IT Security News Daily Summary 2022-05-04

• 2022-05-03 – Contact Forms campaign –> Bumblebee –> Cobalt Strike

• Senator calls on Biden to fill OSTP leadership role

• Space Force to bring data scientists, coders on board this summer

• City, state cybersecurity programs follow Washington’s lead

• IRS leader explains why the IRS went to ID.me

• FirstNet boosts in-building coverage

• Need help finding broadband grants? Tool helps sift through opportunities

• EU Hands Police Agency New Powers Over Personal Data

• Microsoft Releases Defender for SMBs

• China-Backed Winnti APT Siphons Reams of US Trade Secrets in Sprawling Cyber-Espionage Attack

• Q&A: How China Is Exporting Tech-Based Authoritarianism Across the World

• Appwrite launches fund to help sustain open-source software development

• FBI says Business Email Compromise attacks have cost over $43 billion since 2016

• Kubernetes 1.24 Stargazer: An exceptional release with two major changes

• Google Sees More APTs Using Ukraine War-Related Themes

• Kaspersky Warns of Fileless Malware Hidden in Windows Event Logs

• Groundbreaking Cybersecurity Book Published

• F5 Releases Security Advisories Addressing Multiple Vulnerabilities

• Cisco StarOS Forensic Guide Published

• Google SMTP Relay Service Exploited for Sending Phishing Emails

• Cisco Predictive Networks To Recognise Future Network Outages, Issues

• What Are the Best Ways to Protect Your CAD/CAM Data?

• How the TMF helps agencies pave the way toward zero trust

• Wastewater monitoring took off during the COVID-19 pandemic – and here’s how it could help head off future outbreaks

• Hubble Technology Banks $9 Million for Asset Visibility Platform

• Mozilla Releases Security Updates for Firefox and Firefox ESR

• F5 Releases Security Advisories Addressing Multiple Vulnerabilities

• F5 Informs BIG-IP Customers About 18 Serious Vulnerabilities

• Court Rules That Facebook Can Turn Over Private Info To Law Enforcement

• Mozilla Releases Security Updates for Firefox and Firefox ESR

• Tax Sanctions and Foreign Policy

• Russia-linked APT29 Targets Diplomatic World Wide

• China-linked APT Caught Pilfering Treasure Trove of IP

• Coveware: Double-extortion ransomware attacks fell in Q1

• New Ransomware Variant Linked to North Korean Cyber Army

• This World Password Day, Here’s How a Password Manager Can Simplify Your Life

• China-Linked Winnti APT Group Silently Stole Trade Secrets for Years: Report

• SIM Fraud Solution Sparks Privacy Fears

• Security Stuff Happens: What Will the Public Hear When You Say You’ve Been Breached?

• Anonymous Hacks Russian Energy Companies, Leaking 1Million+ Emails

• Mental Health Apps Fail Privacy Guidelines Spectacularly, Says Mozilla

• Bridging the Needs of Security and Development Teams, Veracode Unveils Next-Generation Software Security Platform

• Microsoft releases open-source tool for securing MikroTik routers

• What are the Most Common Types of SSL Errors and How to Fix Them?

• Android monthly updates are out – critical bugs found in critical places!

• CISA Adds Five Known Exploited Vulnerabilities to Catalog

• How a senior product manager is leading the passwordless movement at Microsoft

• Unfixed vulnerability in popular library puts IoT products at risk

• Cyber Attack on Nile Dam foiled by Ethiopian Authorities

• Yubico Releases MFA Guide in Recognition of World Password(less) Day

• Araali Networks Selected as Finalist for RSA Conference 2022 Innovation Sandbox Contest

• German Minister Urges Tougher EU Antitrust Action

• HHS Information Security Program ‘Not Effective’

• Can New York court and regulate the crypto industry at the same time?

• CISA Adds Five Known Exploited Vulnerabilities to Catalog

• 8 security tips for small businesses

• Tailscale raises $100M for its zero-trust VPN

• GitHub launches new 2FA mandates for code developers, contributors

• Communication around Heroku security incident dubbed ‘train wreck’

• AI for Cybersecurity Shimmers With Promise, But Challenges Abound

• Vulnerabilities Allow Hijacking Of Most Ransomware To Prevent File Encryption

• Bangladesh Cyber Incident Response Team has Issued a Warning About Malware Attacks Around Eid

• Kubernetes taps Sigstore to thwart open-source software supply chain attacks

• UK to Place Security Requirements on App Developers and Store Operators

• Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

• The House Should Fine Bannon, Meadows, Navarro and Scavino Now If It Wants Their Testimony

