutters Psychic Mass Mail Fraud

• 71% of Security Pros Find Patching to be Complex and Time Consuming, Ivanti Study Confirms

• The Jan. 6 Investigation Is Ramping Up. Will It Matter?

• How to better secure user authentication protocols

• Wireshark 3.4.9 Released – What’s New!!

• Virtual Workshop Tuesday: EFF’s Mitch Stoltz Will Discuss Free Software Movement On Panel Examining Ethics and Open Source Software Licensing

• Uber Sued In UK Over Alleged Facial Recognition Bias

• NSA Releases Guidance on Avoiding the Dangers of Wildcard TLS Certificates and ALPACA Techniques

• Apple Watch Series 7 Already Seeing Discounts of Up to $25 at Expercom

• Some Customers Unhappy With Apple Watch Series 7 Color Options

• How DevSecOps software factories are closing the delivery gap for DOD

• Install SELinux on Ubuntu Server 20.04: Here’s how

• The history and evolution of ransomware

• Apache patch proves patchy – now you need to patch the patch

• NSA Releases Guidance on Avoiding the Dangers of Wildcard TLS Certificates and ALPACA Techniques

• Source Code Protection Market

• How to Close the Security Gap Between Identity and Access Management (IAM) and Shared Accounts

• UK newspaper The Telegraph exposed a 10TB database with subscriber data

• FCW Insider: October 8, 2021

• Patch ‘Immediately’: Apache Issues Software Fix Amid Zero-Day Attacks

• Apple Watch Series 7 the Same Thickness as Series 6, Despite Rumors

• Never mind Russia: Turkey and Vietnam are Microsoft’s new state-backed hacker threats du jour

• FontOnLake Linux Malware Used in Targeted Attacks

• Google Patches Four Severe Vulnerabilities in Chrome

• Google Blocked 14,000 Russian Government Phishing Emails

• Twitch Blames Server Error For Massive Data Leak

• New TSA Regulations To Address Cyber Threat To Rail Systems

• BrewDog Exposed Data Of 200,000 Shareholders For Over A Year

• AVD Bug Fixed by Microsoft

• What is a data breach & how to prevent one?

• Ransomware: Cyber criminals are still exploiting these old vulnerabilities, so patch now

• Apple Products Now Include 7-Day Complimentary AppleCare+ in Australia

• Apple Discontinues Apple Watch Series 6 as Series 7 Pre-Orders Begin

• Apache Releases Yet Another Emergency Update to Address Exploited Vulnerabilities

• FIN12 Ransomware Group Hits Healthcare Sector

• At long last, Microsoft is disabling Excel 4.0 macros by default

• Securing the Future of Work With Zero Trust

• 5 Trends Driving Application Security Challenges

• Hardware Bolsters Medical Device Security

• Ransomware Group FIN12 Aggressively Going After Healthcare Targets

• Actors Target Huawei Cloud Using Upgraded Linux Malware

• Sky Launches Streaming Television Unit, Sky Glass

• The Case for Cybersecurity Education for Engineers

• Russia poses the biggest nation-state cyber threat, says Microsoft

• BrewDog exposed data of 200,000 shareholders for over a year

• Apple Watch Series 7 Already Facing November Delivery for Some Models

• Understanding Police Reliance on Private Data

• Cybersecurity experts discuss the Twitch data breach

• Singapore tweaks cybersecurity strategy with OT emphasis

• EDR Bypasses

• Lots and Lots of Bots: Looking at Botnet Activity in 2021

• 4 Keys to Create a Thriving Cybersecurity Team for Long-Term Success

• Apple Watch Series 7 Now Available for Pre-Order

• Deals: Carriers Introduce First Offers on Apple Watch Series 7

• How Can Parents Keep Children Safe Online?

• Tesla Moves Headquarters From California To Texas

• Let’s Encrypt Root Expiration – Post-Mortem

• The Netherlands declares war on ransomware operations

• Expert Cybersecurity Comment | Twitch Data Breach

• Feedzai Financial Crime Report: 23% Increase In Online Fraud As Cashless Payments Take Center Stage

• Google announces new efforts to protect journalists and high-risk users from cyberattacks

• Apache Releases Another Patch for Actively Exploited HTTP Server Zero-Day

• CFO Survey: Covid, cyberattacks biggest external threats to business

• Making better cybersecurity training: Q&A with Malwarebytes expert Kelsey Prichard

• September 2021’s Most Wanted Malware: Trickbot Once Again Tops the List

• CIA Creates Working Group on China as Threats Keep Rising

• Twitch Struggles With Hackers and Hate Raid Bots

• Widespread Power Outages in China Have Apple Suppliers ‘Scrambling’ to Keep Production on Track

