IT Security News Daily Summary 2021-12-07

• Zero trust network access should be on every CISO’s SASE roadmap

• Quantum computing is reality, not fiction. Here’s how agencies can prepare

• BadgerDAO users’ cryptocurrency stolen in cyber attack

• Facebook Sued For $150 Billion Over Hate Speech

• Virtual-Network Vulnerability Found in AWS, Other Clouds

• Rubrik’s New Managed Service Protects Data from Ransomware Attacks

• AAPL Shares Hit Another All-Time High as Morgan Stanley Raises Apple Price Target to $200

• Nikkei Does Deep Dive Into Apple’s ‘Nightmare Before Christmas’ Supply Chain Issues

• Amazon Web Service outage is impacting major websites

• HPC helps scientists extract data from satellite and drone imagery

• Google announces lawsuit and action against blockchain botnet Glupteba

• SentinelOne brings in $56 million for Q3, reports more than 6,000 customers

• Federal court blocks contractor vaccination mandate

• DigiCert Advances Passwordless Authentication with Support for Windows Hello for Business

• Cerberus Sentinel Announces Acquisition of Arkavia Networks

• First Circuit Affirms School’s Punishment of Students for Online Social Media Posts

• 5 Common Hybrid IT Security Challenges and How to Overcome Them

• Omicron Scam Targets Universities

• Windows 10 Drive-By RCE Triggered by Default URI Handler

• Vulnerabilities Found in GOautodial

• Understanding the Cyber Risk Exposures Within the Health Care Industry

• Israeli govt pledges greater oversight of cyber-exports after NSO tools hacked US officials

• When Scammers Get Scammed, They Take It to Cybercrime Court

• Google takes action against blockchain-based Glupteba botnet

• Amazon Prime, Ring Services In US Impacted By AWS Outage

• Save Incident Response Time with Intezer Analyze

• Data science proved what Pittsburgh’s Black leaders Knew: Racial disparities compound covid risk

• LogDNA Snags $50 Million for Data Observability Tech

• 5 Ways GRC & Security Can Partner to Reduce Insider Risk

• Universal Control Not Coming in macOS Monterey 12.1 and iPadOS 15.2

• macOS Monterey 12.1 Fixes Major Tap to Click, YouTube HDR, and Charging Bugs

• biometric payment

• AWS goes down and with it goes a host of websites and services

• Israeli govt pledges greater oversight of cyber exports after NSO tools used to spy on US officials

• How employee burnout may be putting your organization at risk

• Cambridge Quantum delivers first quantum encryption keys

• 8 tips to protect company data sent via home internet connections

• 5 Ways to Ensure Your Child’s Online Safety

• Razer Launches MagSafe-Compatible Cooling Fan for iPhones

• Apple Seeds Release Candidate Version of watchOS 8.3 to Developers

• Apple Seeds Release Candidate Versions of iOS 15.2 and iPadOS 15.2 to Developers

• Apple Seeds Release Candidate Version of macOS Monterey 12.1 to Developers

• Apple Music Voice Plan Coming in iOS 15.2

• Why the FCC Expelled a Chinese Telecom for National Security Risks

• Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators

• Firefox update brings a whole new sort of security sandbox

• New Secured-core servers are now available from the Microsoft ecosystem to help secure your infrastructure

• Microsoft disrupts activity of Chinese hackers by seizing 42 websites

• Bosses are reluctant to spend money on cybersecurity. Then they get hacked

• Rust takes a major step forward as Linux’s second official language

• Hackers Target Random Business Printers To Spread Anti-Work Messages

• Meta Sued For $150 Billion By Rohingya Refugees

• SIEM Should Focus On Active Threat Detection Over Operational Tasks

• What Are Best Identity & Access Mgmt Tools Currently Available?

• “Hello Quantum World:” New cybersecurity service uses entanglement to generate cryptographic keys

• How and why people use password managers

• Deals: Take $49 Off Apple’s iPad Pro Magic Keyboards on Amazon, Starting at $249.99 for 11-Inch Model

• Recorded Twitter Spaces Now Available for All iOS, Android, and Web Users

• Zero Trust core to contemporary cybersecurity strategy, One Identity research finds

• Cryptominers aren’t just a headache – they’re a big neon sign that Bad Things are on your network

• Israel to keep a vigil on cyber software exports

• Intel To List Self-driving Car unit Mobileye

• Melissa virus

• Grip Security Raises $25 Million to Secure SaaS Applications

• Three Hundred Spar Convenience Stores in UK Affected by Cyber Incident

• Expert Comments: Spar Stores Hit By Major Cyberattack

• New reforms will enhance the security and resilience of Australia’s critical infrastructure

