IT Security News Daily Summary 2022-07-02

• Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool

• The role of Social Media in modern society – Social Media Day 22 interview

• Why you should care about privacy computing technologies

• Why more regulation of connected car technology is probably just up the road

• Susceptible APIs Costing Organizations Billions Every year

• Fortified Castles With Wooden Gates: Weak Keys and Outdated Machine Identity Management Undermine TLSv1.3 Adoption

• A New YTStealer Malware Targets YouTube Content Creator

• Experts: California Lacked Safeguards for Gun Owner Info

• California Gun Permit Website Exposes User Data

• Netwalker: Ex Canadian Government Employee Pleads Guilty to Cybercrimes

• Gun Database Breach Leaks Details on Thousands of Owners

• Why Zero Trust is Easier Said Than Done

• LiFi, the Technology That Brings You the Internet Through Light

• Dutch Uni Gets Cyber Ransom Money Back… With Interest

• Google location tracking to forget you were ever at that medical clinic

• Build or Buy your own antivirus product

• Weekly Update 302

• Phishing scam poses as Canadian tax agency before Canada Day

• Watch out for survey scams – Week in security with Tony Anscombe

• A ransomware attack forced publishing giant Macmillan to shuts down its systems

• TikTok Assures U.S. Lawmakers it’s Working to Safeguard User Data From Chinese Staff

• Resecurity’s cybersecurity solutions now available in the Microsoft Azure marketplace

• Cassidy Hutchinson’s Testimony Changed Our Minds About Indicting Donald Trump

• Google Blocked Dozens of Domains Used by Hack-for-hire Groups

• Distros and RegRipper, pt deux

• Ransomware review: June 2022

• IT Security News Daily Summary 2022-07-01

• ICYMI: A Microsoft Warning, Follina, Atlassian, and More

• Report Claims Coinbase Selling User Geolocation Data to ICE

• Most orgs struggle to manage alerts and vulnerabilities: Here’s how to fix it

• Cyberattack shuts down unemployment, labor websites across the US

• Facebook 2FA phish arrives just 28 minutes after scam domain created

• Facebook Asks Court To “Crack The Whip” To Silence Black Whistleblower

• SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide

• How to Monitor Athena Usage to Understand Your Operations, and Control Security and Costs

• Time Constraints Hamper Security Awareness Programs

• OpenSea NFT Marketplace Faces Insider Hack

• Cyber insurance sticker shock gives some state and local governments pause

• Google cracks down on sites with ties to hack-for-hire groups in UAE, Russia, India

• California concealed-carry permit data exposed

• Highly Sophisticated Malware Attacks Home and Small Office Routers

• AstraLocker 2.0 ransomware isn’t going to give you your files back

• Crypto sleuths pin $100 million Harmony theft on Lazarus Group

• The business of hackers-for-hire threat actors

• YTStealer targets YouTube content creators

• GSA puts Polaris contract back in motion

• Data breach of NFT marketplace OpenSea may expose customers to phishing attacks

• “Missing Cryptoqueen” hits the FBI’s Ten Most Wanted list

• Criminals Use Deepfake Videos to Interview for Remote Work

• Iranian Hackers: Israeli Tourism Sites Targeted

• NFT Marketplace OpenSea Suffers a Major Data Breach

• DIDs approved to W3C recommendation

• Vendors prep for new cyber rules of the road

• New ‘SessionManager’ Backdoor Targeting Microsoft Exchange Servers Worldwide

• Microsoft Spots Updated Cryptomining Malware Tool Targeting Linux Systems

• Cassidy Hutchinson’s Testimony Changed Our Minds about Indicting Donald Trump

• API Security Losses Total Billions, US Companies Hit Hard

• Safety group offers warnings on emerging transportation tech

• New ‘SessionManager’ Backdoor is Targeting Microsoft Exchange Servers Worldwide

• CISA Adds One Known Exploited Vulnerability to Catalog

• Google Improves Its Password Manager to Boost Security Across All Platforms

• Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps

• “Know your enemy,” and other cybersecurity lessons from Sun Tzu’s Art of War

• Teenagers are being encouraged to spread ransomware

• Facial recognition in Oz

• Threat Actor Claims Responsibility For IBM and Stanford University Hack

• DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware

• CISA Adds One Known Exploited Vulnerability to Catalog

• How vulnerability in Brocade Might Affect Major Companies

• Trust Key to Space Travel, Like Cybersecurity, Says Astronaut Tim Peake

• A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

• Analyzing the Swiss E-Voting System

• How is Red Hat addressing the demand to develop offerings more securely?