• BT Opts For AWS As Cloud Provider To Assist In IT Transformation

• Instagram Hack Results in $1 Million Loss in NFTs

• Magniber Ransomware Tricking Users via Fake Windows 10 Updates

• Cisco Issues Fresh Warning Over Counterfeit Switches

• Webinar Today: Blast Radius & Simulated Attack Paths

• Uptycs Announces New Cloud Identity and Entitlement Management (CIEM) Capabilities

• AutoRABIT Secures $26M in Series B Investment from Full In Partners to Expand DevSecOps Platform

• What Stars Wars Teaches Us About Threats

• SEC Plans to Hire More Staff in Crypto Enforcement Unit to Fight Frauds

• US To Impose Sanctions On China’s Hikvision – Report

• This unpatched DNS bug could put ‘well-known’ IoT devices at risk

• This sneaky hacking group hid inside networks for 18 months without being detected

• Attackers Use Event Logs to Hide Fileless Malware

• SAC Health System Impacted By Security Incident

• Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies

• White House Boosting Quantum Technology And Cybersecurity

• Unpatched DNS Bug Puts Millions Of Routers, IoT Devices At Risk

• SEC Nearly Doubles Crypto Currency Cop Roles In Special Cyber Unit

• Cybersecurity firm Cybereason uncovers Chinese espionage campaign

• Anonymous Leak 82GB of Police Emails Against Australia’s Offshore Detention

• One Small Error by DevOps, One Giant Opening for Attackers

• Mosyle raises $196M for its mobile device management platform for Apple devices

• GitHub to enforce 2FA for all code contributors by the end of 2023

• Tailscale raises $100 million for its zero-trust VPN

• Appwrite launches fund to help sustain open source software development

• Experts linked multiple ransomware strains North Korea-backed APT38 group

• This Sneaky Hacking Group Hid Inside Networks For 18 Months Without Being Detected

• The 2022+ Fit-for-Purpose OSINT Toolkit In The Age Of Digital Risk Growth

• Watch Out! Verified Twitter Accounts Are Targeted in Phishing Attacks

• Fake Cyberpunk Ape Executives target artists with malware-laden job offer

• Board, (Dash)board and Bored

• Critical RCE Bug Reported in dotCMS Content Management Software

• Application Security Firm ShiftLeft Raises $29 Million

• Aryaka, Carnegie Mellon’s CyLab to Research New Threat Mitigation Techniques

• A Step-By-Step Guide on How To Remove Ransomware?

• Chinese Hackers Abuse Cybersecurity Products for Malware Execution

• India’s New Super App Has a Privacy Problem

• New Sophisticated Malware

• Transport for NSW Suffered a Cyber Incident

• Cybersecurity for banks – Securing advanced e-Banking services

• Mosyle raises $200 million for its mobile device management platform for Apple devices

• Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption

• NCSC updates build environment best practices

• A checklist to help healthcare organizations respond to a serious cyberattack

• The EU’s Copyright Directive Is Still About Filters, But EU’s Top Court Limits Its Use

• Chinese ride-hailing giant Didi says U.S. regulator is investigating its $4 billion IPO

• Apple Store Union Vote To Take Place Next Month

• Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk

• A new secret stash for “fileless” malware

• SEC bolsters cyber and crypto assets team

• Musk Touts ‘Slight Cost’ For Business Use Of Twitter

• Healthcare and Education Sectors Most Susceptible to Cyber Incidents

• An expert shows how to stop popular ransomware samples via DLL hijacking

• NCSC Updates Code of Practice for Smart Building Security

• State-Backed Chinese Hackers Target Russia

• A Tripwire Milestone: ASPL – 1000 is here

• SEC Doubles Cyber and Crypto Assets Team

• Ukraine War Themed Files Become the Lure of Choice for a Wide Range of Hackers

• Is It Easy to Install a Hard Drive on Your Computer – 2022 Guide

• Chinese Hacker Group Targeting Telecommunication Service Providers

• DHS manipulated report on Russian election interference during the Trump administration, watchdog says

• Lnkbomb- Exploit Insecure File Shares

• Allowing too many exceptions leaves you wide open to infection

• Transport for NSW struck by cyber attack

• How I almost fell for an online rental scam

• Heroku to begin user password reset almost a month after GitHub OAuth token theft