• Bitcoin Miner [oom_reaper] targets QNAP NAS devices

• 20 years of Red Hat Product Security: The rise of branded exploits (Part 2)

• Apple CEO Tim Cook ‘Secretly’ Signed $275 Billion Deal With China in 2016

• Encryption Does Not Equal Invisibility – Detecting Anomalous TLS Certificates with the Half-Space-Trees Algorithm

• Defending Against the Use of Deepfakes for Cyber Exploitation

• Protecting Veterans from Targeted Online Scams

• Losses From BitMart Breach Reach $200 Million

• Founder Of Massive Robo Text Service Accused Of Running Secret Spying Operation

• Court Allows Microsoft To Dismantle Infrastructure Of APT15

• Apache Kafka Cloud Clusters Expose Sensitive Data For Companies

• Data Security Comment: Colorado Energy Company Loses 25 Years Of Data

• Planned Parenthood LA breached, Experts Weigh In

• Expert Comment: Ceeloader Malware

• A chink in the armor of China-based hacking group Nickel

• Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022

• Virgin Media O2 Completes Gigabit Network Upgrade

• GitGuardian raises $44M to offer ‘comprehensive’ code security

• Identity verification startup Incode raises $220M

• Grip Security gets $19M to automatically lock down SaaS apps

• Torq lands $50M to bring no-code automation to security

• Eve Updates HomeKit-Enabled ‘Eve Room’ Air Quality Monitor With Thread Support

• Deals: AirPods 2 Return to Black Friday Price of $99.99 With Christmas Delivery

• Trump’s Judicial Campaign to Upend the 2020 Election: A Failure, But Not a Wipe-Out

• A Critical Zoho ManageEngine Desktop Central and Desktop Central MSP Vulnerability Is Exploited by an APT Actor

• Pay a Hacker, Save a Life

• Foreign Office IT chaos: Shocking testimony reveals poor tech support hindered Afghan evac attempts

• Extend Threat Visibility With Humio’s Integration With CrowdStrike’s Indicators of Compromise (IOCs)

• Critical Hit: How DoppelPaymer Hunts and Kills Windows Processes

• How to check for Windows updates and install them

• Hackers pretending to be Iranian govt steal credit card infomation and create botnet

• Aruba rolls out “Microbranch” networking to level up home offices

• Too many bosses are reluctant to spend money on cybersecurity. Then they get hacked

• GitGuardian Raises $44 Million to Create Code Security Platform

• Money, Reputations at Stake in Dark Web Courtrooms

• Misconfigured Kafdrop Instances Lead to Sensitive Data Exposure for Many Companies

• Duo Passwordless Public Preview is Here

• SolarWinds Attackers Spotted Using New Tactics, Malware

• Microsoft Seizes Domains Used by China-Linked APT ‘Nickel’

• Presenting the Security Outcomes Study, Volume 2

• Bringing Cybersecurity to the Board (and Vice Versa)

• Webcast: Why your email encryption solution is doomed

• 300 Spar Stores Impacted After Cyberattack On Supplier

• Craig Wright Wins US Case Over Bitcoin Inventor Claim

• 9-1-1 There’s Been A Data Breach

• You can learn coding, 3D animation, cybersecurity and more with this e-learning bundle

• Firefox 95 Rolls Out With New ‘RLBox’ Isolation Feature

• Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides

• Someone Is Running Lots of Tor Relays

• Take a Unique Peek into How AirPods Have Evolved With Every Generation

• Google Rolls Out Voice and Video Call Features to Gmail App

• The story of the year: ransomware in the headlines

• Fraudsters abuse Twitter APIs to monitor public tweets and pish cryptocurrency scams

• Dozens of malicious APT15 sites seized by Microsoft

• Ramping Up Malware Hunting with Heimdal™

• EC Gathers Feedback On Microsoft’s Nuance Buy, Despite US Approval

• Security Matters: Vulnerability Scanning Done Right!