• 14,000 Gmail Users Warned by Google of Phishing Campaign

• Excel 4.0 Macros Will Be Disabled in Order to Protect Users

• Discord scammers lure victims with promise of free Nitro subscriptions

• The CSO guide to top security conferences, 2021

• Microsoft: Russia Dominates State-Sponsored Attacks

• Google warns of APT28 attack attempts against 14,000 Gmail users

• Google Executive Wants to Help Apple Make Texts Between Android and iPhone Users More Secure

• Vidar Stealer Returns and Has a New Target: Mastodon

• GnuPG fixes a problem with Let’s Encrypt certificate chain validation

• Prevent Business Network Failures | Avast

• Attackers Encrypt VMware ESXi Server With Python Ransomware

• NatWest Pleads Guilty in £400m Money Laundering Case

• UK Firms Hit by One Attack Every 47 Seconds Over Summer

• Printing shop for forged documents dismantled in Barcelona

• Here Are the Apple Watch Series 7 Prices

• Livestream Panel Discussion Tuesday: EFF, Encryption Users Will Discuss Consequences of Apple’s Planned Scanning Tool, Suggest Changes

• Apache rolled out a new update in a few days to fix incomplete patch for an actively exploited flaw

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Hacker Leaks Twitch Source Code and Contents | Avast

• Researchers Warn of FontOnLake Rootkit Malware Targeting Linux Systems

• Apple Online Store Down Ahead of Apple Watch Series 7 Pre-Orders

• iPhone 13 Series Launches in More Countries, Including South Korea and Thailand

• Google to Auto-turn on 2-Factor Authentication For 150 Million Users by Default

• October 2021 Patch Tuesday forecast: Halloween came early this year

• New infosec products of the week: October 8, 2021

• Microsoft says Russia indulged in 58% of state funded cyber attacks last year

• Ransomware Attack on Weir Group

• (ISC)² goes to school: CISSP preparation and training as part of a specialist study

• Building cyber radar systems could alert Indo-Pacific nations and their allies

• New Patch Released for Actively Exploited 0-Day Apache Path Traversal to RCE Attacks

• Patch management complexity increased by remote work is putting organizations at risk

• Air gaps have been ‘shattered’, says new Indian policy on power sector security

• Analytics Insight Announces ‘The 10 Most Influential CISOs to Watch in 2021’

• Entrust Celebrates Milestones and Previews the Road Ahead for Customers, Partners and the Security Industry

• CCSP vs. AWS Cloud Certified: Which One for Cloud Security?

• How to shift into a new approach to cybersecurity asset management

• Smishing on the Rise

• Virtual collaboration technology issues plaguing the hybrid workforce

• JFTC starts another antitrust probe against Apple and Google on smart devices: Report

• Cloud infrastructure spending decreased 2.4% YOY in 2Q21

• Governments are holding back the U.S. and Europe in 5G race, says Huawei exec

• A security architect’s POV on a mature data-centric security program, Part 3

• VMware announces security innovations to deliver zero trust architecture across cloud and app environments

• Fletch releases two security offerings to help organizations stay ahead of cybercriminals

• Tessian Architect offers protection against data loss through email

• Prevailion Omega exposes previously undetected malware blind spots in the cloud

• Healthcare IT market to reach $121.75 billion by 2025

• Box Shield helps customers reduce the risk of ransomware by scanning files in near real-time

• HITRUST adds two offerings to aid in understanding control effectiveness and cyber preparedness

• PingOne Fraud detects and alerts enterprises to fraud before it happens

• FontOnLake: Previously unknown malware family targeting Linux

• TuxCare DatabaseCare provides live patching service for open-source enterprise-grade databases

• VMware unveils multi-cloud advancements to accelerate modernization of enterprise apps

• Baltimore retools property management system

• What Biden’s Top China Theorist Gets Wrong

• Parasoft SOAtest empowers teams to overcome software quality challenges

• Telecom giant behind routing SMS discloses 5-year-long data breach

• Additional fixes released addressing Apache HTTP Server issue

• Telia Company partners with VMware to accelerate its transition to a cloud-native infrastructure

• Cohesity Helios integrates with Cisco SecureX to strengthen data security postures

• IBM partners with MonetaGo to bring secure financing to ASEAN region

• How AI can fight human trafficking

• Coalition acquires Attune to expand its commercial insurance offerings

• Keysight collaborates with NXP Semiconductors to advance the development of 5G FWA solutions

• iXsystems partners with Futurex to give TrueNAS users more cryptographic control of their data

• Thales and Google Cloud deliver cloud offering for French companies and public sector institutions

Generated on 2021-10-09 23:55:25.365039