• Putin threatens supply chains with counter-sanction order

• Wiper malware threat to the healthcare sector in US and Ukraine

• Norton to pay Columbia University a penalty for Malware patent infringement

• Stealthy APT group plunders very specific corporate email accounts

• AV-Comparatives: Microsoft Defender has a large impact on system performance

• Self-promotion in cybersecurity: Why you should do it, and how

• Google TAG sees China PLA group go after multiple Russian defence contractors

• Chinese hackers perform ‘rarely seen’ Windows mechanism abuse in three-year campaign

• Winnti threat group rides again with IP theft campaign

• The 6 steps to a successful cyber defense

• BigBear.ai to Highlight Artificial Intelligence and Machine Learning Capabilities at Upcoming Industry Events

• Endpoint security and remote work

• Good end user passwords begin with a well-enforced password policy

• How to enhance your cyber defense program with CIS SecureSuite

• Dell expands its offerings to help customers improve cyber resiliency

• Enpass Business allows organizations to choose where they store their data

• N-able Cove Data Protection provides cloud-first backup and disaster recovery for businesses

• OccamSec Incenter helps security teams uncover complex vulnerabilities

• SEC nearly doubles size of crypto and cyber enforcement unit

• Putting It All Together

• Instagram Credentials Stealer: Disguised as Mod App

• Cyber-spies target Microsoft Exchange to steal M&A info

• What Should I Know About Defending IoT Attack Surfaces?

• WEBGAP partners with Intel to accelerate the adoption of remote browser isolation cybersecurity

• StorONE and Seagate join forces to solve important storage-related challenges

• Parfin selects Anjuna Security to protect MPC custody assets against risk and misuse

• Aryaka partners with Carnegie Mellon University CyLab to develop new threat mitigation techniques

• Instagram Credentials Stealers: Free Followers or Free Likes

• World Password Day and the importance of password integrity

• China-linked APT Curious Gorge targeted Russian govt agencies

• Network Perception raises $13 million to address the OT network cybersecurity needs of critical industries

• Sabanci acquires Radiflow to boost its cybersecurity offerings across various industrial sectors

• Sandbox AQ and Deloitte help organizations protect operations during the quantum transformation

• Deepwatch hires John Lionato as EVP of Security Operation

• Doug McNitt joins Calix as EVP and General Counsel

• ShiftLeft raises $29 million to expand coverage of cloud native application architectures and languages

• Transcend appoints Mike Orlick as VP of Sales

• Jason Fickett joins Booz Allen Hamilton to help lead its national cyber strategy

• Sustainability and the cloud

• How automation can enhance and empower the federal workforce

• Cyber-war gaming: A cybersecurity tabletop exercise

• New DNS Spoofing Threat Puts Millions of Devices at Risk

• API Security Company Traceable AI Lands $60 Million Series B

• Syxsense Enterprise Unifies Endpoint Security and IT Management for Real-Time Vulnerability Monitoring and Remediation

• IT Security News Daily Summary 2022-05-03

• NIST is building a 5G network to model cybersecurity for operators

• Cloud authorization ecosystem to expand, StateRAMP predicts

• Trend Micro discovers AvosLocker can disable antivirus software

• SolarWinds Attackers Gear Up for Typosquatting Attacks

• Ridiculous Ransomware Kill Switch

• RCE vulnerabilities found in Avaya, Aruba network switches

• Facebook Moderators Beg Company To Let Them Do More About Posts Praising Atrocities In Ukraine

• Unpatched DNS-Poisoning Bug Affects Millions of Devices, Stumps Researchers

• Open-source intelligence: The new frontier of digital investigations

• REvil Revival: Are Ransomware Gangs Ever Really Gone?

• Blockchain interoperability is essential to avoid the flaws of Web2

• Identity management beyond the CAC card

• Cyberespionage Group Targeting M&A, Corporate Transactions Personnel

• April ransomware attacks slam US universities

• New Magniber Ransomware Lures Victims Via Fake Windows 10 Updates

• Syxsense Launches Unified Endpoint Security and Management Platform

• SEC nearly doubles cryptocurrency cop roles in special cyber unit

• Former eBay Exec Pleads Guilty to Cyber Stalking

• Is Leaking a SCOTUS Opinion a Crime? The Law Is Far From Clear

• Google’s Safety Section Will Show What Android Apps Do With the User Data

• Beware of New Phishing Campaign Targeting Facebook Users

• German Finance Watchdog Sees ‘Very Big’ Risk of Cyberattacks

• Cyberespionage group exploiting network and IoT blind spots

• Firefox hits 100*, fixes bugs… but no new zero-days this month

• Third-Party App Access Is the New Executable File

• OFAC, the DPRK and the Tornado of Cash

• Customize your secure VM session experience with native client support on Azure Bastion