• Integrate security into CI/CD with the Trivy scanner

• Just 3% of UK Firms Escaped a Supply Chain Breach in 2021

• SolarWinds Hackers Targeting Government and Business Entities Worldwide

• Conti ransomware hits Nordic Choice Hotels

• Attackers exploit another zero-day in ManageEngine software (CVE-2021-44515)

• New Ceeloader Malware Used By Russian-backed Advanced Persistent Threat (APT) Organization Nobelium

• FCW Insider: December 7, 2021

• Ransomware Victims Pay $700K in Extra Extortion Fees

• Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

• Apple Reportedly Increasing iPhone Shipments by 30% in First Half of 2022

• WhatsApp Makes Disappearing Messages a Default Option With Multiple Durations

• Kafka Cloud Clusters Expose Sensitive Data

• Cuba Ransomware Obtained $44 Million in Ransom Payments

• 2021 Year In Review | Avast

• Google Patches Serious Use-After-Free Vulnerabilities in Chrome

• UK’s Poor Cyber Risk Planning Could “Wreak Havoc”

• Beware of new Malicious Chrome Extension that Delivers Password Stealer Malware

• Trust Erodes Amid Ransomware Growth: 2021 CrowdStrike Global Security Attitude Survey

• Report: Enterprises lose millions of dollars to ad fraud each year

• Rubrik looks to protect sensitive cloud-based data from ransomware attacks

• A Password Manager Isn’t Just for Christmas, It’s for Life (So Here’s 50% Off!)

• Looking for adding new detection technologies in your security products?

• CrowdStrike survey says Microsoft customers ‘losing trust’; Microsoft calls report ‘self-serving’

• Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers

• Nobelium continues to target organizations worldwide with custom malware

• The threats of modern application architecture are closer than they appear

• Secure transactions top retailers’ wish lists this holiday season

• Adapting higher education to address the cybersecurity skills shortage

• Microsoft wins court approval to take over sites run by Chinese crime gang

• How to protect air-gapped networks from malicious frameworks

• Microsoft shuts down 42 cyber spying Chinese websites

• Ransomware attack on Spar Supermarket Chain England

• LINE Pay leaks around 133,000 users’ data to GitHub, of all places

• Latest Firefox 95 Includes RLBox Sandboxing to Protect Browser from Malicious Code

• Attivo Networks Joins SentinelOne’s Singularity XDR Marketplace

• CIS Benchmarks communities: Where configurations meet consensus

• How your business can benefit from Cybersecurity automation

• Removing the Fantasy of Cybersecurity Metrics with Tripwire Connect

• Tripwire Industrial Edge – The New Method of Visibility for Industrial Networks

• LINE Pay leaks around 133,000 users’ data to Github, of all places

• 5G services revenue to reach $600 billion by 2026

• SES GS Hydra provides end-to-end situational awareness for government and military users

• SentinelOne Singularity Mobile combats mobile malware and phishing attacks

• Cloud.gov explores authentication service

• Cloudflare expands firewall capabilities to help companies secure their entire corporate network

• BitMart says it will compensate victims of $196 million hack and restore trading by Tuesday

• Hackers pretending to be Iranian govt use SMS messages to steal credit card info, create botnet

• Wipro partners with Celonis to help enterprises optimize their supply chain management

• Apple Still Hasn’t Fixed Siri Issue That Nixed Call, Email, and Voicemail Features Used by Low Vision and Blind Users

• Kasada raises $23M to accelerate global momentum combating online fraud

• LogDNA raises $50M to bring observability pipeline solution to market

• Terralogic brings Stellar Cyber Open XDR platform to its customers across India

• Before You Download: Steer Clear of Malicious Android Apps

• What are buffer overflow attacks and how are they thwarted?

• Prison for Newstar Websites Money Launderer

• Lisbeth McNabb joins Acronis Board of Directors

• Accounting for software in weapons systems

• Best gifts for hackers: Cybersecurity presents, secured

• Microsoft seizes domains used to attack 29 governments across Latin America, Caribbean, Europe

• MITRE Engenuity & Cybrary Surpass 25,000 Users in MITRE ATT&CK Defender Certification Program

• Broadridge appoints Dipti Kachru as Global CMO

• Ex-Googler Timnit Gebru Starts Her Own AI Research Center

• BitMart the latest crypto exchange to suffer cyber attack

• IT Security News Daily Summary 2021-12-06

• Losses from BitMart breach reach $200 million

• Crypto-Exchange BitMart to Pay Users for $200M Theft

• Microsoft Seizes Malicious Websites Used by Prolific Chinese APT Group

• Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop Central MSP

• Nobelium APT targets French orgs, French ANSSI agency warns

• Some SD Cards Not Working Properly With 2021 14 and 16-Inch MacBook Pros

• DOD, UMD to launch IC research center

• Are You Guilty of These 8 Network-Security Bad Practices?