• Patch vs Hotfix vs Coldfix vs Bugfix – What’s the Difference, What Do They Fix, and When to Apply Them

• Macmillan Attacked with Ransomware

• NFT Giant OpenSea Reports Major Email Data Breach

• UnRAR Vulnerability Lets Attackers Hack Zimbra Webmail Servers

• Cybersecurity Leaders Are Anticipating Mass Resignations Within The Year – Here’s Why

• SPACE Dynamic Orchestration in the SASE Cloud with Cato Networks

• A Research of Threat Actor Activity & Myths Busted by Cato Networks

• A Vulnerability Management Program is Nothing Without Identity Risk Protection

• Web Hosting And Its Types

• 14 Reasons to Consider Custom Software Development for Your Business

• When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?

• FBI adds ‘Cryptoqueen’ Ruja Ignatova To Top Ten Most Wanted

• External Exposures caused 82% Of All Q1 Cyber Attacks – Expert Comments

• Kaseya Ransomware – Cyber Leader’s Thoughts & Learnings One Year Later

• New Ipandetec’s Report Features ISPs’ Privacy Best Practices and Flaws in Panamá

• GRR Rapid Response Github Tool

• US Approves SpaceX Starlink For Planes, Trains And … Ships

• Oak9 adds security for infrastructure-as-code and the cloud

• QuSecure Scores Post-Quantum Cybersecurity Contract Worth More Than $100M Annually

• The Complete Guide to Acceptable Use Policies (AUP)

• Top 10 cybersecurity colleges in the U.S. in 2022

• Cybersecurity degrees: types, comparisons and best practices for selection

• Over a Decade in Software Security: What Have We learned?

• Why Buying Cardano in 2022 Might Not Be Too Late

• Microsoft: This Android malware will switch off your Wi-Fi, empty your wallet

• Get one year of this leading VPN for just $30

• Google: Half of 2022’s Zero-Days Are Variants of Previous Vulnerabilities

• A Talk About Unified Identity Security & Deploying Resilience

• Bitcoin Falls Below $19,000, But Recovers Slightly Friday

• Google Blocks Domains of Hack-for-Hire Groups in Russia, India, UAE

• Is Your New Car a Threat to National Security?

• Meta Slashes Hiring As It Braces For Downturn – Report

• Cyberattack Disrupts Unemployment Benefits in Some States

• C-Suite Ignoring Smart Factory Cyber-Threats

• New ‘SessionManager’ Backdoor Targeting Microsoft IIS Servers in the Wild

• Macmillan Publishers Shut Down Systems After Security Incident

• FBI and CISA warn: This ransomware is using RDP flaws to break into networks

• Man Arrested in LA For Alleged Involvement in Multi-Million Dollar Fraud Scheme

• Santander Warns of 87% Surge in Celeb Crypto Scams

• Researchers Warn of Teen Hacking Group on Discord

• Ex-Canadian Government Employee Pleads Guilty to Involvement With NetWalker Ransomware Group

• Silicon In Focus Podcast: Connected Business

• Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows ?

• Amazon Quietly Patches ‘High Severity’ Vulnerability in Android Photos App

• Pro-Russian hackers launched a massive DDoS attack against Norway

• Microsoft gives its partners power to change AD privileges on customer systems – without permission

• Amazon Photos exhibit high severity vulnerability

• Ransomware attack suspected on Macmillan Publications

• Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

• New infosec products of the week: July 1, 2022

• API security: 12 essential best practices to keep your data & APIs safe

• The challenges and advantages of building behavior-based threat detection

• Product showcase: Group-IB Unified Risk Platform

• Infosec products of the month: June 2022

• Cadence Design Systems Xcelium Apps improves verification performances for design teams

• Apiiro platform enhancements allow developers to proactively remediate critical risks

• NXM Autonomous Security platform protects space infrastructure and IoT devices from cyberattacks

• Managed Cloud Hosting vs. Unmanaged Cloud Hosting: What’s the Difference?

• New YTStealer Malware is Hijacking YouTube Channels

• Ocient collaborates with Carahsoft to accelerate digital transformation for U.S. government agencies

• Siemens and NVIDIA join forces to enable industrial metaverse

• Skyhigh Security collaborates with Gotara to increase diversity in the cybersecurity sector

• Argyle partners with Ping Identity to help customers protect against fraud

Generated on 2022-07-02 23:55:31.618995