• ExtraReplica: Microsoft Patches Cross-Tenant Bug in Azure PostgreSQL

• Security Researchers Find Nearly 400,000 Exposed Databases

• Using Pupil Reflection in Smartphone Camera Selfies

• Automating your Microsoft security suite with D3 XGEN SOAR

• Sevco Security Selected as Top 10 Finalist for RSA Conference 2022 Innovation Sandbox Contest

• How and why you should secure APIs

• DevOps release process

• How to Choose Tech Stack for Mobile App Development

• Zero trust is more than just vendors and products – it requires process

• For Smaller Enterprises Infrastructure Security Starts With Hygiene

• Ransomware Attack Closes Michigan College

• NortonLifeLock Willfully Infringed Malware Patents

• How to Create a Cybersecurity Mentorship Program

• Digital Rights Updates with EFFector 34.3

• Intelligent application protection from edge to cloud with Azure Web Application Firewall

• State-backed hacking group from China is targeting the Russian military

• Storytelling and slide decks

• Trying to Catch the Big Phish

• Driverless vehicles are finally hitting city streets

• Hackers used the Log4j flaw to gain access before moving across a company’s network, say security researchers

• Radware Launches SkyHawk Security, a Spinoff of Its Cloud Native Protector Business

• A DNS flaw impacts a library used by millions of IoT devices

• How to Send Ctrl-Alt-Delete in a Remote Desktop Session?

• Cryptocurrency Usage – What Are the Numerous Uses?

• Elon Musk Said Twitter DMs Should Have End to End Encryption

• The Rise of Cybercrime – An Overview

• Cyberattack Causes Disruptions at Car Rental Giant Sixt

• OccamSec Unveils New Cybersecurity Platform

• Teleport Raises $110 Million Series C at $1.1 Billion Valuation Led by Bessemer Venture Partners

• Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches

• Detecting Targeted Attacks on Public Cloud Services with Cisco Secure Cloud Analytics

• Botnet That Hid For 18 Months Boasted Some Of The Coolest Tradecraft Ever

• Spanish Prime Minister’s Phone Targeted With Pegasus Spyware

• Aruba, Avaya Network Switches Vulnerable To SSL Flaws

• Crypto Hackers Have Stolen More Than $370 Million In April Alone

• Phishers exploit Google’s SMTP Relay service to deliver spoofed emails

• All Organisations Must Report Cybersecurity Beaches Within 6 Hours: CERT-In

• SEC Proposes New Cybersecurity Rules for Financial Services

• Microsoft’s standalone Defender for Business hits GA

• DoD Announces Results of Vulnerability Disclosure Program for Defense Contractors

• Identity-Based Infrastructure Access Firm Teleport Raises $110 Million

• Traceable AI Snags $60M for API Security Tech

• Developing Software? Get Accountability Right First

• SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse

• What Does the 2022 NDS Fact Sheet Imply for the Forthcoming Cyber Strategy?

• US Department of Defence Hit By $23m Phishing Attack

• Fortify Your Infosec Architecture & Zero Trust Strategy with Defense-in-Depth & Endpoint Encryption>

• Craft fair vendors targeted by fake event scammers on Facebook

• Here’s how hackers used the Log4j flaw to gain access before moving across a company’s network

• What’s behind the record‑high number of zero days?

• Hands-on Cybersecurity Skills Training on a Budget: Tips to Get the Most Out of Your Money

• Airdrop phishing: what is it, and how is my cryptocurrency at risk?

• US healthcare billing services group hacked, affecting at least half a million individuals

• CCSP Exam – Many Changes on the Way!

• Germany Warns Of Ukraine Crisis Hacking Risk

• Over 50 countries sign the “Declaration for the Future of the Internet”

• ShiftLeft Raises $29 million for AppSec platform that prioritizes vulnerabilities attackers are most likely to exploit

• Kintent is transforming compliance into a revenue-generating tool

• Teleport raises $110M to help engineers access infrastructure remotely

• Mozilla: Lack of Security Protections in Mental-Health Apps Is ‘Creepy’