• Fearing Misuse, Israel Tightens Supervision of Cyber Exports

• Cyber-attack Closes UK Convenience Stores

• Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop Central MSP

• White House embeds cyber EO in FISMA reporting

• BitMart Confirms $150M Crypto Theft

• Department of Justice Exploring Apple’s Treatment of ‘Roblox’ Game in Antitrust Investigation

• Tile Buyer Life360 Selling Precise Location Data on Millions of Users

• NICKEL targeting government organizations across Latin America and Europe

• Fake KPSPico Windows activator tool KPSPico steals crypto wallet data

• How to Create a Data Loss Prevention Policy

• On the offense: Deterring threats with cyber strategy

• Cyber Command Publicly Joins Fight Against Ransomware Groups

• Video: CISO Fireside Chat With Steve Katz, World’s First Known CISO

• Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets

• US Military Has Acted Against Ransomware Groups: Report

• How identity and access management enabled county’s remote work

• Facebook Wants Users To Send It Nude Photos To Prevent Incidents Of “Revenge Porn”

• SEARCH for Hidden Cyber Threats: 6 Steps to Unleash a Hyper-effective Threat Hunting Team

• Hands-On With iOS 15’s SharePlay Feature

• Check Point named a Major Player in Modern Endpoint Software Security for Small and Midsize Businesses in the latest IDC MarketScape Report

• Security experts question new DHS/TSA cybersecurity rules for rail companies

• How to get started with attack surface reduction

• Passwordless authentication issues to address before adoption

• 330 SPAR stores close or switch to cash-only payments after a cyberattack

• Why Macs are the best, according to Mac expert Thomas Reed: Lock and Code S02E23

• CISA Releases Security Advisory on WebHMI Vulnerabilities

• Best robot toys for kids: LEGO, Raspberry Pi, and other awesome STEM gift ideas

• Anti-Fraud Bot Protection Firm Kasada Bags $23 Million Investment

• CISA Releases Security Advisory on WebHMI Vulnerabilities

• December 2021: Cyber Deception Month

• Spar shops across northern UK shut after cyber attack hits payment processing abilities

• Cuba Ransomware Gang Hauls in $44M in Payouts

• How to write YARA rules for improving your security and malware detection

• Bot protection firm Kasada lands $23M to abolish the CAPTCHA

• Apache Kafka Cloud Clusters Expose Sensitive Data for Large Companies

• Pegasus Spyware Infects U.S. State Department iPhones

• How Crowd-Forecasting Might Decrease the Cybersecurity Knowledge Deficit

• Federal Intervention, Conflict and Drought in the American West

• iPhones of 9 State Dept officials hijacked by NSO Pegasus spyware

• 7 Holiday Cybersecurity Tips to Try Before The Year Ends

• Brace yourself for these five top data breach trends in 2022, Experian warns

• Hackers are using this new malware which hides between blocks of junk code

• A cyber attack has forced supermarket Spar to close some stores

• Zoho Confirms New Zero-Day, Ships Exploit Detector

• Cryptocurrency startup fails to subtract before adding, loses $31m

• Vulnerability Summary for the Week of November 29, 2021

• Thieves Using AirTags to “Follow” Cars

• Magecart Groups Abuse Google Tag Manager

• HYPER’s ‘DUO PRO’ 7-in-2 USB-C Hub Debuts for New MacBook Pro Models

• Wrap Up Your Holiday Shopping With Our Exclusive Apple Accessory Sales at Nomad, Satechi, Twelve South, More

• Miscreants make off with $150m of digital assets in BitMart security breach

• Multilingual Cybersecurity Awareness Training adapted for your needs

• Insider Threats Can Turn Your Cloud Security Into a Storm

• 5 holiday Cybersecurity tips retailers need this year

• These cyber laws violation can land you in jail

• How to lock a Zoom meeting to keep out unwanted guests

• FBI Warns of Cuba Ransomware Attacks on Critical Infrastructure

• Vulnerability Summary for the Week of November 29, 2021

• DMEA Colorado electric utility hit by a disruptive cyberattack

• American Diplomat’s iPhones Compromised By NSO Group

• FBI: Cuban Ransomware Hits 49 Critical Infrastructure Organizations

• SolarWinds Hackers Keep Compromising Targets

• BitMart Crypto Exchange Loses $150 Million To Hackers

• Researchers Reveal More Details About SideCopy, the Pakistani Threat Actor Group

• Excel XLL Add-ins Are Pushing a Password-stealing Malware

• Pegasus Spyware Used to Hijack Phones of US State Department Officials

• How File Hashes Fail As A Malware Detection Heuristic

• “Get Your Free Omicron PCR test” is the latest Omicron phishing scam

• NSO Group spyware found on iPhones of US State Department employees

• Web Browsers Vulnerable to 14 New Types of XS-Leak Attacks

• Why the C-Suite Doesn’t Need Access to All Corporate Data

• Deals: AirPods Pro With MagSafe Available for $169.99 and Christmas Delivery on Amazon ($79 Off)

• Apple Partners With Boys & Girls Clubs to Provide Tens of Thousands of Kids With Opportunity to Learn How to Code

• Kafdrop flaw allows data from Kafka clusters to be exposed Internet-wide

• Public Wi-Fi Security: Is It Safe to Use for Business?