• Deepfakes Are a Growing Threat to Cybersecurity and Society: Europol

• Many IoT Devices Exposed to Attacks Due to Unpatched Flaw in uClibc Library

• TLS Flaws Leave Avaya, Aruba Switches Open to Complete Takeover

• Experts Analyze Conti and Hive Ransomware Gangs’ Chats With Their Victims

• RSAC Innovation Sandbox Contest finalists announced

• Experts Analyze Conti and Hive Ransomware Gangs Chats With Their Victims

• Microsoft Plan To Launch Built-In VPN With Edge Browser

• Syxsense launches unified endpoint management and security solution

• Enpass launches first offline password management tool for enterprises

• What to expect when negotiating with Conti and Hive ransomware gangs

• VFunction deploys AI to improve code and fix technical debt

• Open-source security: It’s too easy to upload ‘devastating’ malicious packages, warns Google

• Vulnerabilities in Aruba and Avaya Switches Expose Enterprise Networks to Attacks

• California Man Convicted for Stealing Millions From DoD via Phishing Scheme

• SECURITY ALERT: Active Golang-Written Botnet StealthWorker Infects Thousands of Websites via Distributed Brute-Force Attacks.

• Podcast Episode: Teaching AI to Its Targets

• How To Safeguard Your Cryptocurrency Investments?

• TLStorm 2.0 – Airports, hospitals, hotels and enterprises at risk to new vulnerabilities

• SEC Nearly Doubles Staff Of Crypto Enforcement Group

• China-linked Moshen Dragon abuses security software to sideload malware

• TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switches

• Hacking Group Moshen Dragon Targets Asian Telecommunication Companies

• Alibaba Shares Briefly Plunge After Report About ‘Ma’

• Most Reliable Hosting Company Sites in April 2022

• May The Fourth Be with You: Jedi Mind Tricks and Scams

• Russian Cyberspies Target Diplomats With New Malware

• Michigan College Cancels Classes After Ransomware Attack

• Threat Actors Sent Malicious Emails Using Google SMTP Relay Service

• Will Multi-Factor Authentication (MFA) Implementation Protect Countries from Cybercriminals?

• Why Do You Need a Malware Sandbox?

• Critical vulnerabilities found in ‘millions of Aruba and Avaya switches’

• Mental Health and Prayer Apps Fail the Privacy Test

• Cyber-espionage group targets Asian telecomms

• Internet scams are a daily reality for the UK

• Google Fires Senior Researcher In Latest AI Row

• Car Rental Giant Sixt Hit by Cyber-Attack

• Spyware discovered on Spanish PM’s phone

• Google Rolls Out Developer Preview of Android Privacy Sandbox

• UNC3524 APT uses IP cameras to deploy backdoors and target Exchange

• 4 Reasons Why Data Science Is One of the Best Fields of Work

• Union Loses Second Amazon Staten Island Vote

• Silicon UK In Focus Podcast: The Impact of SaaS

• Ponzi Scheme Suspect Deported to China After $36m Bust

• CISA’s 2021 Top-15 routinely exploited Vulnerabilities – Check Point customers remain fully protected

• Privacy pathology: It’s time for the users to gather a little data. Evidence

• How to keep your passwords safe online

• Musk ‘In Talks’ With Potential Partners For Twitter Financing

• Some US travel applicants now have to provide their social media account details

• Here’s how self-help apps violate your privacy, sell your information

• Google starts testing fenced frames to guard its Privacy Sandbox

• More transparency from developers is coming to the Google Play Store

• Phylum strengthens mission to defend the software supply chains

• ISE business value and ROI uncovered in Forrester study

• Package Analysis dynamic analyzes packages in open-source repositories

• Dell targets multi-cloud ecosystem with cyber recovery and data analytics

• Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector

• AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection

• Unpatched DNS Related Vulnerability Affects a Wide Range of IoT Devices

• CMS-based sites under attack: The latest threats and trends

• Pegasus malware installed on Spanish PM Phone

• Microsoft confirms Russian Cyber Attacks on Ukraine coincided with Military Strikes

• New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions

• How to implement a best-in-class SASE architecture

• Corporate structure and roles in InfoSec

• GitHub Says Recent Attack Involving Stolen OAuth Tokens Was “Highly Targeted”

• Discover your public cloud exposure with Recon.Cloud

• Password tips to keep your accounts safe

• [Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1)

• CACI DarkBlue Intelligence now has access to cryptocurrency data

• CommScope XGS-PON: Accelerating FTTP deployments

• Computer Services to resell FINBOA dispute management software

• C2A Security and Stefanini to bring a robust cybersecurity solution to the automotive industry

• How XDR provides protection against advanced exploits

Generated on 2022-05-04 23:55:33.378738