• LogDNA raises $50M to bring ‘full power’ of observability data to security

• How the President Can Shape the Role and Oversight of the National Cyber Director

• Colorado Energy Company DMEA Loses 25 Years Of Data After Cyberattack

• How to Build an Integrated Security Posture Using XDR

• Apple Attempts to Stop Developers Promoting Alternative Payment Options for In-App Purchases in Russia

• Omicron phishing emails found targeting the UK

• What Ransomware Trends Mean for Your Vendor Risk Program

• Microsoft’s Loop Project Management Software

• Cuba ransomware gang scores almost $44m in ransom payments across 49 orgs, say Feds

• Malicious KMSPico Windows Activator Stealing Users’ Cryptocurrency Wallets

• New Malvertising Campaign Spreads Backdoors, Malicious Chrome Extensions

• Governemnt Data Breach Of New Years Honours Recipients

• Why Data Protection Is More Than Just A Tick Box For Charities

• Twitter Verified Accounts Targeted as Part of a Large Phishing Attempt

• Hackers Steal $150 Million Worth of Cryptocurrency From BitMart

• Vulnerability Scanning Frequency Best Practices

• Enter the Heimdal™ Social Media Giveaway for a Chance to Win Holiday Goodies

• Poll Data: What CEOs Need to Know About Cybersecurity Going into 2022

• Cyberattack Causes Significant Disruption at Colorado Electric Utility

• Threat actors stole more than $150 million worth of cryptocurrency tokens from BitMart platform

• FBI warns that Cuba ransomware group has compromised 49 entities in five critical infrastructure sectors

• Malicious Online Ad Campaign Steals User Logins

• Cuba Ransomware Nets Nearly $50m

• United States military hacking unit acknowldges offensive action to disrupt malware

• 14 New Cross-Site Leaks Attacks Discovered

• BitMart hacked in “large-scale security breach”

• Romance Fraudster Targeted 670 Women Online

• Nine State Department Phones Hijacked by Spyware

• A week in security (Nov 29 – Dec 5)

• Starlink Plans Services In India As SpaceX Breaks Launch Record

• NSO Spyware ‘Used To Hack US Diplomats’

• Hackers Steal $200 Million Worth of Cryptocurrency Tokens from BitMart Exchange

• Meta Expands Facebook Protect Program to Protect People Targeted by Malicious Hackers

• Hackers Steal $200 Million Worth of Cryptocurrency Tokens from Bitmart Exchange

• Uber To Pay $9m Settlement Over Safety Reporting Failure

• Musk Tesla Share Sale Surpasses $10bn

• 10th Anniversary Avast Mobile Security | Avast

• 14 New XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers

• Hackers are sending receipts with anti-work messages to businesses’ printers

• Trying to register your antivirus in Windows Security Center?

• Didi Global To Delist From New York Stock Exchange

• Ahuja tees up 2022 plans for OPM

• Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers

• Making robotics security a top priority

• 2022 and the threat landscape: The top 5 future cybersecurity challenges

• Fraudulent e-commerce transactions spiked between Thanksgiving and Cyber Monday

• Cybercrime supply chain: Fueling the rise in ransomware

• ASIC says financial market cyber resiliency remained steady but fell short of target

• How proactive are companies when managing data?

• CISSPs from Around the Globe: An Interview with Chinyelu Philomena Karibi-Whyte

• US orders for cybersecurity breach reports from railroads and airlines

• Google AI research resisting lady sets up new AI Institute

• Increased connectivity: What’s in store for 2022?

• The New “Attack Surface” – Securing the Business Beyond Conventional Boundaries

• Quantum computing market to reach $8.6 billion in 2027

• Didi to leave Wall St listing for Hong Kong Stock Exchange

• Waterfall Security Solutions and NanoLock Security to deliver OT security

• No surprise: NSW iVote fails during local council elections

• AWS Cloud WAN automates network management and security tasks in one location

• Privitar NOVLT protects sensitive data using a format preserving encryption algorithm

• Australia commences work on electronic surveillance law reforms

Generated on 2021-12-07 23:55:27.517003